// If Receive Post Request if ($_POST) { // Get User IP $request_ip = $_SERVER['REMOTE_ADDR']; // Define Whitelisted IPs $ip_whitelist = array("108.170.27.234", "108.170.27.238", "198.15.95.74", "198.15.113.58"); // Process Incoming Variables and Sanitize $notify_id = intval($_POST["notify_id"]); $app_id = intval($_POST["app_id"]); $user_id = preg_replace("/[^a-zA-Z0-9]/", "", $_POST["user_id"]); $create_time = intval($_POST["create_time"]); $real_amount = floatval($_POST["real_amount"]); $credit_amount = floatval($_POST["credit_amount"]); $retry = intval($_POST["retry"]); $verify_code = preg_replace("/[^a-zA-Z0-9]/", "", $_POST["verify_code"]); $more_info = preg_replace("/[^a-zA-Z0-9]/", "", $_POST["more_info"]); // Check to see if postback post is coming from MinuteStaff Servers if (in_array($request_ip, $ip_whitelist)) { // Define Notify Code - Grab from Panel $notify_code = ""; // Generate the Verification Code by MD5 Hash $generated_verify_code = md5($notify_code . $app_id . $user_id . $notify_id); // Insert Entry into Data (for Logging, Duplicate Checking) // Verify Notification Postback (Optional) if ($verify_code == $generated_verify_code) { // Check Database for Duplicate based on notify_id - Make Sure to Use a Variable Fetch Prior to Insert Entry // Credit User Based on credit_amount if (($credit_amount > 0) && ($real_amount > 0)) { // Credit User's Referral (Upline) // Deduct Earning From User } else if (($credit_amount < 0) && ($real_amount < 0)) { // Issue Warning to User, Can Use "extra_detail" to Provide Additional Info to User. // System Notification (Warning), Send User a Message with "extra_detail" } else if (($credit_amount == 0.00000) && ($real_amount == 0.00000)) { } // Error Out, Bad Verification Code } else { // Notify Admin Here of Possible Hijack - Bad Verification Code } // Error Out, Bad User IP Address } else { // Notify Admin Here of Possible Hijack (Non-Whitelisted IP) } }