Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Server Development
Habbo Retros
Habbo Releases
[PayPal IPN] Automatic Shopping System
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="MasterJiq" data-source="post: 397077" data-attributes="member: 69646"><p>I don't find any email actually, just find " payer_mail " ?</p><p>[CODE]<?php</p><p>header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");</p><p>header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");</p><p>header("Cache-Control: no-store, no-cache, must-revalidate");</p><p>header("Cache-Control: post-check=0, pre-check=0", false);</p><p>header("Pragma: no-cache");</p><p></p><p>//header("HTTP/1.1 200 OK");</p><p></p><p>use PayPalIPN;</p><p></p><p>$ipn = new PayPalIPN();</p><p></p><p>$orderPlaced = true;</p><p></p><p>// Set the response array</p><p>$response = ['status' => 'false', 'title' => 'Payment Error', 'message' => ''];</p><p></p><p>$verified = $ipn->verifyIPN();</p><p>if($verified) {</p><p> $username = Users::$Session->Name;</p><p></p><p> // Payment has been verified, so get details</p><p> $payer_email = $_POST['payer_email'];</p><p> $verify_sign = $_POST['verify_sign'];</p><p> $txn_id = $_POST['txn_id'];</p><p> $payment_date = $_POST['payment_date'];</p><p> $package = $_POST['item_number'];</p><p> $amount = $_POST['payment_gross'];</p><p> $item_name = $_POST['item_name'];</p><p></p><p> // Make sure the transaction id has not already been used</p><p> $stmt = CMS::$MySql->Query("SELECT `id` FROM `cms_transactions` WHERE `transaction_id` = :tid LIMIT 1");</p><p> $stmt->bindParam(':tid', $txn_id, $db->PARAM_STR);</p><p> $stmt->execute();</p><p></p><p> if($stmt->rowCount() < 1) {</p><p> // If the transaction id has not been used, match the package id against the one in db.</p><p> $stmt = CMS::$MySql->Query("SELECT `diamonds` FROM `cms_diamond_packages` WHERE `id` = :id AND `price` = :a LIMIT 1");</p><p> $stmt->bindParam(':id', $package, $db->PARAM_INT);</p><p> $stmt->bindParam(':a', $amount, $db->PARAM_STR);</p><p> $stmt->execute();</p><p> </p><p> if($stmt->rowCount() > 0) {</p><p> $diamonds = $stmt->fetchColumn();</p><p> </p><p> // Payment has been successfully placed, insert it into the transactions table.</p><p> $stmt = CMS::$MySql->Query("INSERT INTO `cms_transactions` (`user_id`,`gateway`,`transaction_id`,`amount`,`package`,`email`,`nonce`,`purchase_date`) VALUES (:uid,:g,:tid,:a,:p,:e,:n,:d)");</p><p> $data = [</p><p> ':uid' => Users::$Session->Data['id'],</p><p> ':g' => 'paypal',</p><p> ':tid' => $txn_id,</p><p> ':a' => $amount,</p><p> ':p' => $package,</p><p> ':e' => $payer_email,</p><p> ':n' => $verify_sign,</p><p> ':d' => NULL</p><p> ];</p><p> $stmt->execute($data);</p><p> </p><p> // Give user paid currencies or VIP</p><p> $users->updateUser($uid, 'diamonds', ($users->getUserInfo($uid, 'diamonds') + $diamonds));</p><p> if(!$users->hasBadge($uid, 'SDB01')) // If user doesn't have badge give it to them</p><p> $users->giveUserBadge($uid, 'SDB01');</p><p> </p><p> // Set response to success</p><p> $response['status'] = "true";</p><p> $response['title'] = "Payment Success";</p><p> $response['message'] = 'You have successfully bought '.$diamonds.' <img src="'.$url.'/static/img/diamonds.png" />.<br /> You can buy all sorts of things with diamonds. Visit our other shops to buy credits, duckets, rares, boxes, VIP etc.';</p><p> </p><p> // Put log as success</p><p> $ipn->putLog("SUCCESS", json_encode($_POST, true));</p><p> $ipn->putLog("SUCCESS", "User {$username} has successfully bought package {$package} containing {$diamonds} with a price of {$amount} using payer email {$payer_email} on {$payment_date} with ID: {$txn_id}");</p><p> } else {</p><p> // Put log as the user trying to exploit the system by changing price for a package</p><p> $response['message'] = "Package ID doesn't match its pricetag: {$verified}";</p><p> $ipn->putLog("ERROR", "User {$username} tried to spoof {$package} with price {$amount} using transaction id {$txn_id} with payer email {$payer_email} on {$payment_date}.");</p><p> }</p><p> } else {</p><p> // User tried to duplicate this package, set the response and put the error log</p><p> $response['message'] = "You have already bought a package using this Transaction ID once <b>{$txn_id}</b>.";</p><p> $ipn->putLog("ERROR", "User {$username} tried to duplicate package {$package} using transaction id {$txn_id} with payer email {$payer_email} on {$payment_date}.");</p><p> }</p><p>} else {</p><p> $orderPlaced = false;</p><p>}</p><p> ?>[/CODE]</p></blockquote><p></p>
[QUOTE="MasterJiq, post: 397077, member: 69646"] I don't find any email actually, just find " payer_mail " ? [CODE]<?php header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); //header("HTTP/1.1 200 OK"); use PayPalIPN; $ipn = new PayPalIPN(); $orderPlaced = true; // Set the response array $response = ['status' => 'false', 'title' => 'Payment Error', 'message' => '']; $verified = $ipn->verifyIPN(); if($verified) { $username = Users::$Session->Name; // Payment has been verified, so get details $payer_email = $_POST['payer_email']; $verify_sign = $_POST['verify_sign']; $txn_id = $_POST['txn_id']; $payment_date = $_POST['payment_date']; $package = $_POST['item_number']; $amount = $_POST['payment_gross']; $item_name = $_POST['item_name']; // Make sure the transaction id has not already been used $stmt = CMS::$MySql->Query("SELECT `id` FROM `cms_transactions` WHERE `transaction_id` = :tid LIMIT 1"); $stmt->bindParam(':tid', $txn_id, $db->PARAM_STR); $stmt->execute(); if($stmt->rowCount() < 1) { // If the transaction id has not been used, match the package id against the one in db. $stmt = CMS::$MySql->Query("SELECT `diamonds` FROM `cms_diamond_packages` WHERE `id` = :id AND `price` = :a LIMIT 1"); $stmt->bindParam(':id', $package, $db->PARAM_INT); $stmt->bindParam(':a', $amount, $db->PARAM_STR); $stmt->execute(); if($stmt->rowCount() > 0) { $diamonds = $stmt->fetchColumn(); // Payment has been successfully placed, insert it into the transactions table. $stmt = CMS::$MySql->Query("INSERT INTO `cms_transactions` (`user_id`,`gateway`,`transaction_id`,`amount`,`package`,`email`,`nonce`,`purchase_date`) VALUES (:uid,:g,:tid,:a,:p,:e,:n,:d)"); $data = [ ':uid' => Users::$Session->Data['id'], ':g' => 'paypal', ':tid' => $txn_id, ':a' => $amount, ':p' => $package, ':e' => $payer_email, ':n' => $verify_sign, ':d' => NULL ]; $stmt->execute($data); // Give user paid currencies or VIP $users->updateUser($uid, 'diamonds', ($users->getUserInfo($uid, 'diamonds') + $diamonds)); if(!$users->hasBadge($uid, 'SDB01')) // If user doesn't have badge give it to them $users->giveUserBadge($uid, 'SDB01'); // Set response to success $response['status'] = "true"; $response['title'] = "Payment Success"; $response['message'] = 'You have successfully bought '.$diamonds.' <img src="'.$url.'/static/img/diamonds.png" />.<br /> You can buy all sorts of things with diamonds. Visit our other shops to buy credits, duckets, rares, boxes, VIP etc.'; // Put log as success $ipn->putLog("SUCCESS", json_encode($_POST, true)); $ipn->putLog("SUCCESS", "User {$username} has successfully bought package {$package} containing {$diamonds} with a price of {$amount} using payer email {$payer_email} on {$payment_date} with ID: {$txn_id}"); } else { // Put log as the user trying to exploit the system by changing price for a package $response['message'] = "Package ID doesn't match its pricetag: {$verified}"; $ipn->putLog("ERROR", "User {$username} tried to spoof {$package} with price {$amount} using transaction id {$txn_id} with payer email {$payer_email} on {$payment_date}."); } } else { // User tried to duplicate this package, set the response and put the error log $response['message'] = "You have already bought a package using this Transaction ID once <b>{$txn_id}</b>."; $ipn->putLog("ERROR", "User {$username} tried to duplicate package {$package} using transaction id {$txn_id} with payer email {$payer_email} on {$payment_date}."); } } else { $orderPlaced = false; } ?>[/CODE] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Server Development
Habbo Retros
Habbo Releases
[PayPal IPN] Automatic Shopping System
Top