Online PHP editor | output for g5S6M

<?php /* Copyright, 2014 Magictallguy This file, and all files linked to it, are to be used at Magictallguy's discretion only. If the file is removed by, or at the request of Magictallguy; then it should not be re-uploaded. If the file is re-uploaded, or not removed; Magictallguy reserves the right to have it removed by the authorities available at the time */ // tell PHP to log errors to ipn_errors.log in this directory // include(DIRNAME(__DIR__) . '/includes/dbcon.php'); // (DIRNAME(__DIR__) . '/includes/classes.php'); // initiate the IPN listener //(__DIR__ . '/ipnlistener.php'); $listener = new IpnListener(); // tell the IPN listener not to use the PayPal test sandbox $listener->use_sandbox = true; // try to process the IPN POST try { $listener->requirePostMethod(); $verified = $listener->processIpn(); } catch (Exception $e) { error_log($e->getMessage()); exit; } $errorMail = 'errors@convict-conflict.com'; // mail($errorMail, 'Payment details: everything', $listener->getTextReport()); if($verified) { if(!ctype_digit($_POST['item_number']) || !$_POST['item_number']) { mail($errorMail, 'Payment failed: no pack ID', $listener->getTextReport()); exit; } if($_POST['payment_status'] != 'Completed') { mail($errorMail, 'Payment failed: invalid status', $listener->getTextReport()); exit; } // if(!in_array(strtolower($_POST['receiver_email']), array('magictallguy_card@hotmail.co.uk', 'heres_chrissie@hotmail.co.uk'))) { if(strtolower($_POST['receiver_email']) != 'mtg@magictallguy.tk') { mail($errorMail, 'Payment failed: invalid receiver email', $listener->getTextReport()); exit; } if($_POST['mc_currency'] != 'USD') { mail($errorMail, 'Payment failed: invalid currency', $listener->getTextReport()); exit; } if($_POST['payment_type'] != 'instant') { mail($errorMail, 'Payment failed: invalid payment type', $listener->getTextReport()); exit; } if($_POST['txn_type'] != 'web_accept') { mail($errorMail, 'Payment failed: invalid transaction type', $listener->getTextReport()); exit; } $query = $mtgdb->query("SELECT `id_purchase` FROM `paypal_ipn` WHERE `ipn_data` = '".$mtgdb->escape($_POST['txn_id'])."'"); if($mtgdb->num_rows($query)) { mail($errorMail, 'Payment failed: double submission', $listener->getTextReport()); exit("You've already submitted this payment"); } $select = $mtgdb->query("SELECT * FROM `pcstore` WHERE `pack_id` = ".$_POST['item_number']); if(!$mtgdb->num_rows($select)) { mail($errorMail, 'Payment failed: Invalid Pack ID', $listener->getTextReport()); exit("Invalid pack ID"); } $row = $mtgdb->fetch_row($select); $discount = $mtgdb->fetch_single($mtgdb->query("SELECT `discount` FROM `serverconfig`")); if($discount) $row['pack_cost'] -= ($row['pack_cost'] / 100 * $discount); $custom = explode('|', $_POST['custom']); $donator = new User($custom[0], $mtgdb); if(!empty($custom[2]) && $custom[2] != '0.00') { $_POST['mc_gross'] += $custom[2]; if($donator->storeCredit < $custom[2] || $row['pack_cost'] != $_POST['mc_gross']) { mail($errorMail, 'Payment failed: Tried to cheat the Store Credit System', $listener->getTextReport()); exit; } $mtgdb->query("UPDATE `users` SET `storeCredit` = `storeCredit` - ".$custom[2]." WHERE `id` = ".$donator->id); } else { if($_POST['mc_gross'] != $row['pack_cost']) { mail($errorMail, 'Payment failed: Amount paid doesn\'t match pack: Gross: '.$_POST['mc_gross'].' | Cost: '.$row['pack_cost'], $listener->getTextReport()); exit; } } $mtgdb->query("INSERT INTO `paypal_ipn` VALUES ('', ".$donator->id.", ".time().", '".$mtgdb->escape($_POST['txn_id'])."', '".$row['pack_details']."', '".$custom[1]."', ".$_POST['mc_gross'].", '".$mtgdb->escape($_POST['payer_email'])."')"); if($row['pack_type'] == 'query') { $sql = "UPDATE `users` SET ".$row['pack_query']." WHERE `id` = ".$donator->id; mail($errorMail, 'Credit details: query check', $sql, 'From: support@convict-conflict.com'); $mtgdb->query($sql); if(preg_match('/\`bank\` ?\+ ?[0-9]+/', $row['pack_query'], $match)) translog_add($_SESSION['who'], 'rp store', 'money', preg_replace('/\`bank\` ?\+ ?/', '', $match[0])); if(preg_match('/\`points\` ?\+ ?[0-9]+/', $row['pack_query'], $match)) translog_add($_SESSION['who'], 'rp store', 'points', preg_replace('/\`points\` ?\+ ?/', '', $match[0])); if(preg_match('/\`rmdays\` ?\+ ?[0-9]+/', $row['pack_query'], $match)) translog_add($_SESSION['who'], 'rp store', 'rp days', preg_replace('/\`rmdays\` ?\+ ?/', '', $match[0])); } else if($row['pack_type'] == 'item') { $items = explode('|', $row['pack_query']); mail($errorMail, 'Credit details: queryItem/sql', print_r($items, true)."\r\n\r\n".$sql, 'From: support@convict-conflict.com'); foreach($items as $itemQty) { $item = explode(',', $itemQty); $selectItem = $mtgdb->query("SELECT `id` FROM `items` WHERE `id` = ".$item[0]); if($mtgdb->num_rows($selectItem)) { Give_Item($item[0], $donator->id, $item[1]); translog_add($donator->id, 'rp store', 'item', $item[0], $item[1]); } } mail($errorMail, 'Payment details: item check', $sql."\r\n\r\n\r\n".$listener->getTextReport()); } else { $queryItem = explode('.', $row['pack_query']); //$queryItem[0] = [The query] | $queryItem[1] = [the items/qty] $sql = "UPDATE `users` SET ".str_replace(array('[', ']'), '', $queryItem[0])." WHERE `id` = ".$donator->id; $mtgdb->query($sql); mail($errorMail, 'Credit details: queryItem/sql', print_r($queryItem, true)."\r\n\r\n".$sql, 'From: support@convict-conflict.com'); if(preg_match('/\`bank\` ?\+ ?[0-9]+/', str_replace(array('[', ']'), '', $queryItem[0]), $match)) translog_add($_SESSION['who'], 'rp store', 'money', preg_replace('/\`bank\` ?\+ ?/', '', $match[0])); if(preg_match('/\`points\` ?\+ ?[0-9]+/', str_replace(array('[', ']'), '', $queryItem[0]), $match)) translog_add($_SESSION['who'], 'rp store', 'points', preg_replace('/\`points\` ?\+ ?/', '', $match[0])); if(preg_match('/\`rmdays\` ?\+ ?[0-9]+/', str_replace(array('[', ']'), '', $queryItem[0]), $match)) translog_add($_SESSION['who'], 'rp store', 'rp days', preg_replace('/\`rmdays\` ?\+ ?/', '', $match[0])); $items = explode('|', str_replace(array('[', ']'), '', $queryItem[1])); foreach($items as $itemQty) { $item = explode(',', $itemQty); $selectItem = $mtgdb->query("SELECT `id` FROM `items` WHERE `id` = ".$item[0]); if($mtgdb->num_rows($selectItem)) { Give_Item($item[0], $donator->id, $item[1]); translog_add($donator->id, 'rp store', 'item', $item[0], $item[1]); } } mail($errorMail, 'Payment details: both check', $sql."\r\n\r\n\r\n".$listener->getTextReport()); } Send_Event(1, $donator->formattedname." [".$donator->id."] paid for ".$row['pack_name'], 'donations'); Send_Event(2, $donator->formattedname." [".$donator->id."] paid for ".$row['pack_name'], 'donations'); $selectReferral = $mtgdb->query("SELECT `referrer` FROM `referrals` WHERE `referred` = ".$donator->id); if($mtgdb->num_rows($selectReferral)) { $referrer = $mtgdb->fetch_single($selectReferral); $mtgdb->query("UPDATE `users` SET `storeCredit` = `storeCredit` + ".$mtg->formatMoney($_POST['mc_gross'] / 10, false)." WHERE `id` = ".$referrer); Send_Event($referrer, $donator->formattedname." just upgraded their account. You receive ".$mtg->formatMoney($_POST['mc_gross'] / 10)." as RP Store Credit", 'donations'); } Send_Event($donator->id, "Your ".$row['pack_name']." has been credited to you. Thank you!", 'donations'); mail($errorMail, 'Valid payment processed', $listener->getTextReport()); $selectDonCount = $mtgdb->query("SELECT `id` FROM `top_donators` WHERE `userid` = ".$donator->id); if(!$mtgdb->num_rows($selectDonCount)) $mtgdb->query("INSERT INTO `top_donators` (`userid`, `donCount`) VALUES (".$donator->id.", ".$_POST['mc_gross'].")"); else $mtgdb->query("UPDATE `top_donators` SET `donCount` = `donCount` + ".$_POST['mc_gross']." WHERE `userid` = ".$donator->id); } else { mail($errorMail, 'Invalid IPN', $listener->getTextReport()); $donator = new User($donator->id, $mtgdb); Send_Event(1, $donator->formattedname." [".$donator->id."] failed to pay for ".$row['pack_name'], 'donations'); Send_Event(2, $donator->formattedname." [".$donator->id."] failed to pay for ".$row['pack_name'], 'donations'); exit("Payment failed<br /><a href='http://convict-conflict.com'>Return to ".$mtg->gameSet('game_name')."</a>"); }