/system/application/helpers/paypal_payment_helper.php

https://github.com/katzgrau/notes · PHP · 137 lines · 95 code · 21 blank · 21 comment · 20 complexity · 43c861ff59fa42b7e67a499985106372 MD5 · raw file 

    

  1. <?php

    2. 

  2. 

    3. 

  3. if ( ! function_exists('verify_and_retrieve_payment'))

    4. 

  4. {

    5. 

  5. 	// return an array with a boolean result and dictionary of the request response

    6. 

  6. 

    7. 

  7. 	function verify_and_retrieve_payment()

    8. 

  8. 	{

    9. 

  9. 		$email = $_GET['ipn_email']; 

    10. 

  10. 		$header = ""; 

    11. 

  11. 		$emailtext = "";  

    12. 

  12. 		// Read the post from PayPal and add 'cmd' 

    13. 

  13. 		$req = 'cmd=_notify-validate';

    14. 

  14. 

    15. 

  15. 		if(function_exists('get_magic_quotes_gpc'))   

    16. 

  16. 		{ 

    17. 

  17. 			$get_magic_quotes_exits = true;

    18. 

  18. 		}

    19. 

  19. 

    20. 

  20. 		foreach ($_POST as $key => $value)

    21. 

  21. 		// Handle escape characters, which depends on setting of magic quotes  

    22. 

  22. 		{ 

    23. 

  23. 			if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1)     

    24. 

  24. 			{  

    25. 

  25. 				$value = urlencode(stripslashes($value));   

    26. 

  26. 			} 

    27. 

  27. 			else 

    28. 

  28. 			{     

    29. 

  29. 				$value = urlencode($value);   

    30. 

  30. 			}    

    31. 

  31. 		 

    32. 

  32. 			$req .= "&$key=$value";  

    33. 

  33. 		} // Post back to PayPal to validate 

    34. 

  34. 		 

    35. 

  35. 		$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; 

    36. 

  36. 		$header .= "Content-Type: application/x-www-form-urlencoded\r\n"; 

    37. 

  37. 		$header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; 

    38. 

  38. 

    39. 

  39. 		$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);  

    40. 

  40. 

    41. 

  41. 		 // Process validation from PayPal

    42. 

  42. 		if (!$fp) 

    43. 

  43. 		{ // HTTP ERROR  

    44. 

  44. 		} 

    45. 

  45. 		else 

    46. 

  46. 		{ // NO HTTP ERROR  

    47. 

  47. 			fputs ($fp, $header . $req); 

    48. 

  48. 		 

    49. 

  49. 			while (!feof($fp)) 

    50. 

  50. 			{   

    51. 

  51. 				$res = fgets ($fp, 1024);   

    52. 

  52. 				if (strcmp ($res, "VERIFIED") == 0) 

    53. 

  53. 				{     

    54. 

  54. 					// TODO:     // Check the payment_status is Completed     

    55. 

  55. 					// Check that txn_id has not been previously processed    

    56. 

  56. 					// Check that receiver_email is your Primary PayPal email    

    57. 

  57. 					// Check that payment_amount/payment_currency are correct     

    58. 

  58. 					// Process payment         

    59. 

  59. 					// If 'VERIFIED', send an email of IPN variables and values to the     

    60. 

  60. 					// specified email address     

    61. 

  61. 		 

    62. 

  62. 					$f_result = array( true, $_POST );

    63. 

  63. 					

    64. 

  64. 					//foreach ($_POST as $key => $value)

    65. 

  65. 					//{       

    66. 

  66. 						//$emailtext .= $key . " = " .$value ."\n\n";

    67. 

  67. 					//}     

    68. 

  68. 			 

    69. 

  69. 					//mail($email, "Live-VERIFIED IPN", $emailtext . "\n\n" . $req);   

    70. 

  70. 				} 

    71. 

  71. 				else if (strcmp ($res, "INVALID") == 0) 

    72. 

  72. 				{     // If 'INVALID', send an email. TODO: Log for manual investigation.     

    73. 

  73. 					//foreach ($_POST as $key => $value)

    74. 

  74. 					//{       

    75. 

  75. 					//	$emailtext .= $key . " = " .$value ."\n\n";     

    76. 

  76. 					//}     

    77. 

  77. 					

    78. 

  78. 					//mail($email, "Live-INVALID IPN", $emailtext . "\n\n" . $req);   

    79. 

  79. 					$f_result = array( false, $_POST );

    80. 

  80. 				} 

    81. 

  81. 			}

    82. 

  82. 		 

    83. 

  83. 			fclose ($fp); 

    84. 

  84. 		}

    85. 

  85. 	

    86. 

  86. 		return $f_result;

    87. 

  87. 	}

    88. 

  88. 	

    89. 

  89. if ( ! function_exists('generate_purchase_button'))

    90. 

  90. {

    91. 

  91. 	function generate_purchase_button( $price, $site_name, $is_new = true, $item_title = false, $account_id = false)

    92. 

  92. 	{

    93. 

  93. 		$pay_to_email = config_item('pay_to_email');

    94. 

  94. 		$item_number = create_item_number( $site_name, $is_new, $account_id );

    95. 

  95. 		

    96. 

  96. 		if ( ! $item_title ) $item_title = "<Site Name> 1 Year Subscription";

    97. 

  97. 		

    98. 

  98. 		return "

    99. 

  99. 		<form action=\"http://www.paypal.com/cgi-bin/webscr\" method=\"post\"> 

    100. 

  100. 			<!-- Identify your business so that you can collect the payments. --> 

    101. 

  101. 			<input type=\"hidden\" name=\"business\" value=\"$pay_to_email\"> 

    102. 

  102. 			<!-- Specify a Buy Now button. --> 

    103. 

  103. 			<input type=\"hidden\" name=\"cmd\" value=\"_xclick\"> 

    104. 

  104. 			<!-- Specify details about the item that buyers will purchase. --> 

    105. 

  105. 			<input type=\"hidden\" name=\"item_name\" value=\"$item_title\"> 

    106. 

  106. 			<input type=\"hidden\" name=\"item_number\" value=\"$item_number\"> 

    107. 

  107. 			<input type=\"hidden\" name=\"amount\" value=\"$price\"> 

    108. 

  108. 			<input type=\"hidden\" name=\"currency_code\" value=\"USD\"> 

    109. 

  109. 			<!-- Display the payment button. --> 

    110. 

  110. 			<input type=\"image\" name=\"submit\" border=\"0\" src=\"https://www.paypal.com/en_US/i/btn/btn_buynow_LG.gif\" alt=\"PayPal - The safer, easier way to pay online\"> 

    111. 

  111. 			<img alt=\"\" border=\"0\" width=\"1\" height=\"1\" src=\"https://www.paypal.com/en_US/i/scr/pixel.gif\" > 

    112. 

  112. 		</form>";

    113. 

  113. 	}

    114. 

  114. }

    115. 

  115. 	

    116. 

  116. if ( ! function_exists( 'create_item_number' ) )

    117. 

  117. {

    118. 

  118. 	function create_item_number( $site_name, $is_new, $account_id = false )

    119. 

  119. 	{

    120. 

  120. 		if( $is_new )

    121. 

  121. 			return "new:00:$site_name";

    122. 

  122. 		else

    123. 

  123. 			return "renew:$account_id:$site_name";

    124. 

  124. 	}

    125. 

  125. }

    126. 

  126. 

    127. 

  127. if ( ! function_exists( 'info_from_item_number' ) )

    128. 

  128. {

    129. 

  129. 	function info_from_item_number( $item_number )

    130. 

  130. 	{

    131. 

  131. 		$parts = explode(':', $item_number );

    132. 

  132. 		return array( 'type' => $parts[0], 'account_id' => $parts[1], 'site_name' => $parts[2] );

    133. 

  133. 	}

    134. 

  134. }

    135. 

  135. 

    136. 

  136. }

    137. 

  137. ?>
    138.