07-14-2012, 08:01 PM
look for
echo Not found user
and change it to
echo Not found user;
LCKB
›
** OLD LCKB DATABASE **
›
Website Scripting & Security
›
Security
›
Website Security
Script PaymentWall
Script PaymentWall
|
Script PaymentWall
|
07-14-2012, 08:21 PM
thx W iza , but now the pingback of paymenwall test does not work. "Pingback wasnt successful. Reason: Response does not match the expected pattern"and this :HTTP/1.0 200 OK Date: Sat, 14 Jul 2012 20:16:12 GMT Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1 X-powered-by: PHP/5.3.8 Content-length: 16 Content-type: text/html Connection: close Wrong parameters
07-14-2012, 08:48 PM
line 150 .151.152.153.154 wrong parameters how fix this please?
07-14-2012, 09:12 PM
On the userid.. Did u use the username or the userid (number) ? The script is using the user id, the number
07-14-2012, 09:19 PM
Try this : /* * PaymentWall Pingback script * Author: Wizatek * * This script can be used for your server so u can embed the paymentwall system in your * website. This version of the pingback uses the user ID, the number, not the username * */ // Set this to your secret key provided by PaymentWall. $secretKey = 12345678901234567890; // Set the database settings. $dbs[server] = localhost; $dbs[user] = root; $dbs[pass] = ; // Since the server can use bg_user and t_users in _db and _auth depending on your connector settings $dbs[user_dbase] = newproject_db_auth; //========================================================== No need to edit below unless u know what u are doing ====================================== // Get the IP of the one connecting to this page $ip = $_SERVER[REMOTE_ADDR]; // Array of allowed ip addresses as provided by PaymentWall $allowIP[0] = 66.220.10.2; $allowIP[1] = 66.220.10.3; $allowIP[2] = 174.36.92.186; $allowIP[3] = 174.36.96.66; $allowIP[4] = 174.36.92.187; $allowIP[5] = 174.36.92.192; $allowIP[6] = 174.37.14.28; // If the one is using one of the ips in the array if( in_array($ip, $allowIP) ) { // Create the DSN $dbs[dsn] = sprintf("mysql:host=%s", $dbs[server] ); // Try to connect to the database try { $db = new PDO( $dbs[dsn], $dbs[user], $dbs[pass] ); } catch(PDOException $e) { die(Error connecting to the database); } // Function to ban the user. // It is prepared with a reason so u can embed it in your system easily function BanUser($uid, $reason) { global $dbs, $db; $query = sprintf (" UPDATE %s.t_users SET a_enable = 0 WHERE a_portal_index = :uid ", $dbs[user_dbase] ); $dbh = $db->prepare( $query ); $dbh->execute( array( :uid => $uid )); } // Add the cash to the account. // In case of a drawback or fraud paymentwall deletes the cash also // But since they use a negative amount, this will work perfectly function SetCash($uid, $amount) { global $dbs, $db; $query = sprintf (" UPDATE %s.bg_user SET cash = cash + :amount WHERE user_code = :uid ", $dbs[user_dbase] ); $dbh = $db->prepare( $query ); $dbh->execute( array( :amount => $amount, :uid => $uid )); } // Function to check if the user exists function CheckUserExist( $uid ) { global $dbs, $db; $query = sprintf (" SELECT count(*) FROM %s.bg_user WHERE user_code = :uid ", $dbs[user_dbase] ); $dbh = $db->prepare( $query ); $dbh->execute( array( :uid => $uid )); $result = $dbh->fetch(); if( $result[0] == 1 ) return true; else return false; } $uid = $_GET[uid]; $currency = $_GET[currency]; $type = $_GET[type]; $ref = $_GET[ref]; $sig = $_GET[sig]; // Check the incomming data if( !ctype_digit( $uid ) ) echo UID: . htmlspecialchars( $uid ) . is not a number; elseif( !is_numeric( $currency ) ) echo Currency: . htmlspecialchars( $currency ) . is not a number; elseif( !ctype_digit( $type ) ) echo Type: . htmlspecialchars( $type ) . is not a number; elseif( !ctype_alnum($ref) ) echo Reference: . htmlspecialchars( $ref ) . can only contain 0-9 a-Z; elseif( !ctype_alnum($sig) ) echo Signature: . htmlspecialchars( $sig ) . can only contain 0-9 a-Z; else { // See if the userid exists if( CheckUserExist( $uid ) ) { // Add the cash to the user if( $type == 0 || $type == 1 ) { SetCash($uid, $currency); echo OK; } // Chargeback or Fraud elseif( $type == 2 ) { $reason = $_GET[reason]; switch( $reason ) { case 1: BanUser($uid,Chargeback); break; case 2: BanUser($uid,Credit Card fraud); break; case 3: BanUser($uid,Order fraud); break; case 4: BanUser($uid,Bad data entry); break; case 5: BanUser($uid,Fake / proxy user); break; case 6: BanUser($uid,Rejected by advertiser); break; case 7: BanUser($uid,Duplicate conversions); break; case 8: BanUser($uid,Goodwill credit taken back); break; case 9: BanUser($uid,Cancelled order); break; case 10: BanUser($uid,Partially reversed transaction); break; } // Remove the cash SetCash($uid, $currency); echo OK; } else echo Unknown type : . htmlspecialchars( $type ); } else echo Not found user : . htmlspecialchars($uid); } } else echo IP Unknown : . $ip; ?> It has a little more debug output and it will be easy to locate the problem with this
07-14-2012, 09:25 PM
We need a domain for pingback ? Because i host my website to my Hamachi IP ><.. How i can ping back xD ?
07-14-2012, 09:28 PM
U cannot do this from your hamachi ip ofcourse since paymentwall is not in your hamachi network
07-14-2012, 09:29 PM
How to i can put my website to my WAN IP or a free domain ? with paymentwall ? :$
07-14-2012, 09:34 PM
At one moment u have to realise that not everything can be done for free  There are a lot of VPS servers u can get for 20 euros a month. And if u cant make your players donate 20 euros a month then u are doing something wrong. |
|
« Next Oldest | Next Newest »
|
Users browsing this thread: 1 Guest(s)