Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Andrei St2020-07-11 19:04:19
Payment systems
Andrei St, 2020-07-11 19:04:19

Why is it counted in Interkassa when canceling a payment?

I have a site with automated services, when a person pays for a service, it is credited to him using an rcon request to the game server, by means of a command, at least 3 payments have already passed the "cancelled" status, but the service has been provided to the player! how do you tell me? I bypassed all possible fetters, but I didn’t find any gaps in the script!

The operator provided the player's payment code:

"dt": {
        "ik_co_id": "5ebe7fa51ae1bd2c008b4574",
        "ik_co_prs_id": "404267836591",
        "ik_inv_id": "228735970",
        "ik_inv_st": "canceled",
        "ik_inv_crt": "2020-07-10 21:47:59",
        "ik_inv_prc": "2020-07-11 00:00:16",
        "ik_trn_id": "",
        "ik_pm_no": "ID_85",
        "ik_pw_via": "mts_mpay_merchantContent_rub",
        "ik_am": "49.00",
        "ik_co_rfn": "48.1670",
        "ik_ps_price": "52.02",
        "ik_cur": "RUB",
        "ik_desc": "Покупка т",
        "ik_cli": "[email protected]",
        "ik_sign": "BNDmA8BC3UjGGgjZC2FGZg=="
      },


My result:
<?php
define("TKM", true);
require(realpath("../../engine.php"));

if ($_SERVER['REQUEST_METHOD'] == "POST") {
  function ikSign($params, $ikKey) {
    unset($params['ik_sign']);
    foreach ($params as $key => $value)
      if (!preg_match("/^ik_/is", $key))
        unset($params[$key]);

    ksort($params, SORT_STRING);
    array_push($params, $ikKey);
    $sign = implode(":", $params);
    $sign = base64_encode(md5($sign, true));
    return $sign;
  }

  $kassaId = trim($_POST['ik_co_id']);
  $PayID = trim(strip_tags($_POST['ik_pm_no']));
  $summ = intval($_POST['ik_am']);
  $paySystem = trim($_POST['ik_pw_via']);
  $payStatus = trim($_POST['ik_inv_st']);
  $sign = trim($_POST['ik_sign']);
  $ik_payment_timestamp = trim($_POST['ik_inv_prc']);
  $secretKey = $интеркасса['settings']['secret_key'];
  $PayID = explode("_", $PayID);
  $PayID = $PayID['1'];

  if ($интеркасса['settings']['testing'] && ($paySystem == "test_интеркасса_test_xts")) {
    $secretKey = $интеркасса['settings']['testing_key'];
  } elseif ($paySystem == "test_интеркасса_test_xts") {
    exit("OK");
  }

  if ($kassaId != $интеркасса['settings']['shop_id']) {
    exit("Not valid shop ID!");
  }

  if ($sign != ikSign($_POST, $secretKey)) {
    exit("Bad sign");
  }

  $payment = new Payment;
  $status = $payment->select($PayID, $summ);

  if (!$status) {
    exit($status);
  }

  $status = $payment->give();

  if (!$status) {
    exit($status);
  }
}

exit("OK");


form.php
<?php
if (!defined("TKM")) die("<pre>Access denied!</pre>");
exit(header("Location: /?ik_co_id={$интеркасса['settings']['shop_id']}&ik_pm_no=ID_{$payid}&ik_am={$cost}&ik_cur=RUB&ik_desc={$desc}"));

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrey, 2020-07-11
@AndryG 

$payStatus = trim($_POST['ik_inv_st']); -- больше переменная в коде не встречается

They send you a notification about a change in the payment status, and you ignore this status and give out goodies to customers.
What game is this? Curious to look at the server :)

Similar questions
L
Larasoft2019-10-16 21:33:51
How does geolocation of wi-fi devices work? 2Reply
D
Dmitry2019-01-10 15:50:36
How to stretch image to full width when wrapper has padding: 0 120px;? 3Reply
L
lavezzi12018-12-22 13:29:43
Can I get paid early? 1Reply
S
Shamil Fasakhov2016-08-03 19:42:27
Card issue limit exceeded? 7Reply
M
Maxim2022-02-26 09:06:01
How does Paypal payment from abroad technically work? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question