Opening connection and validating request with PayPal...
Warning: fopen() expects at most 4 parameters, 5 given in /usr/export/www/hosting/xclan/modules/Donations/ipn/ipnppd.php on line 79
Code: Select all
<?php
/************************************************************************/
/* NukeTreasury - Financial management for PHP-Nuke */
/* Copyright (c) 2004 by Dave Lawrence AKA Thrash */
/* thrash@fragnastika.com */
/* thrashn8r@hotmail.com */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU */
/* General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program; if not, write to the Free Software */
/* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 */
/* USA */
/************************************************************************/
/* NOTE: This file is accessed by PayPal directly, and not through PHP-Nuke */
include("e;../config.php"e;);
$ERR = 0;
$log = "e;"e;;
$loglvl = $tr_configїipn_dbg_lvl];
define(_ERR, 1);
define(_INF, 2);
if( isset($_GETїdbg]) )
$dbg = 1;
else
$dbg = 0;
if( $dbg )
{
dprt("e;Debug mode activated"e;, _INF);
echo "e;<br>PHP-Nuke Treasury mod<br><br>PayPal Instant Payment Notification script<br><br>See below for status:<br>"e;;
echo "e;----------------------------------------------------------------<br>"e;;
$receiver_email = $tr_configї'receiver_email'];
}
$ipnppd = mysql_pconnect($hostname_ipnppd, $username_ipnppd, $password_ipnppd) or die(mysql_error());
if( $ipnppd )
dprt("e;Connection to db - OK!"e;, _INF);
else
dprt("e;Connection to db - **FAILED**"e;, _ERR);
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "e;&$key=$value"e;;
}
// post back to PayPal system to validate
$header .= "e;POST /cgi-bin/webscr HTTP/1.0\r\n"e;;
$header .= "e;Content-Type: application/x-www-form-urlencoded\r\n"e;;
$header .= "e;Content-Length: "e; . strlen($req) . "e;\r\n\r\n"e;;
// assign posted variables to local variables
$item_name = $_POSTї'item_name'];
$item_number = $_POSTї'item_number'];
$payment_status = $_POSTї'payment_status'];
$payment_amount = $_POSTї'mc_gross'];
$payment_currency = $_POSTї'mc_currency'];
$txn_id = $_POSTї'txn_id'];
$txn_type = $_POSTї'txn_type'];
$receiver_email = $_POSTї'receiver_email'];
$payer_email = $_POSTї'payer_email'];
dprt("e;Opening connection and validating request with PayPal..."e;, _INF);
$fp = fopen ('www.paypal.com', 80, $errno, $errstr, 30);
if (!$fp) {
// HTTP ERROR
dprt("e;FAILED to connect to PayPAl"e;, _ERR);
die();
}
dprt("e;OK!"e;, _INF);
fputs ($fp, $header . $req);
// Perform PayPal email account verification
if( !$dbg && strcasecmp( $_POSTї'business'], $tr_configї'receiver_email']) != 0)
{
dprt("e;Incorrect receiver email: $receiver_email , aborting"e;, _ERR) ;
$ERR = 1;
}
$insertSQL = "e;"e;;
// Look for duplicate txn_id's
if( $txn_id )
{
$sql = "e;SELECT * FROM transactions WHERE txn_id = '$txn_id'"e;;
$Recordset1 = mysql_query($sql, $ipnppd) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$NumDups = mysql_num_rows($Recordset1);
}
while (!$dbg && !$ERR && !feof($fp))
{
$res = fgets ($fp, 1024);
if (strcmp ($res, "e;VERIFIED"e;) == 0)
{
dprt("e;PayPal Verified"e;, _INF);
// Ok, PayPal has told us we have a valid IPN here
// Check for a reversal for a refund
if( strcmp($payment_status, "e;Refunded"e;) == 0)
{
// Verify the reversal
dprt("e;Transaction is a Refund"e;, _INF);
if( ($NumDups == 0) || strcmp($row_Recordset1їpayment_status], "e;Completed"e;) ||
(strcmp($row_Recordset1їtxn_type], "e;web_accept"e;) != 0 && strcmp($row_Recordset1їtxn_type], "e;send_money"e;) != 0) )
{
// This is an error. A reversal implies a pre-existing completed transaction
dprt("e;IPN Error: Received refund but missing prior completed transaction"e;, _ERR);
foreach( $_POST as $key => $val )
{
dprt("e;$key => $val"e;, $_ERR);
}
break;
}
if( $NumDups != 1 )
{
dprt("e;IPN Error: Received refund but multiple prior txn_id's encountered, aborting"e;, _ERR);
foreach( $_POST as $key => $val )
{
dprt("e;$key => $val"e;, $_ERR);
}
break;
}
// We flip the sign of these amount so refunds can be handled correctly
$mc_gross = -$_POSTї'mc_gross'];
$mc_fee = -$_POSTї'mc_fee'];
$insertSQL = sprintf("e;INSERT INTO transactions (`txn_id`,`business`,`item_name`, `item_number`, `quantity`, `invoice`, `custom`, `memo`, `tax`, `option_name1`, `option_selection1`, `option_name2`, `option_selection2`, `payment_status`, `payment_date`, `txn_type`, `mc_gross`, `mc_fee`, `mc_currency`, `settle_amount`, `exchange_rate`, `first_name`, `last_name`, `address_street`, `address_city`, `address_state`, `address_zip`, `address_country`, `address_status`, `payer_email`, `payer_status`) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')"e;,
$_POSTї'txn_id'],$_POSTї'business'],$_POSTї'item_name'],$_POSTї'item_number'],$_POSTї'quantity'],$_POSTї'invoice'],$_POSTї'custom'],$_POSTї'memo'],$_POSTї'tax'],$_POSTї'option_name1'],$_POSTї'option_selection1'],$_POSTї'option_name2'],$_POSTї'option_selection2'],$_POSTї'payment_status'],strftime('%Y-%m-%d %H:%M:%S',strtotime($_POSTї'payment_date'])),$_POSTї'txn_type'],$mc_gross,$mc_fee,$_POSTї'mc_currency'],$_POSTї'settle_amount'],$_POSTї'exchange_rate'],$_POSTї'first_name'],$_POSTї'last_name'],$_POSTї'address_street'],$_POSTї'address_city'],$_POSTї'address_state'],$_POSTї'address_zip'],$_POSTї'address_country'],$_POSTї'address_status'],$_POSTї'payer_email'],$_POSTї'payer_status']);
// We're cleared to add this record
dprt($insertSQL, _INF);
$Result1 = mysql_query($insertSQL, $ipnppd) or die(mysql_error());
dprt("e;SQL result = "e; . $Result1, _INF);
break;
} else // Look for anormal payment
if( (strcmp($payment_status, "e;Completed"e;) == 0) && ((strcmp($txn_type, "e;web_accept"e;)== 0) || (strcmp($txn_type, "e;send_money"e;)== 0)) )
{
dprt("e;Normal transaction"e;, _INF);
if( $lp ) fputs($lp, $payer_email . "e; "e; . $payment_status . "e; "e; . $_POSTї'payment_date'] . "e;\n"e;);
// Check for a duplicate txn_id
if( $NumDups != 0 )
{
dprt("e;Valid IPN, but DUPLICATE txn_id! aborting"e;, _ERR);
foreach( $_POST as $key => $val )
{
dprt("e;$key => $val"e;, $_ERR);
}
break;
}
$insertSQL = sprintf("e;INSERT INTO transactions (`txn_id`,`business`,`item_name`, `item_number`, `quantity`, `invoice`, `custom`, `memo`, `tax`, `option_name1`, `option_selection1`, `option_name2`, `option_selection2`, `payment_status`, `payment_date`, `txn_type`, `mc_gross`, `mc_fee`, `mc_currency`, `settle_amount`, `exchange_rate`, `first_name`, `last_name`, `address_street`, `address_city`, `address_state`, `address_zip`, `address_country`, `address_status`, `payer_email`, `payer_status`) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')"e;,
$_POSTї'txn_id'],$_POSTї'business'],$_POSTї'item_name'],$_POSTї'item_number'],$_POSTї'quantity'],$_POSTї'invoice'],$_POSTї'custom'],$_POSTї'memo'],$_POSTї'tax'],$_POSTї'option_name1'],$_POSTї'option_selection1'],$_POSTї'option_name2'],$_POSTї'option_selection2'],$_POSTї'payment_status'],strftime('%Y-%m-%d %H:%M:%S',strtotime($_POSTї'payment_date'])),$_POSTї'txn_type'],$_POSTї'mc_gross'],$_POSTї'mc_fee'],$_POSTї'mc_currency'],$_POSTї'settle_amount'],$_POSTї'exchange_rate'],$_POSTї'first_name'],$_POSTї'last_name'],$_POSTї'address_street'],$_POSTї'address_city'],$_POSTї'address_state'],$_POSTї'address_zip'],$_POSTї'address_country'],$_POSTї'address_status'],$_POSTї'payer_email'],$_POSTї'payer_status']);
// We're cleared to add this record
dprt($insertSQL, _INF);
$Result1 = mysql_query($insertSQL, $ipnppd) or die(mysql_error());
dprt("e;SQL result = "e; . $Result1, _INF);
break;
} else // We're not interested in this transaction, so we're done
{
dprt("e;Valid IPN, but not interested in this transaction"e;, _ERR);
foreach( $_POST as $key => $val )
{
dprt("e;$key => $val"e;, $_ERR);
}
break;
}
}
else if (strcmp ($res, "e;INVALID"e;) == 0)
{
// log for manual investigation
dprt("e;Invalid IPN transaction, this is an abnormal condition"e;, _ERR);
foreach( $_POST as $key => $val )
{
dprt("e;$key => $val"e;, $_ERR);
}
break;
}
}
if( $dbg )
{
$sql = "e;SELECT * FROM transactions LIMIT 10"e;;
echo "e;Selecting database..."e;;
$res = mysql_select_db($database_ipnppd, $ipnppd);
if($res)
echo "e;OK!<br>"e;;
else
echo "e;<b>FAILED - err: $res</b><br>"e;;
echo "e;Executing test query..."e;;
$Result1 = mysql_query($sql, $ipnppd) or die(mysql_error());
if($Result1)
echo "e;PASSED!<br>"e;;
else
echo "e;<b>FAILED</b><br>"e;;
echo "e;PayPal Receiver Email: $tr_configїreceiver_email]"e; ;
}
if( $log )
{
dprt("e;Logging events<br>\n"e;, _INF);
// Insert the log entry
$sql = "e;INSERT INTO translog VALUES ('','"e; . strftime('%Y-%m-%d %H:%M:%S',mktime()) . "e;', '"e;
. strftime('%Y-%m-%d %H:%M:%S',strtotime($_POSTї'payment_date'])) . "e;','"e; . addslashes($log) . "e;')"e;;
$Result1 = mysql_query($sql, $ipnppd) or die(mysql_error());
// Clear out old log entries
$sql = "e;SELECT id as lowid FROM translog ORDER BY id DESC LIMIT "e; . $tr_configїipn_log_entries];
$Result1 = mysql_query($sql, $ipnppd) or die(mysql_error());
while($recordSet = mysql_fetch_assoc($Result1))
{
$lowid = $recordSetїlowid];
}
$sql = "e;DELETE FROM translog WHERE id < '"e; . $lowid . "e;'"e;;
$Result1 = mysql_query($sql, $ipnppd) or die(mysql_error());
}
fclose ($fp);
if( $lp ) fputs($lp,"e;Exiting\n"e;);
if( $lp ) fclose ($lp);
if( $dbg)
{
echo "e;<br>----------------------------------------------------------------<br>"e;;
echo "e;If you don't see any error messages, you should be good to go!<br>"e;;
}
function dprt($str, $clvl)
{
global $dbg, $ipnppd, $lp, $log, $loglvl;
if( $lp ) fputs($lp, $str . "e;\n"e;);
if( $dbg ) echo $str . "e;<br>"e;;
if( $clvl <= $loglvl )
$log .= $str . "e;\n"e;;
}
?>
Could someone please help me edit it so that it works..