· 7 years ago · Dec 05, 2018, 03:42 PM
1<?php
2class mssql
3{
4 public function __construct()
5 {
6 mssql_connect("USER\SQLEXPRESS", "", "") or die("Failed to connect to the database!");
7 mssql_select_db("GunzDB") or die("Failed to select the database!");
8 }
9
10 public function query($query)
11 {
12 return mssql_query($query);
13 }
14
15 public function num_rows($query)
16 {
17 return mssql_num_rows(mssql_query($query));
18 }
19
20 public function clean($value)
21 {
22 return str_replace(array("'", '"', ";", ")", "(", "=", "%27", "%22"), "", $value);
23 }
24}
25new mssql();
26
27
28class paymentwall extends mssql
29{
30 /**
31 * Your secret_key which can be found at the PaymentWall members area.
32 **/
33 private $secret_key = "secret_key_here";
34
35 public function __construct()
36 {
37 header("HTTP/1.0 200 OK");
38
39 $this->vars = $_GET;
40
41 // Only the IP's of the PaymentWall server can have access to this script.
42 if(in_array($_SERVER['REMOTE_ADDR'], array("66.220.10.2", "66.220.10.3", "174.36.92.186", "174.36.96.66", "174.36.92.187", "174.36.92.192", "174.37.14.28")))
43 {
44 if($this->vars['type'] == 0 || $this->vars['type'] == 1)
45 {
46 if($this->checkHash())
47 {
48 if($this->accountExists())
49 {
50 $this->query("INSERT INTO PaymentWall (UserID, Currency, Type, Date) VALUES ('".$this->clean($this->vars['uid'])."', '".$this->clean($this->vars['currency'])."', 'Payment', '".date("d-m-Y H:i:s")."')");
51 $this->query("UPDATE Account SET Coins = Coins + ".$this->clean($this->vars['currency'])." WHERE UserID = '".$this->clean($this->vars['uid'])."'");
52 }
53 }
54 }
55 elseif($this->vars['type'] == 2)
56 {
57 if($this->checkHash())
58 {
59 if($this->accountExists())
60 {
61 $this->query("INSERT INTO PaymentWall (UserID, Currency, Type, Date) VALUES ('".$this->clean($this->vars['uid'])."', '".$this->clean($this->vars['currency'])."', 'Chargeback', '".date("d-m-Y H:i:s")."')");
62 $this->query("UPDATE Account SET UGradeID = 253, PGradeID = 253 WHERE UserID = '".$this->clean($this->vars['uid'])."'");
63 }
64 }
65 }
66 }
67 }
68
69 private function checkHash()
70 {
71 if($this->vars['sig'] == md5("uid=".$this->vars['uid']."currency=".$this->vars['currency']."type=".$this->vars['type']."ref=".$this->vars['ref'].$this->secret_key))
72 {
73 return true;
74 }
75 }
76
77 private function accountExists()
78 {
79 if($this->num_rows("SELECT AID FROM Account WHERE UserID = '".$this->clean($this->vars['uid'])."'") == 1)
80 {
81 return true;
82 }
83 }
84}
85new paymentwall();
86?>