Browse Source

Add in-app purchases

master
Skylar Ittner 5 years ago
parent
commit
2da7ba44af
  1. 27
      buyitem.php
  2. BIN
      database.mwb
  3. BIN
      database.mwb.bak
  4. 88
      processiap.php
  5. 3
      settings.template.php
  6. 21
      shopitems.php

27
buyitem.php

@ -0,0 +1,27 @@
<?php
require 'required.php';
require 'onlyloggedin.php';
if (!$database->has('shopitems', ['merchid' => $VARS['merchid']])) {
sendError("That item is not available at this time.", true);
}
$shopitem = $database->select('shopitems', ['merchid', 'itemid', 'quantity', 'cost'], ['merchid' => $VARS['merchid']])[0];
if (!is_empty($VARS['cost']) && !($shopitem['cost'] == $VARS['cost'])) {
sendError("That item is no longer available at that price.", true);
}
$credits = $database->select('players', ['credits'], ['uuid' => $_SESSION['uuid']])[0]['credits'];
if ($credits < $shopitem['cost']) {
sendError("You don't have enough money!", true);
}
for ($i = 0; $i < $shopitem['quantity']; $i++) {
$database->insert('inventory', ['playeruuid' => $_SESSION['uuid'], 'itemid' => $shopitem['itemid']]);
}
$database->update('players', ['credits' => ($credits - $shopitem['cost'])], ['uuid' => $_SESSION['uuid']]);
sendOK("Thanks for your purchase!");

BIN
database.mwb

BIN
database.mwb.bak

88
processiap.php

@ -0,0 +1,88 @@
<?php
require 'required.php';
require 'onlyloggedin.php';
function verify_market_in_app($signed_data, $signature, $public_key_base64) {
$key = "-----BEGIN PUBLIC KEY-----\n" .
chunk_split($public_key_base64, 64, "\n") .
'-----END PUBLIC KEY-----';
//using PHP to create an RSA key
$key = openssl_get_publickey($key);
//$signature should be in binary format, but it comes as BASE64.
//So, I'll convert it.
$signature = base64_decode($signature);
//using PHP's native support to verify the signature
$result = openssl_verify(
$signed_data, $signature, $key, OPENSSL_ALGO_SHA1);
if (0 === $result) {
return false;
} else if (1 !== $result) {
return false;
} else {
return true;
}
}
function verify_app_store_in_app($receipt, $is_sandbox) {
//$sandbox should be TRUE if you want to test against itunes sandbox servers
if ($is_sandbox) {
$verify_host = "ssl://sandbox.itunes.apple.com";
} else {
$verify_host = "ssl://buy.itunes.apple.com";
}
$json = '{"receipt-data" : "' . $receipt . '" }';
//opening socket to itunes
$fp = fsockopen($verify_host, 443, $errno, $errstr, 30);
if (!$fp) {
// HTTP ERROR
return false;
} else {
//iTune's request url is /verifyReceipt
$header = "POST /verifyReceipt HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($json) . "\r\n\r\n";
fputs($fp, $header . $json);
$res = '';
while (!feof($fp)) {
$step_res = fgets($fp, 1024);
$res = $res . $step_res;
}
fclose($fp);
//taking the JSON response
$json_source = substr($res, stripos($res, "\r\n\r\n{") + 4);
//decoding
$app_store_response_map = json_decode($json_source);
$app_store_response_status = $app_store_response_map->{'status'};
if ($app_store_response_status == 0) {//eithr OK or expired and needs to synch
//here are some fields from the json, btw.
$json_receipt = $app_store_response_map->{'receipt'};
$transaction_id = $json_receipt->{'transaction_id'};
$original_transaction_id = $json_receipt->{'original_transaction_id'};
$json_latest_receipt = $app_store_response_map->{'latest_receipt_info'};
return true;
} else {
return false;
}
}
}
$purchase_valid = false;
switch ($VARS['os']) {
case 'android':
$purchase_valid = verify_market_in_app($VARS['data'], $VARS['sig'], GOOGLEPLAY_PUBLICKEY);
break;
case 'ios':
$purchase_valid = verify_app_store_in_app($VARS['data'], APP_STORE_SANDBOX);
break;
}
if ($purchase_valid) {
$creditstoadd = $database->select('shopcoins', ['coins'], ['merchid' => $VARS['id']])[0]['coins'];
$database->update('players', ['credits[+]' => $creditstoadd], ['uuid' => $_SESSION['uuid']]);
sendOK();
} else {
sendError("Purchase not valid!", true);
}

3
settings.template.php

@ -18,3 +18,6 @@ define("PDB_CHARSET", "latin1");
define("GEOCACHE_KEY", "");
define("MUNZEE_KEY", "");
define("MUNZEE_SECRET", "");
define("GOOGLEPLAY_PUBLICKEY", "");
define("APP_STORE_SANDBOX", true);

21
shopitems.php

@ -0,0 +1,21 @@
<?php
require 'required.php';
$shop = $database->select('shopitems', '*');
$coins = $database->select('shopcoins', '*');
if ($_SESSION['loggedin']) {
$balance = $database->select('players', ['credits'], ['uuid' => $_SESSION['uuid']])[0]['credits'];
} else {
$balance = null;
}
$out = [
"status" => "OK",
"items" => $shop,
"coins" => $coins,
"balance" => $balance
];
echo json_encode($out);