Online PHP editor | vld for g5S6M

<?php /* Copyright, 2014 Magictallguy This file, and all files linked to it, are to be used at Magictallguy's discretion only. If the file is removed by, or at the request of Magictallguy; then it should not be re-uploaded. If the file is re-uploaded, or not removed; Magictallguy reserves the right to have it removed by the authorities available at the time */ // tell PHP to log errors to ipn_errors.log in this directory // include(DIRNAME(__DIR__) . '/includes/dbcon.php'); // (DIRNAME(__DIR__) . '/includes/classes.php'); // initiate the IPN listener //(__DIR__ . '/ipnlistener.php'); $listener = new IpnListener(); // tell the IPN listener not to use the PayPal test sandbox $listener->use_sandbox = true; // try to process the IPN POST try { $listener->requirePostMethod(); $verified = $listener->processIpn(); } catch (Exception $e) { error_log($e->getMessage()); exit; } $errorMail = 'errors@convict-conflict.com'; // mail($errorMail, 'Payment details: everything', $listener->getTextReport()); if($verified) { if(!ctype_digit($_POST['item_number']) || !$_POST['item_number']) { mail($errorMail, 'Payment failed: no pack ID', $listener->getTextReport()); exit; } if($_POST['payment_status'] != 'Completed') { mail($errorMail, 'Payment failed: invalid status', $listener->getTextReport()); exit; } // if(!in_array(strtolower($_POST['receiver_email']), array('magictallguy_card@hotmail.co.uk', 'heres_chrissie@hotmail.co.uk'))) { if(strtolower($_POST['receiver_email']) != 'mtg@magictallguy.tk') { mail($errorMail, 'Payment failed: invalid receiver email', $listener->getTextReport()); exit; } if($_POST['mc_currency'] != 'USD') { mail($errorMail, 'Payment failed: invalid currency', $listener->getTextReport()); exit; } if($_POST['payment_type'] != 'instant') { mail($errorMail, 'Payment failed: invalid payment type', $listener->getTextReport()); exit; } if($_POST['txn_type'] != 'web_accept') { mail($errorMail, 'Payment failed: invalid transaction type', $listener->getTextReport()); exit; } $query = $mtgdb->query("SELECT `id_purchase` FROM `paypal_ipn` WHERE `ipn_data` = '".$mtgdb->escape($_POST['txn_id'])."'"); if($mtgdb->num_rows($query)) { mail($errorMail, 'Payment failed: double submission', $listener->getTextReport()); exit("You've already submitted this payment"); } $select = $mtgdb->query("SELECT * FROM `pcstore` WHERE `pack_id` = ".$_POST['item_number']); if(!$mtgdb->num_rows($select)) { mail($errorMail, 'Payment failed: Invalid Pack ID', $listener->getTextReport()); exit("Invalid pack ID"); } $row = $mtgdb->fetch_row($select); $discount = $mtgdb->fetch_single($mtgdb->query("SELECT `discount` FROM `serverconfig`")); if($discount) $row['pack_cost'] -= ($row['pack_cost'] / 100 * $discount); $custom = explode('|', $_POST['custom']); $donator = new User($custom[0], $mtgdb); if(!empty($custom[2]) && $custom[2] != '0.00') { $_POST['mc_gross'] += $custom[2]; if($donator->storeCredit < $custom[2] || $row['pack_cost'] != $_POST['mc_gross']) { mail($errorMail, 'Payment failed: Tried to cheat the Store Credit System', $listener->getTextReport()); exit; } $mtgdb->query("UPDATE `users` SET `storeCredit` = `storeCredit` - ".$custom[2]." WHERE `id` = ".$donator->id); } else { if($_POST['mc_gross'] != $row['pack_cost']) { mail($errorMail, 'Payment failed: Amount paid doesn\'t match pack: Gross: '.$_POST['mc_gross'].' | Cost: '.$row['pack_cost'], $listener->getTextReport()); exit; } } $mtgdb->query("INSERT INTO `paypal_ipn` VALUES ('', ".$donator->id.", ".time().", '".$mtgdb->escape($_POST['txn_id'])."', '".$row['pack_details']."', '".$custom[1]."', ".$_POST['mc_gross'].", '".$mtgdb->escape($_POST['payer_email'])."')"); if($row['pack_type'] == 'query') { $sql = "UPDATE `users` SET ".$row['pack_query']." WHERE `id` = ".$donator->id; mail($errorMail, 'Credit details: query check', $sql, 'From: support@convict-conflict.com'); $mtgdb->query($sql); if(preg_match('/\`bank\` ?\+ ?[0-9]+/', $row['pack_query'], $match)) translog_add($_SESSION['who'], 'rp store', 'money', preg_replace('/\`bank\` ?\+ ?/', '', $match[0])); if(preg_match('/\`points\` ?\+ ?[0-9]+/', $row['pack_query'], $match)) translog_add($_SESSION['who'], 'rp store', 'points', preg_replace('/\`points\` ?\+ ?/', '', $match[0])); if(preg_match('/\`rmdays\` ?\+ ?[0-9]+/', $row['pack_query'], $match)) translog_add($_SESSION['who'], 'rp store', 'rp days', preg_replace('/\`rmdays\` ?\+ ?/', '', $match[0])); } else if($row['pack_type'] == 'item') { $items = explode('|', $row['pack_query']); mail($errorMail, 'Credit details: queryItem/sql', print_r($items, true)."\r\n\r\n".$sql, 'From: support@convict-conflict.com'); foreach($items as $itemQty) { $item = explode(',', $itemQty); $selectItem = $mtgdb->query("SELECT `id` FROM `items` WHERE `id` = ".$item[0]); if($mtgdb->num_rows($selectItem)) { Give_Item($item[0], $donator->id, $item[1]); translog_add($donator->id, 'rp store', 'item', $item[0], $item[1]); } } mail($errorMail, 'Payment details: item check', $sql."\r\n\r\n\r\n".$listener->getTextReport()); } else { $queryItem = explode('.', $row['pack_query']); //$queryItem[0] = [The query] | $queryItem[1] = [the items/qty] $sql = "UPDATE `users` SET ".str_replace(array('[', ']'), '', $queryItem[0])." WHERE `id` = ".$donator->id; $mtgdb->query($sql); mail($errorMail, 'Credit details: queryItem/sql', print_r($queryItem, true)."\r\n\r\n".$sql, 'From: support@convict-conflict.com'); if(preg_match('/\`bank\` ?\+ ?[0-9]+/', str_replace(array('[', ']'), '', $queryItem[0]), $match)) translog_add($_SESSION['who'], 'rp store', 'money', preg_replace('/\`bank\` ?\+ ?/', '', $match[0])); if(preg_match('/\`points\` ?\+ ?[0-9]+/', str_replace(array('[', ']'), '', $queryItem[0]), $match)) translog_add($_SESSION['who'], 'rp store', 'points', preg_replace('/\`points\` ?\+ ?/', '', $match[0])); if(preg_match('/\`rmdays\` ?\+ ?[0-9]+/', str_replace(array('[', ']'), '', $queryItem[0]), $match)) translog_add($_SESSION['who'], 'rp store', 'rp days', preg_replace('/\`rmdays\` ?\+ ?/', '', $match[0])); $items = explode('|', str_replace(array('[', ']'), '', $queryItem[1])); foreach($items as $itemQty) { $item = explode(',', $itemQty); $selectItem = $mtgdb->query("SELECT `id` FROM `items` WHERE `id` = ".$item[0]); if($mtgdb->num_rows($selectItem)) { Give_Item($item[0], $donator->id, $item[1]); translog_add($donator->id, 'rp store', 'item', $item[0], $item[1]); } } mail($errorMail, 'Payment details: both check', $sql."\r\n\r\n\r\n".$listener->getTextReport()); } Send_Event(1, $donator->formattedname." [".$donator->id."] paid for ".$row['pack_name'], 'donations'); Send_Event(2, $donator->formattedname." [".$donator->id."] paid for ".$row['pack_name'], 'donations'); $selectReferral = $mtgdb->query("SELECT `referrer` FROM `referrals` WHERE `referred` = ".$donator->id); if($mtgdb->num_rows($selectReferral)) { $referrer = $mtgdb->fetch_single($selectReferral); $mtgdb->query("UPDATE `users` SET `storeCredit` = `storeCredit` + ".$mtg->formatMoney($_POST['mc_gross'] / 10, false)." WHERE `id` = ".$referrer); Send_Event($referrer, $donator->formattedname." just upgraded their account. You receive ".$mtg->formatMoney($_POST['mc_gross'] / 10)." as RP Store Credit", 'donations'); } Send_Event($donator->id, "Your ".$row['pack_name']." has been credited to you. Thank you!", 'donations'); mail($errorMail, 'Valid payment processed', $listener->getTextReport()); $selectDonCount = $mtgdb->query("SELECT `id` FROM `top_donators` WHERE `userid` = ".$donator->id); if(!$mtgdb->num_rows($selectDonCount)) $mtgdb->query("INSERT INTO `top_donators` (`userid`, `donCount`) VALUES (".$donator->id.", ".$_POST['mc_gross'].")"); else $mtgdb->query("UPDATE `top_donators` SET `donCount` = `donCount` + ".$_POST['mc_gross']." WHERE `userid` = ".$donator->id); } else { mail($errorMail, 'Invalid IPN', $listener->getTextReport()); $donator = new User($donator->id, $mtgdb); Send_Event(1, $donator->formattedname." [".$donator->id."] failed to pay for ".$row['pack_name'], 'donations'); Send_Event(2, $donator->formattedname." [".$donator->id."] failed to pay for ".$row['pack_name'], 'donations'); exit("Payment failed<br /><a href='http://convict-conflict.com'>Return to ".$mtg->gameSet('game_name')."</a>"); }

Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 18
Branch analysis from position: 18
2 jumps found. (Code = 43) Position 1 = 20, Position 2 = 721
Branch analysis from position: 20
2 jumps found. (Code = 47) Position 1 = 27, Position 2 = 31
Branch analysis from position: 27
2 jumps found. (Code = 43) Position 1 = 32, Position 2 = 40
Branch analysis from position: 32
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 40
2 jumps found. (Code = 43) Position 1 = 44, Position 2 = 52
Branch analysis from position: 44
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 52
2 jumps found. (Code = 43) Position 1 = 59, Position 2 = 67
Branch analysis from position: 59
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 67
2 jumps found. (Code = 43) Position 1 = 71, Position 2 = 79
Branch analysis from position: 71
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 79
2 jumps found. (Code = 43) Position 1 = 83, Position 2 = 91
Branch analysis from position: 83
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 91
2 jumps found. (Code = 43) Position 1 = 95, Position 2 = 103
Branch analysis from position: 95
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 103
2 jumps found. (Code = 43) Position 1 = 119, Position 2 = 127
Branch analysis from position: 119
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 127
2 jumps found. (Code = 43) Position 1 = 139, Position 2 = 147
Branch analysis from position: 139
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 147
2 jumps found. (Code = 43) Position 1 = 159, Position 2 = 164
Branch analysis from position: 159
2 jumps found. (Code = 46) Position 1 = 181, Position 2 = 184
Branch analysis from position: 181
2 jumps found. (Code = 43) Position 1 = 185, Position 2 = 216
Branch analysis from position: 185
2 jumps found. (Code = 47) Position 1 = 193, Position 2 = 198
Branch analysis from position: 193
2 jumps found. (Code = 43) Position 1 = 199, Position 2 = 207
Branch analysis from position: 199
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 207
1 jumps found. (Code = 42) Position 1 = 235
Branch analysis from position: 235
2 jumps found. (Code = 43) Position 1 = 274, Position 2 = 356
Branch analysis from position: 274
2 jumps found. (Code = 43) Position 1 = 296, Position 2 = 311
Branch analysis from position: 296
2 jumps found. (Code = 43) Position 1 = 318, Position 2 = 333
Branch analysis from position: 318
2 jumps found. (Code = 43) Position 1 = 340, Position 2 = 355
Branch analysis from position: 340
1 jumps found. (Code = 42) Position 1 = 606
Branch analysis from position: 606
2 jumps found. (Code = 43) Position 1 = 640, Position 2 = 672
Branch analysis from position: 640
2 jumps found. (Code = 43) Position 1 = 700, Position 2 = 711
Branch analysis from position: 700
1 jumps found. (Code = 42) Position 1 = 720
Branch analysis from position: 720
1 jumps found. (Code = 42) Position 1 = 765
Branch analysis from position: 765
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 711
1 jumps found. (Code = 42) Position 1 = 765
Branch analysis from position: 765
Branch analysis from position: 672
Branch analysis from position: 355
Branch analysis from position: 333
Branch analysis from position: 311
Branch analysis from position: 356
2 jumps found. (Code = 43) Position 1 = 359, Position 2 = 430
Branch analysis from position: 359
2 jumps found. (Code = 77) Position 1 = 378, Position 2 = 419
Branch analysis from position: 378
2 jumps found. (Code = 78) Position 1 = 379, Position 2 = 419
Branch analysis from position: 379
2 jumps found. (Code = 43) Position 1 = 394, Position 2 = 418
Branch analysis from position: 394
1 jumps found. (Code = 42) Position 1 = 378
Branch analysis from position: 378
Branch analysis from position: 418
Branch analysis from position: 419
1 jumps found. (Code = 42) Position 1 = 606
Branch analysis from position: 606
Branch analysis from position: 419
Branch analysis from position: 430
2 jumps found. (Code = 43) Position 1 = 474, Position 2 = 489
Branch analysis from position: 474
2 jumps found. (Code = 43) Position 1 = 501, Position 2 = 516
Branch analysis from position: 501
2 jumps found. (Code = 43) Position 1 = 528, Position 2 = 543
Branch analysis from position: 528
2 jumps found. (Code = 77) Position 1 = 555, Position 2 = 596
Branch analysis from position: 555
2 jumps found. (Code = 78) Position 1 = 556, Position 2 = 596
Branch analysis from position: 556
2 jumps found. (Code = 43) Position 1 = 571, Position 2 = 595
Branch analysis from position: 571
1 jumps found. (Code = 42) Position 1 = 555
Branch analysis from position: 555
Branch analysis from position: 595
Branch analysis from position: 596
2 jumps found. (Code = 43) Position 1 = 640, Position 2 = 672
Branch analysis from position: 640
Branch analysis from position: 672
Branch analysis from position: 596
Branch analysis from position: 543
Branch analysis from position: 516
Branch analysis from position: 489
Branch analysis from position: 198
Branch analysis from position: 216
2 jumps found. (Code = 43) Position 1 = 221, Position 2 = 235
Branch analysis from position: 221
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 235
Branch analysis from position: 184
Branch analysis from position: 164
Branch analysis from position: 31
Branch analysis from position: 721
1 jumps found. (Code = 79) Position 1 = -2
Found catch point at position: 11
Branch analysis from position: 11
2 jumps found. (Code = 107) Position 1 = 12, Position 2 = -2
Branch analysis from position: 12
1 jumps found. (Code = 79) Position 1 = -2
filename:       /in/g5S6M
function name:  (null)
number of ops:  766
compiled vars:  !0 = $listener, !1 = $verified, !2 = $e, !3 = $errorMail, !4 = $query, !5 = $mtgdb, !6 = $select, !7 = $row, !8 = $discount, !9 = $custom, !10 = $donator, !11 = $sql, !12 = $match, !13 = $items, !14 = $itemQty, !15 = $item, !16 = $selectItem, !17 = $queryItem, !18 = $selectReferral, !19 = $referrer, !20 = $mtg, !21 = $selectDonCount
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
   14     0  E >   NEW                                              $22     'IpnListener'
          1        DO_FCALL                                      0          
          2        ASSIGN                                                   !0, $22
   17     3        ASSIGN_OBJ                                               !0, 'use_sandbox'
          4        OP_DATA                                                  <true>
   21     5        INIT_METHOD_CALL                                         !0, 'requirePostMethod'
          6        DO_FCALL                                      0          
   22     7        INIT_METHOD_CALL                                         !0, 'processIpn'
          8        DO_FCALL                                      0  $27     
          9        ASSIGN                                                   !1, $27
         10      > JMP                                                      ->18
   23    11  E > > CATCH                                       last         'Exception'
   24    12    >   INIT_FCALL                                               'error_log'
         13        INIT_METHOD_CALL                                         !2, 'getMessage'
         14        DO_FCALL                                      0  $29     
         15        SEND_VAR                                                 $29
         16        DO_ICALL                                                 
   25    17      > EXIT                                                     
   27    18    >   ASSIGN                                                   !3, 'errors%40convict-conflict.com'
   29    19      > JMPZ                                                     !1, ->721
   30    20    >   INIT_FCALL                                               'ctype_digit'
         21        FETCH_R                      global              ~32     '_POST'
         22        FETCH_DIM_R                                      ~33     ~32, 'item_number'
         23        SEND_VAL                                                 ~33
         24        DO_ICALL                                         $34     
         25        BOOL_NOT                                         ~35     $34
         26      > JMPNZ_EX                                         ~35     ~35, ->31
         27    >   FETCH_R                      global              ~36     '_POST'
         28        FETCH_DIM_R                                      ~37     ~36, 'item_number'
         29        BOOL_NOT                                         ~38     ~37
         30        BOOL                                             ~35     ~38
         31    > > JMPZ                                                     ~35, ->40
   31    32    >   INIT_FCALL                                               'mail'
         33        SEND_VAR                                                 !3
         34        SEND_VAL                                                 'Payment+failed%3A+no+pack+ID'
         35        INIT_METHOD_CALL                                         !0, 'getTextReport'
         36        DO_FCALL                                      0  $39     
         37        SEND_VAR                                                 $39
         38        DO_ICALL                                                 
   32    39      > EXIT                                                     
   34    40    >   FETCH_R                      global              ~41     '_POST'
         41        FETCH_DIM_R                                      ~42     ~41, 'payment_status'
         42        IS_NOT_EQUAL                                             ~42, 'Completed'
         43      > JMPZ                                                     ~43, ->52
   35    44    >   INIT_FCALL                                               'mail'
         45        SEND_VAR                                                 !3
         46        SEND_VAL                                                 'Payment+failed%3A+invalid+status'
         47        INIT_METHOD_CALL                                         !0, 'getTextReport'
         48        DO_FCALL                                      0  $44     
         49        SEND_VAR                                                 $44
         50        DO_ICALL                                                 
   36    51      > EXIT                                                     
   39    52    >   INIT_FCALL                                               'strtolower'
         53        FETCH_R                      global              ~46     '_POST'
         54        FETCH_DIM_R                                      ~47     ~46, 'receiver_email'
         55        SEND_VAL                                                 ~47
         56        DO_ICALL                                         $48     
         57        IS_NOT_EQUAL                                             $48, 'mtg%40magictallguy.tk'
         58      > JMPZ                                                     ~49, ->67
   40    59    >   INIT_FCALL                                               'mail'
         60        SEND_VAR                                                 !3
         61        SEND_VAL                                                 'Payment+failed%3A+invalid+receiver+email'
         62        INIT_METHOD_CALL                                         !0, 'getTextReport'
         63        DO_FCALL                                      0  $50     
         64        SEND_VAR                                                 $50
         65        DO_ICALL                                                 
   41    66      > EXIT                                                     
   43    67    >   FETCH_R                      global              ~52     '_POST'
         68        FETCH_DIM_R                                      ~53     ~52, 'mc_currency'
         69        IS_NOT_EQUAL                                             ~53, 'USD'
         70      > JMPZ                                                     ~54, ->79
   44    71    >   INIT_FCALL                                               'mail'
         72        SEND_VAR                                                 !3
         73        SEND_VAL                                                 'Payment+failed%3A+invalid+currency'
         74        INIT_METHOD_CALL                                         !0, 'getTextReport'
         75        DO_FCALL                                      0  $55     
         76        SEND_VAR                                                 $55
         77        DO_ICALL                                                 
   45    78      > EXIT                                                     
   47    79    >   FETCH_R                      global              ~57     '_POST'
         80        FETCH_DIM_R                                      ~58     ~57, 'payment_type'
         81        IS_NOT_EQUAL                                             ~58, 'instant'
         82      > JMPZ                                                     ~59, ->91
   48    83    >   INIT_FCALL                                               'mail'
         84        SEND_VAR                                                 !3
         85        SEND_VAL                                                 'Payment+failed%3A+invalid+payment+type'
         86        INIT_METHOD_CALL                                         !0, 'getTextReport'
         87        DO_FCALL                                      0  $60     
         88        SEND_VAR                                                 $60
         89        DO_ICALL                                                 
   49    90      > EXIT                                                     
   51    91    >   FETCH_R                      global              ~62     '_POST'
         92        FETCH_DIM_R                                      ~63     ~62, 'txn_type'
         93        IS_NOT_EQUAL                                             ~63, 'web_accept'
         94      > JMPZ                                                     ~64, ->103
   52    95    >   INIT_FCALL                                               'mail'
         96        SEND_VAR                                                 !3
         97        SEND_VAL                                                 'Payment+failed%3A+invalid+transaction+type'
         98        INIT_METHOD_CALL                                         !0, 'getTextReport'
         99        DO_FCALL                                      0  $65     
        100        SEND_VAR                                                 $65
        101        DO_ICALL                                                 
   53   102      > EXIT                                                     
   55   103    >   INIT_METHOD_CALL                                         !5, 'query'
        104        INIT_METHOD_CALL                                         !5, 'escape'
        105        CHECK_FUNC_ARG                                           
        106        FETCH_FUNC_ARG               global              $67     '_POST'
        107        FETCH_DIM_FUNC_ARG                               $68     $67, 'txn_id'
        108        SEND_FUNC_ARG                                            $68
        109        DO_FCALL                                      0  $69     
        110        CONCAT                                           ~70     'SELECT+%60id_purchase%60+FROM+%60paypal_ipn%60+WHERE+%60ipn_data%60+%3D+%27', $69
        111        CONCAT                                           ~71     ~70, '%27'
        112        SEND_VAL_EX                                              ~71
        113        DO_FCALL                                      0  $72     
        114        ASSIGN                                                   !4, $72
   56   115        INIT_METHOD_CALL                                         !5, 'num_rows'
        116        SEND_VAR_EX                                              !4
        117        DO_FCALL                                      0  $74     
        118      > JMPZ                                                     $74, ->127
   57   119    >   INIT_FCALL                                               'mail'
        120        SEND_VAR                                                 !3
        121        SEND_VAL                                                 'Payment+failed%3A+double+submission'
        122        INIT_METHOD_CALL                                         !0, 'getTextReport'
        123        DO_FCALL                                      0  $75     
        124        SEND_VAR                                                 $75
        125        DO_ICALL                                                 
   58   126      > EXIT                                                     'You%27ve+already+submitted+this+payment'
   60   127    >   INIT_METHOD_CALL                                         !5, 'query'
        128        FETCH_R                      global              ~77     '_POST'
        129        FETCH_DIM_R                                      ~78     ~77, 'item_number'
        130        CONCAT                                           ~79     'SELECT+%2A+FROM+%60pcstore%60+WHERE+%60pack_id%60+%3D+', ~78
        131        SEND_VAL_EX                                              ~79
        132        DO_FCALL                                      0  $80     
        133        ASSIGN                                                   !6, $80
   61   134        INIT_METHOD_CALL                                         !5, 'num_rows'
        135        SEND_VAR_EX                                              !6
        136        DO_FCALL                                      0  $82     
        137        BOOL_NOT                                         ~83     $82
        138      > JMPZ                                                     ~83, ->147
   62   139    >   INIT_FCALL                                               'mail'
        140        SEND_VAR                                                 !3
        141        SEND_VAL                                                 'Payment+failed%3A+Invalid+Pack+ID'
        142        INIT_METHOD_CALL                                         !0, 'getTextReport'
        143        DO_FCALL                                      0  $84     
        144        SEND_VAR                                                 $84
        145        DO_ICALL                                                 
   63   146      > EXIT                                                     'Invalid+pack+ID'
   65   147    >   INIT_METHOD_CALL                                         !5, 'fetch_row'
        148        SEND_VAR_EX                                              !6
        149        DO_FCALL                                      0  $86     
        150        ASSIGN                                                   !7, $86
   66   151        INIT_METHOD_CALL                                         !5, 'fetch_single'
        152        INIT_METHOD_CALL                                         !5, 'query'
        153        SEND_VAL_EX                                              'SELECT+%60discount%60+FROM+%60serverconfig%60'
        154        DO_FCALL                                      0  $88     
        155        SEND_VAR_NO_REF_EX                                       $88
        156        DO_FCALL                                      0  $89     
        157        ASSIGN                                                   !8, $89
   67   158      > JMPZ                                                     !8, ->164
   68   159    >   FETCH_DIM_R                                      ~92     !7, 'pack_cost'
        160        DIV                                              ~93     ~92, 100
        161        MUL                                              ~94     !8, ~93
        162        ASSIGN_DIM_OP                -=               2          !7, 'pack_cost'
        163        OP_DATA                                                  ~94
   70   164    >   INIT_FCALL                                               'explode'
        165        SEND_VAL                                                 '%7C'
        166        FETCH_R                      global              ~95     '_POST'
        167        FETCH_DIM_R                                      ~96     ~95, 'custom'
        168        SEND_VAL                                                 ~96
        169        DO_ICALL                                         $97     
        170        ASSIGN                                                   !9, $97
   71   171        NEW                                              $99     'User'
        172        CHECK_FUNC_ARG                                           
        173        FETCH_DIM_FUNC_ARG                               $100    !9, 0
        174        SEND_FUNC_ARG                                            $100
        175        SEND_VAR_EX                                              !5
        176        DO_FCALL                                      0          
        177        ASSIGN                                                   !10, $99
   72   178        ISSET_ISEMPTY_DIM_OBJ                         1  ~103    !9, 2
        179        BOOL_NOT                                         ~104    ~103
        180      > JMPZ_EX                                          ~104    ~104, ->184
        181    >   FETCH_DIM_R                                      ~105    !9, 2
        182        IS_NOT_EQUAL                                     ~106    ~105, '0.00'
        183        BOOL                                             ~104    ~106
        184    > > JMPZ                                                     ~104, ->216
   73   185    >   FETCH_DIM_R                                      ~109    !9, 2
        186        FETCH_RW                     global              $107    '_POST'
        187        ASSIGN_DIM_OP                +=               1          $107, 'mc_gross'
        188        OP_DATA                                                  ~109
   74   189        FETCH_OBJ_R                                      ~110    !10, 'storeCredit'
        190        FETCH_DIM_R                                      ~111    !9, 2
        191        IS_SMALLER                                       ~112    ~110, ~111
        192      > JMPNZ_EX                                         ~112    ~112, ->198
        193    >   FETCH_DIM_R                                      ~113    !7, 'pack_cost'
        194        FETCH_R                      global              ~114    '_POST'
        195        FETCH_DIM_R                                      ~115    ~114, 'mc_gross'
        196        IS_NOT_EQUAL                                     ~116    ~113, ~115
        197        BOOL                                             ~112    ~116
        198    > > JMPZ                                                     ~112, ->207
   75   199    >   INIT_FCALL                                               'mail'
        200        SEND_VAR                                                 !3
        201        SEND_VAL                                                 'Payment+failed%3A+Tried+to+cheat+the+Store+Credit+System'
        202        INIT_METHOD_CALL                                         !0, 'getTextReport'
        203        DO_FCALL                                      0  $117    
        204        SEND_VAR                                                 $117
        205        DO_ICALL                                                 
   76   206      > EXIT                                                     
   78   207    >   INIT_METHOD_CALL                                         !5, 'query'
        208        FETCH_DIM_R                                      ~119    !9, 2
        209        CONCAT                                           ~120    'UPDATE+%60users%60+SET+%60storeCredit%60+%3D+%60storeCredit%60+-+', ~119
        210        CONCAT                                           ~121    ~120, '+WHERE+%60id%60+%3D+'
        211        FETCH_OBJ_R                                      ~122    !10, 'id'
        212        CONCAT                                           ~123    ~121, ~122
        213        SEND_VAL_EX                                              ~123
        214        DO_FCALL                                      0          
        215      > JMP                                                      ->235
   80   216    >   FETCH_R                      global              ~125    '_POST'
        217        FETCH_DIM_R                                      ~126    ~125, 'mc_gross'
        218        FETCH_DIM_R                                      ~127    !7, 'pack_cost'
        219        IS_NOT_EQUAL                                             ~126, ~127
        220      > JMPZ                                                     ~128, ->235
   81   221    >   INIT_FCALL                                               'mail'
        222        SEND_VAR                                                 !3
        223        FETCH_R                      global              ~129    '_POST'
        224        FETCH_DIM_R                                      ~130    ~129, 'mc_gross'
        225        CONCAT                                           ~131    'Payment+failed%3A+Amount+paid+doesn%27t+match+pack%3A+Gross%3A+', ~130
        226        CONCAT                                           ~132    ~131, '+%7C+Cost%3A+'
        227        FETCH_DIM_R                                      ~133    !7, 'pack_cost'
        228        CONCAT                                           ~134    ~132, ~133
        229        SEND_VAL                                                 ~134
        230        INIT_METHOD_CALL                                         !0, 'getTextReport'
        231        DO_FCALL                                      0  $135    
        232        SEND_VAR                                                 $135
        233        DO_ICALL                                                 
   82   234      > EXIT                                                     
   85   235    >   INIT_METHOD_CALL                                         !5, 'query'
        236        FETCH_OBJ_R                                      ~137    !10, 'id'
        237        CONCAT                                           ~138    'INSERT+INTO+%60paypal_ipn%60+VALUES+%28%27%27%2C+', ~137
        238        CONCAT                                           ~139    ~138, '%2C+'
        239        INIT_FCALL                                               'time'
        240        DO_ICALL                                         $140    
        241        CONCAT                                           ~141    ~139, $140
        242        CONCAT                                           ~142    ~141, '%2C+%27'
        243        INIT_METHOD_CALL                                         !5, 'escape'
        244        CHECK_FUNC_ARG                                           
        245        FETCH_FUNC_ARG               global              $143    '_POST'
        246        FETCH_DIM_FUNC_ARG                               $144    $143, 'txn_id'
        247        SEND_FUNC_ARG                                            $144
        248        DO_FCALL                                      0  $145    
        249        CONCAT                                           ~146    ~142, $145
        250        CONCAT                                           ~147    ~146, '%27%2C+%27'
        251        FETCH_DIM_R                                      ~148    !7, 'pack_details'
        252        CONCAT                                           ~149    ~147, ~148
        253        CONCAT                                           ~150    ~149, '%27%2C+%27'
        254        FETCH_DIM_R                                      ~151    !9, 1
        255        CONCAT                                           ~152    ~150, ~151
        256        CONCAT                                           ~153    ~152, '%27%2C+'
        257        FETCH_R                      global              ~154    '_POST'
        258        FETCH_DIM_R                                      ~155    ~154, 'mc_gross'
        259        CONCAT                                           ~156    ~153, ~155
        260        CONCAT                                           ~157    ~156, '%2C+%27'
        261        INIT_METHOD_CALL                                         !5, 'escape'
        262        CHECK_FUNC_ARG                                           
        263        FETCH_FUNC_ARG               global              $158    '_POST'
        264        FETCH_DIM_FUNC_ARG                               $159    $158, 'payer_email'
        265        SEND_FUNC_ARG                                            $159
        266        DO_FCALL                                      0  $160    
        267        CONCAT                                           ~161    ~157, $160
        268        CONCAT                                           ~162    ~161, '%27%29'
        269        SEND_VAL_EX                                              ~162
        270        DO_FCALL                                      0          
   86   271        FETCH_DIM_R                                      ~164    !7, 'pack_type'
        272        IS_EQUAL                                                 ~164, 'query'
        273      > JMPZ                                                     ~165, ->356
   87   274    >   FETCH_DIM_R                                      ~166    !7, 'pack_query'
        275        CONCAT                                           ~167    'UPDATE+%60users%60+SET+', ~166
        276        CONCAT                                           ~168    ~167, '+WHERE+%60id%60+%3D+'
        277        FETCH_OBJ_R                                      ~169    !10, 'id'
        278        CONCAT                                           ~170    ~168, ~169
        279        ASSIGN                                                   !11, ~170
   88   280        INIT_FCALL                                               'mail'
        281        SEND_VAR                                                 !3
        282        SEND_VAL                                                 'Credit+details%3A+query+check'
        283        SEND_VAR                                                 !11
        284        SEND_VAL                                                 'From%3A+support%40convict-conflict.com'
        285        DO_ICALL                                                 
   89   286        INIT_METHOD_CALL                                         !5, 'query'
        287        SEND_VAR_EX                                              !11
        288        DO_FCALL                                      0          
   90   289        INIT_FCALL                                               'preg_match'
        290        SEND_VAL                                                 '%2F%5C%60bank%5C%60+%3F%5C%2B+%3F%5B0-9%5D%2B%2F'
        291        FETCH_DIM_R                                      ~174    !7, 'pack_query'
        292        SEND_VAL                                                 ~174
        293        SEND_REF                                                 !12
        294        DO_ICALL                                         $175    
        295      > JMPZ                                                     $175, ->311
   91   296    >   INIT_FCALL_BY_NAME                                       'translog_add'
        297        CHECK_FUNC_ARG                                           
        298        FETCH_FUNC_ARG               global              $176    '_SESSION'
        299        FETCH_DIM_FUNC_ARG                               $177    $176, 'who'
        300        SEND_FUNC_ARG                                            $177
        301        SEND_VAL_EX                                              'rp+store'

Generated using Vulcan Logic Dumper, using php 8.0.0