• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • If you're using Gesior 2012 or MyAAC, please review this thread for information about a serious security vulnerability and a fix.

Znote - Sometimes some players are not getting Points

Status
Not open for further replies.

Paco

Member
Premium User
Joined
Jan 4, 2009
Messages
256
Reaction score
87
Location
Zapotlán del Rey, Jalisco, México.
No errors, nothing. They just don't get points.
It happends sometimes with some characters. Everything is configured properly, including IPN.

What this could be? Any paypal changes or something?
 
Solution
I have no clue, please help x'D
Post automatically merged:

@Znote Help? xD

ip_in_range function taken from:

PHP:
function ip_in_range( $ip, $range ) {
    if ( strpos( $range, '/' ) === false ) {
        $range .= '/32';
    }
    // $range is in IP/CIDR format eg 127.0.0.1/24
    list( $range, $netmask ) = explode( '/', $range, 2 );
    $range_decimal = ip2long( $range );
    $ip_decimal = ip2long( $ip );
    $wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
    $netmask_decimal = ~ $wildcard_decimal;
    return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
}

$paypal_ip_ranges = array(
    "173.0.81.65",
    "173.0.81.140",
    "64.4.240.0/21"...

Olddies

Classicot.com
Joined
Nov 21, 2009
Messages
1,160
Solutions
12
Reaction score
294
Location
Rep.Dom
No errors, nothing. They just don't get points.
It happends sometimes with some characters. Everything is configured properly, including IPN.

What this could be? Any paypal changes or something?
You need to add the new ips from paypal ipn
New ips

Lua:
173.0.81.65
173.0.81.140
64.4.240.0/21
64.4.248.0/22
66.211.168.0/22
173.0.80.0/20
91.243.72.0/23
 
Last edited:
OP
OP
Paco

Paco

Member
Premium User
Joined
Jan 4, 2009
Messages
256
Reaction score
87
Location
Zapotlán del Rey, Jalisco, México.
On the file ipn.php
Lua:
if (gethostbyaddr($_SERVER['REMOTE_ADDR']) !== 'notify.paypal.com') {
        exit();
    }

Something like?


PHP:
if (gethostbyaddr($_SERVER['REMOTE_ADDR']) !== 'notify.paypal.com') {
173.0.81.65;
173.0.81.140;
64.4.240.0/21;
64.4.248.0/22;
66.211.168.0/22;
173.0.80.0/20;
91.243.72.0/23;
    exit();
    }

I'm new at php xD
 
Last edited:

Olddies

Classicot.com
Joined
Nov 21, 2009
Messages
1,160
Solutions
12
Reaction score
294
Location
Rep.Dom
Im not good neither but i saw in gesior paypal ipn so it should work the same way change the ips to the one i send before
Lua:
if (gethostbyaddr($_SERVER['REMOTE_ADDR']) !== 'notify.paypal.com' && !== '0.0.0.0' && !== '0.0.0.0') {
Post automatically merged:

Something like?


PHP:
if (gethostbyaddr($_SERVER['REMOTE_ADDR']) !== 'notify.paypal.com') {
173.0.81.65;
173.0.81.140;
64.4.240.0/21;
64.4.248.0/22;
66.211.168.0/22;
173.0.80.0/20;
91.243.72.0/23;
    exit();
    }

I'm new at php xD
 
OP
OP
Paco

Paco

Member
Premium User
Joined
Jan 4, 2009
Messages
256
Reaction score
87
Location
Zapotlán del Rey, Jalisco, México.
Im not good neither but i saw in gesior paypal ipn so it should work the same way change the ips to the one i send before
Lua:
if (gethostbyaddr($_SERVER['REMOTE_ADDR']) !== 'notify.paypal.com' && !== '0.0.0.0' && !== '0.0.0.0') {
Post automatically merged:
K gonna autobuy myself some points and test xD

Thank you so much buddy
Post automatically merged:

@Olddies

PHP:
if (gethostbyaddr($_SERVER['REMOTE_ADDR']) !== 'notify.paypal.com' && !== '173.0.81.65' && !== '173.0.81.140' && !== '64.4.240.0/21' && !== '64.4.248.0/22' && !== '66.211.168.0/22' && !== '173.0.80.0/20' && !== '91.243.72.0/23') {
        exit();
    }

Didn't worked :S
 
Last edited:

Snavy

Bakasta
Senator
Joined
Apr 1, 2012
Messages
1,249
Solutions
71
Reaction score
607
Location
Hell
I believe you will also need to verify $_SERVER['REMOTE_ADDR'] against the IPN ip ranges. Take a look at the following answer from SO.
 
OP
OP
Paco

Paco

Member
Premium User
Joined
Jan 4, 2009
Messages
256
Reaction score
87
Location
Zapotlán del Rey, Jalisco, México.
I believe you will also need to verify $_SERVER['REMOTE_ADDR'] against the IPN ip ranges. Take a look at the following answer from SO.
I have no clue, please help x'D
Post automatically merged:

@Znote Help? xD
 
Last edited:

Snavy

Bakasta
Senator
Joined
Apr 1, 2012
Messages
1,249
Solutions
71
Reaction score
607
Location
Hell
I have no clue, please help x'D
Post automatically merged:

@Znote Help? xD

ip_in_range function taken from:

PHP:
function ip_in_range( $ip, $range ) {
    if ( strpos( $range, '/' ) === false ) {
        $range .= '/32';
    }
    // $range is in IP/CIDR format eg 127.0.0.1/24
    list( $range, $netmask ) = explode( '/', $range, 2 );
    $range_decimal = ip2long( $range );
    $ip_decimal = ip2long( $ip );
    $wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
    $netmask_decimal = ~ $wildcard_decimal;
    return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
}

$paypal_ip_ranges = array(
    "173.0.81.65",
    "173.0.81.140",
    "64.4.240.0/21",
    "64.4.248.0/22",
    "66.211.168.0/22",
    "173.0.80.0/20",
    "91.243.72.0/23"
);

$verified = false;
for($i = 0; $i < count($paypal_ip_ranges); $i++) {
    if(ip_in_range($_SERVER["REMOTE_ADDR"], $paypal_ip_ranges[$i])) {
        $verified = true;
        break;
    }
}

echo "IP was verified ? " . ($verified ? "true":"false");

if(!$verified) {
    exit();
}
 
Solution
OP
OP
Paco

Paco

Member
Premium User
Joined
Jan 4, 2009
Messages
256
Reaction score
87
Location
Zapotlán del Rey, Jalisco, México.
ip_in_range function taken from:

PHP:
function ip_in_range( $ip, $range ) {
    if ( strpos( $range, '/' ) === false ) {
        $range .= '/32';
    }
    // $range is in IP/CIDR format eg 127.0.0.1/24
    list( $range, $netmask ) = explode( '/', $range, 2 );
    $range_decimal = ip2long( $range );
    $ip_decimal = ip2long( $ip );
    $wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
    $netmask_decimal = ~ $wildcard_decimal;
    return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
}

$paypal_ip_ranges = array(
    "173.0.81.65",
    "173.0.81.140",
    "64.4.240.0/21",
    "64.4.248.0/22",
    "66.211.168.0/22",
    "173.0.80.0/20",
    "91.243.72.0/23"
);

$verified = false;
for($i = 0; $i < count($paypal_ip_ranges); $i++) {
    if(ip_in_range($_SERVER["REMOTE_ADDR"], $paypal_ip_ranges[$i])) {
        $verified = true;
        break;
    }
}

echo "IP was verified ? " . ($verified ? "true":"false");

if(!$verified) {
    exit();
}
Thank you so much. I tested two times and it worked. I'll make a special mention for your help in my website and social medias.
 
Status
Not open for further replies.
Top