Skull-Crusher
New Member
- Joined
- Sep 23, 2013
- Messages
- 9
- Reaction score
- 0
Greetins,
As the titles speaks. My players do not get their points when they donate.
I already tested "test" and i received my points.
As the titles speaks. My players do not get their points when they donate.
I already tested "test" and i received my points.
PHP:
<?php
// Require the functions to connect to database and fetch config values
require 'config.php';
require 'engine/database/connect.php';
// Fetch paygol configurations
$paygol = $config['paygol'];
// check that the request comes from PayGol server
if(!in_array($_SERVER['REMOTE_ADDR'],
array('109.70.3.48', '109.70.3.146', '109.70.3.58', '31.45.23.9'))) {
header("HTTP/1.0 403 Forbidden");
die("Error: Unknown IP");
}
// get the variables from PayGol system
$message_id = $_GET['message_id'];
$service_id = $_GET['service_id'];
$shortcode = $_GET['shortcode'];
$keyword = $_GET['keyword'];
$message = $_GET['message'];
$sender = $_GET['sender'];
$operator = $_GET['operator'];
$country = $_GET['country'];
$custom = $_GET['custom'];
$points = $_GET['points'];
$price = $_GET['price'];
$currency = $_GET['currency'];
// FUNCTIONS
function sanitize($data)/* Security reasons */ {
return htmlentities(strip_tags(mysql_real_escape_string($data)));
}
function user_data($user_id)/* account data */ {
$data = array();
$user_id = sanitize($user_id);
$func_num_args = func_num_args();
$func_get_args = func_get_args();
if ($func_num_args > 1) {
unset($func_get_args[0]);
$fields = '`'. implode('`, `', $func_get_args) .'`';
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `accounts` WHERE `id` = $user_id;"));
return $data;
}
}
// Since only paygol.com is able to communicate with this script, we will blindly trust them until proven othervise.
if ($service_id == $paygol['serviceID']) {
$new_points = (int)$paygol['points'];
$data = user_data($custom, 'name');
if ($data['name']) {
// Sanitize all data: (ok, we do not completely trust them blindly. D:)
$message_id = sanitize($message_id);
$service_id = sanitize($service_id);
$shortcode = sanitize($shortcode);
$keyword = sanitize($keyword);
$message = sanitize($message);
$sender = sanitize($sender);
$operator = sanitize($operator);
$country = sanitize($country);
$custom = sanitize($custom);
$points = sanitize($points);
$price = sanitize($price);
$currency = sanitize($currency);
// Update logs:
$log_query = mysql_query("INSERT INTO `znote_paygol` VALUES ('', '$custom', '$price', '$new_points', '$message_id', '$service_id', '$shortcode', '$keyword', '$message', '$sender', '$operator', '$country', '$currency')")or die("Log paygol SQL ERROR");
// Give points to user
$old_points = mysql_result(mysql_query("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$custom';"), 0, 'points');
echo 'Custom: '. $custom .'<br>';
echo "Query: SELECT `points` FROM `znote_accounts` WHERE `account_id`='$custom';<br>";
echo 'Old points: '. $old_points .'<br>';
$new_points += $old_points;
echo 'New points: '. $new_points .'<br>';
$update_account = mysql_query("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$custom'")or die(mysql_error());
echo 'Account id 2 shold be updated now!';
} else echo ' character data false';
} else echo 'service id wrong';
?>
PHP:
BUYPOINTS
<?php require_once 'engine/init.php';
protect_page();
include 'layout/overall/header.php';
// Import from config:
$paypal = $config['paypal'];
$prices = $config['paypal_prices'];
if ($paypal['enabled']) {
?>
<h1>Buy Points</h1>
<h2>Buy points using Paypal:</h2>
<table id="buypointsTable">
<tr class="yellow">
<td>Price:</td>
<td>Points:</td>
<?php if ($paypal['showBonus']) { ?>
<td>Bonus:</td>
<?php } ?>
<td>Action:</td>
</tr>
<?php
foreach ($prices as $price => $points) {
echo '<tr class="special">';
echo '<td>'. $price .'('. $paypal['currency'] .')</td>';
echo '<td>'. $points .'</td>';
if ($paypal['showBonus']) echo '<td>'. calculate_discount(($paypal['points_per_currency'] * $price), $points) .' bonus</td>';
?>
<td>
<form action="https://www.paypal.com/cgi-bin/webscr" method="POST">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<?php echo $paypal['email']; ?>">
<input type="hidden" name="item_name" value="<?php echo $points .' shop points on '. $config['site_title']; ?>">
<input type="hidden" name="item_number" value="1">
<input type="hidden" name="amount" value="<?php echo $price; ?>">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="<?php echo $paypal['currency']; ?>">
<input type="hidden" name="lc" value="GB">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="hidden" name="return" value="<?php echo $paypal['success']; ?>">
<input type="hidden" name="cancel_return" value="<?php echo $paypal['failed']; ?>">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="notify_url" value="<?php echo $paypal['ipn']; ?>" />
<input type="hidden" name="custom" value="<?php echo sanitize($_SESSION['user_id']).'!'.$price.'!'.$points; ?>">
<input type="submit" value=" PURCHASE ">
</form>
</td>
<?php
echo '</tr>';
}
?>
</table>
<?php } ?>
<?php
if ($config['paygol']['enabled'] == true) {
?>
<!-- PayGol Form using Post method -->
<h2>Buy points using Paygol:</h2>
<?php $paygol = $config['paygol']; ?>
<p><?php echo $paygol['price'] ." ". $paygol['currency'] ."~ for ". $paygol['points'] ." points:"; ?></p>
<form name="pg_frm" method="post" action="http://www.paygol.com/micropayment/paynow" >
<input type="hidden" name="pg_serviceid" value="<?php echo $paygol['serviceID']; ?>">
<input type="hidden" name="pg_currency" value="<?php echo $paygol['currency']; ?>">
<input type="hidden" name="pg_name" value="<?php echo $paygol['name']; ?>">
<input type="hidden" name="pg_custom" value="<?php echo $session_user_id; ?>">
<input type="hidden" name="pg_price" value="<?php echo $paygol['price']; ?>">
<input type="hidden" name="pg_return_url" value="<?php echo $paygol['returnURL']; ?>">
<input type="hidden" name="pg_cancel_url" value="<?php echo $paygol['cancelURL']; ?>">
<input type="hidden" name="pg_notify" value="<?php echo $paygol['ipnURL']; ?>">
<input type="image" name="pg_button" src="http://www.paygol.com/micropayment/img/buttons/150/black_en_pbm.png" border="0" alt="Make payments with PayGol: the easiest way!" title="Make payments with PayGol: the easiest way!" >
</form>
<?php }
if (!$config['paypal']['enabled'] && !$config['paygol']['enabled']) echo '<h1>Buy Points system disabled.</h1><p>Sorry, this functionality is disabled.</p>';
include 'layout/overall/footer.php'; ?>
Last edited:
