payment-wall [ Pingback & API ]

[Twistin**]

Hello elitepvpers members,
am here to ask anybody to help me to setup my own payment-wall
I tried alot but always getting some problems i think it's because cloudflare
---------------------------
Pingback wasn't successful. Reason: Response body does not match the expected pattern: OK
---------------------------
Request

Quote:

GET HTTP/1.1
Host: xxxxx-online.com
Connection: close
Accept-encoding: gzip, deflate
User-Agent: paymen twall API

---------------------------
Response

Quote:

HTTP/1.0 200 OK
Server: cloudflare-nginx
Date: Fri, 31 Jan 2014 04:30:02 GMT
Content-type: text/html
Set-cookie: __cfduid=d2d1xxx1d1xxx3exxx71xxxexxxcfd0xxx114xxx2 ***; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xxxxx-online.com; HttpOnly
Vary: Accept-Encoding
X-powered-by: ASP.NET
X-powered-by-plesk: PleskWin
Cf-ray: f53aa14212a093e-DFW
Content-encoding: gzip
Connection: close

Missing parameters!

or something like thats // If you can help me feel free to pm me
or add skype : mahmoud.lembo

for more information feel free to pm me

[Nezekan]

Nobody is going to help you with trying to earn money from silkroad, if you don't know how to code/fix something as simple as this you shouldn't be running a silkroad server

[retontoxD]

Show us the code

[paxemuman]

Quote:

Originally Posted by Nezekan

Nobody is going to help you with trying to earn money from silkroad, if you don't know how to code/fix something as simple as this you shouldn't be running a silkroad server

Wow you are full of complexes sir..

[Nezekan]

Quote:

Originally Posted by paxemuman

Wow you are full of complexes sir..

Thanks, but please don't turn this into another one of your retarded arguments about how much you hate me and how good your crappy emulator is.

Yeah, I don't like you, and I think you're a complete and utter ******, you're a piece of useless horsedung and you're just a money hungry ****. Either way now that that's settled, there is no need for you to go offtopic anymore, if you got anymore issues with me feel free to use the private message button (if you're actually able to grasp how an advanced 'feature' like this even works, surely).

Now back ontopic, I don't really see the point in helping one of the people that ruined the silkroad community for everyone, while they're not the root of the problem, random kids opening a private server everytime they see their paypal balance lowering make me sick, I really wonder why people keep falling for it, isn't it obvious why they "relaunch" every couple of weeks with nothing new?

[paxemuman]

Quote:

Originally Posted by Nezekan

Thanks, but please don't turn this into another one of your retarded arguments about how much you hate me and how good your crappy emulator is.

Yeah, I don't like you, and I think you're a complete and utter ******, you're a piece of useless horsedung and you're just a money hungry ****. Either way now that that's settled, there is no need for you to go offtopic anymore, if you got anymore issues with me feel free to use the private message button (if you're actually able to grasp how an advanced 'feature' like this even works, surely).

Now back ontopic, I don't really see the point in helping one of the people that ruined the silkroad community for everyone, while they're not the root of the problem, random kids opening a private server everytime they see their paypal balance lowering make me sick, I really wonder why people keep falling for it, isn't it obvious why they "relaunch" every couple of weeks with nothing new?

Ok i get it, you have a period...
One more thing. its not your business about he want to make a server or not, wont help? then GTFO and stop trolling in such a bad way, its not even funny man.

[Twistin**]

Quote:

Originally Posted by Nezekan

Nobody is going to help you with trying to earn money from silkroad, if you don't know how to code/fix something as simple as this you shouldn't be running a silkroad server

sure ? first am already have my server .. and am not trying to earn money ..
usually private server make donate page to collect money to pay the host ..
You must to learn to respect people .. where is the problem if i ask somebody
to help me in something .. You're greedy ^_^

also i tried alot to make it work without helping from anybody .. but i failed
sorry for my bad english !!

Quote:

Originally Posted by retontoxD

Show us the code

add me to skype : mahmoud.lembo

[Nezekan]

Quote:

Originally Posted by paxemuman

Ok i get it, you have a period...
One more thing. its not your business about he want to make a server or not, wont help? then GTFO and stop trolling in such a bad way, its not even funny man.

Quote:

Originally Posted by Twistin**

sure ? first am already have my server .. and am not trying to earn money ..
usually private server make donate page to collect money to pay the host ..
You must to learn to respect people .. where is the problem if i ask somebody
to help me in something .. You're greedy ^_^

also i tried alot to make it work without helping from anybody .. but i failed
sorry for my bad english !!

add me to skype : mahmoud.lembo

Do you even know what the word 'greedy' means?

[Twistin**]

greedy the one who love himself and don't want help the others .. and arrogant !!

[WickedNite]

Quote:

Originally Posted by paxemuman

Ok i get it, you have a period...
One more thing. its not your business about he want to make a server or not, wont help? then GTFO and stop trolling in such a bad way, its not even funny man.

I really can't wait to see you opening a server, oh the sweet taste of keeping you down.

[Twistin**]

please guys make reply on topic !!

[retontoxD]

Quote:

Originally Posted by Twistin**

please guys make reply on topic !!

Post it here, so if we fix it all will know how.
Anyway, if your website is behind a proxy then check if the code have something related to the IP.
If it have some function for check the IPs disable it.

[Twistin**]

Yea it allow some ip's to show the script

Code:

<?php
/*  
 *  Pingback Listener Script
 *  For Virtual Currency API
 *  Copyright (c) 2010-2013 *********** Team
 */
/*  
 *  Define your application-specific options
 */
define('SECRET', 'Your Secret here'); // secret key of your application
define('IP_WHITELIST_CHECK_ACTIVE', true);
define('CREDIT_TYPE_CHARGEBACK', 2);
/**  
 *  The IP addresses below are ***********'s
 *  servers. Make sure your pingback script
 *  accepts requests from these addresses ONLY.
 *
 */
$ipsWhitelist = array(
    '174.36.92.186',
    '174.36.96.66',
    '174.36.92.187',
    '174.36.92.192',
    '174.37.14.28'
);

/**  
 *  Collect the GET parameters from the request URL
 */
$userId = isset($_GET['uid']) ? $_GET['uid'] : null;
$credits = isset($_GET['currency']) ? $_GET['currency'] : null;
$type = isset($_GET['type']) ? $_GET['type'] : null;
$refId = isset($_GET['ref']) ? $_GET['ref'] : null;
$signature = isset($_GET['sig']) ? $_GET['sig'] : null;
$sign_version = isset($_GET['sign_version']) ? $_GET['sign_version'] : null;

$result = false;

/**  
 *  If there are any errors encountered, the script will list them
 *  in an array.
 */
$errors = array ();

if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) {
    $signatureParams = array();

    /** 
  *  version 1 signature
  */
    if (empty($sign_version) || $sign_version <= 1) {
  $signatureParams = array(
    'uid' => $userId,
    'currency' => $credits,
    'type' => $type,
    'ref' => $refId
  );
    }
    /** 
  *  version 2+ signature
  */
    else {
  $signatureParams = array();
  foreach ($_GET as $param => $value) {    
    $signatureParams[$param] = $value;
  }
  unset($signatureParams['sig']);
    }

    /** 
  *  check if IP is in whitelist and if signature matches    
  */
    $signatureCalculated = calculatePingbackSignature($signatureParams, SECRET, $sign_version);

    /** 
  *  Run the security check -- if the request's origin is one
  *  of ***********'s servers, and if the signature matches
  *  the parameters.
  */
    if (!IP_WHITELIST_CHECK_ACTIVE || in_array($_SERVER['REMOTE_ADDR'], $ipsWhitelist)) {
  if ($signature == $signatureCalculated) {
    $result = true;
    if ($type == CREDIT_TYPE_CHARGEBACK) {
    /** 
  *  Deduct credits from user. Note that currency amount
  *  sent for chargeback is negative, e.g. -5, so be
  *  careful about the sign Don't deduct negative
  *  number, otherwise user will gain credits instead
  *  of losing them
  *
  */
            //editing parts
                $con = new Database("PC-Name\SQLEXPRESS","sa","password","SRO_VT_SHARD") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    } else {
            //editing parts
                $con = new Database("PC-Name","sa","pw","SRO_VT_ACCOUNT") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    // Give credits to user
    }
  } else {
    $errors['signature'] = 'Signature is not valid!';    
  }
    } else {
  $errors['whitelist'] = 'IP not in whitelist!';
    }
} else {
    $errors['params'] = 'Missing parameters!';
}
/**  
 *  Always make sure to echo OK so ***********
 *  will know that the transaction is successful.
 */
if ($result) {
    echo 'OK';
} else {
    echo implode(' ', $errors);
}

/**  
 *  Signature calculation function
 */
function calculatePingbackSignature($params, $secret, $version) {
    $str = '';
    if ($version == 2) {
  ksort($params);
    }
    foreach ($params as $k=>$v) {
  $str .= "$k=$v";
    }
    $str .= $secret;
    return md5($str);
}
class Database
    {
        private $db;
        public function Database($host, $user, $pass, $db) {
            try {
                $this->db = new PDO("mysql:dbname=".$db.";host=".$host.";", $user, $pass);        
            } catch(PDOEXCEPTION $e) {
                die('An error oncorupied! [Code: '.$e->getCode().']!');
            }
        }
        public function runQuery($query) {
            return $this->db->query($query);    
        }
    }
    ?>

[retontoxD]

Quote:

Originally Posted by Twistin**

Yea it allow some ip's to show the script

Try with this one:

Code:

<?php
/*  
 *  Pingback Listener Script
 *  For Virtual Currency API
 *  Copyright (c) 2010-2013 *********** Team
 */
/*  
 *  Define your application-specific options
 */
define('SECRET', 'Your Secret here'); // secret key of your application
define('IP_WHITELIST_CHECK_ACTIVE', false);
define('CREDIT_TYPE_CHARGEBACK', 2);
/**  
 *  The IP addresses below are ***********'s
 *  servers. Make sure your pingback script
 *  accepts requests from these addresses ONLY.
 *
 */
$ipsWhitelist = array(
    '174.36.92.186',
    '174.36.96.66',
    '174.36.92.187',
    '174.36.92.192',
    '174.37.14.28'
);

/**  
 *  Collect the GET parameters from the request URL
 */
$userId = isset($_GET['uid']) ? $_GET['uid'] : null;
$credits = isset($_GET['currency']) ? $_GET['currency'] : null;
$type = isset($_GET['type']) ? $_GET['type'] : null;
$refId = isset($_GET['ref']) ? $_GET['ref'] : null;
$signature = isset($_GET['sig']) ? $_GET['sig'] : null;
$sign_version = isset($_GET['sign_version']) ? $_GET['sign_version'] : null;

$result = false;

/**  
 *  If there are any errors encountered, the script will list them
 *  in an array.
 */
$errors = array ();

if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) {
    $signatureParams = array();

    /** 
  *  version 1 signature
  */
    if (empty($sign_version) || $sign_version <= 1) {
  $signatureParams = array(
    'uid' => $userId,
    'currency' => $credits,
    'type' => $type,
    'ref' => $refId
  );
    }
    /** 
  *  version 2+ signature
  */
    else {
  $signatureParams = array();
  foreach ($_GET as $param => $value) {    
    $signatureParams[$param] = $value;
  }
  unset($signatureParams['sig']);
    }

    /** 
  *  check if IP is in whitelist and if signature matches    
  */
    $signatureCalculated = calculatePingbackSignature($signatureParams, SECRET, $sign_version);

    /** 
  *  Run the security check -- if the request's origin is one
  *  of ***********'s servers, and if the signature matches
  *  the parameters.
  */
    if (!IP_WHITELIST_CHECK_ACTIVE || in_array($_SERVER['REMOTE_ADDR'], $ipsWhitelist)) {
  if ($signature == $signatureCalculated) {
    $result = true;
    if ($type == CREDIT_TYPE_CHARGEBACK) {
    /** 
  *  Deduct credits from user. Note that currency amount
  *  sent for chargeback is negative, e.g. -5, so be
  *  careful about the sign Don't deduct negative
  *  number, otherwise user will gain credits instead
  *  of losing them
  *
  */
            //editing parts
                $con = new Database("PC-Name\SQLEXPRESS","sa","password","SRO_VT_SHARD") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    } else {
            //editing parts
                $con = new Database("PC-Name","sa","pw","SRO_VT_ACCOUNT") OR DIE('Cannot connect to the Database Connector');
                  $query = $con->runQuery("SELECT `row` FROM `table` WHERE `userid row` = '".$userId."';");
        if($query->rowCount() != 0) {
                while($row = $query->fetch(PDO::FETCH_ASSOC)) {
        $final = $row['row'] + $credits;
        $con->runQuery("UPDATE `table` SET `row` = '{$final}' WHERE `userid` = '{$userId}'");
        }
        $con = null;
    }
    // Give credits to user
    }
  } else {
    $errors['signature'] = 'Signature is not valid!';    
  }
    } else {
  $errors['whitelist'] = 'IP not in whitelist!';
    }
} else {
    $errors['params'] = 'Missing parameters!';
}
/**  
 *  Always make sure to echo OK so ***********
 *  will know that the transaction is successful.
 */
if ($result) {
    echo 'OK';
} else {
    echo implode(' ', $errors);
}

/**  
 *  Signature calculation function
 */
function calculatePingbackSignature($params, $secret, $version) {
    $str = '';
    if ($version == 2) {
  ksort($params);
    }
    foreach ($params as $k=>$v) {
  $str .= "$k=$v";
    }
    $str .= $secret;
    return md5($str);
}
class Database
    {
        private $db;
        public function Database($host, $user, $pass, $db) {
            try {
                $this->db = new PDO("mysql:dbname=".$db.";host=".$host.";", $user, $pass);        
            } catch(PDOEXCEPTION $e) {
                die('An error oncorupied! [Code: '.$e->getCode().']!');
            }
        }
        public function runQuery($query) {
            return $this->db->query($query);    
        }
    }
    ?>

[Twistin**]

Request

Quote:

GET HTTP/1.1
Host: xxxx-online.com
Connection: close
Accept-encoding: gzip, deflate
User-Agent: *********** API

Response

Quote:

HTTP/1.0 200 OK
Server: cloudflare-nginx
Date: Sat, 01 Feb 2014 02:54:42 GMT
Content-type: text/html
Set-cookie: __cfduid=d73be144a20fa54a7bdfdecaa195ff97913912232 82108; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xxxx-online.com; HttpOnly
Vary: Accept-Encoding
X-powered-by: ASP.NET
X-powered-by-plesk: PleskWin
Cf-ray: f5b5bc92e450944-DFW
Content-encoding: gzip
Connection: close

Missing parameters!