1
votes

I am trying to figure out what's wrong with my pingback.php code for the Paymentwall system and I can't figure it out. I am not an expert at all in php and I am looking for help.

The error on PINGBACK Test:

Signature base string uid=1currency=1type=0ref=99917bc736b9199ed98e8548d787cd57f5c7

Signature = MD5(Signature base string) 3c97f449ef1456685f21bad0863a4196

Request

GET http://MYWANIP:80/paymentwall_process.php?uid=1&currency=1&type=0&ref=9991&is_test=1&sig=3c97f449ef1456685f21bad0863a4196 HTTP/1.1 Host: 95.143.228.254 Accept: / Proxy-Connection: Keep-Alive Connection: close Accept-encoding: gzip, deflate User-Agent: Paymentwall API

Response

HTTP/1.1 200 OK Date: Sat, 22 Dec 2018 20:48:30 GMT Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1 X-powered-by: PHP/5.3.8 Content-length: 8 Content-type: text/html X-cache-lookup: MISS from proxy6.paymentwall.com:3128 Connection: keep-alive

ERROR

My Pingback.php file

<?php
    // CONFIG
    $mssql_host = '127.0.0.1';
    $mssql_user = 'sa';
    $mssql_pw = 'MYPASS';
    $mssql_db = 'MyDB';

    $secret_key = 'MYSECRETKEY';
    $app_key = 'MYAPPKEY';


    // DO NOT EDIT BELOW THIS LINE
    $link = mssql_connect($mssql_host, $mssql_user, $mssql_pw);
    $db = mssql_select_db($mssql_db);

    if (!$link) {
        die('Something went wrong while connecting to MSSQL');
    }

    if (!$db) {
        die('Something went wrong while connecting to MSSQL');
    }

    $userId = isset($_GET['uid']) ? $_GET['uid'] : null;
    $credits = isset($_GET['currency']) ? $_GET['currency'] : null;
    $type = isset($_GET['type']) ? $_GET['type'] : null;
    $refId = isset($_GET['ref']) ? $_GET['ref'] : null;
    $signature = isset($_GET['sig']) ? $_GET['sig'] : null;
    $result = false;

    function SignatureGenerator($params, $secret) {
        $str = '';
        foreach ($params as $k=>$v) {
                $str .= "$k=$v";
        }
        $str .= $secret;
        return md5($str);
    }

    if (!empty($userId) && !empty($credits) && isset($type) && !empty($refId) && !empty($signature)) {

        $signatureParams = array('uid' => $userId, 'currency' => $credits, 'type' => $type, 'ref' => $refId);
        $signatureCalculated = SignatureGenerator($signatureParams, $secret_key);
        $query = mssql_query("SELECT memb___id FROM MEMB_CREDITS WHERE memb___id = '$userId'");
        $check  = mssql_fetch_row($query);

        // check if account is exists
        if($check[0])   
        {
            // check if IP is in whitelist and if signature matches
            if (in_array($_SERVER['REMOTE_ADDR'], array('174.36.92.186', '174.36.96.66', '174.36.92.187', '174.36.92.192', '174.37.14.28')) && ($signature == $signatureCalculated)) {
                $result = true;     
                if ($type == 2) {
                    // Deduct credits from user
                    mssql_query("INSERT INTO Donate (memb___id, currency, type, date) VALUES ('".$userId."', '".$credits."', 'Chargeback', '".date("d-m-Y H:i:s")."')");
                    mssql_query("UPDATE MEMB_CREDITS SET credits = credits - ".$credits." WHERE memb___id = '".$userId."'");                
                    echo 'OK';
                }
                elseif ($type == 0 || $type == 1) {
                    // Give credits to user
                    mssql_query("INSERT INTO Donate (memb___id, currency, type, date) VALUES ('".$userId."', '".$credits."', 'Payment', '".date("d-m-Y H:i:s")."')");
                    mssql_query("UPDATE MEMB_CREDITS SET credits = credits + ".$credits." WHERE memb___id = '".$userId."'");
                    echo 'OK';
                }
            }
        }
        else
        {
            $result = false;
            echo 'ERROR';
        }
    }

?>

Why does my paymentwall pingback not update the DB and I get an error on pingback test?

1
The code above is vulnerable to SQL injections. Since this script involves the handling of sensible data you must not to use it in a productive environment until your code guy fixes this issue.digijay

1 Answers

0
votes

Oh, i can handle some scripts like that and modify it but i can't figure out if this script looks ok or not... memb___id it's USERNAME while memb_guid it's the ACCOUNT ID(Primary number) that cannot be duplicate it's the unique thing on that DB, and as far as i understand from other researches it can be a problem because paymentwall doesn't accept letters as UID only number, it's a theory i'm not sure, and that's my problem, making the script working under memb_guid instead of memb___id. In the MEMB_CREDITS table i have only 2 columns (memb___id and credits) memb___id wich is username, and memb_guid can be found in MEMB_INFO table wich is the ID of that account. I hope u can understand what i'm trying to do here.