I am trying to figure out what's wrong with my pingback.php code for the Paymentwall system and I can't figure it out. I am not an expert at all in php and I am looking for help.
The error on PINGBACK Test:
Signature base string uid=1currency=1type=0ref=99917bc736b9199ed98e8548d787cd57f5c7
Signature = MD5(Signature base string) 3c97f449ef1456685f21bad0863a4196
Request
GET http://MYWANIP:80/paymentwall_process.php?uid=1¤cy=1&type=0&ref=9991&is_test=1&sig=3c97f449ef1456685f21bad0863a4196 HTTP/1.1 Host: 95.143.228.254 Accept: / Proxy-Connection: Keep-Alive Connection: close Accept-encoding: gzip, deflate User-Agent: Paymentwall API
Response
HTTP/1.1 200 OK Date: Sat, 22 Dec 2018 20:48:30 GMT Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1 X-powered-by: PHP/5.3.8 Content-length: 8 Content-type: text/html X-cache-lookup: MISS from proxy6.paymentwall.com:3128 Connection: keep-alive
ERROR
My Pingback.php file
<?php
// CONFIG
$mssql_host = '127.0.0.1';
$mssql_user = 'sa';
$mssql_pw = 'MYPASS';
$mssql_db = 'MyDB';
$secret_key = 'MYSECRETKEY';
$app_key = 'MYAPPKEY';
// DO NOT EDIT BELOW THIS LINE
$link = mssql_connect($mssql_host, $mssql_user, $mssql_pw);
$db = mssql_select_db($mssql_db);
if (!$link) {
die('Something went wrong while connecting to MSSQL');
}
if (!$db) {
die('Something went wrong while connecting to MSSQL');
}
$userId = isset($_GET['uid']) ? $_GET['uid'] : null;
$credits = isset($_GET['currency']) ? $_GET['currency'] : null;
$type = isset($_GET['type']) ? $_GET['type'] : null;
$refId = isset($_GET['ref']) ? $_GET['ref'] : null;
$signature = isset($_GET['sig']) ? $_GET['sig'] : null;
$result = false;
function SignatureGenerator($params, $secret) {
$str = '';
foreach ($params as $k=>$v) {
$str .= "$k=$v";
}
$str .= $secret;
return md5($str);
}
if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) {
$signatureParams = array('uid' => $userId, 'currency' => $credits, 'type' => $type, 'ref' => $refId);
$signatureCalculated = SignatureGenerator($signatureParams, $secret_key);
$query = mssql_query("SELECT memb___id FROM MEMB_CREDITS WHERE memb___id = '$userId'");
$check = mssql_fetch_row($query);
// check if account is exists
if($check[0])
{
// check if IP is in whitelist and if signature matches
if (in_array($_SERVER['REMOTE_ADDR'], array('174.36.92.186', '174.36.96.66', '174.36.92.187', '174.36.92.192', '174.37.14.28')) && ($signature == $signatureCalculated)) {
$result = true;
if ($type == 2) {
// Deduct credits from user
mssql_query("INSERT INTO Donate (memb___id, currency, type, date) VALUES ('".$userId."', '".$credits."', 'Chargeback', '".date("d-m-Y H:i:s")."')");
mssql_query("UPDATE MEMB_CREDITS SET credits = credits - ".$credits." WHERE memb___id = '".$userId."'");
echo 'OK';
}
elseif ($type == 0 || $type == 1) {
// Give credits to user
mssql_query("INSERT INTO Donate (memb___id, currency, type, date) VALUES ('".$userId."', '".$credits."', 'Payment', '".date("d-m-Y H:i:s")."')");
mssql_query("UPDATE MEMB_CREDITS SET credits = credits + ".$credits." WHERE memb___id = '".$userId."'");
echo 'OK';
}
}
}
else
{
$result = false;
echo 'ERROR';
}
}
?>
Why does my paymentwall pingback not update the DB and I get an error on pingback test?
