Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //Variables
- $user = stripslashes(ucwords(strtolower(trim($_POST['user'])))); //Confusing? Well, this is used to get the value of the inputbox in your paypal.html, since I won't be making one right now, I suggest you use the Gesior one since it will work just fine, thought I suggest tweaks since this includes several payment options.
- $payment_status = $_POST['payment_status'];
- $payment_amount = $_POST['mc_gross'];
- $mc_currency = $_POST['mc_currency'];
- $txn_id = $_POST['txn_id'];
- $receiver_email = $_POST['receiver_email'];
- $payer_email = $_POST['payer_email'];
- //Database Connection
- $db_user = 'your_database_user';
- $db_password = 'your_password';
- $db = 'database_name';
- $database = new mysqli('localhost', $db_user, $db_password, $db);
- $receiver = 'Your@email.here');
- $currency = 'EUR';
- $log_file = 'paypal.log';
- $log_option = 0; //0 = It will write logs to the log file stated above(default is paypal.log), 1 = It'll write to the database
- //Prices
- $points = array(10.00 => 40, 20.00 => 100)//10€ = 40 Points etc.
- //The Code:
- if(gethostbyaddr($_SERVER['REMOTE_ADDR']) != 'notify.paypal.com'){ //Obviously so "hackers" can't try and cheat their way through the system
- die('Un-authorized Access');
- }
- elseif ($database->connect_error) { //This will be displayed if it cannot connect to the database.
- die('Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error);
- }
- if($payment_status == 'Completed' && $receiver_email == $receiver && isset($prices[$payment_amount]) && $mc_currency == $currency){
- $account_id = $database->query('SELECT id, premium_points FROM accounts WHERE name = '.$user.'');
- $database->query('UPDATE accounts SET premium_points = premium_points + '.$prices[$payment_amount].' WHERE id = '.$account_id[0];
- if($log_option == 0){
- $log_file_open = fopen($log_file, 'a');
- fwrite($log_file_open, 'Purchase made at: '.date(DATE_RFC822).'\nUsername: '.$user.'\nAmount: '.$payment_amount.' '.$mc_currency.'\nPurchase ID: '.$txn_id.'\nBuyer Email: '.$payer_email.'\n');
- }
- elseif($log_option == 1){
- $database->query('INSERT INTO paypal_logs(id, account_id, amount, txn_id, time) VALUES(NULL, '.$account_id[0].', '.$payment_amount.', '.$txn_id.', CURRENT_TIMESTAMP)');
- }
- }
- elseif($payment_status == 'Reversed' && $receiver_email == $receiver){ //If some fuck tries to reverse the payment to scam you out of your money.
- $database->query('DELETE FROM accounts WHERE id = '.$account_id[0]);
- }
- $database->close();
- ?>
Add Comment
Please, Sign In to add comment