<?php$raw_post_data = file_get_contents('php://input');$raw_post_array = expl

1. <?php
2.  
3. $raw_post_data = file_get_contents('php://input');
4. $raw_post_array = explode('&', $raw_post_data);
5. $myPost = array();
6. foreach ($raw_post_array as $keyval) {
7. $keyval = explode ('=', $keyval);
8. if (count($keyval) == 2)
9. $myPost[$keyval[0]] = urldecode($keyval[1]);
10. }
11.  
12. $req = 'cmd=_notify-validate';
13. if (function_exists('get_magic_quotes_gpc')) {
14. $get_magic_quotes_exists = true;
15. }
16. foreach ($myPost as $key => $value) {
17. if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
18. $value = urlencode(stripslashes($value));
19. } else {
20. $value = urlencode($value);
21. }
22. $req .= "&$key=$value";
23. }
24.  
25.  
26. $ch = curl_init('https://ipnpb.sandbox.paypal.com/cgi-bin/webscr');
27. curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
28. curl_setopt($ch, CURLOPT_POST, 1);
29. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
30. curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
31. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
32. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
33. curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
34. curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Expect:','Connection: Close'));
35.  
36.  
37. if ( !($res = curl_exec($ch)) ) {
38.  
39. curl_close($ch);
40. exit;
41. }
42. curl_close($ch);
43.  
44. if (strcmp ($res, "VERIFIED") == 0) {
45.  
46. //////////////////////////RECOGEDORES DE CONTENIDO//////////////////////////////////
47. $item_name_list = array();
48. $item_quantity_list = array();
49.  
50. $usernames = array();
51. $passwords = array();
52.  
53. $usuario_a_borrar = "empty";
54.  
55. //////////////////////////FUNCIONES A LLAMAR/////////////////////////////////
56. function borrarCuenta() {
57. $stmt = mysqli_prepare($conn, "DELETE FROM Cuentas WHERE Username = ?");
58. mysqli_stmt_bind_param($stmt, "s", $usuario_a_borrar);
59. mysqli_stmt_execute($stmt);
60. mysqli_stmt_close($stmt);
61. }
62.  
63. function terminarProceso() {
64. die();
65. }
66.  
67. function escribirCuentas() {
68. for ($l=0; $l<count($usernames); $l++) {
69. echo "Username: " . $usernames[$l] . " Password: " . $passwords[$l] . "<br>";
70. }
71. }
72.  
73. $escribirDatosCuentas = escribirCuentas();
74. /////////////////////////PROCESAMIENTO DE DATOS/////////////////////////////////
75. $payment_status = $_POST["payment_status"];
76. $txn_id = $_POST["txn_id"];
77. echo $txn_id;
78. //conexión//
79. $servername = "XXXXXXXXXXXX";
80. $username = "XXXXXXXXXXXXXX";
81. $password = "XXXXXXXXXXXXXX";
82. $dbname = "XXXXXXXXXXXXXXXX";
83.  
84. $conn = mysqli_connect($servername, $username, $password, $dbname);
85.  
86. $transid_query = "SELECT * FROM TransactionIDs WHERE TransID = '$txn_id'";
87. $transid_result = mysqli_query($conn, $transid_query);
88.  
89.  
90.  
91. if ($payment_status == "Completed" && msqli_num_rows($transid_result) == 0) {
92.  
93. $payer_email = $_POST["payer_email"];
94. $first_name = $_POST["first_name"];
95. $last_name = $_POST["last_name"];
96.  
97. $query_condition= "empty";
98. $query = "SELECT TOP 1 Username, Password FROM Cuentas WHERE '$query_condition' AND Server = euw ORDER BY Username ASC";
99.  
100.  
101. for ($i=0; $i<=999; $i++) {
102. if (isset($_POST["item_name$i"])) {
103. array_push($item_name_list, $_POST["item_name$i"]);
104. }
105. }
106. for ($j=0; $j<=999; $j++) {
107. if (isset($_POST["quantity$j"])) {
108. array_push($item_quantity_list, $_POST["quantity$j"]);
109. }
110. }
111. for ($k=0; $k<count($item_name_list); $k++) {
112. strtolower($item_name_list[$k]);
113.  
114. switch (item_name_list[k]) {
115. /////////////ranked-smurfs/////////////////
116. case "ranked smurf - diamond v":
117. $query_condition = "Ranked_Type = 'diamond v'";
118. $pre_result = mysqli_query($conn, $query);
119. if (msqli_num_rows($pre_result) == 0) {
120. terminarProceso();
121. }
122. $result = $mysqli_fetch_array($pre_result);
123. array_push($usernames, $result["Username"]);
124. array_push($passwords, $result["Password"]);
125. $usuario_a_borrar = $result["Username"];
126. borrarCuenta($usuario_a_borrar);
127. msyqli_free_result($pre_result);
128. break;
129. case "ranked smurf - platinum i":
130. $query_condition = "Ranked_Type = 'platinum i'";
131. $pre_result = mysqli_query($conn, $query);
132. if (msqli_num_rows($pre_result) == 0) {
133. terminarProceso();
134. }
135. $result = $mysqli_fetch_array($pre_result);
136. array_push($usernames, $result["Username"]);
137. array_push($passwords, $result["Password"]);
138. $usuario_a_borrar = $result["Username"];
139. borrarCuenta($usuario_a_borrar);
140. msyqli_free_result($pre_result);
141. break;
142. case "ranked smurf - platinum ii":
143. $query_condition = "Ranked_Type = 'platinum ii'";
144. $pre_result = mysqli_query($conn, $query);
145. if (msqli_num_rows($pre_result) == 0) {
146. terminarProceso();
147. }
148. $result = $mysqli_fetch_array($pre_result);
149. array_push($usernames, $result["Username"]);
150. array_push($passwords, $result["Password"]);
151. $usuario_a_borrar = $result["Username"];
152. borrarCuenta($usuario_a_borrar);
153. msyqli_free_result($pre_result);
154. break;
155. case "ranked smurf - platinum iii":
156. $query_condition = "Ranked_Type = 'platinum iii'";
157. $pre_result = mysqli_query($conn, $query);
158. if (msqli_num_rows($pre_result) == 0) {
159. terminarProceso();
160. }
161. $result = $mysqli_fetch_array($pre_result);
162. array_push($usernames, $result["Username"]);
163. array_push($passwords, $result["Password"]);
164. $usuario_a_borrar = $result["Username"];
165. borrarCuenta($usuario_a_borrar);
166. msyqli_free_result($pre_result);
167. break;
168. case "ranked smurf - platinum iv":
169. $query_condition = "Ranked_Type = 'platinum iv'";
170. $pre_result = mysqli_query($conn, $query);
171. if (msqli_num_rows($pre_result) == 0) {
172. terminarProceso();
173. }
174. $result = $mysqli_fetch_array($pre_result);
175. array_push($usernames, $result["Username"]);
176. array_push($passwords, $result["Password"]);
177. $usuario_a_borrar = $result["Username"];
178. borrarCuenta($usuario_a_borrar);
179. msyqli_free_result($pre_result);
180. break;
181. case "ranked smurf - platinum v":
182. $query_condition = "Ranked_Type = 'platinum v'";
183. $pre_result = mysqli_query($conn, $query);
184. if (msqli_num_rows($pre_result) == 0) {
185. terminarProceso();
186. }
187. $result = $mysqli_fetch_array($pre_result);
188. array_push($usernames, $result["Username"]);
189. array_push($passwords, $result["Password"]);
190. $usuario_a_borrar = $result["Username"];
191. borrarCuenta($usuario_a_borrar);
192. msyqli_free_result($pre_result);
193. break;
194. case "ranked smurf - gold i":
195. $query_condition = "Ranked_Type = 'gold i'";
196. $pre_result = mysqli_query($conn, $query);
197. if (msqli_num_rows($pre_result) == 0) {
198. terminarProceso();
199. }
200. $result = $mysqli_fetch_array($pre_result);
201. array_push($usernames, $result["Username"]);
202. array_push($passwords, $result["Password"]);
203. $usuario_a_borrar = $result["Username"];
204. borrarCuenta($usuario_a_borrar);
205. msyqli_free_result($pre_result);
206. break;
207. case "ranked smurf - gold ii":
208. $query_condition = "Ranked_Type = 'gold ii'";
209. $pre_result = mysqli_query($conn, $query);
210. if (msqli_num_rows($pre_result) == 0) {
211. terminarProceso();
212. }
213. $result = $mysqli_fetch_array($pre_result);
214. array_push($usernames, $result["Username"]);
215. array_push($passwords, $result["Password"]);
216. $usuario_a_borrar = $result["Username"];
217. borrarCuenta($usuario_a_borrar);
218. msyqli_free_result($pre_result);
219. break;
220. case "ranked smurf - gold iii":
221. $query_condition = "Ranked_Type = 'gold iii'";
222. $pre_result = mysqli_query($conn, $query);
223. if (msqli_num_rows($pre_result) == 0) {
224. terminarProceso();
225. }
226. $result = $mysqli_fetch_array($pre_result);
227. array_push($usernames, $result["Username"]);
228. array_push($passwords, $result["Password"]);
229. $usuario_a_borrar = $result["Username"];
230. borrarCuenta($usuario_a_borrar);
231. msyqli_free_result($pre_result);
232. break;
233. case "ranked smurf - gold iv":
234. $query_condition = "Ranked_Type = 'gold iv'";
235. $pre_result = mysqli_query($conn, $query);
236. if (msqli_num_rows($pre_result) == 0) {
237. terminarProceso();
238. }
239. $result = $mysqli_fetch_array($pre_result);
240. array_push($usernames, $result["Username"]);
241. array_push($passwords, $result["Password"]);
242. $usuario_a_borrar = $result["Username"];
243. borrarCuenta($usuario_a_borrar);
244. msyqli_free_result($pre_result);
245. break;
246. case "ranked smurf - gold v":
247. $query_condition = "Ranked_Type = 'gold v'";
248. $pre_result = mysqli_query($conn, $query);
249. if (msqli_num_rows($pre_result) == 0) {
250. terminarProceso();
251. }
252. $result = $mysqli_fetch_array($pre_result);
253. array_push($usernames, $result["Username"]);
254. array_push($passwords, $result["Password"]);
255. $usuario_a_borrar = $result["Username"];
256. borrarCuenta($usuario_a_borrar);
257. msyqli_free_result($pre_result);
258. break;
259. case "ranked smurf - silver i":
260. $query_condition = "Ranked_Type = 'silver i'";
261. $pre_result = mysqli_query($conn, $query);
262. if (msqli_num_rows($pre_result) == 0) {
263. terminarProceso();
264. }
265. $result = $mysqli_fetch_array($pre_result);
266. array_push($usernames, $result["Username"]);
267. array_push($passwords, $result["Password"]);
268. $usuario_a_borrar = $result["Username"];
269. borrarCuenta($usuario_a_borrar);
270. msyqli_free_result($pre_result);
271. break;
272. case "ranked smurf - silver ii":
273. $query_condition = "Ranked_Type = 'silver ii'";
274. $pre_result = mysqli_query($conn, $query);
275. if (msqli_num_rows($pre_result) == 0) {
276. terminarProceso();
277. }
278. $result = $mysqli_fetch_array($pre_result);
279. array_push($usernames, $result["Username"]);
280. array_push($passwords, $result["Password"]);
281. $usuario_a_borrar = $result["Username"];
282. borrarCuenta($usuario_a_borrar);
283. msyqli_free_result($pre_result);
284. break;
285. case "ranked smurf - silver iii":
286. $query_condition = "Ranked_Type = 'silver iii'";
287. $pre_result = mysqli_query($conn, $query);
288. if (msqli_num_rows($pre_result) == 0) {
289. terminarProceso();
290. }
291. $result = $mysqli_fetch_array($pre_result);
292. array_push($usernames, $result["Username"]);
293. array_push($passwords, $result["Password"]);
294. $usuario_a_borrar = $result["Username"];
295. borrarCuenta($usuario_a_borrar);
296. msyqli_free_result($pre_result);
297. break;
298. /////////////unranked-smurfs/////////////////
299. case "unranked ultimate pack(50.000+ ip)":
300. $query_condition = "Unranked_Type = '50000'";
301. $pre_result = mysqli_query($conn, $query);
302. if (msqli_num_rows($pre_result) == 0) {
303. terminarProceso();
304. }
305. $result = $mysqli_fetch_array($pre_result);
306. array_push($usernames, $result["Username"]);
307. array_push($passwords, $result["Password"]);
308. $usuario_a_borrar = $result["Username"];
309. borrarCuenta($usuario_a_borrar);
310. msyqli_free_result($pre_result);
311. break;
312. case "unranked premium pack(30.000+ ip)":
313. $query_condition = "Unranked_Type = '30000'";
314. $pre_result = mysqli_query($conn, $query);
315. if (msqli_num_rows($pre_result) == 0) {
316. terminarProceso();
317. }
318. $result = $mysqli_fetch_array($pre_result);
319. array_push($usernames, $result["Username"]);
320. array_push($passwords, $result["Password"]);
321. $usuario_a_borrar = $result["Username"];
322. borrarCuenta($usuario_a_borrar);
323. msyqli_free_result($pre_result);
324. break;
325. case "unranked basic pack(20.000+ ip)":
326. $query_condition = "Unranked_Type = '20000'";
327. $pre_result = mysqli_query($conn, $query);
328. if (msqli_num_rows($pre_result) == 0) {
329. terminarProceso();
330. }
331. $result = $mysqli_fetch_array($pre_result);
332. array_push($usernames, $result["Username"]);
333. array_push($passwords, $result["Password"]);
334. $usuario_a_borrar = $result["Username"];
335. borrarCuenta($usuario_a_borrar);
336. msyqli_free_result($pre_result);
337. break;
338. }
339. }
340.  
341. $stmt2 = mysqli_prepare($conn, "INSERT INTO TransactionIDs (TransID) VALUES (?)");
342. mysqli_stmt_bind_param($stmt2, "s", $txn_id);
343. mysqli_stmt_execute($stmt2);
344. mysqli_stmt_close($stmt2);
345.  
346.  
347.  
348. date_default_timezone_set('Europe/Madrid');
349. $date = date('d/m/Y H:i:s');
350.  
351. require 'phpmailer/PHPMailerAutoload.php';
352.  
353. $mail = new PHPMailer;
354.  
355.  
356. $mail->isSMTP();
357. $mail->Host = 'smtp.gmail.com';
358. $mail->SMTPAuth = true;
359. $mail->Username = 'XXXXXXXXXXXXXX';
360. $mail->Password = 'XXXXXXXXXXXXXX';
361. $mail->SMTPSecure = 'tls';
362. $mail->Port = 587;
363.  
364. $mail->setFrom('XXXXXXXXXXXXXXXXX');
365. $mail->addAddress("$payer_email");
366.  
367. $mail->isHTML(true);
368.  
369. $mail->Subject = 'Order confirmation';
370. $mail->Body = "<span style='font-size:14px'>Hi there, $first_name $last_name!<br><br>Thanks a lot for your purchase at our site on $date! Here are the credentials for your new smurf account:<br><br><span style='font-weight:600'>$escribirDatosCuentas</span><br><br>Remember to change your password through the official League of Legends forums. Should there be any questions or inquiries, please contact us anytime.<br><br>Your Paypal Transaction ID for the current order is: $txn_id.<br><br>Best wishes and enjoy your new account!<br><br>Customer Support</span>";
371.  
372. $mail->send();
373. }
374.  
375. mysqli_free_result($transid_result);
376. mysqli_close($conn);
377. }