Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- header('Content-type: text/html; charset=utf-8');
- ?>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <?php
- // tell PHP to log errors to ipn_errors.log in this directory
- ini_set('log_errors', true);
- ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');
- // intantiate the IPN listener
- include('ipnlistener.php');
- $listener = new IpnListener();
- // tell the IPN listener to use the PayPal test sandbox
- //$listener->use_sandbox = true;
- // try to process the IPN POST
- try {
- $listener->requirePostMethod();
- $verified = $listener->processIpn();
- } catch (Exception $e) {
- error_log($e->getMessage());
- exit(0);
- }
- if ($verified) {
- $errmsg = ''; // stores errors from fraud checks
- // 1. Make sure the payment status is "Completed"
- if ($_POST['payment_status'] != 'Completed') {
- // simply ignore any IPN that is not completed
- exit(0);
- }
- // 2. Make sure seller email matches your primary account email.
- if ($_POST['receiver_email'] != 'anna@energyshop.se') {
- $errmsg .= "'receiver_email' does not match: ";
- $errmsg .= $_POST['receiver_email']."\n";
- }
- // 3. Make sure the amount(s) paid match
- /*if ($_POST['mc_gross'] != '9.99') {
- $errmsg .= "'mc_gross' does not match: ";
- $errmsg .= $_POST['mc_gross']."\n";
- }*/
- // 4. Make sure the currency code matches
- if ($_POST['mc_currency'] != 'SEK' && $_POST['mc_currency'] != 'USD') {
- $errmsg .= "'mc_currency' does not match: ";
- $errmsg .= $_POST['mc_currency']."\n";
- }
- // 5. Ensure the transaction is not a duplicate.
- mysql_connect('****', '****', '****') or exit(0);
- mysql_select_db('****') or exit(0);
- $txn_id = mysql_real_escape_string($_POST['txn_id']);
- $sql = "SELECT COUNT(*) FROM orders WHERE txn_id = '$txn_id'";
- $r = mysql_query($sql);
- if (!$r) {
- error_log(mysql_error());
- exit(0);
- }
- $exists = mysql_result($r, 0);
- mysql_free_result($r);
- if ($exists) {
- $errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
- }
- if (!empty($errmsg)) {
- // manually investigate errors from the fraud checking
- $body = "IPN failed fraud checks: \n$errmsg\n\n";
- $body .= $listener->getTextReport();
- mail('anna@energyshop.se', 'IPN Fraud Warning', $body);
- } else {
- // add this order to a table of completed orders
- $payer_email = mysql_real_escape_string($_POST['payer_email']);
- $mc_gross = mysql_real_escape_string($_POST['mc_gross']);
- $sql = "INSERT INTO orders VALUES
- (NULL, '$txn_id', '$payer_email', $mc_gross)";
- if (!mysql_query($sql)) {
- error_log(mysql_error());
- exit(0);
- }
- // send user an email with a confirmation
- $h1 = 0;
- $h2 = 0;
- $h3 = 0;
- $h4 = 0;
- $h5 = 0;
- $h6 = 0;
- $h7 = 0;
- $h8 = 0;
- $h9 = 0;
- $h10 = 0;
- $h11 = 0;
- $h12 = 0;
- $h13 = 0;
- $h14 = 0;
- $h15 = 0;
- $h16 = 0;
- $h17 = 0;
- $h18 = 0;
- $h19 = 0;
- $h20 = 0;
- $h21 = 0;
- $h22 = 0;
- $h23 = 0;
- $h24 = 0;
- $h25 = 0;
- $h26 = 0;
- $h27 = 0;
- $h28 = 0;
- $h29 = 0;
- $h30 = 0;
- $h31 = 0;
- $num = $_POST['num_cart_items'];
- $amount = $_POST['mc_gross'];
- $firstname = $_POST['first_name'];
- $lastname = $_POST['last_name'];
- $to = filter_var($_POST['payer_email'], FILTER_SANITIZE_EMAIL);
- $to2 = filter_var('anna@energyshop.se', FILTER_SANITIZE_EMAIL);
- $date = date('Y-m-d');
- $name = $_POST['item_name'];
- $subject = "Tack för Ert köp! / Thank you for your order!";
- $subject2 = "(COPY) Tack för Ert köp! / Thank you for your order!";
- $headerFields = array(
- 'Date: ' . date('r', $_SERVER['REQUEST_TIME']),
- "Subject: =?UTF-8?Q?".imap_8bit($subject)."?=",
- "From: {$to}",
- "MIME-Version: 1.0",
- "Content-Type: text/html;charset=utf-8"
- );
- $headerFields2 = array(
- 'Date: ' . date('r', $_SERVER['REQUEST_TIME']),
- "Subject: =?UTF-8?Q?".imap_8bit($subject2)."?=",
- "From: {$to}",
- "MIME-Version: 1.0",
- "Content-Type: text/html;charset=utf-8"
- );
- $message = '<html><body>';
- $message .= "$firstname $lastname, $payer_email \r\n";
- $message .= '<br />';
- $message .= "Tack för din beställning från energyshop.se. $date";
- $message .= '<br>';
- $message .= "Vi hoppas att varorna motsvarar dina förväntningar! \r\n";
- $message .= '<br />';
- $message .= "Du köpte $num produkter för totalt $amount kronor.";
- $message .= '<br>';
- $message .= 'Varor:';
- $message .= "$name";
- $message .= '<br>';
- $message .= 'Moms är inkluderad i priset:';
- $message .= '<br>';
- $message .= "6% moms Böcker, 12% moms EnergyUnion, 25% moms på övriga sortimentet \r\n";
- $message .= '<br />';
- $message .= 'Har du köpt digitala varor, ska du direkt efter betalningen fått tillgång till en sida där du laddar ned din beställning.';
- $message .= '<br>';
- $message .= "Har du köpt fysiska varor, skickas de till dig så snart som möjligt med Posten, dock senast en vecka efter din beställning.\r\n";
- $message .= '<br />';
- $message .= 'Vi på energyshop.se önskar dig en trevlig dag.';
- $message .= '<br>';
- $message .= 'Välkommen tillbaka när du vill!';
- $message .= '</body></html>';
- $message2 = "$message";
- $message2 .= '<br />';
- $message2 .= '(NOTE: THIS IS A COPY)';
- mail($to, $subject, $message, implode("\r\n", $headerFields));
- mail('anna@energyshop.se', $subject2, $message2, implode("\r\n", $headerFields2));
- }
- } else {
- // manually investigate the invalid IPN
- mail('anna@energyshop.se', 'Invalid IPN', $listener->getTextReport());
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement