Function Reference: geodir_ipn_handler_paypal
Summary
This function has not been documented yet.
Source Code
function geodir_ipn_handler_paypal() { $paymentOpts = get_payment_options('paypal'); $paymode = $paymentOpts['payment_mode']; $sandbox = $paymode == 'sandbox' ? true : false; $currency_code = geodir_get_currency_type(); // Actual curency code $merchantid = $paymentOpts['merchantid']; // Actual paypal business email /* read the post from PayPal system and add 'cmd' */ $post_data = 'cmd=_notify-validate'; $post = $_POST; foreach ($post as $key => $value) { $value = urlencode(stripslashes_deep($value)); $value = preg_replace('/(.*[^%^0^D])(%0A)(.*)/i','${1}%0D%0A${3}',$value);/* this fixes paypal invalid IPN , STIOFAN */ $post_data .= "&$key=$value"; } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($post_data) . "\r\n\r\n"; $paypal_url = $paymode == 'sandbox' ? 'ssl://www.sandbox.paypal.com' : 'ssl://www.paypal.com'; $fp = fsockopen ($paypal_url, 443, $errno, $errstr, 30); if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $post_data); while (!feof($fp)) { $res = fgets ($fp, 1024); // Inspect IPN validation result and act accordingly $valid_ipn = strstr($res, "VERIFIED"); $invalid_ipn = strstr($res, "INVALID"); $invoice_id = isset($post['custom']) ? $post['custom'] : NULL; // invoice id $invoice_info = geodir_get_invoice( $invoice_id ); // if no invoice info it might have wrong custom field in IPN, as the post id. if(!$invoice_info){ global $wpdb; $invoice = $wpdb->get_row($wpdb->prepare("SELECT * FROM ".INVOICE_TABLE." WHERE post_id = %d ", array($invoice_id))); if($invoice){ $invoice_info = $invoice; } } $user_id = !empty( $invoice_info ) ? $invoice_info->user_id : '1'; if ( $valid_ipn || $sandbox) { // it will enter in condition in test mode. $item_name = $post['item_name']; $txn_id = $post['txn_id']; $payment_status = $post['payment_status']; $payment_type = $post['payment_type']; $payment_date = $post['payment_date']; $txn_type = $post['txn_type']; $subscription = $txn_type == 'recurring_payment' || $txn_type == 'subscr_payment' ? true : false; $mc_currency = $post['mc_currency']; $mc_gross = $post['mc_gross']; $payment_gross = $post['payment_gross']; $receiver_email = $post['receiver_email']; $receiver_id = $post['receiver_id']; // Paypal Merchant Account ID $paid_amount = $mc_gross ? $mc_gross : $payment_gross; $cart_amount = $invoice_info->paied_amount; $post_id = $invoice_info->post_id; /*#################################### ######## FRAUD CHECKS ################ ####################################*/ $fraud = false; $fraud_msg = ''; $transaction_details = ''; // Paypal business field allows both paypal id and paypal email. @see https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/Appx_websitestandard_htmlvariables/#html-variables-for-shopping-carts if ( !( $receiver_email == $merchantid || $receiver_id == $merchantid ) ) { $fraud = true; $fraud_msg .= __('### The Paypal receiver email address does not match the paypal address for this site ###
', 'geodir_payments'); } if ( floatval($paid_amount) != floatval($cart_amount) ) { $fraud = true; $fraud_msg .= __('### The paid amount does not match the price package selected ###
', 'geodir_payments'); } if ( $mc_currency != $currency_code ) { $fraud = true; $fraud_msg .= __('### The currency code returned does not match the code on this site. ###
', 'geodir_payments'); } /*##################################### ######## PAYMENT SUCCESSFUL ########### ######################################*/ if ($txn_type == 'web_accept' || $txn_type == 'subscr_payment' || $txn_type == 'recurring_payment' || $txn_type == 'express_checkout' ) { $paid_amount_with_currency = geodir_payment_price($paid_amount); if ( $fraud ) { $transaction_details .= __('WARNING FRAUD DETECTED PLEASE CHECK THE DETAILS - (IF CORRECT, THEN PUBLISH THE POST)', 'geodir_payments')."
"; } $transaction_details .= $fraud_msg; $transaction_details .= "--------------------------------------------------
"; $transaction_details .= sprintf(__("Payment Details for Invoice ID #%s", 'geodir_payments'), geodir_payment_invoice_id_formatted($invoice_id)) ."
"; $transaction_details .= "--------------------------------------------------
"; $transaction_details .= sprintf(__("Item Name: %s", 'geodir_payments'),$item_name)."
"; $transaction_details .= "--------------------------------------------------
"; $transaction_details .= sprintf(__("Trans ID: %s", 'geodir_payments'), $txn_id)."
"; $transaction_details .= sprintf(__("Status: %s", 'geodir_payments'), $payment_status)."
"; $transaction_details .= sprintf(__("Amount: %s", 'geodir_payments'), $paid_amount_with_currency)."
"; $transaction_details .= sprintf(__("Type: %s", 'geodir_payments'),$payment_type)."
"; $transaction_details .= sprintf(__("Date: %s", 'geodir_payments'), $payment_date)."
"; $transaction_details .= sprintf(__("Method: %s", 'geodir_payments'), $txn_type)."
"; $transaction_details .= "--------------------------------------------------
"; /*############ SET THE INVOICE STATUS START ############*/ // update invoice status and transaction details geodir_update_invoice_status( $invoice_id, 'confirmed', $subscription ); geodir_update_invoice_transaction_details( $invoice_id, $transaction_details ); /*############ SET THE INVOICE STATUS END ############*/ // send notification to admin geodir_payment_adminEmail( $post_id, $user_id, 'payment_success', $transaction_details ); // send notification to client geodir_payment_clientEmail( $post_id, $user_id, 'payment_success', $transaction_details ); } else if ( $txn_type == 'subscr_cancel' || $txn_type == 'subscr_failed' ) { // Set the subscription ac cancelled $post_content = str_replace("&", "
", urldecode($post_data)); $post_content .= '
############## '.__('ORIGINAL SUBSCRIPTION INFO BELOW', 'geodir_payments').' ####################
'; $post_content .= $invoice_info->html; // update invoice status and transaction details $status = $txn_type == 'subscr_cancel' ? 'cancelled' : 'failed'; geodir_update_invoice_status( $invoice_id, $status, $subscription ); geodir_update_invoice_transaction_details( $invoice_id, $post_content ); } else if( $txn_type == 'subscr_signup' ) { $post_content = '####### '.__('THIS IS A SUBSCRIPTION SIGNUP AND IF A FREE TRIAL WAS OFFERED NO PAYMENT WILL BE RECEIVED', 'geodir_payments').' ######
'; $post_content .= str_replace("&", "
", urldecode($post_data)); // update invoice status and transaction details geodir_update_invoice_status( $invoice_id, 'confirmed', $subscription ); geodir_update_invoice_transaction_details( $invoice_id, $post_content ); } /*##################################### ######## PAYMENT SUCCESSFUL ########### ######################################*/ } else if ( $invalid_ipn ) { // update invoice status geodir_update_invoice_status( $invoice_id, 'failed' ); // send notification to admin geodir_payment_adminEmail( $invoice_id, $user_id, 'payment_fail' ); } } } }