Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // tell PHP to log errors to ipn_errors.log in this directory
- ini_set('log_errors', true);
- ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');
- $ipn_post_data = $_POST;
- // For sandbox testing
- //$pp_hostname = "https://www.sandbox.paypal.com/cgi-bin/webscr";
- //live
- $pp_hostname = "https://www.paypal.com/cgi-bin/webscr";
- // Set up request to PayPal
- // Init cURL
- $request = curl_init();
- curl_setopt_array($request, array
- (
- CURLOPT_URL => $pp_hostname,
- CURLOPT_POST => TRUE,
- CURLOPT_POSTFIELDS => http_build_query(array('cmd' => '_notify-validate') + $ipn_post_data),
- CURLOPT_RETURNTRANSFER => TRUE,
- CURLOPT_HEADER => FALSE,
- CURLOPT_SSL_VERIFYPEER => TRUE,
- //CURLOPT_CAINFO => 'cacert.pem',
- ));
- // Execute request and get response and status code
- $response = curl_exec($request);
- $status = curl_getinfo($request, CURLINFO_HTTP_CODE);
- // Close connection
- curl_close($request);
- if($status == 200 && $response == 'VERIFIED')
- {
- $errmsg = ''; // stores errors from fraud checks
- if(array_key_exists('charset', $ipn_data) && ($charset = $ipn_data['charset']))
- {
- // Ignore if same as our default
- if($charset == 'utf-8')
- return;
- // Otherwise convert all the values
- foreach($ipn_data as $key => &$value)
- {
- $value = mb_convert_encoding($value, 'utf-8', $charset);
- }
- // And store the charset values for future reference
- $ipn_data['charset'] = 'utf-8';
- $ipn_data['charset_original'] = $charset;
- }
- // 1. Make sure the payment status is "Completed"
- if ($ipn_post_data[payment_status] != 'Completed') {
- // simply ignore any IPN that is not completed
- exit(0);
- }
- // 2. Make sure seller email matches your primary account email.
- if ($ipn_post_data[receiver_email] != 'anna@energyshop.se') {
- $errmsg .= "'receiver_email' does not match: ";
- $errmsg .= $ipn_post_data[receiver_email]."\n";
- }
- // 4. Make sure the currency code matches
- if ($ipn_post_data[mc_currency] != 'SEK' && $ipn_post_data[mc_currency] != 'USD') {
- $errmsg .= "'mc_currency' does not match: ";
- $errmsg .= $ipn_post_data[mc_currency]."\n";
- }
- // 5. Ensure the transaction is not a duplicate.
- mysql_connect('energyshop.se.mysql', 'energyshop_se', 'dxymNrJd') or exit(0);
- mysql_select_db('energyshop_se') or exit(0);
- $txn_id = mysql_real_escape_string($ipn_post_data[txn_id]);
- $sql = "SELECT COUNT(*) FROM orders WHERE txn_id = '$txn_id'";
- $r = mysql_query($sql);
- if (!$r) {
- error_log(mysql_error());
- exit(0);
- }
- $exists = mysql_result($r, 0);
- mysql_free_result($r);
- if ($exists) {
- $errmsg .= "'txn_id' has already been processed: ".$ipn_post_data[txn_id]."\n";
- }
- if (!empty($errmsg)) {
- // manually investigate errors from the fraud checking
- $body = "IPN failed fraud checks: \n$errmsg\n\n";
- mail('anna@energyshop.se', 'IPN Fraud Warning', $body);
- } else {
- // add this order to a table of completed orders
- $payer_email = mysql_real_escape_string($ipn_post_data[payer_email]);
- $mc_gross = mysql_real_escape_string($ipn_post_data[mc_gross]);
- $sql = "INSERT INTO orders VALUES
- (NULL, '$txn_id', '$payer_email', $mc_gross)";
- if (!mysql_query($sql)) {
- error_log(mysql_error());
- exit(0);
- }
- // send user an email with a confirmation
- $array_keys = array_keys($ipn_post_data);
- $count = 1;
- $i = 1;
- foreach($array_keys as $element)
- {
- if (!strncmp('item_number', $element, strlen('item_number')))
- $count++;
- }
- for($idx = 1; $idx < $count; $idx ++ & $i++)
- {
- $name = mysql_real_escape_string($ipn_post_data[item_name . $i]);
- }
- $num = mysql_real_escape_string($ipn_post_data[num_cart_items]);
- $number = mysql_real_escape_string($ipn_post_data[item_number]);
- $amount = mysql_real_escape_string($ipn_post_data[mc_gross]);
- $firstname = mysql_real_escape_string($ipn_post_data[first_name]);
- $lastname = mysql_real_escape_string($ipn_post_data[last_name]);
- $to = filter_var($ipn_post_data[payer_email], FILTER_SANITIZE_EMAIL);
- $to2 = filter_var('anna@energyshop.se', FILTER_SANITIZE_EMAIL);
- $date = date('Y-m-d');
- $subject = "Tack för Ert köp! / Thank you for your order!";
- $subject2 = "(COPY) Tack för Ert köp! / Thank you for your order!";
- $headerFields = array(
- 'Date: ' . date('r', $_SERVER['REQUEST_TIME']),
- "Subject: =?UTF-8?Q?".imap_8bit($subject)."?=",
- "From: {$to}",
- "MIME-Version: 1.0",
- "Content-Type: text/html;charset=utf-8"
- );
- $headerFields2 = array(
- 'Date: ' . date('r', $_SERVER['REQUEST_TIME']),
- "Subject: =?UTF-8?Q?".imap_8bit($subject2)."?=",
- "From: {$to}",
- "MIME-Version: 1.0",
- "Content-Type: text/html;charset=utf-8"
- );
- $message = '<html><body>';
- $message .= "$firstname $lastname, $payer_email \r\n";
- $message .= '<br />';
- $message .= "Tack för din beställning från energyshop.se. $date";
- $message .= '<br>';
- $message .= "Vi hoppas att varorna motsvarar dina förväntningar! \r\n";
- $message .= '<br />';
- $message .= "Du köpte $num produkter för totalt $amount kronor.";
- $message .= '<br>';
- $message .= 'Varor:';
- $message .= "$name";
- $message .= '<br>';
- $message .= 'Moms är inkluderad i priset:';
- $message .= '<br>';
- $message .= "6% moms Böcker, 12% moms EnergyUnion, 25% moms på övriga sortimentet \r\n";
- $message .= '<br />';
- $message .= 'Har du köpt digitala varor, ska du direkt efter betalningen fått tillgång till en sida där du laddar ned din beställning.';
- $message .= '<br>';
- $message .= "Har du köpt fysiska varor, skickas de till dig så snart som möjligt med Posten, dock senast en vecka efter din beställning.\r\n";
- $message .= '<br />';
- $message .= 'Vi på energyshop.se önskar dig en trevlig dag.';
- $message .= '<br>';
- $message .= 'Välkommen tillbaka när du vill!';
- $message .= '</body></html>';
- $message2 = "$message";
- $message2 .= '<br />';
- $message2 .= '(NOTE: THIS IS A COPY)';
- mail($to, $subject, $message, implode("\r\n", $headerFields));
- mail('anna@energyshop.se', $subject2, $message2, implode("\r\n", $headerFields2));
- }
- } else {
- // manually investigate the invalid IPN
- mail('anna@energyshop.se', "Invalid IPN", "Something went wrong, check Live/Sandbox");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement