feat: Secure SMS verification with Redis (Predis)

- Added Predis library for Redis connection (no PHP extension required) - Server-side SMS code generation and storage in Redis - Rate limiting and brute-force protection - Integration with n8n webhook for SMS sending - Environment variables moved to .env file - Fixed policy verification endpoint - Added file-based fallback if Redis unavailable
2026-01-15 15:40:13 +03:00
commit 2c516362df
582 changed files with 146066 additions and 0 deletions
--- a/load_banks.php
+++ b/load_banks.php
@@ -0,0 +1,45 @@
+<?php
+header('Content-Type: application/json; charset=utf-8');
+header('Access-Control-Allow-Origin: *');
+
+// Прокси для загрузки списка банков (обход CORS)
+$url = 'http://212.193.27.93/api/payouts/dictionaries/nspk-banks';
+
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL, $url);
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+curl_setopt($ch, CURLOPT_TIMEOUT, 10);
+curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
+curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
+curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36');
+
+$response = curl_exec($ch);
+$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+$error = curl_error($ch);
+curl_close($ch);
+
+if ($error) {
+    echo json_encode(['error' => 'CURL Error: ' . $error]);
+    http_response_code(500);
+    exit;
+}
+
+if ($httpCode !== 200) {
+    echo json_encode(['error' => 'HTTP Error: ' . $httpCode]);
+    http_response_code($httpCode);
+    exit;
+}
+
+// Проверяем, что ответ валидный JSON
+$data = json_decode($response, true);
+if (json_last_error() !== JSON_ERROR_NONE) {
+    echo json_encode(['error' => 'Invalid JSON: ' . json_last_error_msg()]);
+    http_response_code(500);
+    exit;
+}
+
+// Возвращаем данные
+echo $response;
+