0byt3m1n1
Path:
/
data
/
17
/
1
/
18
/
11
/
1670011
/
user
/
1801231
/
htdocs
/
payment_process
/
[
Home
]
File: paypal_ipn.php
<?php // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $business = $_POST['business']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $mc_gross = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $receiver_id = $_POST['receiver_id']; $quantity = $_POST['quantity']; $num_cart_items = $_POST['num_cart_items']; $payment_date = $_POST['payment_date']; $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $payment_type = $_POST['payment_type']; $payment_status = $_POST['payment_status']; $payment_gross = $_POST['payment_gross']; $payment_fee = $_POST['payment_fee']; $settle_amount = $_POST['settle_amount']; $memo = $_POST['memo']; $payer_email = $_POST['payer_email']; $txn_type = $_POST['txn_type']; $payer_status = $_POST['payer_status']; $address_street = $_POST['address_street']; $address_city = $_POST['address_city']; $address_state = $_POST['address_state']; $address_zip = $_POST['address_zip']; $address_country = $_POST['address_country']; $address_status = $_POST['address_status']; $item_number = $_POST['item_number']; $tax = $_POST['tax']; $option_name1 = $_POST['option_name1']; $option_selection1 = $_POST['option_selection1']; $option_name2 = $_POST['option_name2']; $option_selection2 = $_POST['option_selection2']; $for_auction = $_POST['for_auction']; $invoice = $_POST['invoice']; $custom = $_POST['custom']; //$custombemail=$_POST['custombemail']; $notify_version = $_POST['notify_version']; $verify_sign = $_POST['verify_sign']; $payer_business_name = $_POST['payer_business_name']; $payer_id =$_POST['payer_id']; $mc_currency = $_POST['mc_currency']; $mc_fee = $_POST['mc_fee']; $exchange_rate = $_POST['exchange_rate']; $settle_currency = $_POST['settle_currency']; $parent_txn_id = $_POST['parent_txn_id']; $pending_reason = $_POST['pending_reason']; $reason_code = $_POST['reason_code']; // subscription specific vars $subscr_id = $_POST['subscr_id']; $subscr_date = $_POST['subscr_date']; $subscr_effective = $_POST['subscr_effective']; $period1 = $_POST['period1']; $period2 = $_POST['period2']; $period3 = $_POST['period3']; $amount1 = $_POST['amount1']; $amount2 = $_POST['amount2']; $amount3 = $_POST['amount3']; $mc_amount1 = $_POST['mc_amount1']; $mc_amount2 = $_POST['mc_amount2']; $mc_amount3 = $_POST['mcamount3']; $recurring = $_POST['recurring']; $reattempt = $_POST['reattempt']; $retry_at = $_POST['retry_at']; $recur_times = $_POST['recur_times']; $username = $_POST['username']; $password = $_POST['password']; //auction specific vars $for_auction = $_POST['for_auction']; $auction_closing_date = $_POST['auction_closing_date']; $auction_multi_item = $_POST['auction_multi_item']; $auction_buyer_id = $_POST['auction_buyer_id']; //DB connect creds and email $notify_email = "r_raj_d@yahoo.com"; //email address to which debug emails are sent to $DB_Server = "localhost"; //your MySQL Server $DB_Username = "pimpthat_pimp"; //your MySQL User Name $DB_Password = "pimp"; //your MySQL Password $DB_DBName = "pimpthat_pimp"; //your MySQL Database Name if (!$fp) { mail($notify_email, "FP failed", "$res\n\r\n\r $req"); } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if ($res=="VERIFIED") { mail($notify_email, "FP success", "$res\n\r\n\r $req\n\r\n\r$fp"); mail($notify_email, "VALID IPN", "IPN verified and transaction id :: $txn_id"); //create MySQL connection $Connect = @mysql_connect($DB_Server, $DB_Username, $DB_Password) or die("Couldn't connect to MySQL:<br>" . mysql_error() . "<br>" . mysql_errno()); //select database $Db = @mysql_select_db($DB_DBName, $Connect) or die("Couldn't select database:<br>" . mysql_error(). "<br>" . mysql_errno()); $fecha = date("m")."/".date("d")."/".date("Y"); $fecha = date("Y").date("m").date("d"); //check if transaction ID has been processed before $checkquery = "select transaction_id from order_header where transaction_id='".$txn_id."'"; $sihay = mysql_query($checkquery) or die("Duplicate txn id check query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); $nm = mysql_num_rows($sihay); if ($nm == 0) { if($receiver_email!="dave322@juno.com") { mail($notify_email, "Wrong Receiver ID", "Please do investigation, the Receiver ID is not same as per your Paypal ID"); exit(); } else { mail($notify_email, "$txn_type"); } //execute query if ($txn_type == "web_accept") { $header_custom="header_".$custom; $q_temptable_header="select * from $header_custom"; $r_temptable_header=mysql_query($q_temptable_header); $row_th=mysql_fetch_array($r_temptable_header); //checking paid amount is same as cart amount or not if($row_th['final_order_total']!=$payment_gross) { mail($notify_email, "Amount received not same as CART amount", "Please do investigation, the Amount you received not same as per your Shopping Cart"); exit(); } $customer_email=$row_th['billing_email']; $today=date('Y-m-d'); $totime=date('H:i:s'); $q_insert_header="INSERT INTO `order_header` (`order_id`, `payment_process`, `transaction_id`, `order_date`, `customer_login_id`, `billing_name`, `billing_address`, `billing_country`, `billing_state`, `billing_contact`, `billing_email`, `shipping_name`, `shipping_address`, `shipping_country`,`shipping_state`, `shipping_zip`, `shipping_contact`, `special_note`, `total_product_weight`, `total_product_quantity`, `product_price`, `tax`, `delivery_charge`, `final_order_total`, `last_update_date`, `last_update_time`, `ip_address`, `order_status`) VALUES (NULL, 'paypal', '".$txn_id."', '".$today."', '".$row_th['customer_login_id']."', '".$row_th['billing_name']."', '".$row_th['billing_address']."', '".$row_th['billing_country']."', '".$row_th['billing_state']."', '".$row_th['billing_contact']."', '".$row_th['billing_email']."', '".$row_th['shipping_name']."', '".$row_th['shipping_address']."', '".$row_th['shipping_country']."', '".$row_th['shipping_state']."', '".$row_th['shipping_zip']."', '".$row_th['shipping_contact']."', '".$row_th['special_note']."', '".$row_th['total_product_weight']."', '".$row_th['total_product_quantity']."', '".$row_th['product_price']."', '".$row_th['tax']."', '".$row_th['delivery_charge']."', '".$row_th['final_order_total']."', '".$row_th['last_update_date']."', '".$row_th['last_update_time']."', '".$row_th['ip_address']."', 'Pending')"; $r_insert_header=mysql_query($q_insert_header); if($r_insert_header) { mail($notify_email, "Success:: Order_header", $q_insert_header."\n\r\n\r".$row_th['billing_email']); } else { mail($notify_email, "UNSuccess:: Order_header", mysql_error()); } $q_last_order_no="select * from order_header order by `order_id` DESC limit 1"; $r_last_order_no=mysql_query($q_last_order_no); $row_last_order_no=mysql_fetch_array($r_last_order_no); $o_no=$_SESSION['o_no']=$row_last_order_no['order_id']; $q_temptable="select * from $custom"; $r_temptable=mysql_query($q_temptable); $ln=0; while($row_temptable=mysql_fetch_array($r_temptable, MYSQL_BOTH)) { $ln++; $q_od2="insert into `order_details` ( `order_id`, `line_no`, `customer_login_id`, `catalog_id`, `product_id`, `quantity`, `per_product_weight`, `total_product_weight`, `rate`, `price`) values( '".$o_no."', '".$ln."', '".$row_th['customer_login_id']."', '".$row_temptable['catalog_id']."', '".$row_temptable['product_id']."', '".$row_temptable['quantity']."', '".$row_temptable['per_product_weight']."', '".$row_temptable['total_product_weight']."', '".$row_temptable['rate']."', '".$row_temptable['price']."')"; $r_od2=mysql_query($q_od2); if(!$r_od2) { mail($notify_email, "UNSuccess:: Order_detail", mysql_error()); } else { mail($notify_email, "Success:: Order_detail", $q_od2); } } $q_header="select * from order_header where order_id='".$o_no."'"; $r_header=mysql_query($q_header); $row_header=mysql_fetch_array($r_header); $q_data="select * from order_details where order_id='".$o_no."'"; $r_data=mysql_query($q_data); $msg="<link href='../admin/css/admin-style.css' rel='stylesheet' type='text/css'> <table width='765' border='0' cellpadding='0' cellspacing='0' class='table-all-thin-border'> <tr> <td align='left' valign='top'><table width='765' border='0' cellspacing='0' cellpadding='2'> <tr align='left' valign='middle' class='create-catalog-header'> <td width='152' height='32'>Product Image</td> <td width='150'>Catagory</td> <td width='179'>Product Name</td> <td width='117'>Rate</td> <td width='97'>Quantity</td> <td width='160'>Total Weight</td> <td width='126'>Price</td> </tr>"; $n=0; $total_price=0; $total_product_weight=0; $quantity=0; while($row_data=mysql_fetch_array($r_data)) { if($n%2==0) { $bg='#EAFFEF'; } else { $bg='#EAF0FF'; } $q_catalog='select * from catalog where catalog_id='.$row_data['catalog_id']; $r_catalog=mysql_query($q_catalog); $row_catalog=mysql_fetch_array($r_catalog); $q_product='select * from product_details where product_id='.$row_data['product_id']; $r_product=mysql_query($q_product); $row_product=mysql_fetch_array($r_product); $product_weight=0; $msg.="<tr align='left' valign='middle'> <td height='25' align='center' bgcolor='".$bg."' class='left-links'> <img src='../../".$row_product['product_main_image_path']."' width='125' height='75'> </td> <td bgcolor='".$bg."' class='left-links'> ".$row_catalog['catalog_name']." </td> <td bgcolor='".$bg."' class='left-links'> ".$row_product['product_name']." </td> <td bgcolor='".$bg."' class='left-links'>$ ".$row_data['rate']." </td> <td align='left' bgcolor='".$bg."' class='left-links'> ".$row_data['quantity']." </td> <td align='left' bgcolor='".$bg."' class='left-links'> ".$row_data['total_product_weight']." </td> <td align='left' bgcolor='".$bg."' class='left-links'>$ ".$row_data['price']." </td> </tr>"; $n++; } $msg.="<tr align='left' valign='middle'> <td height='25' bgcolor='#0099FF' class='left-links'> </td> <td bgcolor='#0099FF' class='left-links'> </td> <td bgcolor='#0099FF' class='left-links'> </td> <td colspan='2' align='right' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>Total Weight </font></td> <td align='left' bgcolor='#0099FF' class='left-links'> ".$row_header['total_product_weight']." </td> <td align='left' bgcolor='#0099FF' class='left-links'> </td> </tr> <tr align='left' valign='middle'> <td height='25' class='left-links'> </td> <td class='left-links'> </td> <td class='left-links'> </td> <td colspan='2' align='right' class='left-links'> </td> <td align='right' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>Product</font><font color='#FFFFFF'> Price </font></td> <td align='left' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>$ ".$row_header['product_price']." </font></td> </tr> <tr align='left' valign='middle'> <td height='25' class='left-links'> </td> <td class='left-links'> </td> <td class='left-links'> </td> <td colspan='2' align='right' class='left-links'> </td> <td align='right' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>TAX </font></td> <td align='left' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>$ ".$row_header['tax']." </font></td> </tr> <tr align='left' valign='middle'> <td height='25' class='left-links'> </td> <td class='left-links'> </td> <td class='left-links'> </td> <td colspan='2' align='right' class='left-links'> </td> <td align='right' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>Shipping Cost </font></td> <td align='left' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>$ ".$row_header['delivery_charge']." </font></td> </tr> <tr align='left' valign='middle'> <td height='25' class='left-links'> </td> <td class='left-links'> </td> <td class='left-links'> </td> <td colspan='2' align='right' class='left-links'><font color='#FFFFFF'> </font></td> <td align='right' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>Total Price </font></td> <td align='left' bgcolor='#0099FF' class='left-links'><font color='#FFFFFF'>$ ".$row_header['final_order_total']." </font></td> </tr> <tr align='left' valign='middle'> <td height='25' class='left-links'> </td> <td height='50' colspan='5' align='center' class='left-links'> <em><font color='#FF0000'> </font></em></td> <td align='left' class='left-links'> </td> </tr> <tr align='center' valign='top'> <td height='25' colspan='7' class='left-links'><form name='form1' method='post' action=''> <table width='765' border='0' cellspacing='0' cellpadding='0'> <tr> <td width='350' align='right' valign='top'> <table width='350' border='0' cellpadding='0' cellspacing='0' class='table-all-thin-border'> <tr> <td height='32' align='left' valign='middle' class='create-catalog-header' style='padding-left:20px'><font color='#000033'> Billing Information</font></td> </tr> <tr> <td width='362' align='left' valign='top'> <table width='350' border='0' cellpadding='4' cellspacing='0'> <tr align='left' valign='middle'> <td width='100' height='25'><font color='#000033'>Name</font></td> <td height='25'> ".$row_header['billing_name']." </td> </tr> <tr align='left' valign='middle'> <td height='25' valign='top'><font color='#000033'>Address</font></td> <td height='25'> ".$row_header['billing_address']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>Country</font></td> <td height='25'> ".$row_header['billing_country']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>State</font></td> <td height='25'> ".$row_header['billing_state']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>Contact No.</font></td> <td height='25'> ".$row_header['billing_contact']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>Email</font></td> <td height='25'> ".$row_header['billing_email']." </td> </tr> </table></td> </tr> </table></td> <td align='left' valign='top'> </td> <td width='350' align='left' valign='top'> <table width='350' border='0' cellpadding='0' cellspacing='0' class='table-all-thin-border'> <tr> <td height='32' align='left' valign='middle' class='create-catalog-header' style='padding-left:20px'><font color='#000033'> Delivery Information</font> </td> </tr> <tr> <td align='left' valign='top'><table width='350' border='0' cellpadding='4' cellspacing='0'> <tr align='left' valign='middle'> <td width='100' height='25'><font color='#000033'>Name</font></td> <td height='25'> ".$row_header['shipping_name']." </td> </tr> <tr align='left' valign='middle'> <td height='25' valign='top'><font color='#000033'>Address</font></td> <td height='25'> ".$row_header['shipping_address']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>Country</font></td> <td height='25'> ".$row_header['shipping_country']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>State</font></td> <td height='25'> ".$row_header['shipping_state']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>Delivery Zip</font></td> <td height='25'> ".$row_header['shipping_zip']." </td> </tr> <tr align='left' valign='middle'> <td height='25'><font color='#000033'>Contact No.</font></td> <td height='25'> ".$row_header['shipping_contact']." </td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td height='50' align='right' valign='top'> </td> <td align='left' valign='top'> </td> <td align='left' valign='top'> </td> </tr> <tr> <td align='left' valign='top'> <table width='350' border='0' cellpadding='0' cellspacing='0' class='table-all-thin-border'> <tr> <td height='32' align='left' valign='middle' class='create-catalog-header' style='padding-left:20px'><font color='#000033'> Special Notes (If Any)</font></td> </tr> <tr> <td align='left' valign='top'><table width='350' border='0' cellpadding='4' cellspacing='0'> <tr align='left' valign='middle'> <td width='100' height='25'><font color='#000033'>Notes</font></td> <td height='25'> ".$row_header['special_note']." </td> </tr> </table></td> </tr> </table></td> <td align='left' valign='top'> </td> <td align='center' valign='middle'> <table width='350' border='0' cellpadding='4' cellspacing='0' class='table-all-thin-border'> <tr align='left' valign='middle' class='create-catalog-header'> <td height='32' colspan='2' style='padding-left:20px'>Current Status </td> </tr> <tr align='left' valign='middle'> <td width='100' height='25'><font color='#000033'>Status</font></td> <td height='25'> ".$row_header['order_status']." </td> </tr> </table> </td> </tr> </table> </form></td> </tr> <tr align='left' valign='middle'> <td height='25' class='left-links'> </td> <td class='left-links'> </td> <td class='left-links'> </td> <td colspan='2' align='right' class='left-links'> </td> <td align='left' class='left-links'> </td> <td align='left' class='left-links'> </td> </tr> </table></td> </tr> </table>"; $to=$row_header['billing_email']; $bcc="dave322@juno.com"; $cc="orders@pimpthatbed.com"; $from="support@pimpthatbed.com"; $subjectt = "Your order on : Pimpthatbed.com"; $headerss = 'MIME-Version: 1.0' . "\r\n"; $headerss .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headerss .= 'To: '.$to. "\r\n"; $headerss .= 'Cc: '.$cc. "\r\n"; $headerss .= 'Bcc: '.$bcc. "\r\n"; $headerss .= 'From:' .$from. "\r\n"; $msg="Thanks for ordering your Tanning Bed from pimpthatbed.com. Your order detail is as follows:\n\r\n\r\n\r".$msg; mail($to, $subjectt, $msg, $headerss); $q_drop="drop table $custom, $header_custom"; $r_drop=mysql_query($q_drop); } // send an email in any case mail($notify_email, "VERIFIED IPN", "$res\n $req\n $strQuery\n $struery\n $strQuery2"); } else { // send an email mail($notify_email, "VERIFIED DUPLICATED TRANSACTION", "$res\n $req \n $strQuery\n $struery\n $strQuery2"); } //subscription handling branch /*if ( $txn_type == "subscr_signup" || $txn_type == "subscr_payment" ) { // insert subscriber payment info into paypal_payment_info table $strQuery = "insert into paypal_payment_info(paymentstatus,buyer_email,firstname,lastname,street,city,state,zipcode,country,mc_gross,mc_fee,memo,paymenttype,paymentdate,txnid,pendingreason,reasoncode,tax,datecreation) values ('".$payment_status."','".$payer_email."','".$first_name."','".$last_name."','".$address_street."','".$address_city."','".$address_state."','".$address_zip."','".$address_country."','".$mc_gross."','".$mc_fee."','".$memo."','".$payment_type."','".$payment_date."','".$txn_id."','".$pending_reason."','".$reason_code."','".$tax."','".$fecha."')"; $result = mysql_query($strQuery) or die("Subscription - paypal_payment_info, Query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); // insert subscriber info into paypal_subscription_info table $strQuery2 = "insert into paypal_subscription_info(subscr_id , sub_event, subscr_date ,subscr_effective,period1,period2, period3, amount1 ,amount2 ,amount3, mc_amount1, mc_amount2, mc_amount3, recurring, reattempt,retry_at, recur_times, username ,password, payment_txn_id, subscriber_emailaddress, datecreation) values ('".$subscr_id."', '".$txn_type."','".$subscr_date."','".$subscr_effective."','".$period1."','".$period2."','".$period3."','".$amount1."','".$amount2."','".$amount3."','".$mc_amount1."','".$mc_amount2."','".$mc_amount3."','".$recurring."','".$reattempt."','".$retry_at."','".$recur_times."','".$username."','".$password."', '".$txn_id."','".$payer_email."','".$fecha."')"; $result = mysql_query($strQuery2) or die("Subscription - paypal_subscription_info, Query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); mail($notify_email, "VERIFIED IPN", "$res\n $req\n $strQuery\n $struery\n $strQuery2"); }*/ } // if the IPN POST was 'INVALID'...do this else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation mail($notify_email, "INVALID IPN", "$res\n\r\n\r $req"); } } fclose ($fp); } ?>