getSettings(); $body = 'message_id = '.$_GET['message_id']."
". 'shortcode = '.$_GET['shortcode']."
". 'keyword = '.$_GET['keyword']."
". 'message = '.$_GET['message']."
". 'sender = '.$_GET['sender']."
". 'operator = '.$_GET['operator']."
". 'country = '.$_GET['country']."
". 'points = '.$_GET['points']."
". 'price = '.$_GET['price']."
". 'currency = '.$_GET['currency']."
". 'service_id = '.$_GET['service_id']."
". '###cart_id = '.$_GET['custom']."
"; $cart_id = $_GET['custom']; $cart_price_info = $db->resultQuery( "SELECT price,tax_amount FROM OGP_DB_PREFIXbilling_carts AS cart JOIN OGP_DB_PREFIXbilling_orders AS orders ON orders.cart_id=cart.cart_id WHERE cart.cart_id=".$cart_id); $cart_price = number_format( $cart_price_info[0]['price'] + (($cart_price_info[0]['price']/100)*$cart_price_info[0]['tax_amount']) , 2 ); $paid_price = $_GET['price']; if($cart_price > $paid_price) { // If for some reason someone achieves to hack the price then we will just change the order price. // By a rule of Three: // new price without tax = ( new price with tax * old price without tax ) / old price with tax $new_price = ( ($cart_price - $paid_price) * $cart_price_info[0]['price'] ) / $cart_price; // we don't want to loose money in this fraudulent transaction, // so if the rounded new price is less than the new price then we sum one cent to the rounded value. if($new_price > number_format( $new_price, 2 )) $new_price = number_format( $new_price, 2 ) + 0.01; $subject = "Error: Incorrect payment amount"; $body = 'message_id = '.$_GET['message_id']."
". 'shortcode = '.$_GET['shortcode']."
". 'keyword = '.$_GET['keyword']."
". 'message = '.$_GET['message']."
". 'sender = '.$_GET['sender']."
". 'operator = '.$_GET['operator']."
". 'country = '.$_GET['country']."
". 'points = '.$_GET['points']."
". 'price = '.$_GET['price']."
". 'currency = '.$_GET['currency']."
". 'service_id = '.$_GET['service_id']."
". 'CART ID = '.$_GET['custom']."
". 'Amount paid: '.$paid_price."
". 'Amount owed: '.$new_price."
"; mymail($panel_settings['panel_email_address'], $subject, $body, $panel_settings); die("Error: Incorrect payment amount"); } // Here you can do whatever you want with the variables, for instance inserting or updating data into your Database $user_homes = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts AS cart JOIN OGP_DB_PREFIXbilling_orders AS orders ON orders.cart_id=cart.cart_id WHERE cart.cart_id=".$cart_id); $query = "UPDATE " . $table_prefix . "billing_carts SET paid=1 WHERE cart_id=".$cart_id; foreach($user_homes as $user_home) { if($user_home['home_id'] != 0) { $home_id = $user_home['home_id']; $home_info = $db->getGameHomeWithoutMods($home_id); $server_info = $db->getRemoteServerById($home_info['remote_server_id']); $remote = new OGPRemoteLibrary($server_info['agent_ip'], $server_info['agent_port'], $server_info['encryption_key'], $server_info['timeout']); if ( isset( $home_info['ftp_password'] ) AND !empty( $home_info['ftp_password'] ) ) { $remote->ftp_mgr("useradd", $home_info['home_id'], $home_info['ftp_password'], $home_info['home_path']); $db->changeFtpStatus('enabled',$home_info['home_id']); } if ($user_home['end_date'] == "0") { if ($user_home['invoice_duration'] == "hour") { $add_time = time() + ($user_home['qty'] * 60 * 60); $end_date = date('YmdHi',$add_time); } elseif ($user_home['invoice_duration'] == "month") { $end_date = date('YmdHi', strtotime('+'.$user_home['qty'].' month')); } elseif ($user_home['invoice_duration'] == "year") { $end_date = date('YmdHi', strtotime('+'.$user_home['qty'].' year')); } //Set the expiration date to the new order $db->query( "UPDATE " . $table_prefix . "billing_orders SET end_date='$end_date' WHERE order_id=".$user_home['order_id']); // Set payment/creation date $date = date('d/m/Y H:i'); $db->query( "UPDATE OGP_DB_PREFIXbilling_carts SET date='$date' WHERE cart_id=".$cart_id); } $services = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_services WHERE service_id=".$user_home['service_id']); $service = $services[0]; $user_id = $user_home['user_id']; $db->assignHomeTo("user", $user_id, $home_id, $service['access_rights']); $query = "UPDATE " . $table_prefix . "billing_carts SET paid=3 WHERE cart_id=".$cart_id; } } $db->query($query); $subject = "Payment done."; mymail($panel_settings['panel_email_address'], $subject, $body, $panel_settings); ?>