Beispiel #1
0
get_secpay_conf();
// Concatenate the strings and check for the md5sig
$concat_str = $_REQUEST["merchant_id"] . $_REQUEST["transaction_id"] . strtoupper(md5($secpayconf_moneybookers_secret_word)) . $_REQUEST["mb_amount"] . $_REQUEST["mb_currency"] . $_REQUEST["status"];
if (strtoupper(md5($concat_str)) != $_REQUEST["md5sig"]) {
    die("md5sum not validated!");
}
if ($secpayconf_moneybookers_sandbox == "yes") {
    // This is test sandbox site
    $moneybookers_host = "www.moneybookers.com";
    $moneybookers_cgi = "/app/payment.pl";
    $ze_moneybookers_email = $secpayconf_moneybookers_sandbox_email;
} else {
    // This is production website
    $moneybookers_host = "www.moneybookers.com";
    $moneybookers_cgi = "/app/payment.pl";
    $ze_moneybookers_email = $secpayconf_moneybookers_email;
}
if ($_REQUEST["pay_to_email"] != $ze_moneybookers_email) {
    die("This is not our business moneybookers email!");
}
if ($_REQUEST["mb_currency"] != $secpayconf_currency_letters) {
    die("Incorrect currency!");
}
$item_number = mysql_real_escape_string($_REQUEST["transaction_id"]);
$amount = mysql_real_escape_string($_REQUEST["mb_amount"]);
if ($_REQUEST["mb_status"] != "0") {
    setPaiemntAsPending($item_number, mysql_real_escape_string("moneybookers"));
}
if ($_REQUEST["mb_status"] != "2") {
    validatePaiement($item_number, $amount, "online", "moneybookers", mysql_real_escape_string($_REQUEST["mb_transaction_id"]));
}
Beispiel #2
0
 // check that txn_id has not been previously processed
 // check that receiver_email is your Primary PayPal email
 // check that payment_amount/payment_currency are correct
 // process payment
 if ($_REQUEST["business"] != $secpayconf_paypal_email) {
     logPay("db:" . $secpayconf_paypal_email . "/request:" . $_REQUEST["business"]);
     logPay("Business paypal email do not match !");
     die("This is not our business paypal email!");
 }
 if ($_REQUEST["mc_currency"] != $secpayconf_currency_letters) {
     logPay("Currency is not {$secpayconf_currency_letters} !");
     die("Incorrect currency!");
 }
 if ($_REQUEST["payment_status"] != "Completed") {
     if ($_REQUEST["payment_status"] == "Pending") {
         setPaiemntAsPending(mysql_real_escape_string($item_number), mysql_real_escape_string($_REQUEST["pending_reason"]));
     } else {
         logPay("Status is not completed or pending !");
         die("Status not completed or pending...");
     }
 } else {
     logPay("Calling validate()");
     // validatePaiement($item_number,$refund_amount,"online","paypal",$txn_id,$_POST["payment_gross"]);
     // This should work better:
     if ($secpayconf_paypal_validate_with == "total") {
         $refund_amount = $_REQUEST["mc_gross"] - $_REQUEST["mc_fee"];
     } else {
         // Ensure amount tally according to cost before adding the paypal fees
         $refund_amount = $_REQUEST["mc_gross"];
     }
     validatePaiement(mysql_real_escape_string($item_number), $refund_amount, "online", "paypal", mysql_real_escape_string($_REQUEST["txn_id"]), mysql_real_escape_string($_REQUEST["mc_gross"]));