Pangeaforum
Postback notifications
Whenever a user completes an offer, we will make a call to the Postback URL that you indicated in your app attaching all the information that you will need to credit your users.
Our server will make a HTTP GET request to your server including all the following parameters.
Postback Parameters
PARAMETER | DESCRIPTION |
subId | This is the unique identifier code of the user who completed action on your platform. |
transId | Unique identification code of the transaction made by your user on Pangeaforum. |
reward | The amount of your virtual currency to be credited to your user. |
payout | The offer payout in $ |
signature | MD5 hash that can be used to verify that the call has been made from our servers. |
status | Determines whether to add or subtract the amount of the reward. "1" is when the virtual currency should be added to the user and "2" when it should be subtracted. This may be because the advertiser has canceled the user's transaction, either because he/she committed fraud or because it has been a mistake entering the data needed to complete the campaign |
userIp | The user's IP address who completed the action. |
campaign_id | Id of the offer completed |
offer type | short | surf | offer |
country | Country (ISO2 form) from the lead comes |
uuid | Unique identification code of the click made by your user on Pangeaforum |
"reward" and "payout" parameters are always absolute values, you will need to check status parameter to see if you need to add or subtract that amount from your users.
Custom Postback Parameters
If you would like to receive custom parameter names in your postbacks, you can specify them in the postback URL like the following example,
http://postback.example.com/?custom={subId2}&nameOfCampaign={campaign_name}
You can use any of the parameters from the "Postbacks Parameters" table. You will need to put them between { }
Security
You should verify the signature received in the postback to ensure that the call comes from our servers. Signature parameter should match MD5 of SUBID TRANSACTIONID REWARD SECRET
You can find your secret in your app dashboard apps dashboard.
The formula to be checked is as follows:
<?php
$secret = ""; // check your app info at https://www.adswedmedia.com
$subId = isset($_GET['subId']) ? $_GET['subId'] : null;
$transId = isset($_GET['transId']) ? $_GET['transId'] : null;
$reward = isset($_GET['reward']) ? $_GET['reward'] : null;
$signature = isset($_GET['signature']) ? $_GET['signature'] : null;
// validate signature
if(md5($subId.$transId.$reward.$secret) != $signature)
{
echo "ERROR: Signature doesn't match";
return;
}
?>
Responding to the Postback
Our server will expect the following answers:
- "OK" when you receive a new transaction.
- "DUP" when you receive a duplicate transaction. In this case, our server will stop further attempts for that transaction
Any other answer will cause that our server.
Our servers wait for a response for a maximum time of 60 seconds before the 'timeout'. In this case, it will be retried sending the same transaction up to 5 occasions during the following hours. Please, check if the transaction ID sent to you was already entered in your database. This will prevent to give twice the same amount of virtual currency to the user because of the timeout.
Postback Example
The following example is not a working one but should be enough to understand who you should implement your postback in your site/app.
<?php
$secret = ""; // check your app info at https://www.adswedmedia.com
$userId = isset($_GET['subId']) ? $_GET['subId'] : null;
$transactionId = isset($_GET['transId']) ? $_GET['transId'] : null;
$points = isset($_GET['reward']) ? $_GET['reward'] : null;
$signature = isset($_GET['signature']) ? $_GET['signature'] : null;
$action = isset($_GET['status']) ? $_GET['status'] : null;
$ipuser = isset($_GET['userIp']) ? $_GET['userIp'] : "0.0.0.0";
// validate signature
if(md5($userId.$transactionId.$points.$secret) != $signature)
{
echo "ERROR: Signature doesn't match";
return;
}
if($action == 2) // action = 1 CREDITED // action = 2 REVOKED
{
$points = -abs($points);
}
if(isNewTransaction($transactionId)) // Check if the transaction is new
{
processTransaction($userId, $points, $transactionId);
echo "OK";
}
else
{
// If the transaction already exist please echo DUP.
echo "DUP";
}
?>