AKING THE BUTTON!
Firstly we have to make the paypal button.
With this you have made a Paypal Button including most of the imformations.
Here is some explaination of all the codes here:
1.-
This is the location which the button goes to. It is set to
paypal's payment page. This page will take all the informations below to
make your payment. If you want to test the payment without paying
anything, change this to the following:
And then go read the "Testing Gateway".
2.-
This is where Paypal reads your Paypal mail. You have to replace "YOUR-PAYPAL" with your Paypal Email.
3.-
This is where Paypal read you name for the payment. For this you
can use your own name or website name. Also you could use this for
telling what product the user is paying for. Replace the "SITE-NAME"
with your site name, you name or the product name.
4.-
This is the price to donate. You have to replace the "DONATE-PRICE" with the price you want the users to donate.
5.-
If you want to include shipping payment for your products, you can change value="1" to value="0".
6.-
This code tells Paypal where to send the user to after the
payment. This is often used for a "Thank you"-page. Simply change
"YOURSITE.com" to your website. And make a page called donate_done.php
and place it at your domain root. There you can simply say thank you.
7.-
This is the code which tells Paypal where you want them to send
your users to if they cancel the payment for any reason. Simply change
"YOURSITE.com" to you domain. And then make a page called
donate_cancel.php and place it at your domain root. There you can simply
tell the users that you are sorry that they canceled it. You can also
give the users a special offer to make them donate anyways. Like 20%
OFF! or something.
8.-
This is the place where you have to place your commands. Like if
you want to give your users a special reward or a amount of gold or
something. Then place the query here. We will learn to make this secure
later as it is very important that this is secure cause else it would be
easy to hack it to get it for free! You can also read the "Usecure
Form" to see how unsecure it is. But right now simply change
"YOURSITE.com" to your domain name. Later we will make the
donate_paypal.php so don't think about this right now.
9.-
This is used for the currency. Replace the "CURRENCY" with the
currency you want the donation to be done in. To use USD simply change
"CURRENCY" with "USD".
10.-
This is used to check which user is donating. Here you have to
replace "USER-ID" with a code which find the user-id. Example in MyBB
this code would look like this: "<?php echo $mybb->user['uid'];
?>", this code simply goes to the database and find the UID of the
user which currently see the page. You could also replace this with a
shown input field, which users can write their own ID or a friends ID if
their want to give them the reward for the donation instead.
11.-
This tells paypal if the user have to pay a tax. If you want to
put a tax on the users payment then simply replace the value="0" with
the amount of tax you want users to pay.
12.-
This is simply the paypal-button image. Simply change
"YOURSITE.com" with you domain name. And then place a image called
paypal.gif inside the "images"-folder.
Now you have made you own paypal button with your value.
MAKING THE SECURE FORM!
Now we are starting to making the donate_payment.php page. This is the page which will give your users the reward for the donation.
1.-
First we have to include the database page which include the database informations, do that by starting with the following:
OBS: For sites like MyBB you have to make the start be the following:
2.-
Here we have to place a code by Paypal which will read if the payment is validate, canceled, successfull, and all the other validate status the payment can have.
3.-
Here we have to set the variables from Paypal to your site.
4.-
Now we have to check if the payment was successfull.
5.-
Now for the sucurity we have to check if the donation was sent to your paypal mail and not to another paypal mail.
Simply replace "YOUR-PAYPAL" with your paypal mail.
6.-
Now for a more secure form, we have to check the amount of money which was sent to you.
Change "PRICE" with the price the user should donate.
If you add more amounts of donation options you have to make multible of this form.
7.-
Even more secure is needed. Now we have to check if the currency is right.
Change "CURRENCY" with the currency. Such as "USD".
8.-
Now we have to run the query. (The command you want to run when payment is done.)
There you can run a query to give your user the reward. Like a
query which change the users group to VIP. Or a query which gives the
users amount of gold, points or anything else.
9.-
Now we have to put in this last things. Like ending all the "if" commands.
10.-
Command if payment didn't success.
You can put anything inside here, like a query which add the
payment to the logs, this will put in all the un-successfull payments.
You can use the following commands to include the payment informations.
This can be usefull for checking if the user tried to hack the system.
11.- End the last "if" commands.
Now we made the secure form.
UN-SECURE FORM!
Now I will explain how important it is to have the form secure. As it is so god damn easy to change the values for the Paypal Button.
If you are using Firefox you can use Firebug to do this.
If you use Google Chrome it is allready included.
Simply go to the page which includes your Paypal Button. Then right click on the Paypal Button and choose "Show Details about Element", or something like that.
The the source of the Paypal Button will be shown. That is the code from the first step of this tutorial.
Then the user will be able to change things as price, paypal to pay to, notify url and such things.
They would be able to change the price to something low, there for we have the form to check for the price.
Also they can change the currency to something which the price is not that much, there for we have the form to check the currency.
They are also able to change the paypal which get the money, there for we check for the paypal.
They can also change the tax and shipping, but that would be a stupid idea.
They can also change the form to be using the Paypal Sandbox, which means that their do not really pay, but this can not be used. As they will not be able to make a paypal mail like your in the paypal sandbox.
That was a fast explain why we need the secure form.
TESTING THE GATEWAY!
Now we need to test the Paypal Gateway. This can be done without making any purcases and such.
First you will need to signup for Paypal Developer.
1.- Go to developer.paypal.com and signup. Do not use your paypal email. It is not recommended.
2.- Then go check you mail to activate your Developer account.
3.- Then go make 2 paypal account from the developer tools.
3.1.- Make a Seller account.
3.2.- And make a Buyer account with some money on it.
4.- Now go change the Paypal Button from the first step.
4.1.- Change the form to stat with this:
Instead of this:
4.2.- Now change your paypal email to the Seller email you got
after making the Seller account. (NOTE: The mail is not the one you
choosen, it will be shown after making the account.)
4.3.- You will also need to make those changes in the secure form.
5.- Now you are ready to test it. Save the page and go to the page.
6.- Click the Paypal Button, and login with the Buyer paypal account you made before. (NOTE: The mail is not the one you choosen, it will be shown after making the account.)
7.- When the payment is done, login to developer.paypal.com and then check if the Seller account got the money.
8.- Then check if the user from your site got the right reward. If not, you made something wrong in the query. Or you made something wrong somewhere else.
Firstly we have to make the paypal button.
PHP Code:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type=hidden name=cmd value=_xclick>
<input type="hidden" name="business" value="YOUR-PAYPAL">
<input type="hidden" name="item_name" value="SITE-NAME">
<input type="hidden" name="amount" value="DONATE-PRICE">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://www.YOURSITE.com/donate_done.php">
<input type="hidden" name="cancel_return" value="http://www.YOURSITE.com/donate_cancel.php">
<input type="hidden" name="notify_url" value="http://www.YOURSITE.com/donate_paypal.php">
<input type="hidden" name="currency_code" value="CURRENCY">
<input type="hidden" name="item_number" value="USER-ID">
<input type="hidden" name="tax" value="0">
<input type="image" src="http://www.YOURSITE.com/images/paypal.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
Here is some explaination of all the codes here:
1.-
PHP Code:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
PHP Code:
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
2.-
PHP Code:
<input type="hidden" name="business" value="YOUR-PAYPAL">
3.-
PHP Code:
<input type="hidden" name="item_name" value="SITE-NAME">
4.-
PHP Code:
<input type="hidden" name="amount" value="DONATE-PRICE">
5.-
PHP Code:
<input type="hidden" name="no_shipping" value="1">
6.-
PHP Code:
<input type="hidden" name="return" value="http://www.YOURSITE.com/donate_done.php">
7.-
PHP Code:
<input type="hidden" name="cancel_return" value="http://www.YOURSITE.com/donate_cancel.php">
8.-
PHP Code:
<input type="hidden" name="notify_url" value="http://www.YOURSITE.com/donate_paypal.php">
9.-
PHP Code:
<input type="hidden" name="currency_code" value="CURRENCY">
10.-
PHP Code:
<input type="hidden" name="item_number" value="USER-ID">
11.-
PHP Code:
<input type="hidden" name="tax" value="0">
12.-
PHP Code:
<input type="image" src="http://www.YOURSITE.com/images/paypal.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
Now you have made you own paypal button with your value.
MAKING THE SECURE FORM!
Now we are starting to making the donate_payment.php page. This is the page which will give your users the reward for the donation.
1.-
First we have to include the database page which include the database informations, do that by starting with the following:
PHP Code:
<?php
require("database.php");
PHP Code:
<?php
define("IN_MYBB", 1);
require("global.php");
Here we have to place a code by Paypal which will read if the payment is validate, canceled, successfull, and all the other validate status the payment can have.
PHP Code:
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen('paypal.com', 443, $errno, $errstr, 30);
Here we have to set the variables from Paypal to your site.
PHP Code:
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
Now we have to check if the payment was successfull.
PHP Code:
if (!$fp) {
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
//check if payment is completed
if($payment_status == "Completed"){
Now for the sucurity we have to check if the donation was sent to your paypal mail and not to another paypal mail.
PHP Code:
//check if receiver email is correct
if(strtolower($receiver_email) == strtolower(YOUR-PAYPAL)){
6.-
Now for a more secure form, we have to check the amount of money which was sent to you.
PHP Code:
//check payment amount
if($payment_amount == PRICE){
If you add more amounts of donation options you have to make multible of this form.
7.-
Even more secure is needed. Now we have to check if the currency is right.
PHP Code:
//check payment currency
if(strtolower($payment_currency) == strtolower(CURRENCY)){
8.-
Now we have to run the query. (The command you want to run when payment is done.)
PHP Code:
//Run query..
//HERE YOU HAVE TO PLACE THE QUERY YOU WANT TO RUN
9.-
Now we have to put in this last things. Like ending all the "if" commands.
PHP Code:
}
}
}
}
Command if payment didn't success.
PHP Code:
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
Quote:
| $item_name = This will show the SITE-NAME. $item_number = This will show the user ID. $payment_status = This will show the payment status. $payment_amount = This will show the amount donated. $payment_currency = This will show the currency $receiver_email = This will show which paypal mail received the money. $payer_email = This will show which paypal mail was paying. |
PHP Code:
}
fclose ($fp);
}
?>
UN-SECURE FORM!
Now I will explain how important it is to have the form secure. As it is so god damn easy to change the values for the Paypal Button.
If you are using Firefox you can use Firebug to do this.
If you use Google Chrome it is allready included.
Simply go to the page which includes your Paypal Button. Then right click on the Paypal Button and choose "Show Details about Element", or something like that.
The the source of the Paypal Button will be shown. That is the code from the first step of this tutorial.
Then the user will be able to change things as price, paypal to pay to, notify url and such things.
They would be able to change the price to something low, there for we have the form to check for the price.
Also they can change the currency to something which the price is not that much, there for we have the form to check the currency.
They are also able to change the paypal which get the money, there for we check for the paypal.
They can also change the tax and shipping, but that would be a stupid idea.
They can also change the form to be using the Paypal Sandbox, which means that their do not really pay, but this can not be used. As they will not be able to make a paypal mail like your in the paypal sandbox.
That was a fast explain why we need the secure form.
TESTING THE GATEWAY!
Now we need to test the Paypal Gateway. This can be done without making any purcases and such.
First you will need to signup for Paypal Developer.
1.- Go to developer.paypal.com and signup. Do not use your paypal email. It is not recommended.
2.- Then go check you mail to activate your Developer account.
3.- Then go make 2 paypal account from the developer tools.
3.1.- Make a Seller account.
3.2.- And make a Buyer account with some money on it.
4.- Now go change the Paypal Button from the first step.
4.1.- Change the form to stat with this:
PHP Code:
<form action="https://www.developer.paypal.com/cgi-bin/webscr" method="post">
PHP Code:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
4.3.- You will also need to make those changes in the secure form.
5.- Now you are ready to test it. Save the page and go to the page.
6.- Click the Paypal Button, and login with the Buyer paypal account you made before. (NOTE: The mail is not the one you choosen, it will be shown after making the account.)
7.- When the payment is done, login to developer.paypal.com and then check if the Seller account got the money.
8.- Then check if the user from your site got the right reward. If not, you made something wrong in the query. Or you made something wrong somewhere else.
ReplyDeleteThis professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:
-Phone hacks (remotely)
-Credit repair
-Bitcoin recovery (any cryptocurrency)
-Make money from home (USA only)
-Social media hacks
-Website hacks
-Erase criminal records (USA & Canada only)
-Grade change
Email: cybergoldenhacker at gmail dot com