<?
$GLOBALS['binn_include_path'] = '../../';
include_once $GLOBALS['binn_include_path'].'prog/init.php';
include_once $GLOBALS['binn_include_path']."prog/lib/binnFunctions.inc.php";
require_once $GLOBALS['binn_include_path']."cms/lib/binnSockets.inc.php";
include_once $GLOBALS['binn_include_path']."prog/lib/binnDownloadString.inc.php";
include_once $GLOBALS['binn_include_path'].'prog/lib/binnMail.inc.php';

function getTransactionProps($system, $data)
{
    include_once($GLOBALS['binn_include_path'].'cms/lang/ru/pl_payment.lng.php');

	if (!isset($GLOBALS[$system]))
	   return '';

	$return = '<table>';

	foreach($data as $key => $value)
	{
	    if (isset($GLOBALS[$system][$key]) && $value != '')
	       $return .= '<tr><td align="right" width="250"><b>'.$GLOBALS[$system][$key].':</b></td><td>'.$value.'</td></tr>';
	}

	$return .= '</table>';

	return $return;
}

function sendEmailOnSuccess($topic, $body, $email, $data, $full_text)
{
	list($pmt_id, $pmt_name, $pmt_secname, $pmt_surname, $pmt_text, $pmt_comment, $pmt_summ, $pmt_additional_1, $pmt_additional_2, $pmt_date, $pmt_address, $pmt_email, $pmt_phone) = $data;
	if ($email == '')
	   $email = $pmt_email;

	if ($email == '')
	   return;

	$email_subj = str_replace(
	array('{PMT_ID}', '{PMT_SURNAME}', '{PMT_NAME}', '{PMT_SECNAME}', '{PMT_EMAIL}', '{PMT_PHONE}', '{PMT_ADDRESS}', '{PMT_TEXT}', '{PMT_COMMENT}', '{PMT_SUMM}', '{PMT_SYSTEM_PROP1}', '{PMT_SYSTEM_PROP2}', '{PMT_FULL_TEXT}', '{PMT_DATE}'),
	array($pmt_id, $pmt_surname, $pmt_name, $pmt_secname, $pmt_email, $pmt_phone, $pmt_address, $pmt_text, $pmt_comment, $pmt_summ, $pmt_additional_1, $pmt_additional_2, $full_text, date('d.m.Y H:i:s', $pmt_date)), $topic);

	ob_start();
	eval(' ?>'.$email_subj.'<?php ');
	$email_subj = ob_get_contents();
	ob_end_clean();

	$email_text = str_replace(
	array('{PMT_ID}', '{PMT_SURNAME}', '{PMT_NAME}', '{PMT_SECNAME}', '{PMT_EMAIL}', '{PMT_PHONE}', '{PMT_ADDRESS}', '{PMT_TEXT}', '{PMT_COMMENT}', '{PMT_SUMM}', '{PMT_SYSTEM_PROP1}', '{PMT_SYSTEM_PROP2}', '{PMT_FULL_TEXT}', '{PMT_DATE}'),
	array($pmt_id, $pmt_surname, $pmt_name, $pmt_secname, $pmt_email, $pmt_phone, $pmt_address, $pmt_text, $pmt_comment, $pmt_summ, $pmt_additional_1, $pmt_additional_2, $full_text, date('d.m.Y H:i:s', $pmt_date)), $body);

	ob_start();
	eval(' ?>'.$email_text.'<?php ');
	$email_text = ob_get_contents();
	ob_end_clean();

	if ($email != '' && $email_subj != '' && $email_text != '')
	{
    	$mailer = new binnMail($email_subj, $email_text, $email, $from = $GLOBALS['binn_cms_email']);
    	$mailer->type = 'text/html';

    	$mailer->send();
	}
}

//    ASSIST
function binn_assist($settings)
{
	$add_str = '';
	if(isset($_GET['order_id']))
	{
		$add_str .= "&SHOPORDERNUMBER=".intval($_GET['order_id']);
	}

	$href = "http://secure.assist.ru/results/results.cfm?SHOP_ID=".$settings['pmts_option_id']."&LOGIN=".$settings['pmts_option_login']."&PASSWORD=".$settings['pmts_option_pass']."&HEADER1=1".$add_str;
	$httpRequest = new binnDownloadString($href);
	$contents = $httpRequest->getString();

	if(!$contents || $contents == '' || stristr($contents, '404 not found'))
	{
		return false;
	}
	else
	{
		$contents = trim($contents);
		$lines = explode("\n", $contents);
		$headers = explode(';', $lines[0]);

		for($i = 1; $i < count($lines); $i++)
		{
			$res = explode(';', $lines[$i]);
			$status = 6;
			switch($res[1])
			{
				case 'AS000':
					$status = 2;
					break;

				case 'AS300':
					$status = 1;
					break;

				default:
					$status = 6;
					break;
			}

			$data = array();
			foreach ($headers as $key => $value)
			{
			    if (function_exists('iconv'))
			        $data[strtolower($value)] = iconv('UTF-8', 'WINDOWS-1251', $res[$key]);
			    else
			        $data[strtolower($value)] = $res[$key];
			}
			$ser_data = mysql_escape_string(serialize($data));

			$prev_res = sql_query('SELECT pmt_status FROM binn_payments WHERE pmt_id = "'.intval($res[0]).'"');
			if ($prev_res)
			{
			    list($prev_status) = $prev_res[0];

    			sql_query("UPDATE binn_payments SET pmt_status = $status, pmt_attr3 = '$ser_data' WHERE pmt_id = '".intval($res[0])."'");

    			if ($prev_status != $status && $status == 2)
    			{
        			$full_data = getTransactionProps('pl_payment_assist', $data);

        			$res = sql_query("SELECT pmt_id, pmt_name, pmt_secname, pmt_surname, pmt_text, pmt_comment, pmt_summ, pmt_additional_1, pmt_additional_2, pmt_date, pmt_address, pmt_email, pmt_phone FROM binn_payments WHERE pmt_id = '".intval($res[0])."'");

        			if ($res)
        			{
        			    eval(str_replace(array('{PMT_ID}', '{PMT_SYSTEM_PROP1}', '{PMT_SYSTEM_PROP2}'), array($res[0][0], $res[0][7], $res[0][8]), $settings['pmts_option_php_code']));

        			    sendEmailOnSuccess($settings['pmts_option_useremail_topic'], $settings['pmts_option_useremail_message'], '', $res[0], $full_data);
        			    sendEmailOnSuccess($settings['pmts_option_adminemail_topic'], $settings['pmts_option_adminemail_message'], $settings['pmts_option_adminemail'], $res[0], $full_data);
        			}
    			}
		    }
		}
	}
}

function binn_chronopay($settings)
{
	$status_ok = true;

	if($settings['pmts_option_ip'] != $_SERVER['REMOTE_ADDR']) $status_ok = false;
	if(isset($settings['pmts_option_login']) && strlen($settings['pmts_option_login']) > 0 && $settings['pmts_option_login'] != $_POST['username']) $status_ok = false;
	if(isset($settings['pmts_option_password']) && strlen($settings['pmts_option_password']) > 0 && $settings['pmts_option_password'] != $_POST['password']) $status_ok = false;
	if($settings['pmts_option_site_id'] != $_POST['site_id']) $status_ok = false;
	if($settings['pmts_option_id'] != $_POST['product_id']) $status_ok = false;

	$res = sql_query("SELECT pmt_id, pmt_name, pmt_secname, pmt_surname, pmt_text, pmt_comment, pmt_summ, pmt_additional_1, pmt_additional_2, pmt_date, pmt_address, pmt_email, pmt_phone FROM binn_payments WHERE pmt_id = '".intval($_POST['cs1'])."'");
	if ($res)
	{
	    $hash = md5('~'.$res[0][0].$res[0][6].$res[0][1].$res[0][3].$res[0][2].'~');
	    if ($hash != $_POST['cs2']) $status_ok = false;

    	$data = array();
    	foreach($_POST as $key => $value)
    	{
    	    $data[strtolower($key)] = $value;
    	}
    	$ser_data = mysql_escape_string(serialize($data));

    	if($status_ok)
    	{
    		sql_query("UPDATE binn_payments SET pmt_status = 2, pmt_attr3 = '$ser_data' WHERE pmt_id = '".intval($_POST['cs1'])."'");

    		$full_data = getTransactionProps('pl_payment_chronopay', $data);

            if ($res)
            {
                eval(str_replace(array('{PMT_ID}', '{PMT_SYSTEM_PROP1}', '{PMT_SYSTEM_PROP2}'), array($res[0][0], $res[0][7], $res[0][8]), $settings['pmts_option_php_code']));

    		    sendEmailOnSuccess($settings['pmts_option_useremail_topic'], $settings['pmts_option_useremail_message'], '', $res[0], $full_data);
    		    sendEmailOnSuccess($settings['pmts_option_adminemail_topic'], $settings['pmts_option_adminemail_message'], $settings['pmts_option_adminemail'], $res[0], $full_data);
            }
    	}
    	else
    	{
    		sql_query("UPDATE binn_payments SET pmt_status = 3, pmt_attr3 = '$data' WHERE pmt_id = '".intval($_POST['cs1'])."'");
    	}
	}
}


//  pre-request RUpay
function binn_rupay_prerequest($settings)
{
	$payment_ok = true;

	/*
	1.	  (rupay_action);
	2.	   (rupay_site_id);
	3.	   (rupay_order_id);
	4.	  (rupay_name_service);
	5.	    RUpay (rupay_id);
	6.	  (rupay_sum);
	7.	  (rupay_user);
	8.	Email  (rupay_email);
	9.	     (rupay_data);
	10.	  (rupay_secret_key);
	*/
	//  ID 
	if($_POST['rupay_site_id'] != $settings['pmts_option_rupay_id']) $payment_ok = false;

	//   
	$res = sql_query("SELECT pmt_summ FROM binn_payments WHERE pmt_id = '{$_POST['rupay_order_id']}'");

	if(count($res) == 0) $payment_ok = false;
	else
	{
		list($pmt_summ) = $res[0];
		if(round($pmt_summ, 2) != round($_POST['rupay_sum'], 2))
		{
			echo "incorrect summ";
			$payment_ok = false;
		}
	}

	//   
	$string = $_POST['rupay_action']."::".
	$_POST['rupay_site_id']."::".
	$_POST['rupay_order_id']."::".
	$_POST['rupay_name_service']."::".
	$_POST['rupay_id']."::".
	$_POST['rupay_sum']."::".
	$_POST['rupay_user']."::".
	$_POST['rupay_email']."::".
	$_POST['rupay_data']."::".
	$settings['pmts_option_rupay_skey'];

	if(strtoupper($_POST['rupay_hash']) != strtoupper(md5($string))) $payment_ok = false;

	if($payment_ok)
	{
		sql_query("UPDATE binn_payments SET pmt_status = 1, pmt_attr1 = '{$_POST['rupay_user']}', pmt_attr2 = '{$_POST['rupay_email']}', pmt_attr3 = '{$_POST['rupay_hash']}' WHERE pmt_id = '{$_POST['rupay_order_id']}'");
		echo "YES";
	}
	else
	{

	}
}

//      RUpay
function binn_rupay_confirmation($settings)
{
	$payment_ok = true;

	//  ID 
	if($_POST['rupay_site_id'] != $settings['pmts_option_rupay_id']) $payment_ok = false;
	/*
	1.	  (rupay_action);
	2.	   (rupay_site_id);
	3.	  (rupay_order_id);
	4.	  (rupay_sum);
	5.	    RUpay (rupay_id);
	6.	     (rupay_data);
	7.	  (rupay_status);
	8.	  (rupay_secret_key);

	*/
	//   
	$string = $_POST['rupay_action']."::".
	$_POST['rupay_site_id']."::".
	$_POST['rupay_order_id']."::".
	$_POST['rupay_sum']."::".
	$_POST['rupay_id']."::".
	$_POST['rupay_data']."::".
	$_POST['rupay_status']."::".
	$settings['pmts_option_rupay_skey'];

	if($_POST['rupay_hash'] != md5($string)) $payment_ok = false;

	if($payment_ok)
	{
		switch($_POST['rupay_status'])
		{
			case 2:
				$status = 4;
				break;

			case 3:
				$status = 2;
				break;

			case 4:
				$status = 5;
				break;

			case 6:
				$status = 6;
				break;
		}
		sql_query("UPDATE binn_payments SET pmt_status = $status WHERE pmt_id = '{$_POST['rupay_order_id']}'");

		$res = sql_query("SELECT pmt_id, pmt_name, pmt_secname, pmt_surname, pmt_text, pmt_summ, pmt_additional_1, pmt_additional_2 FROM binn_payments WHERE pmt_id = {$_POST['cs1']}");

		if ($res)
		{
            eval(str_replace(array('{PMT_ID}', '{PMT_SYSTEM_PROP1}', '{PMT_SYSTEM_PROP2}'), array($res[0][0], $res[0][7], $res[0][8]), $settings['pmts_option_php_code']));

    		sendEmailOnSuccess($settings['pmts_option_useremail_topic'], $settings['pmts_option_useremail_message'], $_POST['rupay_email'], $res[0]);
    		sendEmailOnSuccess($settings['pmts_option_adminemail_topic'], $settings['pmts_option_adminemail_message'], $settings['pmts_option_adminemail'], $res[0]);
		}
	}
	else sql_query("UPDATE binn_payments SET pmt_status = 1 WHERE pmt_id = '{$_POST['rupay_order_id']}'");
}

//   
$res = sql_query("SELECT pmts_ident, pmts_name, pmts_value FROM binn_payments_settings");

$settings = array();
for($i = 0; $i < count($res); $i++)
{
	list($pmts_ident, $pmts_name, $pmts_value) = $res[$i];

	if (!is_array($settings[$pmts_ident]))
	   $settings[$pmts_ident] = array();

	$settings[$pmts_ident][$pmts_name] = $pmts_value;
}

if(isset($_GET['check_assist']))
{
	binn_assist($settings['pl_payment_assist']);
}

if(isset($_POST['cs1']))
{
	binn_chronopay($settings['pl_payment_chronopay']);
}

if(isset($_POST['rupay_action']) && $_POST['rupay_action'] == 'add')
{
	binn_rupay_prerequest($settings['pl_payment_rupay']);
}
//      RUpay,        
elseif(isset($_POST['rupay_action']) && $_POST['rupay_action'] == 'update')
{
	binn_rupay_confirmation($settings['pl_payment_rupay']);
}

?>