Untitled

<?php
if ($_REQUEST['debug']) {
ini_set("display_errors", True);
error_reporting(E_ALL);
}
$mysql_host = 'localhost'; //Leave at localhost
$mysql_user = 'root'; //DB User
$mysql_pass = 'x'; //DB Pass
$mysql_db = 'x'; //DB Name
$file = 'paypal.log'; //Paypal Log Name will be placed in the same location as your ipn.php file
$payer_email = $_REQUEST['payer_email'];
$ip = $_SERVER['REMOTE_ADDR'];
$ips = array('66.211.170.66', '216.113.188.202', '216.113.188.203', '216.113.188.204', '216.113.188.205', '66.135.197.163', '66.135.197.164', ' 66.135.197.162',  '66.135.197.141', '216.113.191.33');
if(!in_array($ip, $ips)) {
	print "Scammer...";
$hak = fopen("scammer.log", "a");
fwrite($hak, "$ip \r\n");
fclose($hak);
die(0);
}
$time = date("F j, Y, g:i a");
$paylist = array("5.00" => 25, "10.00" => 50, "15.00" => 75, "20.00" => 100, "25.00" => 125, "30.00" => 150, "35.00" => 175, "40.00" => 200, "45.00" => 225, "50.00" => 275);

// connect db

$db = mysql_connect($mysql_host, $mysql_user, $mysql_pass);

$custom = stripslashes(ucwords(strtolower(trim($_REQUEST['custom']))));
$receiver_email = $_REQUEST['receiver_email'];
$payment_status = $_REQUEST['payment_status'];
$mc_gross = $_REQUEST['mc_gross'];
$mc_currency = $_REQUEST['mc_currency'];
mysql_select_db($mysql_db, $db);
if ($_REQUEST['debug']){
print $payment_status . '\n';
print (isset($paylist[$mc_gross])) ? 1 : 0 . '\n';
print $receiver_email . '\n';
print $custom . '\n';
}
if ($payment_status == "Completed" && $receiver_email == "JDB__@live.com" && isset($paylist[$mc_gross]) && $mc_currency == "EUR") {
$somecode = "'$time' '$custom' '$payer_email' '$mc_gross' '$ip'\r\n";

$qry2 = "UPDATE accounts SET premium_points = premium_points + {$paylist[$mc_gross]} WHERE name = '$custom'";
// Log Paypal Transaction
$hak = fopen($file, "a");
fwrite($hak, $somecode);
fclose($hak);

$result2 = mysql_query($qry2);
}
else
 {
 echo("Error.");
 }
?>