// If Receive Post Request
if ($_POST) {
// Get User IP
$request_ip = $_SERVER['REMOTE_ADDR'];
// Define Whitelisted IPs
$ip_whitelist = array("108.170.27.234", "108.170.27.238", "198.15.95.74", "198.15.113.58");
// Process Incoming Variables and Sanitize
$notify_id = intval($_POST["notify_id"]);
$app_id = intval($_POST["app_id"]);
$user_id = preg_replace("/[^a-zA-Z0-9]/", "", $_POST["user_id"]);
$create_time = intval($_POST["create_time"]);
$real_amount = floatval($_POST["real_amount"]);
$credit_amount = floatval($_POST["credit_amount"]);
$retry = intval($_POST["retry"]);
$verify_code = preg_replace("/[^a-zA-Z0-9]/", "", $_POST["verify_code"]);
$more_info = preg_replace("/[^a-zA-Z0-9]/", "", $_POST["more_info"]);
// Check to see if postback post is coming from MinuteStaff Servers
if (in_array($request_ip, $ip_whitelist)) {
// Define Notify Code - Grab from Panel
$notify_code = "";
// Generate the Verification Code by MD5 Hash
$generated_verify_code = md5($notify_code . $app_id . $user_id . $notify_id);
// Insert Entry into Data (for Logging, Duplicate Checking)
// Verify Notification Postback (Optional)
if ($verify_code == $generated_verify_code) {
// Check Database for Duplicate based on notify_id - Make Sure to Use a Variable Fetch Prior to Insert Entry
// Credit User Based on credit_amount
if (($credit_amount > 0) && ($real_amount > 0)) {
// Credit User's Referral (Upline)
// Deduct Earning From User
} else if (($credit_amount < 0) && ($real_amount < 0)) {
// Issue Warning to User, Can Use "extra_detail" to Provide Additional Info to User.
// System Notification (Warning), Send User a Message with "extra_detail"
} else if (($credit_amount == 0.00000) && ($real_amount == 0.00000)) {
}
// Error Out, Bad Verification Code
} else {
// Notify Admin Here of Possible Hijack - Bad Verification Code
}
// Error Out, Bad User IP Address
} else {
// Notify Admin Here of Possible Hijack (Non-Whitelisted IP)
}
}