payment-wall [ Pingback & API ]

~~Anonymous-6723~~ · 02/01/2014, 08:31

UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'

update SK_Silk set silk_own = silk_own + $credits (guess this should be the variable for silks, haven't read the whole code) where JID = $userjid

also in pay_ment_wall it's okay to use

(for example) for pingback script, since cloudflare might make it not to work. (127... = yourIP)

Lost my scripts, they were working like charm with all the options if I find them I will upload

~~retontoxD~~ · 02/01/2014, 14:22

I have an example of a working one, check it:

PHP Code:


			
<?php
/*  
 *  Pingback Listener Script
 *  For Virtual Currency API
 *  Copyright (c) 2010-2013 *********** Team
 */
/*  
 *  Define your application-specific options
 */

//SQL
$cfg['sql_host'] = "SQLIP";
$cfg['sql_db'] = "SRO_VT_ACCOUNT";
$cfg['sql_user'] = "USER";
$cfg['sql_pass'] = "PASSWORD";


$sqlLink = mssql_connect($cfg["sql_host"],$cfg["sql_user"],$cfg["sql_pass"]);
    if(!$sqlLink) die("Conection closed.");
        else
        {
            mssql_select_db($cfg["sql_db"],$sqlLink);
        }


define('SECRET', 'Your Secret here');
define('IP_WHITELIST_CHECK_ACTIVE', true);
define('CREDIT_TYPE_CHARGEBACK', 2);
/**  
 *  The IP addresses below are ***********'s
 *  servers. Make sure your pingback script
 *  accepts requests from these addresses ONLY.
 *
 */
$ipsWhitelist = array(
        '174.36.92.186',
        '174.36.96.66',
        '174.36.92.187',
        '174.36.92.192',
        '174.37.14.28'
);
/**  
 *  Collect the GET parameters from the request URL
 */
$userId = isset($_GET['uid']) ? $_GET['uid'] : null;
$credits = isset($_GET['currency']) ? $_GET['currency'] : null;
$type = isset($_GET['type']) ? $_GET['type'] : null;
$refId = isset($_GET['ref']) ? $_GET['ref'] : null;
$signature = isset($_GET['sig']) ? $_GET['sig'] : null;
$result = false;
/**  
 *  If there are any errors encountered, the script will list them
 *  in an array.
 */
if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) {
        $signatureParams = array(
                'uid' => $userId,
                'currency' => $credits,
                'type' => $type,
                'ref' => $refId
        );
        $signatureCalculated = generateSignature($signatureParams, SECRET);
/** 
  *  check if IP is in whitelist and if signature matches    
  */
        if (in_array($_SERVER['REMOTE_ADDR'], $ipsWhitelist) && ($signature == $signatureCalculated)) {
                $result = true;
                if($type == CREDIT_TYPE_CHARGEBACK)
                {
 /** 
  *  Deduct credits from user. Note that currency amount
  *  sent for chargeback is negative, e.g. -5, so be
  *  careful about the sign Don't deduct negative
  *  number, otherwise user will gain credits instead
  *  of losing them
  *
  */ 
                $query = mssql_query("
                UPDATE SK_Silk
                SET silk_own = silk_own + $credits
                WHERE JID = '$userId'
                ");
                
                }
                else
                {
                    
                
                //If account dont exist in SK_Silk
                     $is_exist = mssql_query("
                     SELECT * FROM SK_Silk
                     WHERE JID = '$userId'
                     ");
                     
                     $num = mssql_num_rows($is_exist);
                     if(!$num)
                     {
                     
                     $query = mssql_query("
                     INSERT INTO SK_Silk (JID,silk_own,silk_gift,silk_point) VALUES ($userId,$credits,0,0)
                     ");
                     
                
                     }
                     //If account exist in SK_Silk
                     else
                     {
                     
                     $query = mssql_query("
                     UPDATE SK_Silk SET silk_own = silk_own + $credits WHERE JID = '$userId'
                     ");

                
                     }
                     
                }
        }
}
if ($result) {
        echo 'OK';
}
function generateSignature($params, $secret) {
        $str = '';
        foreach ($params as $k=>$v) {
                $str .= "$k=$v";
        }
        $str .= $secret;
        return md5($str);
}

Also as Zed said, you should use the clean IP for pingback. If you dont, then you should change:

define('IP_WHITELIST_CHECK_ACTIVE', true);
TO
define('IP_WHITELIST_CHECK_ACTIVE', false);

Twistin** · 02/02/2014, 03:38

Quote:

Originally Posted by Zed*

UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'

update SK_Silk set silk_own = silk_own + $credits (guess this should be the variable for silks, haven't read the whole code) where JID = $userjid

also in pay_ment_wall it's okay to use (for example) for pingback script, since cloudflare might make it not to work. (127... = yourIP)

Lost my scripts, they were working like charm with all the options if I find them I will upload

I hope you give us more hints

Quote:

Originally Posted by retontoxD

I have an example of a working one, check it:

PHP Code:

<?php /* * Pingback Listener Script * For Virtual Currency API * Copyright (c) 2010-2013 *********** Team */ /* * Define your application-specific options */ //SQL $cfg['sql_host'] = "SQLIP"; $cfg['sql_db'] = "SRO_VT_ACCOUNT"; $cfg['sql_user'] = "USER"; $cfg['sql_pass'] = "PASSWORD"; $sqlLink = mssql_connect($cfg["sql_host"],$cfg["sql_user"],$cfg["sql_pass"]); if(!$sqlLink) die("Conection closed."); else { mssql_select_db($cfg["sql_db"],$sqlLink); } define('SECRET', 'Your Secret here'); define('IP_WHITELIST_CHECK_ACTIVE', true); define('CREDIT_TYPE_CHARGEBACK', 2); /** * The IP addresses below are ***********'s * servers. Make sure your pingback script * accepts requests from these addresses ONLY. * */ $ipsWhitelist = array( '174.36.92.186', '174.36.96.66', '174.36.92.187', '174.36.92.192', '174.37.14.28' ); /** * Collect the GET parameters from the request URL */ $userId = isset($_GET['uid']) ? $_GET['uid'] : null; $credits = isset($_GET['currency']) ? $_GET['currency'] : null; $type = isset($_GET['type']) ? $_GET['type'] : null; $refId = isset($_GET['ref']) ? $_GET['ref'] : null; $signature = isset($_GET['sig']) ? $_GET['sig'] : null; $result = false; /** * If there are any errors encountered, the script will list them * in an array. */ if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) { $signatureParams = array( 'uid' => $userId, 'currency' => $credits, 'type' => $type, 'ref' => $refId ); $signatureCalculated = generateSignature($signatureParams, SECRET); /** * check if IP is in whitelist and if signature matches */ if (in_array($_SERVER['REMOTE_ADDR'], $ipsWhitelist) && ($signature == $signatureCalculated)) { $result = true; if($type == CREDIT_TYPE_CHARGEBACK) { /** * Deduct credits from user. Note that currency amount * sent for chargeback is negative, e.g. -5, so be * careful about the sign Don't deduct negative * number, otherwise user will gain credits instead * of losing them * */ $query = mssql_query(" UPDATE SK_Silk SET silk_own = silk_own + $credits WHERE JID = '$userId' "); } else { //If account dont exist in SK_Silk $is_exist = mssql_query(" SELECT * FROM SK_Silk WHERE JID = '$userId' "); $num = mssql_num_rows($is_exist); if(!$num) { $query = mssql_query(" INSERT INTO SK_Silk (JID,silk_own,silk_gift,silk_point) VALUES ($userId,$credits,0,0) "); } //If account exist in SK_Silk else { $query = mssql_query(" UPDATE SK_Silk SET silk_own = silk_own + $credits WHERE JID = '$userId' "); } } } } if ($result) { echo 'OK'; } function generateSignature($params, $secret) { $str = ''; foreach ($params as $k=>$v) { $str .= "$k=$v"; } $str .= $secret; return md5($str); }

Also as Zed said, you should use the clean IP for pingback. If you dont, then you should change:

define('IP_WHITELIST_CHECK_ACTIVE', true);
TO
define('IP_WHITELIST_CHECK_ACTIVE', false);

I just tried your script .. while cloudflare system is paused ..

Request

Code:

GET http://xxxx-online.com:80/mod/***********.api.php?uid=&currency=&type=0******&sig=633b508e85025a207a3e155c968368d0 HTTP/1.1
Host: xxxx-online.com
Connection: close
Accept-encoding: gzip, deflate
User-Agent: *********** API

Response

Code:

HTTP/1.0 200 OK
Content-type: text/html
Content-encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-powered-by: ASP.NET
X-powered-by-plesk: PleskWin
Date: Sun, 02 Feb 2014 02:35:44 GMT
Content-length: 119
Connection: close

tried both .. true and false .. btw add me in skype mahmoud.lembo
maybe i missing something !!

thank you ..

#requesttoclose .
paid to someone to make it for me

~~imbamt3~~ · 01/14/2016, 13:19

Twistin** give me this script i wanna use on metin2 server