這個Objective-C代碼爲什麼觸發虛假購買跟蹤

Question

這段代碼的目的是使用名爲MobileAppTracking的服務跟蹤購物，其中一些服務已被正確跟蹤。但該服務正在顯示此代碼正在發送一堆額外的購買呼叫，而iTunes連接中沒有記錄。以下大部分內容僅是典型的IOS storekit的樣板代碼。具體來說，這段代碼來自InAppPurchaseManager，這是IOS購買的IOS插件。

這裏是我使用的插件： https://github.com/phonegap/phonegap-plugins/tree/master/iPhone/InAppPurchaseManager

這裏是我修改後的代碼：

// SKPaymentTransactionObserver methods 
// called when the transaction status is updated 
// 
- (void)paymentQueue:(SKPaymentQueue *)queue updatedTransactions:(NSArray *)transactions 
{ 
    NSString *state, *error, *transactionIdentifier, *transactionReceipt, *productId; 
    NSInteger errorCode; 
    SKPayment *thePayment; 

    for (SKPaymentTransaction *transaction in transactions) 
    { 
     error = state = transactionIdentifier = transactionReceipt = productId = @""; 
     errorCode = 0; 

     BOOL shouldTrackEvent = false; // maybe this should just be for successful purchases. 

     switch (transaction.transactionState) 
     { 
      case SKPaymentTransactionStatePurchasing: 
       continue; 

      case SKPaymentTransactionStatePurchased: 
       state = @"PaymentTransactionStatePurchased"; 
       transactionIdentifier = transaction.transactionIdentifier; 
       transactionReceipt = [[transaction transactionReceipt] base64EncodedString]; 
       productId = transaction.payment.productIdentifier; 
       //thePayment = transaction.payment; 

       //NSLog(@"localCurr=", thePayment.currency); 
       //NSLog(@"localCurr=", thePayment.localizedTitle); 
       shouldTrackEvent = true; 
       break; 

      case SKPaymentTransactionStateFailed: 
       state = @"PaymentTransactionStateFailed"; 
       error = transaction.error.localizedDescription; 
       errorCode = transaction.error.code; 
       NSLog(@"error %d %@", errorCode, error); 

       break; 

      case SKPaymentTransactionStateRestored: 
       state = @"PaymentTransactionStateRestored"; 
       transactionIdentifier = transaction.originalTransaction.transactionIdentifier; 
       transactionReceipt = [[transaction transactionReceipt] base64EncodedString]; 
       productId = transaction.originalTransaction.payment.productIdentifier; 
       break; 

      default: 
       NSLog(@"Invalid state"); 
       continue; 
     } 
     NSLog(@"state: %@", state); 
     NSArray *callbackArgs = [NSArray arrayWithObjects: 
           NILABLE(state), 
           [NSNumber numberWithInt:errorCode], 
           NILABLE(error), 
           NILABLE(transactionIdentifier), 
           NILABLE(productId), 
           NILABLE(transactionReceipt), 
           nil]; 
     NSString *js = [NSString stringWithFormat:@"plugins.inAppPurchaseManager.updatedTransactionCallback.apply(plugins.inAppPurchaseManager, %@)", [callbackArgs JSONSerialize]]; 
     NSLog(@"js: %@", js); 
     [self writeJavascript: js]; 
     [[SKPaymentQueue defaultQueue] finishTransaction:transaction]; 


     // The Rest is all tracking code. P 
     // default tracking event name 
     NSString *eventName = @"purchase"; 


     // self.products is the dictionary (NString, SKProduct) to be created by the user 
     NSDictionary *dictProducts = true; //(NSDictionary *)savedValidProducts; 

     // get the product associated with this transaction 
     //SKProduct *product = (SKProduct *)([dictProducts objectForKey:transaction.payment.productIdentifier]); 
     // assign the currency code extracted from the transaction 
     NSString *currencyCode = @"";// [product.priceLocale objectForKey:NSLocaleCurrencyCode]; 

     // transaction.payment.productIdentifier 

      // The problem with not retrieving the real price is, what if they purchase in another country?? 
      float unitPrice = 0; //[product.price floatValue]; 

      NSString *title; 
      title = @"Tester"; 

      NSLog(@"productIdentifier: %@", transaction.payment.productIdentifier); 

      if([transaction.payment.productIdentifier isEqualToString:@"2_REFILLS"]) { 
       title = @"2 Energy Refills"; 
       unitPrice = 1.99; 
      } 

      if([transaction.payment.productIdentifier isEqualToString:@"6_REFILLS"]) { 
       title = @"6 Energy Refills"; 
       unitPrice = 4.99; 
      } 

      if([transaction.payment.productIdentifier isEqualToString:@"15_REFILLS"]) { 
       title = @"15 Energy Refills"; 
       unitPrice = 9.99; 
      } 

      // extract transaction product quantity 
      int quantity = 1; //transaction.payment.quantity; // extract unit price of the product 

      // assign revenue generated from the current product 
      float revenue = unitPrice * quantity; 

      // create MAT tracking event item 
      NSDictionary *dictItem = @{ @"item" : title, // product.localizedTitle, 
             @"unit_price" : [NSString stringWithFormat:@"%f", unitPrice], 
             @"quantity" : [NSString stringWithFormat:@"%i", quantity], 
             @"revenue" : [NSString stringWithFormat:@"%f", revenue] 
             }; 

      NSArray *arrEventItems = @[ dictItem ]; 

      if(shouldTrackEvent) { 

       NSLog(@"Event Item = %@", arrEventItems); 

       // track the purchase transaction event 
       // Total event revenue = sum of even item revenues in arrEventItems + extraRevenue 
       float extraRevenue = 0; // default to zero 
       [[MobileAppTracker sharedManager] trackActionForEventIdOrName:eventName 
                    eventIsId:NO 
                    eventItems:arrEventItems 
                    referenceId:transaction.transactionIdentifier 
                   revenueAmount:extraRevenue 
                   currencyCode:currencyCode 
                  transactionState:transaction.transactionState]; 
       NSLog(@"Transaction event tracked: %@", eventName); 
      } 
    } 
} 

Answer 1

一種可能性是，你被砍死。即使購買無效，您也會更新追蹤信息並接受購買。如果服務器未用於簽名檢查，則有標準工具可用於繞過付款並獲得免費的IAP項目。不幸的是，我知道檢查的唯一方法就是使用自己的服務器進行購買驗證。