Bitcoin Forum

Economy => Service Discussion => Topic started by: QuentinBrubru on January 12, 2014, 07:00:06 PM


Title: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: QuentinBrubru on January 12, 2014, 07:00:06 PM
Hello, I need help to integrate bitcoin payment into my site web in php
I have juste this now i use blockchain api https://blockchain.info/fr/api/api_receive


Code:
$secret = 'ZzsMLGKe162CfA5EcG6j';
$my_address = '1A8JiWcwvpY7tAopUkSnGuEYHmzGYfZPiq';
$my_callback_url = 'https://mystore.com?invoice_id=058921123&secret='.$secret;
$root_url = 'https://blockchain.info/api/receive';
$parameters = 'method=create&address=' . $my_address .'&callback='. urlencode($my_callback_url);
$response = file_get_contents($root_url . '?' . $parameters);
$object = json_decode($response);

echo 'Send Payment To : ' . $object->input_address;


I create a unique address but after I do not understand help plz

sorry for my little english

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: Apocalipsis on January 12, 2014, 07:11:49 PM
Quote from: QuentinBrubru on January 12, 2014, 07:00:06 PM
Hello, I need help to integrate bitcoin payment into my site web in php
I have juste this now i use blockchain api https://blockchain.info/fr/api/api_receive


$secret = 'ZzsMLGKe162CfA5EcG6j';
$my_address = '1A8JiWcwvpY7tAopUkSnGuEYHmzGYfZPiq';
$my_callback_url = 'https://mystore.com?invoice_id=058921123&secret='.$secret;
$root_url = 'https://blockchain.info/api/receive';
$parameters = 'method=create&address=' . $my_address .'&callback='. urlencode($my_callback_url);
$response = file_get_contents($root_url . '?' . $parameters);
$object = json_decode($response);

echo 'Send Payment To : ' . $object->input_address;


I create a unique address but after I do not understand help plz

sorry for my little english
3

https://bitcointalk.org/index.php?topic=412425.0

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: Shahrukh on January 12, 2014, 07:13:58 PM
Fullphp code is given in blockchain only

Code:
 
$real_secret = 'ZzsMLGKe162CfA5EcG6j'
$invoice_id = $_GET['invoice_id']; //invoice_id is past back to the callback URL
$transaction_hash = $_GET['transaction_hash'];
$input_transaction_hash = $_GET['input_transaction_hash'];
$input_address = $_GET['input_address'];
$value_in_satoshi = $_GET['value'];
$value_in_btc = $value_in_satoshi / 100000000;

//Commented out to test, uncomment when live
if ($_GET['test'] == true) {
    return;
}

try {
  //create or open the database
  $database = new SQLiteDatabase('db.sqlite', 0666, $error);
} catch(Exception $e) {
  die($error);
}

//Add the invoice to the database
$query = "insert INTO invoice_payments (invoice_id, transaction_hash, value) values($invoice_id, '$transaction_hash', $value_in_btc)";

if($database->queryExec($query, $error)) {
   echo "*ok*";
}

//Select the amount paid into an invoice with select SUM(value) as value from invoice_payments where invoice_id = $invoice_id

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: Abdussamad on January 13, 2014, 12:26:07 PM
Quote from: Shahrukh on January 12, 2014, 07:13:58 PM
Fullphp code is given in blockchain only

Code:
 
$real_secret = 'ZzsMLGKe162CfA5EcG6j'
$invoice_id = $_GET['invoice_id']; //invoice_id is past back to the callback URL
$transaction_hash = $_GET['transaction_hash'];
$input_transaction_hash = $_GET['input_transaction_hash'];
$input_address = $_GET['input_address'];
$value_in_satoshi = $_GET['value'];
$value_in_btc = $value_in_satoshi / 100000000;

//Commented out to test, uncomment when live
if ($_GET['test'] == true) {
    return;
}

try {
  //create or open the database
  $database = new SQLiteDatabase('db.sqlite', 0666, $error);
} catch(Exception $e) {
  die($error);
}

//Add the invoice to the database
$query = "insert INTO invoice_payments (invoice_id, transaction_hash, value) values($invoice_id, '$transaction_hash', $value_in_btc)";

if($database->queryExec($query, $error)) {
   echo "*ok*";
}

//Select the amount paid into an invoice with select SUM(value) as value from invoice_payments where invoice_id = $invoice_id

Wow awesome! SQL injection heaven!

Title: This message was too old and has been purged
Post by: Evil-Knievel on January 13, 2014, 01:03:52 PM
This message was too old and has been purged

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: Shahrukh on January 13, 2014, 02:54:06 PM
Quote from: Evil-Knievel on January 13, 2014, 01:03:52 PM
Quote from: Shahrukh on January 12, 2014, 07:13:58 PM
Fullphp code is given in blockchain only

Code:
 
$real_secret = 'ZzsMLGKe162CfA5EcG6j'
$invoice_id = $_GET['invoice_id']; //invoice_id is past back to the callback URL
$transaction_hash = $_GET['transaction_hash'];
$input_transaction_hash = $_GET['input_transaction_hash'];
$input_address = $_GET['input_address'];
$value_in_satoshi = $_GET['value'];
$value_in_btc = $value_in_satoshi / 100000000;

//Commented out to test, uncomment when live
if ($_GET['test'] == true) {
    return;
}

try {
  //create or open the database
  $database = new SQLiteDatabase('db.sqlite', 0666, $error);
} catch(Exception $e) {
  die($error);
}

//Add the invoice to the database
$query = "insert INTO invoice_payments (invoice_id, transaction_hash, value) values($invoice_id, '$transaction_hash', $value_in_btc)";

if($database->queryExec($query, $error)) {
   echo "*ok*";
}

//Select the amount paid into an invoice with select SUM(value) as value from invoice_payments where invoice_id = $invoice_id

Lol please tell me where this script is live ;-) Looks like you can steal all BTC from them ;-)


Its just an example code you should have brains to work on the security level of your website

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: bitpop on January 13, 2014, 03:05:50 PM
I'm available

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: QuentinBrubru on January 14, 2014, 01:44:10 PM
Hello guy thanks for this script but i use https://blockchain.info/fr/q/getreceivedbyaddress/


Code:
$cc = file_get_contents('https://blockchain.info/q/getreceivedbyaddress/' . $addr);

$cc = $cc / 100000000;



And for send payment i use


Code:
	$guid = "XXX-XXX-XXX";
	$main_password = "XXX";
	$address = $addrto;
	$amount = ($soldto * 100000000); // Btc to satoshi
	$shared = "true"; // true or false ?

$send = "https://blockchain.info/fr/merchant/$guid/payment?password=$main_password&to=$address&amount=$amount&shared=$shared";
$send = file_get_contents($send);


For generat unique address

Code:
$my_bitcoin_address = "my_address";

$my_callback_url = $link."/".$id."/";

$root_url = $blockchain_root.'api/receive';
$parameters = 'method=create&address=' . $my_bitcoin_address .'&callback='. urlencode($my_callback_url);

$response = file_get_contents($root_url . '?' . $parameters);
$object = json_decode($response);

$uniqaddr = $object->input_address

Its corectly ? Thanks you its for my shop online and im newbie in php :)

Title: This message was too old and has been purged
Post by: Evil-Knievel on January 14, 2014, 02:40:32 PM
This message was too old and has been purged

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: QuentinBrubru on January 14, 2014, 02:48:31 PM
Thanks you Evil Knievel i view for buy SSL
Thanks all for help :)

Title: This message was too old and has been purged
Post by: Evil-Knievel on January 14, 2014, 02:52:57 PM
This message was too old and has been purged

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: bitpop on January 15, 2014, 07:56:16 AM
Quote from: Evil-Knievel on January 14, 2014, 02:52:57 PM
Quote from: QuentinBrubru on January 14, 2014, 02:48:31 PM
Thanks you Evil Knievel i view for buy SSL
Thanks all for help :)

Actually this will not bring you any effort in this case.
The connection to blockchain.info is SSL encrypted anyways - you are calling a https:// url.
However, URL parameters never get encrypted :-)

Are you sure? I could never figure it out. I'm pretty sure they are encrypted. Check wireshark.

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: RocketSingh on October 27, 2014, 06:37:19 PM
Quote from: Evil-Knievel on January 13, 2014, 01:03:52 PM
Quote from: Shahrukh on January 12, 2014, 07:13:58 PM
Fullphp code is given in blockchain only

Code:
 
$real_secret = 'ZzsMLGKe162CfA5EcG6j'
$invoice_id = $_GET['invoice_id']; //invoice_id is past back to the callback URL
$transaction_hash = $_GET['transaction_hash'];
$input_transaction_hash = $_GET['input_transaction_hash'];
$input_address = $_GET['input_address'];
$value_in_satoshi = $_GET['value'];
$value_in_btc = $value_in_satoshi / 100000000;

//Commented out to test, uncomment when live
if ($_GET['test'] == true) {
    return;
}

try {
  //create or open the database
  $database = new SQLiteDatabase('db.sqlite', 0666, $error);
} catch(Exception $e) {
  die($error);
}

//Add the invoice to the database
$query = "insert INTO invoice_payments (invoice_id, transaction_hash, value) values($invoice_id, '$transaction_hash', $value_in_btc)";

if($database->queryExec($query, $error)) {
   echo "*ok*";
}

//Select the amount paid into an invoice with select SUM(value) as value from invoice_payments where invoice_id = $invoice_id

Lol please tell me where this script is live ;-) Looks like you can steal all BTC from them ;-)

It is great if u please explain the catch. The $real_secret is not checked in this code. How do u overcome that verification ?

Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: cr1776 on October 27, 2014, 08:05:43 PM
Just a cursory look, without testing, but it looks like it is wide open to SQL injection in many spots for one thing.

Quote from: RocketSingh on October 27, 2014, 06:37:19 PM
Quote from: Evil-Knievel on January 13, 2014, 01:03:52 PM
Quote from: Shahrukh on January 12, 2014, 07:13:58 PM
Fullphp code is given in blockchain only

Code:
 
$real_secret = 'ZzsMLGKe162CfA5EcG6j'
$invoice_id = $_GET['invoice_id']; //invoice_id is past back to the callback URL
$transaction_hash = $_GET['transaction_hash'];
$input_transaction_hash = $_GET['input_transaction_hash'];
$input_address = $_GET['input_address'];
$value_in_satoshi = $_GET['value'];
$value_in_btc = $value_in_satoshi / 100000000;

//Commented out to test, uncomment when live
if ($_GET['test'] == true) {
    return;
}

try {
  //create or open the database
  $database = new SQLiteDatabase('db.sqlite', 0666, $error);
} catch(Exception $e) {
  die($error);
}

//Add the invoice to the database
$query = "insert INTO invoice_payments (invoice_id, transaction_hash, value) values($invoice_id, '$transaction_hash', $value_in_btc)";

if($database->queryExec($query, $error)) {
   echo "*ok*";
}

//Select the amount paid into an invoice with select SUM(value) as value from invoice_payments where invoice_id = $invoice_id

Lol please tell me where this script is live ;-) Looks like you can steal all BTC from them ;-)

It is great if u please explain the catch. The $real_secret is not checked in this code. How do u overcome that verification ?


Title: Re: Any PHP programmer who can help integrate Bitcoins Payment with a script?
Post by: RocketSingh on October 28, 2014, 09:25:06 AM
Quote from: Evil-Knievel on January 14, 2014, 02:52:57 PM
Quote from: QuentinBrubru on January 14, 2014, 02:48:31 PM
Thanks you Evil Knievel i view for buy SSL
Thanks all for help :)

Actually this will not bring you any effort in this case.
The connection to blockchain.info is SSL encrypted anyways - you are calling a https:// url.
However, URL parameters never get encrypted :-)

Lately cloudflare is offering SSL even on free plan. Does it mean, for sites hosted on cloudflare, this URL parameter exposure problem is non-existent ?


Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines