<?php
// **************************************************************************
//
// This file implements the endpoint for the "purchases" API call.
//
require_once 'header.php';
$app_id = $_GET['app_id'];
$user_id = $_GET['user_id'];
// Retrieve latest receipts
$result = $file_db->query("SELECT base64_receipt FROM receipts\n WHERE app_id='{$app_id}' AND user_id='{$user_id}' AND type='auto-renewable-subscription'\n ORDER BY transaction_id DESC LIMIT 0, 1");
$base64_latest_receipt = $result->fetchColumn();
if ($base64_latest_receipt) {
$data = verifyReceipt($base64_latest_receipt);
markIssuesAsPurchased($data, $app_id, $user_id);
$subscribed = $data->status == 0;
} else {
$subscribed = false;
}
$result = $file_db->query("SELECT product_id FROM purchased_issues\n WHERE app_id='{$app_id}' AND user_id='{$user_id}'");
$purchased_product_ids = $result->fetchAll(PDO::FETCH_COLUMN);
echo json_encode(array('issues' => $purchased_product_ids, 'subscribed' => $subscribed));
global $dbContainer;
$db = $dbContainer['db'];
$body = $app->request()->getBody();
$receiptdata = $app->request()->post('receipt_data');
$type = $app->request()->post('type');
if (isInDevelopmentMode($app_id) == "TRUE") {
logMessage(LogType::Info, "Confirming purchase for APP ID: " . $app_id . " USER ID: " . $user_id . " TYPE: " . $type);
}
try {
// Verify Receipt - with logic to fall back to Sandbox test if Production Receipt fails (error code 21007)
try {
$iTunesReceiptInfo = verifyReceipt($receiptdata, $app_id, $user_id);
} catch (Exception $e) {
if ($e->getCode() == "21007") {
logMessage(LogType::Info, "Confirming purchase for APP ID - Sandbox Receipt used in Production, retrying against Sandbox iTunes API: " . $app_id . " USER ID: " . $user_id . " TYPE: " . $type);
$iTunesReceiptInfo = verifyReceipt($receiptdata, $app_id, $user_id, TRUE);
}
}
$sql = "INSERT IGNORE INTO RECEIPTS (APP_ID, QUANTITY, PRODUCT_ID, TYPE, TRANSACTION_ID, USER_ID, PURCHASE_DATE, \n\t \t\t \t\t\tORIGINAL_TRANSACTION_ID, ORIGINAL_PURCHASE_DATE, APP_ITEM_ID, VERSION_EXTERNAL_IDENTIFIER, BID, BVRS, BASE64_RECEIPT) \n\t \t\t \t\t\tVALUES (:app_id, :quantity, :product_id, :type, :transaction_id, :user_id, :purchase_date, :original_transaction_id,\n\t \t\t \t\t\t\t\t :original_purchase_date, :app_item_id, :version_external_identifier, :bid, :bvrs, :base64_receipt)";
try {
$stmt = $db->prepare($sql);
$stmt->bindParam("app_id", $app_id);
$stmt->bindParam("quantity", $iTunesReceiptInfo->receipt->quantity);
$stmt->bindParam("product_id", $iTunesReceiptInfo->receipt->product_id);
$stmt->bindParam("type", $type);
$stmt->bindParam("transaction_id", $iTunesReceiptInfo->receipt->transaction_id);
$stmt->bindParam("user_id", $user_id);
$stmt->bindParam("purchase_date", $iTunesReceiptInfo->receipt->purchase_date);
$stmt->bindParam("original_transaction_id", $iTunesReceiptInfo->receipt->original_transaction_id);
$stmt->bindParam("original_purchase_date", $iTunesReceiptInfo->receipt->original_purchase_date);
$stmt->bindParam("app_item_id", $iTunesReceiptInfo->receipt->item_id);
<?php
// **************************************************************************
//
// This file implements the endpoint for the "purchase confirmation" API call.
//
require_once 'header.php';
$base64_receipt = stripcslashes($_POST['receipt_data']);
$purchase_type = $_POST['type'];
$data = verifyReceipt($base64_receipt);
$receipt = $data->receipt;
$product_id = $receipt->product_id;
$transaction_id = $receipt->transaction_id;
$log->LogDebug("Saving {$purchase_type} {$product_id} in the receipt database");
$file_db->query("INSERT OR IGNORE INTO receipts (transaction_id, app_id, user_id, product_id, type, base64_receipt)\n VALUES ('{$transaction_id}', '{$app_id}', '{$user_id}', '{$product_id}', '{$purchase_type}', '{$base64_receipt}')");
if ($purchase_type == 'auto-renewable-subscription') {
markIssuesAsPurchased($data, $app_id, $user_id);
} else {
if ($purchase_type == 'issue') {
markIssueAsPurchased($product_id, $app_id, $user_id);
} else {
if ($purchase_type == 'free-subscription') {
// Nothing to do, as the server assumes free subscriptions won't be enabled
}
}
}