1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129
| <?php
$root_dir = "../";
include_once("../class.php");
$json = json_decode(file_get_contents("admin/cache/config_generate.json"),true);
//die(json_encode($json));
if($_GET["urun_id"]){
$satıs_kodu = $_GET["satis_kodu"];
$urun_id = $_GET["urun_id"];
$adet = $_GET["adet"];
$sevis_id = "976944MFE857DBY";
$hash = $_GET["hash"];
$check = hash_hmac('sha256', ($satıs_kodu.$urun_id.$adet), $sevis_id);
if($hash != $check){
//echo "NO_STOCK"; exit;
}
if($json["config_generate"]["sonteklif"] != "1"){
echo "NO_STOCK";
exit;
}
$kontrol = false;
$stmt = $my->db->query("SELECT * FROM sonteklif_urunler ");
while ($row = $stmt->fetch()) {
if($urun_id == $row["urun_id"]){
$kontrol = true;
$predays = $row["days"];
}
}
if($kontrol == true){
$date = date("d:m:Y H:i");
if(!$adet || $adet > 20 || $adet < 0) $adet = 1;
header("Content-type: text/xml");
echo '<?xml version="1.0" encoding="UTF-8"?><EpinResponse>';
for($i=1;$i<=$adet;$i++){
$md = hash_hmac('sha256', ($satıs_kodu.$urun_id.$i), $sevis_id);
$epin = get_epin($md);
echo "<Epin>$epin</Epin>";
if(check_epin($epin) == false){
$insert = array(
"vouncher" => $epin,
"days" => $predays,
"status" => "kullanılmadı",
"username" => ($my->_user["username"] =="") ? "Sonteklif Api":$my->_user["username"],
"used_name" => "",
"time1" => time(),
"time2" => ""
);
$my->sql_insert("vouncher",$insert);
}
}
echo "</EpinResponse>";
}
else{
echo "NO_STOCK";
exit;
}
}
elseif($_POST["vouncher"] && $my->_user["username"] != "" && $my->_user["usergroup"] != 5){
$epin = htmlspecialchars( strip_tags( stripslashes( trim($_POST["vouncher"]))));
if($json["config_generate"]["sonteklif"] != "1"){
$my->_echo("error",$my->lang[129]);
}
elseif(strlen($epin) != 24){
$my->_echo("error",'<i class="fas fa-times fa-2x text-danger"></i> <br>'.$my->lang[130]);
}
$kont = false;
$stmt = $my->db->query("SELECT * FROM vouncher ");
while ($row = $stmt->fetch()) {
if($epin == $row["vouncher"]){
$kont = true;
$status = $row["status"];
if( $status =="kullanıldı"){
$my->_echo("error",$my->lang[131].' <i class="fas fa-times fa-2x text-danger"></i>');
}
$time1 = $my->_user["time_limit"] > time() ? $my->_user["time_limit"]:time();
$time = $time1+$row["days"]*60*60*24;
$date = date("d:m:Y H:i:s");
//die($date);
$query = $my->db->prepare("UPDATE uyeler SET time_limit = :val2 WHERE userid = :id");
$update = $query->execute(array(
"id" => $my->_user["userid"],
"val2" => $time,
));
$query = $my->db->prepare("UPDATE vouncher SET status = :val1 , used_name = :val2 , time2 = :val3 WHERE vouncher = :id");
$update = $query->execute(array(
"id" => $epin,
"val1" => "kullanıldı",
"val2" => $my->_user["username"],
"val3" => time(),
));
$my->_echo("ok",$my->lang[132]);
}
}
if($kont == false){
$my->_echo("error",'<i class="fas fa-times fa-2x text-danger"></i> <br>'.$my->lang[130]);
}
}
function check_epin($epin){
global $my;
$stmt = $my->db->query("SELECT * FROM vouncher ");
while ($row = $stmt->fetch()) {
if($epin == $row["vouncher"]) return true;
}
return false;
}
function get_epin($md){
$md = substr($md,0,32);
$a1 = substr($md,0,8);$md=substr($md,8);
$a2 = substr($md,0,8);$md=substr($md,8);
$a3 = substr($md,0,8);
$a4=substr($md,8);
return trim($a1.$a2.$a3);
}
?> |
Partager