07-14-2012, 09:41 PM
i try Wiza thx
LCKB
›
** OLD LCKB DATABASE **
›
Website Scripting & Security
›
Security
›
Website Security
Script PaymentWall
Script PaymentWall
|
Script PaymentWall
|
07-14-2012, 09:44 PM
no work Wiza: HTTP/1.0 200 OK Date: Sat, 14 Jul 2012 21:42:58 GMT Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1 X-powered-by: PHP/5.3.8 Content-length: 36 Content-type: text/html Connection: close Reference: can only contain 0-9 a-Z
07-14-2012, 09:56 PM
Enter a random reference in the input boxes when u test it.
07-14-2012, 09:58 PM
lol now this :S sorry wiza for your time Notice: Undefined variable: db in C:\xampp\htdocs\donations\pingback.php on line 136 Fatal error: Call to a member function prepare() on a non-object in C:\xampp\htdocs\donations\pingback.php on line 136 THX AGAIN
07-14-2012, 10:47 PM
Ah right, /* * PaymentWall Pingback script * Author: Wizatek * * This script can be used for your server so u can embed the paymentwall system in your * website. This version of the pingback uses the user ID, the number, not the username * */ // Set this to your secret key provided by PaymentWall. $secretKey = 12345678901234567890; // Set the database settings. $dbs[server] = localhost; $dbs[user] = root; $dbs[pass] = ; // Since the server can use bg_user and t_users in _db and _auth depending on your connector settings $dbs[user_dbase] = newproject_db_auth; //========================================================== No need to edit below unless u know what u are doing ====================================== // Get the IP of the one connecting to this page $ip = $_SERVER[REMOTE_ADDR]; // Array of allowed ip addresses as provided by PaymentWall $allowIP[0] = 66.220.10.2; $allowIP[1] = 66.220.10.3; $allowIP[2] = 174.36.92.186; $allowIP[3] = 174.36.96.66; $allowIP[4] = 174.36.92.187; $allowIP[5] = 174.36.92.192; $allowIP[6] = 174.37.14.28; // If the one is using one of the ips in the array if( in_array($ip, $allowIP) ) { // Create the DSN $dbs[dsn] = sprintf("mysql:host=%s", $dbs[server] ); // Try to connect to the database try { $db = new PDO( $dbs[dsn], $dbs[user], $dbs[pass] ); } catch(PDOException $e) { die(Error connecting to the database); } // Function to ban the user. // It is prepared with a reason so u can embed it in your system easily function BanUser($uid, $reason) { global $dbs, $db; $query = sprintf (" UPDATE %s.t_users SET a_enable = 0 WHERE a_portal_index = :uid ", $dbs[user_dbase] ); $dbh = $db->prepare( $query ); $dbh->execute( array( :uid => $uid )); } // Add the cash to the account. // In case of a drawback or fraud paymentwall deletes the cash also // But since they use a negative amount, this will work perfectly function SetCash($uid, $amount) { global $dbs, $db; $query = sprintf (" UPDATE %s.bg_user SET cash = cash + :amount WHERE user_code = :uid ", $dbs[user_dbase] ); $dbh = $db->prepare( $query ); $dbh->execute( array( :amount => $amount, :uid => $uid )); } // Function to check if the user exists function CheckUserExist( $uid ) { global $dbs, $db; $query = sprintf (" SELECT count(*) FROM %s.bg_user WHERE user_code = :uid ", $dbs[user_dbase] ); $dbh = $db->prepare( $query ); $dbh->execute( array( :uid => $uid )); $result = $dbh->fetch(); if( $result[0] == 1 ) return true; else return false; } $uid = $_GET[uid]; $currency = $_GET[currency]; $type = $_GET[type]; $ref = $_GET[ref]; $sig = $_GET[sig]; // Check the incomming data if( !ctype_digit( $uid ) ) echo UID: . htmlspecialchars( $uid ) . is not a number; elseif( !is_numeric( $currency ) ) echo Currency: . htmlspecialchars( $currency ) . is not a number; elseif( !ctype_digit( $type ) ) echo Type: . htmlspecialchars( $type ) . is not a number; elseif( !ctype_alnum($ref) ) echo Reference: . htmlspecialchars( $ref ) . can only contain 0-9 a-Z; elseif( !ctype_alnum($sig) ) echo Signature: . htmlspecialchars( $sig ) . can only contain 0-9 a-Z; else { // See if the userid exists if( CheckUserExist( $uid ) ) { // Add the cash to the user if( $type == 0 || $type == 1 ) { SetCash($uid, $currency); echo OK; } // Chargeback or Fraud elseif( $type == 2 ) { $reason = $_GET[reason]; switch( $reason ) { case 1: BanUser($uid,Chargeback); break; case 2: BanUser($uid,Credit Card fraud); break; case 3: BanUser($uid,Order fraud); break; case 4: BanUser($uid,Bad data entry); break; case 5: BanUser($uid,Fake / proxy user); break; case 6: BanUser($uid,Rejected by advertiser); break; case 7: BanUser($uid,Duplicate conversions); break; case 8: BanUser($uid,Goodwill credit taken back); break; case 9: BanUser($uid,Cancelled order); break; case 10: BanUser($uid,Partially reversed transaction); break; } // Remove the cash SetCash($uid, $currency); echo OK; } else echo Unknown type : . htmlspecialchars( $type ); } else echo Not found user : . htmlspecialchars($uid); } } else echo IP Unknown : . $ip; ?> Or in short. Find all the function ...(...) { global $dbs; and change to function ...(...) { global $dbs, $db;
07-14-2012, 11:59 PM
work perfect wiza very very very thx man (apllication accepted)
07-27-2012, 05:49 PM
please wizatek can u help i get this error: UID: is not a number error in line 150 until 154 $uid = $_GET[uid]; $currency = $_GET[currency]; $type = $_GET[type]; $ref = $_GET[ref]; $sig = $_GET[sig]; thanks
07-27-2012, 05:57 PM
Probably u are using the username, and not the user id (the number) This script is made to work with the numbers, but it can be modifyd to work with usernames also
07-27-2012, 06:01 PM
im using this widget you change the code for me? to see if the right |
|
« Next Oldest | Next Newest »
|
Users browsing this thread: 1 Guest(s)