payment-wall [ Pingback & API ]

Page 1 of 2 1 2
01/31/2014 05:34 Twistin**#1
Hello elitepvpers members,
am here to ask anybody to help me to setup my own payment-wall
I tried alot but always getting some problems i think it's because cloudflare
---------------------------
Pingback wasn't successful. Reason: Response body does not match the expected pattern: OK
---------------------------
Request
Quote:
GET [Only registered and activated users can see links. Click Here To Register...] HTTP/1.1
Host: xxxxx-online.com
Connection: close
Accept-encoding: gzip, deflate
User-Agent: paymen twall API
---------------------------
Response
Quote:
HTTP/1.0 200 OK
Server: cloudflare-nginx
Date: Fri, 31 Jan 2014 04:30:02 GMT
Content-type: text/html
Set-cookie: __cfduid=d2d1xxx1d1xxx3exxx71xxxexxxcfd0xxx114xxx2 xxx; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xxxxx-online.com; HttpOnly
Vary: Accept-Encoding
X-powered-by: ASP.NET
X-powered-by-plesk: PleskWin
Cf-ray: f53aa14212a093e-DFW
Content-encoding: gzip
Connection: close

Missing parameters!

or something like thats // If you can help me feel free to pm me
or add skype : mahmoud.lembo

for more information feel free to pm me
01/31/2014 16:13 Nezekan#2
Nobody is going to help you with trying to earn money from silkroad, if you don't know how to code/fix something as simple as this you shouldn't be running a silkroad server
01/31/2014 16:25 retontoxD#3
Show us the code
01/31/2014 16:50 paxemuman#4
Quote:
Originally Posted by Nezekan View Post
Nobody is going to help you with trying to earn money from silkroad, if you don't know how to code/fix something as simple as this you shouldn't be running a silkroad server
Wow you are full of complexes sir..
01/31/2014 17:06 Nezekan#5
Quote:
Originally Posted by paxemuman View Post
Wow you are full of complexes sir..
Thanks, but please don't turn this into another one of your retarded arguments about how much you hate me and how good your crappy emulator is.

Yeah, I don't like you, and I think you're a complete and utter retard, you're a piece of useless horsedung and you're just a money hungry homo. Either way now that that's settled, there is no need for you to go offtopic anymore, if you got anymore issues with me feel free to use the private message button (if you're actually able to grasp how an advanced 'feature' like this even works, surely).

Now back ontopic, I don't really see the point in helping one of the people that ruined the silkroad community for everyone, while they're not the root of the problem, random kids opening a private server everytime they see their paypal balance lowering make me sick, I really wonder why people keep falling for it, isn't it obvious why they "relaunch" every couple of weeks with nothing new?
01/31/2014 17:10 paxemuman#6
Quote:
Originally Posted by Nezekan View Post
Thanks, but please don't turn this into another one of your retarded arguments about how much you hate me and how good your crappy emulator is.

Yeah, I don't like you, and I think you're a complete and utter retard, you're a piece of useless horsedung and you're just a money hungry homo. Either way now that that's settled, there is no need for you to go offtopic anymore, if you got anymore issues with me feel free to use the private message button (if you're actually able to grasp how an advanced 'feature' like this even works, surely).

Now back ontopic, I don't really see the point in helping one of the people that ruined the silkroad community for everyone, while they're not the root of the problem, random kids opening a private server everytime they see their paypal balance lowering make me sick, I really wonder why people keep falling for it, isn't it obvious why they "relaunch" every couple of weeks with nothing new?
Ok i get it, you have a period...
One more thing. its not your business about he want to make a server or not, wont help? then GTFO and stop trolling in such a bad way, its not even funny man.
01/31/2014 17:30 Twistin**#7
Quote:
Originally Posted by Nezekan View Post
Nobody is going to help you with trying to earn money from silkroad, if you don't know how to code/fix something as simple as this you shouldn't be running a silkroad server
sure ? first am already have my server .. and am not trying to earn money ..
usually private server make donate page to collect money to pay the host ..
You must to learn to respect people .. where is the problem if i ask somebody
to help me in something .. You're greedy ^_^

also i tried alot to make it work without helping from anybody .. but i failed :)
sorry for my bad english !!

Quote:
Originally Posted by retontoxD View Post
Show us the code
add me to skype : mahmoud.lembo
01/31/2014 17:40 Nezekan#8
Quote:
Originally Posted by paxemuman View Post
Ok i get it, you have a period...
One more thing. its not your business about he want to make a server or not, wont help? then GTFO and stop trolling in such a bad way, its not even funny man.
[Only registered and activated users can see links. Click Here To Register...]

Quote:
Originally Posted by Twistin** View Post
sure ? first am already have my server .. and am not trying to earn money ..
usually private server make donate page to collect money to pay the host ..
You must to learn to respect people .. where is the problem if i ask somebody
to help me in something .. You're greedy ^_^

also i tried alot to make it work without helping from anybody .. but i failed :)
sorry for my bad english !!

add me to skype : mahmoud.lembo
Do you even know what the word 'greedy' means?
01/31/2014 17:57 Twistin**#9
greedy the one who love himself and don't want help the others .. and arrogant !!
01/31/2014 20:38 WickedNite#10
Quote:
Originally Posted by paxemuman View Post
Ok i get it, you have a period...
One more thing. its not your business about he want to make a server or not, wont help? then GTFO and stop trolling in such a bad way, its not even funny man.
I really can't wait to see you opening a server, oh the sweet taste of keeping you down.
01/31/2014 22:24 Twistin**#11
please guys make reply on topic !!
01/31/2014 23:07 retontoxD#12
Quote:
Originally Posted by Twistin** View Post
please guys make reply on topic !!
Post it here, so if we fix it all will know how.
Anyway, if your website is behind a proxy then check if the code have something related to the IP.
If it have some function for check the IPs disable it.
02/01/2014 00:18 Twistin**#13
Yea it allow some ip's to show the script

Code:
<?php
/*  
 *  Pingback Listener Script
 *  For Virtual Currency API
 *  Copyright (c) 2010-2013 *********** Team
 */
/*  
 *  Define your application-specific options
 */
define('SECRET', 'Your Secret here'); // secret key of your application
define('IP_WHITELIST_CHECK_ACTIVE', true);
define('CREDIT_TYPE_CHARGEBACK', 2);
/**  
 *  The IP addresses below are ***********'s
 *  servers. Make sure your pingback script
 *  accepts requests from these addresses ONLY.
 *
 */
$ipsWhitelist = array(
    '174.36.92.186',
    '174.36.96.66',
    '174.36.92.187',
    '174.36.92.192',
    '174.37.14.28'
);

/**  
 *  Collect the GET parameters from the request URL
 */
$userId = isset($_GET['uid']) ? $_GET['uid'] : null;
$credits = isset($_GET['currency']) ? $_GET['currency'] : null;
$type = isset($_GET['type']) ? $_GET['type'] : null;
$refId = isset($_GET['ref']) ? $_GET['ref'] : null;
$signature = isset($_GET['sig']) ? $_GET['sig'] : null;
$sign_version = isset($_GET['sign_version']) ? $_GET['sign_version'] : null;

$result = false;

/**  
 *  If there are any errors encountered, the script will list them
 *  in an array.
 */
$errors = array ();

if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) {
    $signatureParams = array();

    /** 
  *  version 1 signature
  */
    if (empty($sign_version) || $sign_version <= 1) {
  $signatureParams = array(
    'uid' => $userId,
    'currency' => $credits,
    'type' => $type,
    'ref' => $refId
  );
    }
    /** 
  *  version 2+ signature
  */
    else {
  $signatureParams = array();
  foreach ($_GET as $param => $value) {    
    $signatureParams[$param] = $value;
  }
  unset($signatureParams['sig']);
    }

    /** 
  *  check if IP is in whitelist and if signature matches    
  */
    $signatureCalculated = calculatePingbackSignature($signatureParams, SECRET, $sign_version);

    /** 
  *  Run the security check -- if the request's origin is one
  *  of ***********'s servers, and if the signature matches
  *  the parameters.
  */
    if (!IP_WHITELIST_CHECK_ACTIVE || in_array($_SERVER['REMOTE_ADDR'], $ipsWhitelist)) {
  if ($signature == $signatureCalculated) {
    $result = true;
    if ($type == CREDIT_TYPE_CHARGEBACK) {
    /** 
  *  Deduct credits from user. Note that currency amount
  *  sent for chargeback is negative, e.g. -5, so be
  *  careful about the sign Don't deduct negative
  *  number, otherwise user will gain credits instead
  *  of losing them
  *
  */
            //editing parts
                $con = new Database("PC-Name\SQLEXPRESS","sa","password","SRO_VT_SHARD") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    } else {
            //editing parts
                $con = new Database("PC-Name","sa","pw","SRO_VT_ACCOUNT") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    // Give credits to user
    }
  } else {
    $errors['signature'] = 'Signature is not valid!';    
  }
    } else {
  $errors['whitelist'] = 'IP not in whitelist!';
    }
} else {
    $errors['params'] = 'Missing parameters!';
}
/**  
 *  Always make sure to echo OK so ***********
 *  will know that the transaction is successful.
 */
if ($result) {
    echo 'OK';
} else {
    echo implode(' ', $errors);
}

/**  
 *  Signature calculation function
 */
function calculatePingbackSignature($params, $secret, $version) {
    $str = '';
    if ($version == 2) {
  ksort($params);
    }
    foreach ($params as $k=>$v) {
  $str .= "$k=$v";
    }
    $str .= $secret;
    return md5($str);
}
class Database
    {
        private $db;
        public function Database($host, $user, $pass, $db) {
            try {
                $this->db = new PDO("mysql:dbname=".$db.";host=".$host.";", $user, $pass);        
            } catch(PDOEXCEPTION $e) {
                die('An error oncorupied! [Code: '.$e->getCode().']!');
            }
        }
        public function runQuery($query) {
            return $this->db->query($query);    
        }
    }
    ?>
02/01/2014 03:48 retontoxD#14
Quote:
Originally Posted by Twistin** View Post
Yea it allow some ip's to show the script
Try with this one:
Code:
<?php
/*  
 *  Pingback Listener Script
 *  For Virtual Currency API
 *  Copyright (c) 2010-2013 *********** Team
 */
/*  
 *  Define your application-specific options
 */
define('SECRET', 'Your Secret here'); // secret key of your application
define('IP_WHITELIST_CHECK_ACTIVE', false);
define('CREDIT_TYPE_CHARGEBACK', 2);
/**  
 *  The IP addresses below are ***********'s
 *  servers. Make sure your pingback script
 *  accepts requests from these addresses ONLY.
 *
 */
$ipsWhitelist = array(
    '174.36.92.186',
    '174.36.96.66',
    '174.36.92.187',
    '174.36.92.192',
    '174.37.14.28'
);

/**  
 *  Collect the GET parameters from the request URL
 */
$userId = isset($_GET['uid']) ? $_GET['uid'] : null;
$credits = isset($_GET['currency']) ? $_GET['currency'] : null;
$type = isset($_GET['type']) ? $_GET['type'] : null;
$refId = isset($_GET['ref']) ? $_GET['ref'] : null;
$signature = isset($_GET['sig']) ? $_GET['sig'] : null;
$sign_version = isset($_GET['sign_version']) ? $_GET['sign_version'] : null;

$result = false;

/**  
 *  If there are any errors encountered, the script will list them
 *  in an array.
 */
$errors = array ();

if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) {
    $signatureParams = array();

    /** 
  *  version 1 signature
  */
    if (empty($sign_version) || $sign_version <= 1) {
  $signatureParams = array(
    'uid' => $userId,
    'currency' => $credits,
    'type' => $type,
    'ref' => $refId
  );
    }
    /** 
  *  version 2+ signature
  */
    else {
  $signatureParams = array();
  foreach ($_GET as $param => $value) {    
    $signatureParams[$param] = $value;
  }
  unset($signatureParams['sig']);
    }

    /** 
  *  check if IP is in whitelist and if signature matches    
  */
    $signatureCalculated = calculatePingbackSignature($signatureParams, SECRET, $sign_version);

    /** 
  *  Run the security check -- if the request's origin is one
  *  of ***********'s servers, and if the signature matches
  *  the parameters.
  */
    if (!IP_WHITELIST_CHECK_ACTIVE || in_array($_SERVER['REMOTE_ADDR'], $ipsWhitelist)) {
  if ($signature == $signatureCalculated) {
    $result = true;
    if ($type == CREDIT_TYPE_CHARGEBACK) {
    /** 
  *  Deduct credits from user. Note that currency amount
  *  sent for chargeback is negative, e.g. -5, so be
  *  careful about the sign Don't deduct negative
  *  number, otherwise user will gain credits instead
  *  of losing them
  *
  */
            //editing parts
                $con = new Database("PC-Name\SQLEXPRESS","sa","password","SRO_VT_SHARD") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    } else {
            //editing parts
                $con = new Database("PC-Name","sa","pw","SRO_VT_ACCOUNT") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    // Give credits to user
    }
  } else {
    $errors['signature'] = 'Signature is not valid!';    
  }
    } else {
  $errors['whitelist'] = 'IP not in whitelist!';
    }
} else {
    $errors['params'] = 'Missing parameters!';
}
/**  
 *  Always make sure to echo OK so ***********
 *  will know that the transaction is successful.
 */
if ($result) {
    echo 'OK';
} else {
    echo implode(' ', $errors);
}

/**  
 *  Signature calculation function
 */
function calculatePingbackSignature($params, $secret, $version) {
    $str = '';
    if ($version == 2) {
  ksort($params);
    }
    foreach ($params as $k=>$v) {
  $str .= "$k=$v";
    }
    $str .= $secret;
    return md5($str);
}
class Database
    {
        private $db;
        public function Database($host, $user, $pass, $db) {
            try {
                $this->db = new PDO("mysql:dbname=".$db.";host=".$host.";", $user, $pass);        
            } catch(PDOEXCEPTION $e) {
                die('An error oncorupied! [Code: '.$e->getCode().']!');
            }
        }
        public function runQuery($query) {
            return $this->db->query($query);    
        }
    }
    ?>
02/01/2014 03:57 Twistin**#15
Request
Quote:
GET [Only registered and activated users can see links. Click Here To Register...] HTTP/1.1
Host: xxxx-online.com
Connection: close
Accept-encoding: gzip, deflate
User-Agent: *********** API
Response
Quote:
HTTP/1.0 200 OK
Server: cloudflare-nginx
Date: Sat, 01 Feb 2014 02:54:42 GMT
Content-type: text/html
Set-cookie: __cfduid=d73be144a20fa54a7bdfdecaa195ff97913912232 82108; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xxxx-online.com; HttpOnly
Vary: Accept-Encoding
X-powered-by: ASP.NET
X-powered-by-plesk: PleskWin
Cf-ray: f5b5bc92e450944-DFW
Content-encoding: gzip
Connection: close

Missing parameters!
Page 1 of 2 1 2