Sinyor_Ridak adlı üyeden alıntı:
mesajı görüntüle
$router->map('GET', '/panel/bakiye-yukle', function(){
global $vt,$title,$router,$user;
if (@$_SESSION["login"]) {
$title.= 'Bakiye Yükle';
$view.= 'account';
$view2.= 'balance';
include 'app/views/front/balance.php';
}else{
redirect($router->generate('app.landing.view'));
}
exit();
},'app.balance.view');
$router->map('POST', '/panel/bakiye-yukle', function(){
global $vt,$title,$router,$user;
if (@$_SESSION["login"]) {
$amount = $_POST['amount'];
$minBalance = getConfig('min_balance');
$unique_id = md5(randKey(32).time());
if($amount < $minBalance){
$output = ["m"=>"Minimum $minBalance₺ yükleyebilirsiniz.","s"=>"blue"];
echo json_encode($output);
}else{
$add = $vt->prepare("INSERT INTO payments SET unique_id=?, amount=?, method=?, user_id=?, status=?");
$add -> execute(array($unique_id,$amount,getConfig('payment_method'),$user->id,0));
$pid = $vt->lastInsertId();
if($add){
$output = ["m"=>"Ödeme için yönlendiriliyorsunuz..","s"=>"green","r"=>$router->generate('app.payment.view', ['id' => $pid])];
echo json_encode($output);
}else{
$output = ["m"=>"Ödeme alınamıyor, lütfen daha sonra tekrar deneyin","s"=>"red"];
echo json_encode($output);
}
}
}else{
redirect($router->generate('app.landing.view'));
}
exit();
},'app.balance.post');
$router->map('POST', '/panel/banka-odemesi', function(){
global $vt,$title,$router,$user,$onemlid;
if (@$_SESSION["login"]) {
$amount = $_POST['amount'];
$minBalance = getConfig('min_balance');
$unique_id = md5(randKey(32).time());
if($amount < $minBalance){
$output = ["m"=>"Minimum $minBalance₺ yükleyebilirsiniz.","s"=>"blue"];
echo json_encode($output);
}else{
$add = $vt->prepare("INSERT INTO payments SET unique_id=?, amount=?, method=?, user_id=?, status=?");
$add -> execute(array($unique_id,$amount,'offline',$user->id,0));
$pid = $vt->lastInsertId();
global $onemlid;
$onemlid = $unique_id;
if($add){
$output = ["m"=>"Bildiriminiz alındı, en kısa sürede incelenecektir","s"=>"green"];
echo json_encode($output);
}else{
$output = ["m"=>"Ödeme alınamıyor, lütfen daha sonra tekrar deneyin","s"=>"red"];
echo json_encode($output);
}
}
}else{
redirect($router->generate('app.landing.view'));
}
exit();
},'app.balance-bank.post');
$router->map('GET|POST', '/panel/ode/[*:id]', function($id){
global $vt,$title,$router,$user;
global $amount;
$getveri = $vt->prepare("SELECT id, amount FROM payments WHERE id=?");
$getveri->execute([$id]);
// Fetch the result (assuming you're fetching only one row)
$row = $getveri->fetch(PDO::FETCH_ASSOC);
// Assign amount from the fetched row
$amount = $row['amount'];
if (@$_SESSION["login"]) {
$getDatas = $vt->prepare("SELECT * FROM payments WHERE id=?");
$getDatas -> execute(array($id));
$data = $getDatas->fetch(PDO::FETCH_OBJ);
if($data->method == 'paymax'){
include 'shopierAPI.php';
$shopier = new Shopier('xxxxxxx', 'xxxxxxxxxx');
$shopier->setBuyer([
'id' => $unique_id,
'paket' => 'Site İçi Bakiye',
'first_name' => $name[0],
'last_name' => $name[1],
'email' => $user->email,
'phone' => $user->phone
]);
$shopier->setOrderBilling([
'billing_address' => 'Cemal Gürsel Caddesi No:544564',
'billing_city' => 'İstanbul',
'billing_country' => 'Türkiye',
'billing_postcode' => '34000'
]);
$shopier->setOrderShipping([
'shipping_address' => 'Cemal Gürsel Caddesi No:544564',
'shipping_city' => 'İstanbul',
'shipping_country' => 'Türkiye',
'shipping_postcode' => '34000'
]);
die($shopier->run('544546545', $amount, 'https://epins.com.tr/panel/callback/xxxxxx'));
}elseif ($data->method == 'paytr') {
# code...
}
}else{
redirect($router->generate('app.landing.view'));
}
exit();
},'app.payment.view');
$router->map('POST', '/panel/callback/[*:platform]', function($platform) {
if($platform == 'xxxxxx'){
global $vt, $shopierSecret; // Assuming $shopierSecret is defined somewhere
$shopierSecret = 'xxxxxxxxxx'; // Assuming $shopierSecret is a string
$getDatas = $vt->prepare("SELECT * FROM payments WHERE id=?");
$getDatas -> execute(array($id));
$data = $getDatas->fetch(PDO::FETCH_OBJ);
// POST data retrieval and sanitization
$status = $_POST["status"] ?? "";
$invoiceId = $_POST["platform_order_id"] ?? "";
$transactionId = $_POST["payment_id"] ?? "";
$installment = $_POST["installment"] ?? "";
$signature = $_POST["signature"] ?? "";
// Signature validation
$data = $_POST["random_nr"] . $_POST["platform_order_id"] . $_POST["total_order_value"] . $_POST["currency"];
$signature = base64_decode($signature);
$expected = hash_hmac('SHA256', $data, $shopierSecret, true);
// Verify signature
if ($signature === $expected) {
$status = strtolower($status);
$getDatas = $vt->prepare("SELECT * FROM payments WHERE unique_id=?");
$getDatas -> execute([$invoiceId]);
$data = $getDatas->fetch(PDO::FETCH_OBJ);
if ($status === "success") {
try {
$paymentInfoStmt = $vt->prepare("SELECT * FROM payments WHERE unique_id = ?");
$paymentInfoStmt->execute([$invoiceId]);
$paymentInfo = $paymentInfoStmt->fetch(PDO::FETCH_OBJ);
if ($paymentInfo) {
$userDetailsStmt = $vt->prepare("SELECT * FROM users WHERE id = ?");
$userDetailsStmt->execute([$paymentInfo->user_id]);
$userInfo = $userDetailsStmt->fetch(PDO::FETCH_OBJ);
if ($userInfo) {
// Update user balance
$newBalance = $userInfo->balance + $paymentInfo->amount;
$updateBalanceStmt = $vt->prepare("UPDATE users SET balance = ? WHERE id = ?");
$updateBalanceStmt->execute([$newBalance, $paymentInfo->user_id]);
// Update payment status
$updatePaymentStatusStmt = $vt->prepare("UPDATE payments SET status = ? WHERE id = ?");
$updatePaymentStatusStmt->execute([1, $paymentInfo->id]);
echo "Para eklendi";
} else {
echo "Kullanıcı bulunamadı.";
}
} else {
echo "Ödeme Hatası.";
echo $invoiceId;
}
} catch (PDOException $e) {
echo "Veritabanı hatası: " . $e->getMessage();
}
} else {
echo "Ödeme Başarısız.";
}
exit(); // Ensure script terminates after processing
}
}
}, 'app.callback.post');