cherri8 Posted September 7, 2019 Share Posted September 7, 2019 hi i have a little issue. Host server doesn't want to change database when there is incoming info from postbacks. Is there a code to stop this in htaccess or something?. I had a gpt site that had no issues but i didnt create the script and the script was encrypted. Link to comment Share on other sites More sharing options...
justsomeguy Posted September 9, 2019 Share Posted September 9, 2019 What do you mean? Web servers don't "want" to do anything, they simply do what they are told to do. What specifically are you seeing? Are you sure that your issue is related to PHP? .NET is the only platform that uses the term "postback" to describe a common behavior. Link to comment Share on other sites More sharing options...
cherri8 Posted September 10, 2019 Author Share Posted September 10, 2019 hi when i get postbacks from the outside like mediumpath which is an offerwall, my database doesnt update or select member's info. i didnt use the exact postback below but it's the same idea. it's an example from that site. if(!empty($_POST)){ define('EvolutionScript', 1); define('ROOTPATH',dirname(__FILE__).'/'); define('INCLUDES',ROOTPATH.'includes/'); require(INCLUDES.'core.php'); require_once INCLUDES.'global.php'; $user_id = isset($_POST['user_id']) ? $_POST['user_id'] : null; $transId = isset($_POST['transId']) ? $_POST['transId'] : null; $reward = isset($_POST['reward']) ? $_POST['reward'] : null; $currency = isset($_POST['currency']) ? $_POST['currency'] : null; $signature = isset($_POST['signature']) ? $_POST['signature'] : null; $status = isset($_POST['status']) ? $_POST['status'] : null; $userIp = isset($_POST['userIp']) ? $_POST['userIp'] : null; $campaign_id = isset($_POST['campaign_id']) ? $_POST['campaign_id'] : null; $country = isset($_POST['country']) ? $_POST['country'] : null; $secret = "[YOUR_WEBSITE/APP_SECRET_KEY]"; // check your app info at www.mediumpath.com $user_id = isset($_POST['user_id']) ? $_POST['user_id'] : null; $transId = isset($_POST['transId']) ? $_POST['transId'] : null; $reward = isset($_POST['reward']) ? $_POST['reward'] : null; $signature = isset($_POST['signature']) ? $_POST['signature'] : null; if(md5($user_id.$transId.$reward.$secret) != $signature){ print_r($_POST); exit; }else{ $insert = array( 'user_id' => $user_id, 'transId' => $transId, 'reward' => $reward, 'currency' => $currency, 'signature' => $signature, 'status' => $status, 'userIp' => $userIp, 'campaign_id' => $campaign_id, 'country' => $country, ); $insertdb = $db->insert("mediumpathipn", $insert); $orderid = $db->lastInsertId(); $user_info = $db->fetchRow("SELECT * FROM members WHERE id={$user_id}"); if(!empty($user_info)){ $set = array( 'money' => $user_info['money']+$reward, ); $upd = $db->update("members", $set, "id = {$user_id}"); } } }else{ echo "ERROR: No key founds"; exit; } Link to comment Share on other sites More sharing options...
justsomeguy Posted September 10, 2019 Share Posted September 10, 2019 Everything inside the else block there is what you want to happen on your site, so you would change that to match whatever your site is doing. That code shows adding everything to a table called mediumpathipn, and then updating the members table. You can replace that with whatever makes sense for your site. If the user ID that they pass you doesn't match the user IDs on your site then you need to have a way to map their user ID to your users. Link to comment Share on other sites More sharing options...
cherri8 Posted September 11, 2019 Author Share Posted September 11, 2019 i dont have members for it as yet but i did postback test on those offerwall sites. i did change code to match my site. it seems that the server will only allow changes to the database if someone is present on the page and if it's my own site. Link to comment Share on other sites More sharing options...
justsomeguy Posted September 11, 2019 Share Posted September 11, 2019 I'm not sure what you're describing, but of course you can only run code on your own server. No other site is going to allow you to run arbitrary server-side code on a server or site that isn't yours. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now