|
|
Posted by lucyhamm on 07/17/06 09:31
Here is the receiving IPN code, the error email is being sent but not
including any data.
Any pointers greatly appreciated.
regards
Tim
<?php
/* $Id: module-paypal.php,v 1.1 2006-05-17 09:58:13-07 brian Exp brian
$ */
// vim: expandtab sw=4 ts=4 sts=4:
########################################################################
## Built2Go PHP Realestate v1.0
##
## ----------------------------------------------------------------
##
## Copyright © Big Resources, Inc. All Rights Reserved.
##
## This software must be used in accordance with its licensing
##
## terms and conditions at: http://www.built2go.com/faq.php
##
##
##
## This file may not be redistributed in whole or significant part.
##
## ---------------- BUILT2GO IS NOT FREE SOFTWARE -----------------
##
########################################################################
require_once("../config.php");
function PErroremail($subject,$message){
global $_PAYPAL,$name_of_site,$SystemInfo->_systemstatus;
$message .= "\r\n\r\n";
$message .= "_PAYPAL Variables\r\n\r\n";
while (list ($key, $value) = each ($_PAYPAL)){
$message .= "[$key] => $value\r\n";
}
$message .= "\r\n----Variables sent from Paypal IPN
script----\r\n\r\n";
$header = "From: $name_of_site Paypal Debug <".FROM.">\r\n";
if ($SystemInfo->_systemstatus['Debug']){
mail (FROM,$subject,$message, $header);
}
}
if (!$_POST['txn_type']){
header("Status: 404 Not Found"); exit;
} else {
header("Status: 200 OK");
}
$postvars = array();
foreach ($_POST as $ipnkey => $ipnvalue){
$GLOBALS[$ipnkey] = $ipnvalue; // Posted variable Localization
$postvars[] = $ipnkey;
$_PAYPAL[$ipnkey] = $ipnvalue; // Posted variable Localization
}
$postipn = 'cmd=_notify-validate';
$noteipn = "IPN post variables in order of appearance:\r\n\r\n";
for ($x=0; $x < count($postvars); $x++){
$y=$x+1;
$postkey = $postvars[$x];
$postval = $$postvars[$x];
$postipn.= "&" . $postkey . "=" .
urlencode(stripslashes($postval));
$noteipn.= "#" . $y . " [$postkey] => $postval \r\n";
}
unset($_POST);
if ($SysmteInfo->_systemstatus['Membership'] == 'A') {
$domain = "www.paypal.com";
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; // paypal
} elseif ($SysmteInfo->_systemstatus['Membership'] == 'P') {
// IPN validation mode 2: Test Via belahost
$domain = "www.belahost.com";
$header = "POST /pp/ HTTP/1.0\r\n"; // belahost.com
}else{
// IPN validation mode was not set to 1 or 2
$error=1;
$bmode=1;
SendUserEmail(FROM,"Postmode Error");
}
$socket = fsockopen($domain,80,$errno,$errstr,30);
$header.= "Host: ".$domain."\r\n";
$header.= "Content-Type: application/x-www-form-urlencoded\r\n";
$header.= "Content-Length: ".strlen($postipn)."\r\n";
$header.= "Accept: */*\r\n\r\n";
// Note: "Connection: Close" is Not required Using HTTP/1.0
// Problem: Now is this your Firewall or your Ports?
// Maybe Setup a little email Notification here. . .
if (!$socket && !$error){
echo "Problem: Error Number: " . $errno . " Error
String: " . $errstr;
exit;
}
// If No Problems have Occured then We proceed With the Processing
else{
fputs ($socket, $header . $postipn);
while (!feof($socket)){
$reply = fgets ($socket, 1024);
$reply = trim ($reply); // Required on some
Environments
}
// Prepare debug Report for Browser display
$report = $noteipn . "\r\n" . "IPN Reply: " . $reply
.. "";
// IPN was Confirmed as both Genuine and VERIFIED
// for testing purposes
$message = "\r\nPosted variables\r\n";
$message .= $report."\r\n";
PErroremail("IPN Posted Variables!!",$message);
if (!strcmp ($reply, "VERIFIED")){
$member_price = ($_PAYPAL['payment_gross'] ==
"")?$_PAYPAL['amount3']:$_PAYPAL['mc_gross'];
$_PAYPAL['name2'] =EscapeString($_PAYPAL['first_name'])." ".
EscapeString($_PAYPAL['last_name']);
$email_ok = ($_PAYPAL['receiver_email'] ==
FROM_PAYPAL)?TRUE:FALSE;
$option_selection =
($_PAYPAL['option_selection1_1'])?$_PAYPAL['option_selection1_1']:$_PAYPAL['option_selection1'];
$option_selection2 =
($_PAYPAL['option_selection2_1'])?$_PAYPAL['option_selection2_1']:$_PAYPAL['option_selection2'];
if ($_PAYPAL['custom'] == "ce11c816"){
$User=new owner();
$User->owner_id=$_PAYPAL['item_number'];
$Price = $SystemInfo->_systemstatus['Owner Price'];
} elseif ($_PAYPAL['custom'] == "7523f185") {
$User=new Buyer();
$User->buyer_id=$_PAYPAL['item_number'];
$Price = $SystemInfo->_systemstatus['Buyer Price'];
}
$User->Load();
$User->GetPaymentHistory();
if ($email_ok == FALSE){
$message = "\r\nPossbile email fraud\r\n\r\n";
$message .= "Somebody used a different email than
what's on the account for ".$name_of_site."\r\n";
$message .= "here are the user's variables that where
sent.\r\n";
$message .= "[Resolution] => $reply \r\n\r\n";
SendUserEmail(FROM,"paypal IPN email
Error!!",$message);
fclose ($socket);
exit;
} elseif ($_PAYPAL['txn_type'] == "send_money" OR
$_PAYPAL['txn_type'] == ""){
fclose ($socket);
exit;
} elseif ($_PAYPAL['txn_type'] == "reversal"){
// if reversal was submitted then we just update the
database.
// think about sending email to admin
fclose ($socket);
exit;
} elseif ($_PAYPAL['payment_status'] == "Pending" OR
$_PAYPAL['payment_status'] == "Refunded"){
// catch pending and refunded here but don't do
anything.
// might think about adding a emil to the user
//telling them it was pending
} elseif (($_PAYPAL['payment_status'] == "Completed") AND
(isset($option_selection2) AND $option_selection2 != "" ) AND
(($_PAYPAL['txn_type'] == "subscr_payment"))){
// renewals only
if ($member_price < $Price){
$User->transId = $_PAYPAL['txn_type'];
$User->amount = $member_price;
$User->invoice = $_PAYPAL['invoice'];
$User->Rectype = "paypal";
$User->payer_email = $_PAYPAL['payer_email'];
$User->subscr_id=$_PAYPAL['subscr_id'];
$User->_type=$_PAYPAL['txn_type'];
$User->name2 = $_PAYPAL['name2'];
$User->txn_id = $_PAYPAL['txn_id'];
$User->UpdateFailedPrice();
$_PAYPAL['price_rrenew_fail'] = TRUE;
$message = "Somebody tried to change the price on
the purchase for ".$name_of_site."\r\n";
$message .= "here are the user's variables that
where sent.\r\n\r\n";
$message .= "[Resolution] => $reply\r\n\r\n";
$message .= "[Expected Price] => ".$Price."\r\n";
$message .= "[Price Sent from paypal] =>
$member_price\r\n";
$message .= "$report\r\n";
SendUserEmail(FROM, "IPN Error Renew
(price)!!",$message);
} else {
$fullname = $User->fname." ".$User->lname;
// Update your DB and Process this Payment
accordingly
// process payment
$User->Membership =
$SystemInfo->_systemstatus['Membership'];
$User->UpdateRenewPaypalPaid();
$_PAYPAL['renewal_set'] = TRUE;
$SignupEmail = str_replace("{PRICEPAID}",
$member_price,$SignupRenewConfirmEmail);
$SignupEmail = str_replace("{NAME}",
$fullname,$SignupEmail);
$SignupEmail = str_replace("{MONTHLY}",
$SystemInfo->_systemstatus['Membership'],$SignupEmail);
// setup the thank you email
SendUserEmail($_PAYPAL['payer_email'],
$SignupRenewConfirmEmailSubject, $SignupEmail);
PErroremail("IPN Success!!",$message);
}
} elseif (($_PAYPAL['payment_status'] == "Completed") AND
isset($_PAYPAL['invoice'])){
if ($member_price < $Price){
$User->transId = $_PAYPAL['txn_type'];
$User->amount = $member_price;
$User->invoice = $_PAYPAL['invoice'];
$User->Rectype = "paypal";
$User->payer_email = $_PAYPAL['payer_email'];
$User->subscr_id=$_PAYPAL['subscr_id'];
$User->_type=$_PAYPAL['txn_type'];
$User->name2 = $_PAYPAL['name2'];
$User->txn_id = $_PAYPAL['txn_id'];
$User->UpdateFailedPrice();
$_PAYPAL['pricefail'] = TRUE;
$message = "Somebody tried to change the price on
the purchase for ".$name_of_site."\r\n";
$message .= "here are the user's variables that
where sent.\r\n\r\n";
$message .= "[Resolution] => $reply\r\n\r\n";
$message .= "[Expected Price] => ".$Price."\r\n";
$message .= "[Price Sent from paypal] =>
$member_price\r\n";
$message .= "$report\r\n";
SendUserEmail(FROM,"IPN Error (price)!!",$message);
} else {
$fullname = $User->fname." ".$User->lname;
// Update your DB and Process this Payment
accordingly
// process payment
//if (!$User->pid){
$User->Membership =
$SystemInfo->_systemstatus['Membership'];
$User->UpdatePaypalPaid();
$_PAYPAL['signup_set'] = TRUE;
$SignupEmail = str_replace("{PRICEPAID}",
$member_price,$SignupConfirmEmail);
$SignupEmail = str_replace("{NAME}",
$fullname,$SignupEmail);
$SignupEmail = str_replace("{MONTHLY}",
$SystemInfo->_systemstatus['Membership'],$SignupEmail);
// setup the thank you email
SendUserEmail($_PAYPAL['payer_email'],
$SignupConfirmEmailSubject, $SignupEmail);
PErroremail("IPN Success!!",$message);
//}
}
} elseif ($_PAYPAL['payment_status'] != "Pending"){
$message = "\r\nPossbile fraud\r\n\r\n";
$message .= "Somebody sent a txn_type that is not
regonized by this script.\r\n";
$message .= "Check the user id and the method of
payment, either txn_type or payment_status \r\n";
$message .= "as these are what was picked by the user.
Counld be nothing but double check.\r\n\r\n";
$message .= "$report\n\r";
PErroremail("IPN Error!!",$message);
} else {
$message = "\r\nPossbile fraud\r\n\r\n";
$message .= "Somebody sent a txn_type that is not
regonized by this script.\r\n";
$message .= "Somebody just accessed this scrpt by some
other means. Possible trying to force a payment\r\n";
$message .= "as these are what was picked by the user.
Counld be nothing but double check.\r\n\r\n";
$message .= "[IP of visitor] =>
".$_SERVER['REMOTE_ADDR']."\n\r";
$message .= "[Referer] =>
".$_SERVER['HTTP_REFERER']."\n\r";
$message .= "$report\n\r";
PErroremail("IPN Error nothing set??!!",$message);
}
} elseif (!strcmp ($reply, "INVALID")){// IPN was Not Validated as
Genuine and is INVALID
// Check your code for any Post back Validation problems
// Investigate the Fact that this Could be a spoofed IPN
// If updating your DB, Ensure this "txn_id" is Not a Duplicate
#echo "Result: $res"; // Remove: # for Testing
// store invalid code here
mysql_query("UPDATE ".TABLE_PREFIX."pay_history SET
rectype='paypal', txn_id='{$_PAYPAL['txn_id']}',
subscr_id='{$_PAYPAL['subscr_id']}',payment_status='$reply',
_type='{$_PAYPAL['txn_type']}',status='5',price='$member_price',
invoice='{$_PAYPAL['invoice']}' WHERE siteid =
'{$_PAYPAL['item_number1']}'") OR die(mysql_error());
$message = "\r\nPossible credit fraud!!\r\n\r\n";
$message .= "here are the user's variables that where
sent.\r\n";
$message .= "check payment_status as it should be
INVALID\r\n\r\n";
$message .= "$report\r\n\r\n";
PErroremail("IPN Invalid info",$message);
} else {
// Just incase Something serious Should ever Happen!
$message = "<html><head></head><body>variables\r\n\r\n";
$message .= "here are the user's variables that where
sent.\r\n";
$message .= "check payment_status as it should be
INVALID\r\n\r\n";
$message .= "$report\r\n\r\n";
PErroremail("IPN Invalid info",$message);
}
}
// Terminate the Socket connection and Exit
fclose ($socket);
exit;
?>
Norman Peelman wrote:
> <timhammo@gmail.com> wrote in message
> news:1152868170.266831.151950@m73g2000cwd.googlegroups.com...
> > Thanks,
> >
> > We do have some logging in place which is recording empty post
> > variables so it does seem that the data is not actually reaching our
> > server.
> >
> > thanks
> > Tim
>
> Can you post the code...
>
> Norm
Navigation:
[Reply to this message]
|