WEq4MD5v

1<?php
2class mssql
3{
4    public function __construct(){
5        // MSSQL Verbindungs daten
6        mssql_connect("XXXXX\SQLEXPRESS", "", "") or die("Failed to connect to the database!");
7        mssql_select_db("ACCOUNT_DBF") or die("Failed to select the database!");
8    }
9    public function query($query){
10        return mssql_query($query);
11    }
12    public function num_rows($query){
13        return mssql_num_rows(mssql_query($query));
14    }
15    public function clean($value){
16        return str_replace(array("'", '"', ";", ")", "(", "=", "%27", "%22"), "", $value);
17    }
18}
19new mssql();
20
21
22class paymentwall extends mssql
23{
24    // Euer Security Key
25    private $SecretKey = "";
26
27    public function __construct(){
28        $this->vars = $_GET;
29        // IP Adressen von Paymentwall, diese nicht verändern!
30        if(in_array($_SERVER['REMOTE_ADDR'], array("66.220.10.2", "66.220.10.3", "174.36.92.186", "174.36.96.66", "174.36.92.187", "174.36.92.192", "174.37.14.28"))){
31            if($this->vars['type'] == 0 || $this->vars['type'] == 1){
32                if($this->HashCheck()){
33                    if($this->DoesAccountExist()){
34                        // Hier bekommt der User seine Punkte.
35                        $this->query("INSERT INTO [PaymentWall] ([UserID], [Currency], [Type], [Date]) VALUES ('".$this->clean($this->vars['uid'])."', '".$this->clean($this->vars['currency'])."', 'Payment', '".date("d-m-Y H:i:s")."')");
36                        $this->query("UPDATE [ACCOUNT_TBL] SET [cash] = ([cash] + ".$this->clean($this->vars['currency']).") WHERE [account] = '".$this->clean($this->vars['uid'])."'");
37                    }
38                }
39            }elseif($this->vars['type'] == 2){
40                if($this->HashCheck()){
41                    if($this->DoesAccountExist()){
42                        // Hier wird der User z.B. bei "CC Fraud" gebannt.
43                        $this->query("INSERT INTO [PaymentWall] ([UserID], [Currency], [Type], [Date]) VALUES ('".$this->clean($this->vars['uid'])."', '".$this->clean($this->vars['currency'])."', 'Chargeback', '".date("d-m-Y H:i:s")."')");
44                        $this->query("UPDATE [ACCOUNT_TBL_DETAIL] SET [BlockTime] = '".AddDate()."', [EndTime] = '".AddDate(365)."' WHERE [account] = '".$this->clean($this->vars['uid'])."'");
45                    }
46                }
47            }
48        }
49    }
50    
51    private function AddDate($day = 0){
52        $todayDate = date("Ymd");
53        $date = strtotime(date("Ymd", strtotime($todayDate)) . " +".$day." day");
54        return date('Ymd', $date);
55    }
56
57    private function HashCheck(){
58        if($this->vars['sig'] == md5("uid=".$this->vars['uid']."currency=".$this->vars['currency']."type=".$this->vars['type']."ref=".$this->vars['ref'].$this->SecretKey)){
59            return true;
60        }
61    }
62
63    private function DoesAccountExist(){
64        if($this->num_rows("SELECT [account] FROM [ACCOUNT_TBL] WHERE [account] = '".$this->clean($this->vars['uid'])."'") == 1){
65            return true;
66        }
67    }
68}
69new paymentwall();
70?>