Browse Source

Add in-app purchases

Skylar Ittner 2 years ago
parent
commit
2da7ba44af
6 changed files with 139 additions and 0 deletions
  1. 27
    0
      buyitem.php
  2. BIN
      database.mwb
  3. BIN
      database.mwb.bak
  4. 88
    0
      processiap.php
  5. 3
    0
      settings.template.php
  6. 21
    0
      shopitems.php

+ 27
- 0
buyitem.php View File

@@ -0,0 +1,27 @@
1
+<?php
2
+
3
+require 'required.php';
4
+require 'onlyloggedin.php';
5
+
6
+if (!$database->has('shopitems', ['merchid' => $VARS['merchid']])) {
7
+    sendError("That item is not available at this time.", true);
8
+}
9
+
10
+$shopitem = $database->select('shopitems', ['merchid', 'itemid', 'quantity', 'cost'], ['merchid' => $VARS['merchid']])[0];
11
+
12
+if (!is_empty($VARS['cost']) && !($shopitem['cost'] == $VARS['cost'])) {
13
+    sendError("That item is no longer available at that price.", true);
14
+}
15
+
16
+$credits = $database->select('players', ['credits'], ['uuid' => $_SESSION['uuid']])[0]['credits'];
17
+if ($credits < $shopitem['cost']) {
18
+    sendError("You don't have enough money!", true);
19
+}
20
+
21
+for ($i = 0; $i < $shopitem['quantity']; $i++) {
22
+    $database->insert('inventory', ['playeruuid' => $_SESSION['uuid'], 'itemid' => $shopitem['itemid']]);
23
+}
24
+
25
+$database->update('players', ['credits' => ($credits - $shopitem['cost'])], ['uuid' => $_SESSION['uuid']]);
26
+
27
+sendOK("Thanks for your purchase!");

BIN
database.mwb View File


BIN
database.mwb.bak View File


+ 88
- 0
processiap.php View File

@@ -0,0 +1,88 @@
1
+<?php
2
+
3
+require 'required.php';
4
+require 'onlyloggedin.php';
5
+
6
+function verify_market_in_app($signed_data, $signature, $public_key_base64) {
7
+    $key = "-----BEGIN PUBLIC KEY-----\n" .
8
+            chunk_split($public_key_base64, 64, "\n") .
9
+            '-----END PUBLIC KEY-----';
10
+    //using PHP to create an RSA key
11
+    $key = openssl_get_publickey($key);
12
+    //$signature should be in binary format, but it comes as BASE64. 
13
+    //So, I'll convert it.
14
+    $signature = base64_decode($signature);
15
+    //using PHP's native support to verify the signature
16
+    $result = openssl_verify(
17
+            $signed_data, $signature, $key, OPENSSL_ALGO_SHA1);
18
+    if (0 === $result) {
19
+        return false;
20
+    } else if (1 !== $result) {
21
+        return false;
22
+    } else {
23
+        return true;
24
+    }
25
+}
26
+
27
+function verify_app_store_in_app($receipt, $is_sandbox) {
28
+    //$sandbox should be TRUE if you want to test against itunes sandbox servers
29
+    if ($is_sandbox) {
30
+        $verify_host = "ssl://sandbox.itunes.apple.com";
31
+    } else {
32
+        $verify_host = "ssl://buy.itunes.apple.com";
33
+    }
34
+
35
+    $json = '{"receipt-data" : "' . $receipt . '" }';
36
+    //opening socket to itunes
37
+    $fp = fsockopen($verify_host, 443, $errno, $errstr, 30);
38
+    if (!$fp) {
39
+        // HTTP ERROR
40
+        return false;
41
+    } else {
42
+        //iTune's request url is /verifyReceipt     
43
+        $header = "POST /verifyReceipt HTTP/1.0\r\n";
44
+        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
45
+        $header .= "Content-Length: " . strlen($json) . "\r\n\r\n";
46
+        fputs($fp, $header . $json);
47
+        $res = '';
48
+        while (!feof($fp)) {
49
+            $step_res = fgets($fp, 1024);
50
+            $res = $res . $step_res;
51
+        }
52
+        fclose($fp);
53
+        //taking the JSON response
54
+        $json_source = substr($res, stripos($res, "\r\n\r\n{") + 4);
55
+        //decoding
56
+        $app_store_response_map = json_decode($json_source);
57
+        $app_store_response_status = $app_store_response_map->{'status'};
58
+        if ($app_store_response_status == 0) {//eithr OK or expired and needs to synch
59
+            //here are some fields from the json, btw.
60
+            $json_receipt = $app_store_response_map->{'receipt'};
61
+            $transaction_id = $json_receipt->{'transaction_id'};
62
+            $original_transaction_id = $json_receipt->{'original_transaction_id'};
63
+            $json_latest_receipt = $app_store_response_map->{'latest_receipt_info'};
64
+            return true;
65
+        } else {
66
+            return false;
67
+        }
68
+    }
69
+}
70
+
71
+$purchase_valid = false;
72
+
73
+switch ($VARS['os']) {
74
+    case 'android':
75
+        $purchase_valid = verify_market_in_app($VARS['data'], $VARS['sig'], GOOGLEPLAY_PUBLICKEY);
76
+        break;
77
+    case 'ios':
78
+        $purchase_valid = verify_app_store_in_app($VARS['data'], APP_STORE_SANDBOX);
79
+        break;
80
+}
81
+
82
+if ($purchase_valid) {
83
+    $creditstoadd = $database->select('shopcoins', ['coins'], ['merchid' => $VARS['id']])[0]['coins'];
84
+    $database->update('players', ['credits[+]' => $creditstoadd], ['uuid' => $_SESSION['uuid']]);
85
+    sendOK();
86
+} else {
87
+    sendError("Purchase not valid!", true);
88
+}

+ 3
- 0
settings.template.php View File

@@ -18,3 +18,6 @@ define("PDB_CHARSET", "latin1");
18 18
 define("GEOCACHE_KEY", "");
19 19
 define("MUNZEE_KEY", "");
20 20
 define("MUNZEE_SECRET", "");
21
+
22
+define("GOOGLEPLAY_PUBLICKEY", "");
23
+define("APP_STORE_SANDBOX", true);

+ 21
- 0
shopitems.php View File

@@ -0,0 +1,21 @@
1
+<?php
2
+
3
+require 'required.php';
4
+
5
+$shop = $database->select('shopitems', '*');
6
+$coins = $database->select('shopcoins', '*');
7
+
8
+if ($_SESSION['loggedin']) {
9
+    $balance = $database->select('players', ['credits'], ['uuid' => $_SESSION['uuid']])[0]['credits'];
10
+} else {
11
+    $balance = null;
12
+}
13
+
14
+$out = [
15
+    "status" => "OK",
16
+    "items" => $shop,
17
+    "coins" => $coins,
18
+    "balance" => $balance
19
+];
20
+
21
+echo json_encode($out);

Loading…
Cancel
Save