diff --git a/alkatorapi/views.py b/alkatorapi/views.py
index 8e5c04b..07b0d32 100644
--- a/alkatorapi/views.py
+++ b/alkatorapi/views.py
@@ -79,7 +79,17 @@ def register(request):
 
 @csrf_exempt
 def payment_result(request):
-    raise Exception(request)
+    result = parse_qs(request.body)
+    ref_id = int(result['refId'][0])
+    paid = result['status'][0] == 'PAID'
+    secret_match = result['secret'][0] == COMGATE_SECRET
+    test = result['test'][0] != 'false'
+    if not secret_match or test != COMGATE_TEST:
+        return HttpResponse(status=400)
+    user = User.objects.get(id=ref_id)
+    user.paid = paid
+    user.save()
+    return HttpResponse(status=200)
 
 
 def results(request):