<?php

require_once '../../wcore/core.php';
$config_kassa = kassa_config;
$key = $config_kassa['webmoney']['private_key'];

$wm_purce = $config_kassa['webmoney']['number'];

if( isset($_POST['LMI_PREREQUEST']) && $_POST['LMI_PREREQUEST'] == 1) {
 $sql = "SELECT * FROM `bill_pays` WHERE `id`=".$_POST['LMI_PAYMENT_NO'];
 $result = mysqli_query($mysqli,$sql);
 $rows = mysqli_num_rows($result);

 if ( $rows != 1 ) {
 exit('Order not faund');
 } else {
    $row = mysqli_fetch_array($result);

    if($_POST['LMI_PAYMENT_NO'] == $row['id'] && $_POST['LMI_PAYEE_PURSE'] == $wm_purce && $_POST['LMI_PAYMENT_AMOUNT'] == $row['amount']) {
        echo 'YES';
        logPayment('[WebMoney] YES');
    } else {
        exit();
    }
 }
} else {

 $LMI_SECRET_KEY = $key;

 $sql = "SELECT * FROM `bill_pays` WHERE `id`=".$_POST['LMI_PAYMENT_NO']." AND `time_pay` = 0";
 $result = mysqli_query($mysqli,$sql);
 $rows = mysqli_num_rows($result);

 if ( $rows != 1 ) {
     exit('Order not faund');
 } else {
  $row = mysqli_fetch_array($result);
  $str_hash = $wm_purce.
 $row['amount'].
 $row['id'].
 $_POST['LMI_SYS_INVS_NO'].
 $_POST['LMI_SYS_TRANS_NO'].
 $_POST['LMI_SYS_TRANS_DATE'].
 $LMI_SECRET_KEY;

  
 //обновляем статус заказа - оплачен и
 //отправляем пользователю письмо о том, что его оплата прошла.
 mysqli_query($mysqli,"UPDATE `bill_pays` SET `payment`='webmoney',`time_pay`='".time()."' WHERE `id` = '".$row['id']."' AND `time_pay` = 0");
 mysqli_query($mysqli,"UPDATE `users` SET `bits`=`bits`+'".$row['amount']."' WHERE `id` = '".$row['user_id']."'");
 echo 'Сумма: '.$row['amount'];
 logPayment('[WebMoney] '.json_encode($row));

 }
}

?>