API tools faq
paste
Advertisement
Guest User

callback

a guest
Jan 17th, 2012
116
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.65 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3.  * Credits Callback - called in the following general order by the Credits backend:
  4.  * 1. method=payments_get_items - return information about given order_info
  5.  * 2. method=payments_status_update, status=placed - update the status to settled
  6.  * 3. method=payments_status_update, status=settled - perform the desired action (ie. give the item to the user)
  7.  */
  8.  
  9. // determine if we are in Gamestamper
  10. $isGamestamper = isset($_REQUEST['gsapps']);
  11.  
  12. // assign appropriate app secret
  13.  
  14.     $appSecret = '[7d6fa5183c71ed9a9da9fc840bbbc6d8]'; // Facebook App Secret
  15.  
  16. // parse signed data
  17. $request = parse_signed_request($_REQUEST['signed_request'], $appSecret);
  18.  
  19. if ($request == null) {
  20.     // handle an unauthenticated request here
  21.     exit;
  22. }
  23.  
  24. $payload = $request['credits'];
  25.  
  26. // prepare the return data array
  27. $data = array(
  28.     'content' => array(),
  29.     'method' => $_REQUEST['method']
  30. );
  31.  
  32. // switch based on method
  33. switch ($data['method']) {
  34.     case 'payments_get_items':
  35.         // return info about the item to be purchased
  36.         // TODO: replace with real lookup of product info
  37.         $item = array();
  38.         switch (json_decode($payload['order_info'])) {
  39.           /*  case 'currency.001':
  40.                 $item['title'] = 'In-game Currency';
  41.                 $item['price'] = 10;
  42.                 $item['description'] = 'In-game currency';
  43.                 $item['image_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/coins.png';
  44.                 $item['product_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/coins.png';
  45.                 break;*/
  46.             case 'item.001':
  47.                 $item['title'] = '1Monat';
  48.                 $item['price'] = 1;
  49.                 $item['description'] = '1-Monat Packet des Maya Kalendar\'s!';
  50.                 $item['image_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  51.                 $item['product_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  52.                 break;
  53.             case 'item.002':
  54.                 $item['title'] = '3Monate';
  55.                 $item['price'] = 1;
  56.                 $item['description'] = '3-Monate Packet des Maya Kalendar\'s!';
  57.                 $item['image_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  58.                 $item['product_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  59.                 break;
  60.             case 'item.003':
  61.                 $item['title'] = '6Monate';
  62.                 $item['price'] = 1;
  63.                 $item['description'] = '6-Monate Packet des Maya Kalendar\'s!';
  64.                 $item['image_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  65.                 $item['product_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  66.                 break;
  67.             case 'item.004':
  68.                 $item['title'] = '12Monate';
  69.                 $item['price'] = 1;
  70.                 $item['description'] = '12-Monate Packet des Maya Kalendar\'s!';
  71.                 $item['image_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  72.                 $item['product_url'] = 'http://www.gstestapps.com/php/fbcreditstutorial/tractor.jpg';
  73.                 break;
  74.         }
  75.          
  76.         // Put the item details in an array, and return in the 'content' portion of the callback payload.
  77.         $data['content'] = array($item);
  78.         break;
  79.  
  80.     case 'payments_status_update':
  81.         // write your logic here determine which state you want to move to
  82.         switch ($payload['status']) {
  83.             case 'placed':
  84.                 $data['content'] = array('status' => 'settled');
  85.                 break;
  86.         }
  87.  
  88.         // compose returning data
  89.         $data['content']['order_id'] = $payload['order_id'];
  90.         break;
  91. }
  92.  
  93. // send data back
  94. echo json_encode($data);
  95.  
  96. // for more details: http://developers.facebook.com/docs/authentication/canvas
  97. function parse_signed_request($signed_request, $secret) {
  98.     list($encoded_sig, $payload) = explode('.', $signed_request, 2);
  99.  
  100.     // decode the data
  101.     $sig = base64_url_decode($encoded_sig);
  102.     $data = json_decode(base64_url_decode($payload), true);
  103.  
  104.     if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
  105.         error_log('Unknown algorithm. Expected HMAC-SHA256');
  106.         return null;
  107.     }
  108.  
  109.     // check signature
  110.     $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  111.     if ($sig !== $expected_sig) {
  112.         error_log('Bad Signed JSON signature!');
  113.         return null;
  114.     }
  115.  
  116.     return $data;
  117. }
  118.  
  119. function base64_url_decode($input) {
  120.     return base64_decode(strtr($input, '-_', '+/'));
  121. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!