允许通过IPN访问特定站点

时间:2015-08-30 21:47:54

标签: php

IPN如何授予特定网站的访问权限?我正在使用一个名为paygol的网站,人们可以通过短信进行捐赠或销售。当您为捐赠创建按钮时,他们会为您提供可以修改的IPN代码。

    <?php 

    // check that the request comes from PayGol server
    /*
    if(!in_array($_SERVER['REMOTE_ADDR'],
      array('109.70.3.48', '109.70.3.146', '109.70.3.210'))) {
      header("HTTP/1.0 403 Forbidden");
      die("Error: Unknown IP");
    }
    */ 
// CONFIG 
$your_service_id = 49001;  // this is my service ID from Paygol     

    // get the variables from PayGol system
    $message_id = $_GET['message_id'];
    $service_id = $_GET['service_id'];
    $shortcode  = $_GET['shortcode'];
    $keyword    = $_GET['keyword'];
    $message    = $_GET['message'];
    $sender = $_GET['sender'];
    $operator   = $_GET['operator'];
    $country    = $_GET['country'];
    $custom = $_GET['custom'];
    $points = $_GET['points'];
    $price  = $_GET['price'];
    $currency   = $_GET['currency'];

    // Here you can do whatever you want with the variables, for instance inserting or updating data into your Database 

    ?>

捐赠后,如何允许访问某个特定页面?

1 个答案:

答案 0 :(得分:0)

set encrypted or hashed data into cookie (1 or 2 years of expiration) that tells that he had made donation:

$token = md5($_SERVER['REMOTE_ADDR'].time());
mysql_query("INSERT INTO access_tokens (token) VALUE ('".mysql_real_escape_string($token)."')");
setcookie("access_token", $token, time() + 365*24*60*60);

and in the page check if it's token exist in access_tokens table:

$token = $_COOKIE['access_token'];
$accept = false;
if(strlen($token) == 32) {
  $r = mysql_query("SELECT 1 FROM access_token WHERE token = '".mysql_real_escape_string($token)."' LIMIT 1");
  if(mysql_num_rows($r) == 1) {
    $accept = true;
  }
}

if(!$accept) {
  header('Location: /');
  exit(0);
}

there are many methods to make so.

one of them to send specific COUPON CODE to user's email after making donation and ask everytime before giving access to the resource.

it all depends on Your imagination (: