clickbank purchase verification code.

[walter90]

I have built a site for a friend and I want to put in this code that will verify that a valid purchase has taken place before access is given to the download page.

I have no experience with php so i would like someone to look this code over and

 

A:Tell me if it will work

B:Tell me if it's some kind of trick to gain access to our download page, but I don't think that is very likely.

C:Assist me in installing this script if possible.

 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><?php $secret_key = "YOUR_SECRET_KEY";



/*

   No other editing necessary... just point your thankyou page to this script

   
   Your order page should end in PHP (ie, order.php) and your Clickbank link

   should look like this:



   <a href="http://www.clickbank.net/sell.cgi?link=simplephp/2/test&seed=thankyou<?php echo mktime(); ?></head><body>">Order
Now In this example, your Clickbank name is "simplephp", your product
name is "test", and your thank you page is named "thankyou.php" or
"thankyou.html". Remember that in order for this to work, the seed MUST
begin with the filename of your thank you page (minus the extension) to
prevent a customer from ripping off all your products once he or she
has bought one. If the thank you page becomes "product.php", the part
that says "thankyou" should be changed to "product". order.php is a
sample order page, thankyou.php is a sample thank you page.
*/
$seedPage = normalize(eregi_replace("[0-9]","",$_GET["seed"]));
$thisPage =
normalize(eregi_replace("(.*\/|\..*$)","",$_SERVER["SCRIPT_NAME"]));
$timestamp = ereg_replace("[^0-9]","",$_GET["seed"]);
$expire = strtotime("-30 days");
if ($seedPage != $thisPage or $timestamp < $expire or
!cbValid($_GET["seed"], $_GET["cbpop"], $secret_key)) die();
function normalize($string) { return strtolower(trim($string));
}
function cbValid($seed, $cbpop, $secret_key) { if (! $seed) return 0;
if (! $cbpop) return 0; $hh = 0x8000; $lh = 0x0000; $hl = 0x7fff; $ll =
0xffff; $charsmask = array("0","1","2","3","4","5","6","7",
"8","9","B","C","D","E","F","G", "H","J","K","L","M","N","P","Q",
"R","S","T","V","W","X","Y","Z"); for ($i=0;$i<10;$i++)
$q[$i]=""; $w = sprintf("%s %s",$secret_key,$seed); $w =
strtoupper($w); $v = unpack("C*",$w); $hx = 0; $lx = 17; $hy = 0; $ly =
17; $z =17; $n = strlen($w); for ($i=0;$i<10;$i++) $s[$i] = 0;
for($i=0;$i<256;$i++) { $tmp1l = $lx & $ll; $tmp1h = $hx
& $hl; $tmp2l = $ly & $ll; $tmp2h = $hy & $hl;
$tmp3l = $tmp1l + $tmp2l; $correction = $tmp3l; $tmp3l = $tmp3l
& 0x0000ffff; $correction = $correction - $tmp3l; $correction =
$correction / pow(2,16); $tmp3h = $tmp1h + $tmp2h; $tmp3h +=
$correction; $tmp3h = $tmp3h & 0x0000ffff; $tmp4l = $lx ^ $ly;
$tmp4h = $hx ^ $hy; $tmp4l = $tmp4l & $lh; $tmp4h = $tmp4h
& $hh; $wil = $tmp3l ^ $tmp4l; $wih = $tmp3h ^ $tmp4h; $tmp1l =
$wil; $tmp1h = $wih; if($z == 32) { $tmpl1=0; $tmp1h=0; } elseif($z ==
16) { $tmp1h=$tmp1l; $tmp1l=0; } elseif($z > 16) { $shiftleft=
$z - 16; $tmp1h = $tmp1l * pow(2,$shiftleft); $tmp1h = $tmp1h &
0x0000ffff; $tmp1l = 0; } else { $tmp1l = $tmp1l * pow(2,$z);
$correction = $tmp1l; $tmp1l = $tmp1l & 0x0000ffff; $correction
= $correction - $tmp1l; $correction = $correction / pow(2,16); $tmp1h =
$tmp1h * pow(2,$z); $tmp1h += $correction; $tmp1h = $tmp1h &
0x0000ffff; } $tmp2l = $wil; $tmp2h = $wih; $shiftvalue = 32 - $z;
if($shiftvalue == 32) { $tmp2l = 0; $tmp2h = 0; } elseif($shiftvalue ==
16) { $tmp2l = $tmp2h; $tmp2h = 0; } elseif($shiftvalue > 16) {
$shiftright = $shiftvalue - 16; $tmp2l = $tmp2h >>
$shiftright; $tmp2h = 0; } else { $tmp2l = ($tmp2l >>
$shiftvalue); $shiftright = $shiftvalue; $bitmask = 1;
for($j=1;$j<$shiftright;$j++) $bitmask = $bitmask * 2 + 1;
$correction = ($tmp2h & $bitmask) * pow(2,16 - $shiftvalue);
$tmp2l += $correction; $tmp2h = $tmp2h >> $shiftvalue; }
$wil = ($tmp1l | $tmp2l); $wih = ($tmp1h | $tmp2h); $tmp1l = $wil
& $ll; $tmp1h = $wih & $hl; $tmp1l = $tmp1l + $v[$i%$n
+ 1]; $correction = $tmp1l & 0x7fff0000; $correction =
($correction >> 16); $tmp1h += $correction; $tmp1l =
$tmp1l & 0x0000ffff; $tmp2l = $wil & $lh; $tmp2h = $wih
& $hh; $wil = $tmp1l ^ $tmp2l; $wih = $tmp1h ^ $tmp2h; $s[$i
& 7] += $wil & 31; $z = $ly & 31; $ly = $lx;
$hy = $hx; $lx = $wil; $hx = $wih; } for ($i=0; $i < 8; $i++)
$q[$i] = $charsmask[$s[$i] & 31]; $q[8] = "\0"; $finalstring =
""; for($i=0;$i < 8;$i++) $finalstring .= $q[$i]; if
(!strcmp($cbpop, $finalstring)) return 1; else return 0; } ?></body></html>