Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-10-13 18:04:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Paygol IPN update (#306)

Browse Source 
* Update config.php and paygol_ipn for secret key

* Align values

* Character encoding fix
This commit is contained in:
Alvaro Carvajal
2017-09-28 14:00:18 +02:00
committed by Stefan A. Brannfjell
parent 5ec2bd2461
commit 64040451a7
2 changed files with 19 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
paygol_ipn.php
View File

@@ -2,13 +2,6 @@
require 'config.php';
require 'engine/database/connect.php';
// check that the request comes from PayGol server
if(!in_array($_SERVER['REMOTE_ADDR'],
array('109.70.3.48', '109.70.3.146', '109.70.3.58'))) {
header("HTTP/1.0 403 Forbidden");
die("Error: Unknown IP");
}
// Fetch and sanitize POST and GET values
function getValue($value) {
return (!empty($value)) ? sanitize($value) : false;
@@ -23,17 +16,24 @@ $service_id = getValue($_GET['service_id']);
$shortcode = getValue($_GET['shortcode']);
$keyword = getValue($_GET['keyword']);
$message = getValue($_GET['message']);
$sender = getValue($_GET['sender']);
$sender = getValue($_GET['sender']);
$operator = getValue($_GET['operator']);
$country = getValue($_GET['country']);
$custom = getValue($_GET['custom']);
$points = getValue($_GET['points']);
$price = getValue($_GET['price']);
$custom = getValue($_GET['custom']);
$points = getValue($_GET['points']);
$price = getValue($_GET['price']);
$currency = getValue($_GET['currency']);
$secret = getValue($_GET['secret']);
// config paygol settings
$paygol = $config['paygol'];
// Check for valid secret key
if($secret != $paygol['secret']) {
header("HTTP/1.0 403 Forbidden");
die("Error: secretKey does not match.");
}
// Check if request serviceID is the same as it is in config
if($service_id != $paygol['serviceID']) {
header("HTTP/1.0 403 Forbidden");
@@ -41,12 +41,15 @@ if($service_id != $paygol['serviceID']) {
}
$new_points = $paygol['points'];
// Update logs:
mysql_insert("INSERT INTO `znote_paygol` VALUES ('', '$custom', '$price', '$new_points', '$message_id', '$service_id', '$shortcode', '$keyword', '$message', '$sender', '$operator', '$country', '$currency')");
// Fetch points
$account = mysql_select_single("SELECT `points` FROM `znote_accounts` WHERE `account_id`='$custom';");
// Calculate new points
$new_points = $account['points'] + $new_points;
// Update new points
mysql_update("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$custom'");
?>
mysql_update("UPDATE `znote_accounts` SET `points`='$new_points' WHERE `account_id`='$custom'");