danwin1210/hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
6c20f5fb3a56a5688d54bfe6ef42ba9fb6be7746
hosting/var/www/html/coinpayments_ipn.php

46 lines
1.2 KiB
PHP
Raw Blame History

<?php
require('../common.php');
if(!ENABLE_UPGRADES){
die(_('Upgrades disabled'));
}
if(!COINPAYMENTS_ENABLED){
die(_('CoinPayments disabled'));
}
if(empty($_SERVER['HTTP_HMAC'])){
die(_('No HMAC signature sent'));
}
$merchant = $_POST['merchant'] ?? '';
if(empty($merchant)){
die(_('No Merchant ID passed'));
}
if($merchant !== COINPAYMENTS_MERCHANT_ID){
die(_('Invalid Merchant ID'));
}
$request = file_get_contents('php://input');
if(empty($request)){
die(_('Error reading POST data'));
}
$hmac = hash_hmac("sha512", $request, COINPAYMENTS_IPN_SECRET);
if($hmac !== $_SERVER['HTTP_HMAC']){
die(_('HMAC signature does not match'));
}
$db = get_db_instance();
$status = 0;
if($_POST['status'] < 0){
$status = -1;
}elseif($_POST['status'] > 0 && $_POST['status'] < 100){
$status = 1;
}elseif($_POST['status'] >= 100){
$status = 2;
}
$stmt = $db->prepare('SELECT status FROM payments WHERE txn_id = ?;');
$stmt->execute([$_POST['txn_id']]);
if($tmp = $stmt->fetch(PDO::FETCH_ASSOC)){
if($status != $tmp['status']){
$stmt = $db->prepare('UPDATE payments SET status = ? WHERE txn_id = ?;');
$stmt->execute([$status, $_POST['txn_id']]);
payment_status_update($_POST['txn_id']);
}
}
Reference in New Issue View Git Blame Copy Permalink