SuperRewards Pingback

[Sutz]

As many people still try to use PaymentWall but they nolonger support LastChaos you can simply use SuperRewards, they are the same as PaymentWall an offer the same service.

 

2

 

Here is a simple working pingback:

<?php

define('APP_SECRET', ''); // App Secret Key. Find it by going to the Apps page, select Edit on the App of your choice, then Integrate.
define('DB_USER', 'root'); // Your database user.
define('DB_PASSWORD', ''); // Your database password.
define('DB_HOST', '127.0.0.1'); // Your database host (usually 127.0.0.1).
define('DB_HOST_PORT', '3306'); // Your database host port (usually 3306).
define('DB_AUTH', ''); // Your database name.
define('DB_SITE', ''); // Your database name.
define('DB_PREFIX', 't_'); // OPTIONAL: A database table prefix, such as 'app1_'. This easily allows multiple apps to be served from the same database.

error_reporting(E_WARNING);

// *** No more configuration below this line. ***

header('Content-Type:text/plain');

$id = $_REQUEST['id']; // ID of this transaction.
$uid = $_REQUEST['uid']; // ID of the user which performed this transaction.
$oid = $_REQUEST['oid']; // ID of the offer or direct payment method.
$new = $_REQUEST['new']; // Number of in-game currency your user has earned by completing this offer.
$total = $_REQUEST['total']; // Total number of in-game currency your user has earned on this App.
$sig = $_REQUEST['sig']; // Security hash used to verify the authenticity of the postback.

/**
 * Sanity check.
 *
 * If you are using alphanumeric user ids, remove the is_numeric($uid) check. Alphanumeric
 * ids can only be enabled by Super Rewards Support
 *
 * If you are using alphanumeric user ids, please ensure that you use the appropriate URL-encoding
 * for non-text or unicode characters. For example: ~ should be encoded as %7E
 */

if(!(is_numeric($id) && is_numeric($uid) && is_numeric($oid) && is_numeric($new) && is_numeric($total)))
    exit('0'); // Fail.

$result = 1;

$sig_compare = md5($id.':'.$new.':'.$uid.':'.APP_SECRET);

// Only accept if the Security Hash matches what we have.
if($sig == $sig_compare)
{

    try
    {
        // Connect to Database.
        $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_AUTH.";port=".DB_HOST_PORT, DB_USER, '', array( PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING ));

        // Add Cash
        $query = $dbh->prepare("UPDATE bg_user SET cash = cash + :new WHERE user_code = :uid");
        $query->bindParam(':uid', $uid, PDO:ARAM_INT);
        $query->bindParam(':new', $cash, PDO:ARAM_INT);

        if(!$query->execute())
            $result = 0; // Problems executing SQL. Fail.

        $dbh = null;
    }
    catch (PDOException $e)
    {
        exit($e->getMessage());
    }
}
else
    $result = 0; // Security hash incorrect. Fail.

echo $result;
// This script will output a status code of 1 (Success) or 0 (Try sending again later).
?>

[luoo]

$query->bindParam(':new', $cash, PDO:ARAM_INT);

 

should be

 

$query->bindParam(':new', $new, PDO:ARAM_INT);

[Sutz]

my bad

[ren0d1]

<?php

define('APP_SECRET', 'yoursecretkey'); // App Secret Key. Find it by going to the Apps page, select Edit on the App of your choice, then Integrate.
define('DB_USER', 'root'); // Your database user.
define('DB_PASSWORD', ''); // Your database password.
define('DB_HOST', 'localhost'); // Your database host (usually 127.0.0.1).
define('DB_HOST_PORT', '3306'); // Your database host port (usually 3306).
define('DB_NAME', 'newproject_db_auth'); // Your database name.
define('DB_NAME_SITE', 'website'); // Your database name.

error_reporting(E_WARNING);

// *** No more configuration below this line. ***

header('Content-Type:text/plain');

$id = $_REQUEST['id']; // ID of this transaction.
$uid = $_REQUEST['uid']; // ID of the user which performed this transaction.
$oid = $_REQUEST['oid']; // ID of the offer or direct payment method.
$new = $_REQUEST['new']; // Number of in-game currency your user has earned by completing this offer.
$total = $_REQUEST['total']; // Total number of in-game currency your user has earned on this App.
$sig = $_REQUEST['sig']; // Security hash used to verify the authenticity of the postback.

/**
* Sanity check.
*
* If you are using alphanumeric user ids, remove the is_numeric($uid) check. Alphanumeric
* ids can only be enabled by Super Rewards Support
*
* If you are using alphanumeric user ids, please ensure that you use the appropriate URL-encoding
* for non-text or unicode characters. For example: ~ should be encoded as %7E
*/
if(!(is_numeric($id) && is_numeric($uid) && is_numeric($oid) && is_numeric($new) && is_numeric($total)))
exit('0'); // Fail.

$result = 1;

$sig_compare = md5($id.':'.$new.':'.$uid.':'.APP_SECRET);

// Only accept if the Security Hash matches what we have.
if($sig == $sig_compare)
{
$timestamp = date("Y-m-d H:i", time());

try
{
// Connect to Database.
$dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME.";port=".DB_HOST_PORT, DB_USER, DB_PASSWORD, array( PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING ));
$dbh5 = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME_SITE.";port=".DB_HOST_PORT, DB_USER, DB_PASSWORD, array( PDO::ATTR_ERRMODE => PDO::ERRMODE_WARNING ));

// Add new transaction
$query = $dbh5->prepare("INSERT INTO t_donation_log SET a_account_index = :user, a_cash = :cash, a_transaction_id = :ref, a_type = :type, a_date = :today");
$query->bindParam(':ref', $id, PDO:ARAM_INT);
$query->bindParam(':user', $uid, PDO:ARAM_INT);
$query->bindParam(':type', $oid, PDO:ARAM_INT);
$query->bindParam(':cash', $new, PDO:ARAM_INT);
$query->bindParam(':today', $timestamp, PDO:ARAM_STR);
if(!$query->execute())
$result = 0; // Problems executing SQL. Fail.

// Add/Update user.
$query2 = $dbh->prepare("UPDATE bg_user SET cash = cash + :new WHERE user_code = :uid");
$query2->bindParam(':new', $new, PDO:ARAM_INT);
$query2->bindParam(':uid', $uid, PDO:ARAM_INT);
if(!$query2->execute())
$result = 0; // Problems executing SQL. Fail.

//Update max cash.
$query1 = $dbh5->prepare("UPDATE t_user_log SET a_total_donate = a_total_donate + :cash WHERE a_account_index = :user");
$query1->bindParam(':user', $uid, PDO:ARAM_INT);
$query1->bindParam(':cash', $new, PDO:ARAM_INT);
if(!$query1->execute())
$result = 0; // Problems executing SQL. Fail.

$dbh = null;
}
catch (PDOException $e)
{
exit($e->getMessage());
}
}
else
$result = 0; // Security hash incorrect. Fail.

echo $result;

// This script will output a status code of 1 (Success) or 0 (Try sending again later).

?>

Script I wrote especially for lc-cms from ToXiC to auto-update cash + donation rank + list donations* done to see them in the  admin panel.

 

*Haven't finished yet the system to write which method got used so it'll only show you the number.

[Vogelj1988]

thank you guys for releasing this 

[bignoob77]

Yes ty so much this is great

[KissLC]

I am having an issue with superrewards and their required UID.  Of course I want the iframe of the widget to reference the player id currently logged on, but I am not sure what to use.  I have tried $user_id, $current_user, and a host of others.

 

<iframe src="2USER_ID" frameborder="0" width="728" height="2400" scrolling="no"></iframe>

 

 In the iframe for the widget to superrewards what must I type in place of USER_ID in order for the widget to recognize the currently logged player?