...

View Full Version : Postback script GPT



markman641
08-24-2011, 04:00 AM
Hello, I have the following code:


<?
include ("config.php");

//here we will use get variables.
$snuid = $_GET['yti'];
$campid = $_GET['campaignid'];
$points = $_GET['rate'];
$ip = $_SERVER['REMOTE_ADDR'];
$sts = $_GET['credit'];


if ($ip == "174.120.27.187" || "174.120.146.43" && $sts="1")
{
//INSERT LOGIC TO CREDIT POINTS TO USERS
mysql_query("UPDATE members SET pokerpoints=pokerpoints+".$points." WHERE username='".$snuid."'");
mysql_query("UPDATE members SET totalpointsearned=totalpointsearned+".$points." WHERE username='".$snuid."'");
mysql_query("INSERT into recentpoints (message) VALUES ('$snuid has just cashed out for $rate Bankroll Bucks')");
mysql_close();
}
else
{
die ("query failed");
}
?>

And most of it seems to be working, except the $points. What is happening is the $point value in recentredemptions is blank, so it says
AnimalRoam has just cashed out for Bankroll Bucks and it is not awarding any points. What i tried to do before was use PHP multiply functions to multiple the CENTS into points, then using what it outputs and multiplying that by .7 (to get 70 percent) then flooring it so if it outputs a decimal it rounds down. But after I did that it did not input anything into the recent redemptions or points.

ALSO, how would i make it so when it goes in to look for the username in members, how woulc I make it so its not case sensitive?

THANKS FOR EVERYONES HELP!

markman641
08-24-2011, 10:10 PM
anyone?

Fou-Lu
08-24-2011, 10:19 PM
Sorry, at which point is $points empty? From the GET or within the database?
Also, this is completely wrong:


if ($ip == "174.120.27.187" || "174.120.146.43" && $sts="1")

This block will always evaluate; no exceptions. This is because it will check if $ip is as compared OR that the string is valid AND the setting of $sts to 1 is true (which in these two situations is always true).

Your actual message there is correct though. You haven't defined $rate anywhere.

Be sure to google for 'PHP SQL injection prevention' to make sure you don't leave this open (which it currently is).


Forgot to put an if branch correction :/
Convert the comparison to an array:


$aValidIPs = array('174.120.27.187', '174.120.146.43'); // You could actually subnet check these, but we won't be doing that here.
if (in_array($ip, $aValidIPs) && $sts == 1) // This is probably what you want.
// Alternatively:
if ($sts == 1 && ($ip == '174.120.146.43' || $ip == '174.120.146.43'))

markman641
08-24-2011, 10:33 PM
Sorry, at which point is $points empty? From the GET or within the database?


When im looking at my recent points table in phpmyadmin, is says
(username) has just cashed out for Bankroll Bucks which leaves me wondering why its blank. Also, I didn't quite understand what you meant with the IP stuff, do i replace

if ($ip == "174.120.27.187" || "174.120.146.43" && $sts="1")

with


if ($sts == 1 && ($ip == '174.120.146.43' || $ip == '174.120.146.43'))

??

Fou-Lu
08-24-2011, 10:35 PM
It would be replaced.

I've also explained why that text is empty:


Your actual message there is correct though. You haven't defined $rate anywhere.


Also, those two update queries can be combined into one update query since the where condition doesn't change.

markman641
08-24-2011, 10:38 PM
OH i just noticed it said $rate instead of points, but my users are still not getting credited for the points BECAUSE:

1. I need to take the $points, multiply that buy 100 (because the affilate tries to award it in a decimal like cash) so that its not a decimal

2. Multiply what number 1 outputs by .7 (to get 70 percent)

3. floor(round down) that number in case it is a decimal, then put that into the script.

I tried to do all that above, after i did that i broke the script so i deleted it

Fou-Lu
08-24-2011, 10:42 PM
Then points would become:


$points = floor(((float)$_GET['rate'] * 100) * 0.7);

Or cast to an int instead of floor (either will work).

markman641
08-24-2011, 10:44 PM
Then points would become:


$points = floor(((float)$_GET['rate'] * 100) * 0.7);



Will that do it in the order i want? floor LAST? THANKS by the way!! :)

Fou-Lu
08-24-2011, 10:48 PM
Will that do it in the order i want? floor LAST? THANKS by the way!! :)

Yes. Expressions will work from the inside out.

markman641
08-24-2011, 10:48 PM
As long as im here, may I speak to you on AIM or skype or something about another subject?

Fou-Lu
08-24-2011, 10:55 PM
As long as im here, may I speak to you on AIM or skype or something about another subject?

I don't do any internet phoning.
You may post any other questions in the forums.

markman641
08-24-2011, 11:13 PM
Ok it seems like the script isnt working completely yet. It says
Admin has just cashed out for 0 Bankroll Bucks

So i don't know why its 0

Fou-Lu
08-24-2011, 11:38 PM
Ok it seems like the script isnt working completely yet. It says

So i don't know why its 0



printf('GET rate: %s, points: %d', $_GET['rate'], $points);

Anytime after the creation of $points. If both show 0's, then the URL you have specified does not include a 'rate' in its querystring.

markman641
08-24-2011, 11:48 PM
Could it be that it needs to be
$_GET['%rate%']?

Look at this screenshot of all the variables:

http://snpr.cm/o1T5om.png

markman641
08-24-2011, 11:50 PM
OHHHHHHHHHHHHHHHHHH WAIT I THINK I FIGURED IT OUT!! I have my link set as

http://www.money4every1.net/proleadspostback.php?campaignid=%campaignid%&yti=%yti%&credit=%credit%

when it should be

http://www.money4every1.net/proleadspostback.php?campaignid=%campaignid%&yti=%yti%&credit=%credit%&rate=%rate%

It worked!! cool! thank you!!

markman641
08-25-2011, 12:21 AM
Ok, one step at a time. Now, we are at the next step. Reversals.


if ($sts == -1 && ($ip == '174.120.146.43' || $ip == '174.120.146.43'))
{
//INSERT LOGIC TO REVOKE POINTS FROM USERS
mysql_query("UPDATE members SET pokerpoints=pokerpoints-".$points." WHERE username='".$snuid."'");
mysql_query("UPDATE members SET totalpointsearned=totalpointsearned-".$points." WHERE username='".$snuid."'");
mysql_query("INSERT into recentpoints (message) VALUES ('$snuid has just got a REVERSAL for $points Points')");
mysql_close();
}

is that correct? also im trying to figure out how to make a COMPLETED folder option.. insert into members column completed get campid and add it to the end? If i did that, how would i get it so it doesnt overwrite anything and instead adds it to the end of the list



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum