PHP SYSTEM Buy Silk Automic
I take this php code from Paradise website and i want use in mine
But for buy i need be logged and i not use paradise website
Can someone put a text area to write login name and sell? thanks
PHP Code:
<div class="reg-form">
<?php
if(!isset($_SESSION)){
session_start();
}
if (isset($_SESSION['name'])) {
$userID = $_SESSION['name'];
}
else {
header("location:./../?notLoggedIn");
}
print "Silk will be added to user: ".$userID;
?>
<p>Choose silk amount:</p>
<form name="_xclick" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_donations">
<input type="hidden" name="business" value="yourmail@hotmail.com">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="custom" value="<?php echo($userID);?>">
<input type="hidden" name="item_name" value="Paradise Silkroad Silk donation">
<select name='amount'>
<option value='10' name='1 x 300 Silk (USD 7.00)'> 1 x 300 Silk (USD 10.00)
<option value='15' name='1 x 500 Silk (USD 11.00)'> 1 x 500 Silk (USD 15.00)
<option value='20' name='1 x 700 Silk (USD 15.00)'> 1 x 700 Silk (USD 20.00)
<option value='24' name='1 x 1000 Silk (USD 18.00)'>1 x 1000 Silk (USD 24.00)
<option value='30' name='1 x 1500 Silk (USD 22.00)'>1 x 1500 Silk (USD 30.00)
</select><br /><br />
<input type="hidden" name="return" value="http://sroparadise.org/?donateDone">
<input type="hidden" name="notify_url" value="http://sroparadise.org/pp/ipn.php">
<input style="width: 99px;vertical-alignt:midle;border-radius:14;" type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" name="submit" alt="PayPal - The safer, easier way to pay online!" />
</form>
</div>
<div class="TOS">
<b>Before donating please make sure you agree our terms of service:</b>
<textarea style="border: #3E3E3E 1px solid;border-radius:6px;font-weight:bold:font-family:Tahoma;color:#3e3e3e;background:none;width:595px;height:300px;text-align:left;padding-top:5px; padding-left:5px;" READONLY style="background:transparent; color:white; border:none;">
No one from Joymax,
associated with Joymax or any such affiliated company or anyone directed by Joymax or its Related companies is permitted
to enter these web sites or view any content contained within these sites at any time what so ever due to controversial
reasons.
1. Acceptance of Terms of Use and Amendments
Each time you use or cause access to this web site or services, you agree to be bound by these Terms of Use, and as
amended from time to time with or without notice to you. In addition, if you are using a particular service on or through
this web site, you will be subject to any rules or guidelines applicable to those services and they shall be incorporated
by reference into these Terms of Use.
2. Our Service
Our web site and services provided to you on and through our web site on an AS IS basis. You agree that the owners of
this web site exclusively reserve the right and may, at any time and without notice and any liability to you, modify or
discontinue this web site and its services or delete the data you provide, whether temporarily or permanently. We shall
have no responsibility or liability for the timeliness, deletion, failure to store, inaccuracy, or improper delivery of
any data or information.
3. Your Responsibilities and Registration Obligations
In order to use this web site, you must register on our site, and agree to provide truthful information when requested.
When registering, you explicitly agree to our Terms of Use and as may be modified by us at any time. Exchanging accounts,
donation items, or characters is not allowed. You are solely responsible for your account. If your account has been
banned because it was being used by someone else, you will not be unbanned. Characters that are deleted will be
permanently removed, and will not be restored.
4. Registration and Password
You are responsible to maintain the confidentiality of your password and shall be responsible for all uses via your
registration and/or login, whether authorized or unauthorized by you. You agree to immediately notify us of any
unauthorized use or your registration, user account or password.
5. Cheating
Cheating is defined as any attempt to give yourself an advantage over players that does not follow the spirit of the
game. Any player caught cheating will be banned. We reserve the right to deny any person access to the services on this
website at our discretion.
6. Donations
Please take a moment to review these rules detailed below. If you agree with them, then you may proceed with entering the
website. No one from Joymax, associated with Joymax or any such affiliated company or anyone directed by Joymax or its
related companies is permitted to enter these web sites or view any content contained within these sites at any time what
so ever due to controversial reasons. You agree to give up all legal rights towards sroparadise when donating.
Definitions and Interpretations
"Donation" or "Donate" is a legacy term whose current use means generically any purchase or exchange of money
facilitated by sroparadise, regardless of intent to receive a product or service in return.
"Get it" means any exchange of funds for which entry into the sroparadise Members Club is given. This term is used
interchangeably with the term "donation".
"User" or "Users" means any third party that accesses the web site and is not employed by sroparadise and acting in
the course of their employment.
"Paradise Silkroad Members Club" means an exclusive group of users of the web site who have obtained exclusive and
special status through their support or help. Members of this club may obtain special privileges, status, and/or access
to web site store products or services. Any special treatment or access to web site store access is not meant to be
inferred as a direct purchase of these items, but instead as an indirect expression of gratitude from the web site for
entry into the club. The direct reward is recognition of membership on the web site's forum.
"Web Site" means the website that you are currently using www.sroparadise.org any sub-domains and subdomains of this
site unless expressly excluded by their own terms and conditions.
Refunds
sroparadise will not provide refunds under any circumstances. Membership in the sroparadise Members Club is voluntary, and if
a user does not wish to be a member, should not seek entry. If you are banned due to violation of our player rules, you
will not get a refund. If you do not favor the service, you will not get a refund. If you don't have any proof of your
donation, you will not get a refund. You may appeal your case regarding your donation on the forums by PM to a member of
Management, and we will review your case, but we do not guarantee that you will receive any additional sroparadise Members
Club rewards. It's not required for you to make a donation or join the club to enjoy the full experience of sroparadise;
it's completely optional and is done at your own risk.
Exchange
If you for any reason have Reward shop item(s) damaged, broken, lost, etc... you will not receive an exchange.
7. Indemnification
You agree to indemnify and hold us harmless, our subsidiaries, affiliates, related parties, officers, directors,
employees, agents, independent contractors, advertisers, partners, and co-branders from any claim or demand, including
reasonable attorney's fees, that may be made by any third party, that is due to or arising out of your conduct or
connection with this web site or service, your provision of Content, your violation of this Terms of Use or any other
violation of the rights of another person or party.
8. Disclaimer of warranties
YOU UNDERSTAND AND AGREE THAT YOUR USE OF THIS WEB SITE AND ANY SERVICES OR CONTENT PROVIDED (THE SERVICE) IS MADE
AVAILABLE AND PROVIDED TO YOU AT YOUR OWN RISK. IT IS PROVIDED TO YOU AS IS AND WE EXPRESSLY DISCLAIM ALL WARRANTIES OF
ANY KIND, IMPLIED OR EXPRESS, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, AND NON-INFRINGEMENT. WE MAKE NO WARRANTY, IMPLIED OR EXPRESS, THAT ANY PART OF THE SERVICE WILL BE
UNINTERRUPTED, ERROR-FREE, VIRUS-FREE, TIMELY, SECURE, ACCURATE, RELIABLE, OF ANY QUALITY, NOR THAT ANY CONTENT IS SAFE
IN ANY MANNER FOR DOWNLOAD. YOU UNDERSTAND AND AGREE THAT NEITHER US NOR ANY PARTICIPANT IN THE SERVICE PROVIDES
PROFESSIONAL ADVICE OF ANY KIND AND THAT USE OF SUCH ADVICE OR ANY OTHER INFORMATION IS SOLELY AT YOUR OWN RISK AND
WITHOUT OUR LIABILITY OF ANY KIND. Some jurisdictions may not allow disclaimers of implied warranties and the above
disclaimer may not apply to you only as it relates to implied warranties.
9. Limitation of Liability
YOU EXPRESSLY UNDERSTAND AND AGREE THAT WE SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL,
CONSEQUENTIAL OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO; DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA OR
OTHER INTANGIBLE LOSS (EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES), RESULTING FROM OR ARISING OUT OF
(I) THE USE OF OR THE INABILITY TO USE THE SERVICE, (II) THE COST TO OBTAIN SUBSTITUTE GOODS AND/OR SERVICES RESULTING
FROM ANY TRANSACTION ENTERED INTO ON THROUGH THE SERVICE, (III) UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR DATA
TRANSMISSIONS, (IV) STATEMENTS OR CONDUCT OF ANY THIRD PARTY ON THE SERVICE, OR (V) ANY OTHER MATTER RELATING TO THE
SERVICE. Note that by accepting the terms in the document, you are also waiving your right, to take any action, legal or
otherwise, against anyone or anything related to sroparadise. Please remember that we are not responsible for any messages
posted. We do not vouch for or warrant the accuracy, completeness or usefulness of any message, and are not responsible
for the contents of any message. The messages express the views of the author of the message, not necessarily the views
of this bulletin board. Any user who feels that a posted message is objectionable is encouraged to contact us immediately
by email. We have the ability to remove objectionable messages and we will make every effort to do so, within a
reasonable time frame, if we determine that removal is necessary. You agree, through your use of this service, that you
will not use this bulletin board to post any material which is knowingly false and/or defamatory, inaccurate, abusive,
vulgar, hateful, harassing, obscene, profane, sexually oriented, threatening, invasive of a person's privacy, or
otherwise violation of any law. You agree not to post any copyrighted material unless the copyright is owned by you or by
this bulletin board. If you have read, understood and agree to these rules and conditions, you may enter/register the
website and/or forums. If you disagree, leave immediately. You agree to give up all legal rights towards sroparadise when
donating.
10. Privacy
During the registration process, we ask you to provide personal information such as your email address, desired account
name, password. If you choose to make a donation, we will ask you for additional information, such as your credit card
number, billing address, and shipping address, which is used to bill your account.
sroparadise collects your personal information to provide you with access to our services, and to fulfill your purchases.
We also may use your personal information to communicate with you. You may also receive receipts for purchases, and
information on technical service issues.
However, personal information collected on sroparadise will not be disclosed outside of sroparadise without your consent,
except where it is deemed necessary by the law.
</textarea>
</div>
PHP Code:
<?php
// Connect to the database (host, username, password)
$con = mssql_connect('sqll/express','sa','somepassword')
or die('Could not connect to the server!');
// Select a database:
mssql_select_db('SRO_VT_ACCOUNT')
or die('Could not select a database.');
$ppEmail = 'yourmeail.@hotmail.com';
$personalEmail = 'yourmeial.@hotmail.com';
$amountUsd = array('10.00','15.00','20.00','30.00');
$usdToSilks = array(10=>300, 15=>500, 20=>700, 24=>1000, 30=>1500);
//$amountEur = array(7.00,10.00,14.00,21.00);
// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');
// intantiate the IPN listener
include('ipnlistener.php');
$listener = new IpnListener();
// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = false;
// try to process the IPN POST
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage());
exit(0);
}
if ($verified) {
$errmsg = ''; // stores errors from fraud checks
// Make sure the payment status is "Completed"
if ($_POST['payment_status'] != 'Completed') {
// simply ignore any IPN that is not completed
exit(0);
}
// Make sure seller email matches your primary account email.
if ($_POST['receiver_email'] != $ppEmail) {
$errmsg .= "'receiver_email' does not match: ";
$errmsg .= $_POST['receiver_email']."\n";
}
//checks currency
if ($_POST['mc_currency'] != 'USD') {
$errmsg .= "'mc_currency' does not match: ";
$errmsg .= $_POST['mc_currency']."\n";
}
// Make sure the amount(s) paid match
if ($_POST['mc_currency'] = 'USD') {
if (!in_array($_POST['mc_gross'],$amountUsd)) {
$errmsg .= "'mc_gross' does not match: ";
$errmsg .= $_POST['mc_gross']."\n";
}
}
/* if ($_POST['mc_currency'] = 'EUR') {
if (!in_array(number_format($_POST['mc_gross'],2),number_format($amountEur, 2))) {
$errmsg .= "'mc_gross' does not match: ";
$errmsg .= $_POST['mc_gross']."\n";
}
}
*/
// Ensure the transaction is not a duplicate.
$txn_id = ms_escape_string($_POST['txn_id']);
$sql = "SELECT * FROM paypal WHERE txn_id = '$txn_id'";
$r = mssql_query($sql);
if (!$r) {
error_log(mysql_error());
exit(0);
}
// $exists = mssql_query($r, 0);
$exists = mssql_num_rows($r);
mssql_free_result($r);
if ($exists<>0) {
$errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
}
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
$body = "IPN failed fraud checks: \n$errmsg\n\n";
$body .= $listener->getTextReport();
mail($personalEmail, 'Kads mulkis meginaja appist tavu paypal!', $body);
error_log($body); exit(0);
} else {
$payer_email = ms_escape_string($_POST['payer_email']);
$mc_gross = ms_escape_string($_POST['mc_gross']);
$username = ms_escape_string($_POST['custom']);
$timenow = time();
$sql = "INSERT INTO paypal (txn_id,payer_email,mc_gross,username,date)VALUES
('$txn_id', '$payer_email', $mc_gross, '$username', '$timenow')";
if (!mssql_query($sql)) {
error_log(mysql_error());
exit(0);
}
//silk update
$silkAmount = $usdToSilks[(int)$mc_gross];
mssql_query("exec CGI.CGI_WebPurchaseSilk 0,'$username',0,$silkAmount,0");
}
} else {
// manually investigate the invalid IPN
// mail($personalEmail, 'Invalid IPN', $listener->getTextReport());
}
function ms_escape_string($data) {
if ( !isset($data) or empty($data) ) return '';
if ( is_numeric($data) ) return $data;
$non_displayables = array(
'/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15
'/%1[0-9a-f]/', // url encoded 16-31
'/[\x00-\x08]/', // 00-08
'/\x0b/', // 11
'/\x0c/', // 12
'/[\x0e-\x1f]/' // 14-31
);
foreach ( $non_displayables as $regex )
$data = preg_replace( $regex, '', $data );
$data = str_replace("'", "''", $data );
return $data;
}
?>
PHP Code:
<?php
/**
* PayPal IPN Listener
*
* A class to listen for and handle Instant Payment Notifications (IPN) from
* the PayPal server.
*
* https://github.com/Quixotix/PHP-PayPal-IPN
*
* @package PHP-PayPal-IPN
* @author Micah Carrick
* @copyright (c) 2011 - Micah Carrick
* @version 2.0.3
* @license http://opensource.org/licenses/gpl-3.0.html
*/
class IpnListener {
/**
* If true, the recommended cURL PHP library is used to send the post back
* to PayPal. If flase then fsockopen() is used. Default true.
*
* @var boolean
*/
public $use_curl = true;
/**
* If true, explicitly sets cURL to use SSL version 3. Use this if cURL
* is compiled with GnuTLS SSL.
*
* @var boolean
*/
public $force_ssl_v3 = false;
/**
* If true, an SSL secure connection (port 443) is used for the post back
* as recommended by PayPal. If false, a standard HTTP (port 80) connection
* is used. Default true.
*
* @var boolean
*/
public $use_ssl = true;
/**
* If true, the paypal sandbox URI www.sandbox.paypal.com is used for the
* post back. If false, the live URI www.paypal.com is used. Default false.
*
* @var boolean
*/
public $use_sandbox = false;
/**
* The amount of time, in seconds, to wait for the PayPal server to respond
* before timing out. Default 30 seconds.
*
* @var int
*/
public $timeout = 30;
private $post_data = array();
private $post_uri = '';
private $response_status = '';
private $response = '';
const PAYPAL_HOST = 'www.paypal.com';
const SANDBOX_HOST = 'www.sandbox.paypal.com';
/**
* Post Back Using cURL
*
* Sends the post back to PayPal using the cURL library. Called by
* the processIpn() method if the use_curl property is true. Throws an
* exception if the post fails. Populates the response, response_status,
* and post_uri properties on success.
*
* @param string The post data as a URL encoded string
*/
protected function curlPost($encoded_data) {
if ($this->use_ssl) {
$uri = 'https://'.$this->getPaypalHost().'/cgi-bin/webscr';
$this->post_uri = $uri;
} else {
$uri = 'http://'.$this->getPaypalHost().'/cgi-bin/webscr';
$this->post_uri = $uri;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $uri);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $encoded_data);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
if ($this->force_ssl_v3) {
curl_setopt($ch, CURLOPT_SSLVERSION, 3);
}
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$this->response = curl_exec($ch);
$this->response_status = strval(curl_getinfo($ch, CURLINFO_HTTP_CODE));
if ($this->response === false || $this->response_status == '0') {
$errno = curl_errno($ch);
$errstr = curl_error($ch);
throw new Exception("cURL error: [$errno] $errstr");
}
}
/**
* Post Back Using fsockopen()
*
* Sends the post back to PayPal using the fsockopen() function. Called by
* the processIpn() method if the use_curl property is false. Throws an
* exception if the post fails. Populates the response, response_status,
* and post_uri properties on success.
*
* @param string The post data as a URL encoded string
*/
protected function fsockPost($encoded_data) {
if ($this->use_ssl) {
$uri = 'ssl://'.$this->getPaypalHost();
$port = '443';
$this->post_uri = $uri.'/cgi-bin/webscr';
} else {
$uri = $this->getPaypalHost(); // no "http://" in call to fsockopen()
$port = '80';
$this->post_uri = 'http://'.$uri.'/cgi-bin/webscr';
}
$fp = fsockopen($uri, $port, $errno, $errstr, $this->timeout);
if (!$fp) {
// fsockopen error
throw new Exception("fsockopen error: [$errno] $errstr");
}
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: ".strlen($encoded_data)."\r\n";
$header .= "Connection: Close\r\n\r\n";
fputs($fp, $header.$encoded_data."\r\n\r\n");
while(!feof($fp)) {
if (empty($this->response)) {
// extract HTTP status from first line
$this->response .= $status = fgets($fp, 1024);
$this->response_status = trim(substr($status, 9, 4));
} else {
$this->response .= fgets($fp, 1024);
}
}
fclose($fp);
}
private function getPaypalHost() {
if ($this->use_sandbox) return IpnListener::SANDBOX_HOST;
else return IpnListener::PAYPAL_HOST;
}
/**
* Get POST URI
*
* Returns the URI that was used to send the post back to PayPal. This can
* be useful for troubleshooting connection problems. The default URI
* would be "ssl://www.sandbox.paypal.com:443/cgi-bin/webscr"
*
* @return string
*/
public function getPostUri() {
return $this->post_uri;
}
/**
* Get Response
*
* Returns the entire response from PayPal as a string including all the
* HTTP headers.
*
* @return string
*/
public function getResponse() {
return $this->response;
}
/**
* Get Response Status
*
* Returns the HTTP response status code from PayPal. This should be "200"
* if the post back was successful.
*
* @return string
*/
public function getResponseStatus() {
return $this->response_status;
}
/**
* Get Text Report
*
* Returns a report of the IPN transaction in plain text format. This is
* useful in emails to order processors and system administrators. Override
* this method in your own class to customize the report.
*
* @return string
*/
public function getTextReport() {
$r = '';
// date and POST url
for ($i=0; $i<80; $i++) { $r .= '-'; }
$r .= "\n[".date('m/d/Y g:i A').'] - '.$this->getPostUri();
if ($this->use_curl) $r .= " (curl)\n";
else $r .= " (fsockopen)\n";
// HTTP Response
for ($i=0; $i<80; $i++) { $r .= '-'; }
$r .= "\n{$this->getResponse()}\n";
// POST vars
for ($i=0; $i<80; $i++) { $r .= '-'; }
$r .= "\n";
foreach ($this->post_data as $key => $value) {
$r .= str_pad($key, 25)."$value\n";
}
$r .= "\n\n";
return $r;
}
/**
* Process IPN
*
* Handles the IPN post back to PayPal and parsing the response. Call this
* method from your IPN listener script. Returns true if the response came
* back as "VERIFIED", false if the response came back "INVALID", and
* throws an exception if there is an error.
*
* @param array
*
* @return boolean
*/
public function processIpn($post_data=null) {
$encoded_data = 'cmd=_notify-validate';
if ($post_data === null) {
// use raw POST data
if (!empty($_POST)) {
$this->post_data = $_POST;
$encoded_data .= '&'.file_get_contents('php://input');
} else {
throw new Exception("No POST data found.");
}
} else {
// use provided data array
$this->post_data = $post_data;
foreach ($this->post_data as $key => $value) {
$encoded_data .= "&$key=".urlencode($value);
}
}
if ($this->use_curl) $this->curlPost($encoded_data);
else $this->fsockPost($encoded_data);
if (strpos($this->response_status, '200') === false) {
throw new Exception("Invalid response status: ".$this->response_status);
}
if (strpos($this->response, "VERIFIED") !== false) {
return true;
} elseif (strpos($this->response, "INVALID") !== false) {
return false;
} else {
throw new Exception("Unexpected response from PayPal.");
}
}
/**
* Require Post Method
*
* Throws an exception and sets a HTTP 405 response header if the request
* method was not POST.
*/
public function requirePostMethod() {
// require POST requests
if ($_SERVER['REQUEST_METHOD'] && $_SERVER['REQUEST_METHOD'] != 'POST') {
header('Allow: POST', true, 405);
throw new Exception("Invalid HTTP request method.");
}
}
}
?>
Re: PHP SYSTEM Buy Silk Automic
which website do you use then ? , i will edit it for you..
and if you really want to do it post insteaf of session - bad idea..
do something like that :
$_SESSION['name']
=>
$_POST['name']
and
<input type="hidden" name="custom" value="<?php echo($userID);?>">
=>
<input type="text" name="custom" value="User Name Here">
dont forget to edit everything from session to post.
Re: PHP SYSTEM Buy Silk Automic
Quote:
Originally Posted by
Naty48
which website do you use then ? , i will edit it for you..
and if you really want to do it post insteaf of session - bad idea..
do something like that :
$_SESSION['name']
=>
$_POST['name']
and
<input type="hidden" name="custom" value="<?php echo($userID);?>">
=>
<input type="text" name="custom" value="User Name Here">
dont forget to edit everything from session to post.
I'm using sroland website! Can do?
Re: PHP SYSTEM Buy Silk Automic
Quote:
Originally Posted by
lucastx
I'm using sroland website! Can do?
enjoy :).
(did it over teamviewer).