<?php
include "../inc/database.php";
include "../inc/var.php";
include "../inc/var2.php";
if (isset($_POST['group']) && isset($_POST['login']) && $_POST['login'] != '' && isset($_REQUEST['checkprice'])) {
$promo = 0;
if (isset($_POST['promo'])) {
$promos = mysqli_query($link, 'SELECT * FROM `promo` WHERE `promo`="'.$_POST['promo'].'"');
while ($p = mysqli_fetch_assoc($promos)) {
$promo = $p['sale'];
}
}
if (isset($_POST['group'])) {
$groups = $_POST['group'];
$adds = mysqli_query($link, 'SELECT * FROM `donate` WHERE `group-perm`="'.$groups.'"');
while ($row = mysqli_fetch_assoc($adds)) {
$doplata = $row['many'];
$price = $row['price'];
$name = $row['name'];
if ($doplata == 'true') {
$sumAdds = mysqli_query($link, 'SELECT * FROM `live` WHERE `live_nickname`="'.$_POST['login'].'"');
while ($rowSum = mysqli_fetch_assoc($sumAdds)) {
$price = $row['price'];
$price = $row['price'] - $rowSum['sum'];
if ($price < 1) { $price = $row['price']; }
}
}
}
if ($promo != 0) {
$price = $price - (($promo * $price) / 100);
echo '<span style="display: inline-block" class="promo-out" id="promo-out">Скидка '.$promo.'%</span>';
}
if ($price > 0) {
$url = 'https://unitpay.money/pay/'.$unitpay_public.'?sum='.$price.'&account='.$_POST['login'].'.'.$groups.'&signature='.getFormSignature(($_POST['login'].'.'.$groups), 'Покупка '.$name, $price, $unitpay_secret).'&desc=Покупка '.$name;
echo '<button class="btn-text-upper" "type="submit" id="buyclick2">Купить за '.$price.' <i class="fa fa-ruble"></i></button>';
//echo '<a href="'.$url.'" class="btn btn-sum btn-lg btn-block">Купить за '.$price.' руб.</a>';
//<input type="submit" value="Купить" class="btn bnt-new btn-lg btn-block">
//header('Location: https://unitpay.money/pay/'.$unitpay_public.'?sum='.$price.'&account='.$_POST['nickname'].'.'.$groups.'&signature='.getFormSignature(($_POST['nickname'].'.'.$groups), 'Покупка "'.$name.'"', $price, $unitpay_secret).'&desc=Покупка "'.$name.'"');
} else {
echo '<button style="display: inline-block" class="btn-text-upper" type="button" id="buyclick2">Слишком низкая цена</button>';
//header('Location: /');
}
}
} else {
//echo '<button type="submit" class="btn bnt-new btn-lg btn-block disabled">Заполните данные</button>';
//echo '<button type="submit" class="btn bnt-new btn-lg btn-block disabled">'.$_POST['checkprice'].'</button>';
//header('Location: /');
$promo = 0;
if (isset($_POST['promo'])) {
$promos = mysqli_query($link, 'SELECT * FROM `promo` WHERE `promo`="'.$_POST['promo'].'"');
while ($p = mysqli_fetch_assoc($promos)) {
$promo = $p['sale'];
}
}
if (isset($_POST['group'])) {
$groups = $_POST['group'];
$adds = mysqli_query($link, 'SELECT * FROM `donate` WHERE `group-perm`="'.$groups.'"');
while ($row = mysqli_fetch_assoc($adds)) {
$type = $row['many'];
$price = $row['price'];
$name = $row['name'];
if ($type == 'true') {
$sumAdds = mysqli_query($link, 'SELECT * FROM `live` WHERE `live_nickname`="'.$_POST['login'].'"');
while ($rowSum = mysqli_fetch_assoc($sumAdds)) {
$price = $row['price'];
$price = $row['price'] - $rowSum['sum'];
if ($price < 1) { $price = $row['price']; }
}
}
}
if ($promo != 0) {
$price = $price - (($promo * $price) / 100);
}
if ($price > 0) {
header('Location: https://unitpay.money/pay/'.$unitpay_public.'?sum='.$price.'&account='.$_POST['login'].'.'.$groups.'&signature='.getFormSignature(($_POST['login'].'.'.$groups), 'Покупка '.$name, $price, $unitpay_secret).'&desc=Покупка '.$name);
} else {
header('Location: /');
}
}
}
function getFormSignature($account, $desc, $sum, $secretKey) {
$hashStr = $account.'{up}'.$desc.'{up}'.$sum.'{up}'.$secretKey;
return hash('sha256', $hashStr);
}
?>