SuperRewards Pingback - Printable Version +- LCKB (https://lckb.dev/forum) +-- Forum: ** OLD LCKB DATABASE ** (https://lckb.dev/forum/forumdisplay.php?fid=109) +--- Forum: Website Scripting & Security (https://lckb.dev/forum/forumdisplay.php?fid=197) +---- Forum: Webmasters Help & Talk (https://lckb.dev/forum/forumdisplay.php?fid=142) +---- Thread: SuperRewards Pingback (/showthread.php?tid=2694)

- Sutz - 06-27-2014 As many people still try to use PaymentWall but they nolonger support LastChaos you can simply use SuperRewards, they are the same as PaymentWall an offer the same service.   2   Here is a simple working pingback: <?php define('APP_SECRET', ''); // App Secret Key. Find it by going to the Apps page, select Edit on the App of your choice, then Integrate. define('DB_USER', 'root'); // Your database user. define('DB_PASSWORD', ''); // Your database password. define('DB_HOST', '127.0.0.1'); // Your database host (usually 127.0.0.1). define('DB_HOST_PORT', '3306'); // Your database host port (usually 3306). define('DB_AUTH', ''); // Your database name. define('DB_SITE', ''); // Your database name. define('DB_PREFIX', 't_'); // OPTIONAL: A database table prefix, such as 'app1_'. This easily allows multiple apps to be served from the same database. error_reporting(E_WARNING); // *** No more configuration below this line. *** header('Content-Type:text/plain'); $id = $_REQUEST['id']; // ID of this transaction. $uid = $_REQUEST['uid']; // ID of the user which performed this transaction. $oid = $_REQUEST['oid']; // ID of the offer or direct payment method. $new = $_REQUEST['new']; // Number of in-game currency your user has earned by completing this offer. $total = $_REQUEST['total']; // Total number of in-game currency your user has earned on this App. $sig = $_REQUEST['sig']; // Security hash used to verify the authenticity of the postback. /**  * Sanity check.  *  * If you are using alphanumeric user ids, remove the is_numeric($uid) check. Alphanumeric  * ids can only be enabled by Super Rewards Support  *  * If you are using alphanumeric user ids, please ensure that you use the appropriate URL-encoding  * for non-text or unicode characters. For example: ~ should be encoded as %7E  */ if(!(is_numeric($id) && is_numeric($uid) && is_numeric($oid) && is_numeric($new) && is_numeric($total)))     exit('0'); // Fail. $result = 1; $sig_compare = md5($id.':'.$new.':'.$uid.':'.APP_SECRET); // Only accept if the Security Hash matches what we have. if($sig == $sig_compare) {     try     {         // Connect to Database.         $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_AUTH.";port=".DB_HOST_PORT, DB_USER, '', array( PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING ));         // Add Cash         $query = $dbh->prepare("UPDATE bg_user SET cash = cash + :new WHERE user_code = :uid");         $query->bindParam(':uid', $uid, PDO:ARAM_INT);         $query->bindParam(':new', $cash, PDO:ARAM_INT);         if(!$query->execute())             $result = 0; // Problems executing SQL. Fail.         $dbh = null;     }     catch (PDOException $e)     {         exit($e->getMessage());     } } else     $result = 0; // Security hash incorrect. Fail. echo $result; // This script will output a status code of 1 (Success) or 0 (Try sending again later). ?> - luoo - 07-04-2014 $query->bindParam(':new', $cash, PDO:ARAM_INT);   should be   $query->bindParam(':new', $new, PDO:ARAM_INT); - Sutz - 07-04-2014 my bad - ren0d1 - 07-04-2014 <?php define('APP_SECRET', 'yoursecretkey'); // App Secret Key. Find it by going to the Apps page, select Edit on the App of your choice, then Integrate. define('DB_USER', 'root'); // Your database user. define('DB_PASSWORD', ''); // Your database password. define('DB_HOST', 'localhost'); // Your database host (usually 127.0.0.1). define('DB_HOST_PORT', '3306'); // Your database host port (usually 3306). define('DB_NAME', 'newproject_db_auth'); // Your database name. define('DB_NAME_SITE', 'website'); // Your database name. error_reporting(E_WARNING); // *** No more configuration below this line. *** header('Content-Type:text/plain'); $id = $_REQUEST['id']; // ID of this transaction. $uid = $_REQUEST['uid']; // ID of the user which performed this transaction. $oid = $_REQUEST['oid']; // ID of the offer or direct payment method. $new = $_REQUEST['new']; // Number of in-game currency your user has earned by completing this offer. $total = $_REQUEST['total']; // Total number of in-game currency your user has earned on this App. $sig = $_REQUEST['sig']; // Security hash used to verify the authenticity of the postback. /** * Sanity check. * * If you are using alphanumeric user ids, remove the is_numeric($uid) check. Alphanumeric * ids can only be enabled by Super Rewards Support * * If you are using alphanumeric user ids, please ensure that you use the appropriate URL-encoding * for non-text or unicode characters. For example: ~ should be encoded as %7E */ if(!(is_numeric($id) && is_numeric($uid) && is_numeric($oid) && is_numeric($new) && is_numeric($total))) exit('0'); // Fail. $result = 1; $sig_compare = md5($id.':'.$new.':'.$uid.':'.APP_SECRET); // Only accept if the Security Hash matches what we have. if($sig == $sig_compare) { $timestamp = date("Y-m-d H:i", time()); try { // Connect to Database. $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME.";port=".DB_HOST_PORT, DB_USER, DB_PASSWORD, array( PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING )); $dbh5 = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME_SITE.";port=".DB_HOST_PORT, DB_USER, DB_PASSWORD, array( PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING )); // Add new transaction $query = $dbh5->prepare("INSERT INTO t_donation_log SET a_account_index = :user, a_cash = :cash, a_transaction_id = :ref, a_type = :type, a_date = :today"); $query->bindParam(':ref', $id, PDO:ARAM_INT); $query->bindParam(':user', $uid, PDO:ARAM_INT); $query->bindParam(':type', $oid, PDO:ARAM_INT); $query->bindParam(':cash', $new, PDO:ARAM_INT); $query->bindParam(':today', $timestamp, PDO:ARAM_STR); if(!$query->execute()) $result = 0; // Problems executing SQL. Fail. // Add/Update user. $query2 = $dbh->prepare("UPDATE bg_user SET cash = cash + :new WHERE user_code = :uid"); $query2->bindParam(':new', $new, PDO:ARAM_INT); $query2->bindParam(':uid', $uid, PDO:ARAM_INT); if(!$query2->execute()) $result = 0; // Problems executing SQL. Fail. //Update max cash. $query1 = $dbh5->prepare("UPDATE t_user_log SET a_total_donate = a_total_donate + :cash WHERE a_account_index = :user"); $query1->bindParam(':user', $uid, PDO:ARAM_INT); $query1->bindParam(':cash', $new, PDO:ARAM_INT); if(!$query1->execute()) $result = 0; // Problems executing SQL. Fail. $dbh = null; } catch (PDOException $e) { exit($e->getMessage()); } } else $result = 0; // Security hash incorrect. Fail. echo $result; // This script will output a status code of 1 (Success) or 0 (Try sending again later). ?> Script I wrote especially for lc-cms from ToXiC to auto-update cash + donation rank + list donations* done to see them in the  admin panel.   *Haven't finished yet the system to write which method got used so it'll only show you the number. - Vogelj1988 - 11-28-2014 thank you guys for releasing this  - bignoob77 - 01-04-2015 Yes ty so much this is great - KissLC - 04-09-2015 I am having an issue with superrewards and their required UID.  Of course I want the iframe of the widget to reference the player id currently logged on, but I am not sure what to use.  I have tried $user_id, $current_user, and a host of others.   <iframe src="2USER_ID" frameborder="0" width="728" height="2400" scrolling="no"></iframe>    In the iframe for the widget to superrewards what must I type in place of USER_ID in order for the widget to recognize the currently logged player?