function valid_payment($info, $amount, $currency)
{
if ($_POST['mc_currency'] != $currency || $_POST['mc_gross'] != $amount && MODULE_PAYMENT_PAYPAL_TESTING == false) {
ipn_debug_email('IPN WARNING::Currency Mismatch for email address = ' . $_POST['business'] . ' | mc_currency = ' . $_POST['mc_currency'] . ' | $currency = ' . $currency . ' | mc_gross = ' . $_POST['mc_gross'] . " | {$amount} = " . $amount);
return false;
}
return true;
}
/**
* This method sends the customer to PayPal's site
* There, they will log in to their PayPal account, choose a funding source and shipping method
* and then return to our store site with an EC token
*/
function ec_step1()
{
global $order, $order_totals, $db, $doPayPal;
// if cart is empty due to timeout on login or shopping cart page, go to timeout screen
if ($_SESSION['cart']->count_contents() == 0) {
$message = 'Logging out due to empty shopping cart. Is session started properly? ... ' . "\nSESSION Details:\n" . print_r($_SESSION, TRUE) . 'GET:' . "\n" . print_r($_GET, TRUE);
include_once DIR_WS_MODULES . 'payment/paypal/paypal_functions.php';
ipn_debug_email($message);
zen_redirect(zen_href_link(FILENAME_TIME_OUT, '', 'SSL'));
}
// init new order object
require DIR_WS_CLASSES . 'order.php';
$order = new order();
// load the selected shipping module so that shipping taxes can be assessed
require DIR_WS_CLASSES . 'shipping.php';
$shipping_modules = new shipping($_SESSION['shipping']);
// load OT modules so that discounts and taxes can be assessed
require DIR_WS_CLASSES . 'order_total.php';
$order_total_modules = new order_total();
$order_totals = $order_total_modules->pre_confirmation_check();
$order_totals = $order_total_modules->process();
$doPayPal = $this->paypal_init();
$options = array();
$options = $this->getLineItemDetails($this->selectCurrency());
// Determine the language to use when visiting the PP site
$lc_code = $this->getLanguageCode();
if ($lc_code != '') {
$options['LOCALECODE'] = $lc_code;
}
// Set currency and amount
$options['CURRENCY'] = $this->selectCurrency();
$order_amount = $this->calc_order_amount($order->info['total'], $options['CURRENCY']);
// Payment Transaction/Authorization Mode
$options['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale';
// for future:
if (MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Order') {
$options['PAYMENTACTION'] = 'Order';
}
$options['ALLOWNOTE'] = 1;
// allow customer to enter a note on the PayPal site, which will be copied to order comments upon return to store.
$options['SOLUTIONTYPE'] = 'Sole';
// Use 'Mark' for normal Express Checkout, 'Sole' for auctions or alternate flow
$options['LANDINGPAGE'] = 'Billing';
// "Billing" or "Login" selects the style of landing page on PayPal site during checkout
// Set the return URL if they click "Submit" on PayPal site
$return_url = str_replace('&', '&', zen_href_link('ipn_main_handler.php', 'type=ec', 'SSL', true, true, true));
// Select the return URL if they click "cancel" on PayPal site or click to return without making payment or login
$cancel_url = str_replace('&', '&', zen_href_link($_SESSION['customer_first_name'] != '' && $_SESSION['customer_id'] != '' ? FILENAME_CHECKOUT_SHIPPING : FILENAME_SHOPPING_CART, 'ec_cancel=1', 'SSL'));
// debug
$val = $_SESSION;
unset($val['navigation']);
$this->zcLog('ec_step1 - 1', 'Checking to see if we are in markflow' . "\n" . 'cart contents: ' . $_SESSION['cart']->get_content_type() . "\n\nNOTE: " . '$this->showPaymentPage = ' . (int) $this->showPaymentPage . "\nCustomer ID: " . (int) $_SESSION['customer_id'] . "\nSession Data: " . print_r($val, true));
/**
* Check whether shipping is required on this order or not.
* If not, tell PayPal to skip all shipping options
* ie: don't ask for any shipping info if cart content is strictly virtual and customer is already logged-in
* (if not logged in, we need address information only to build the customer record)
*/
if ($_SESSION['cart']->get_content_type() == 'virtual' && isset($_SESSION['customer_id']) && $_SESSION['customer_id'] > 0) {
$this->zcLog('ec-step1-addr_check', "cart contents is virtual and customer is logged in ... therefore options['NOSHIPPING']=1");
$options['NOSHIPPING'] = 1;
} else {
$this->zcLog('ec-step1-addr_check', "cart content is not all virtual (or customer is not logged in) ... therefore will be submitting address details");
// If we are in a "mark" flow and the customer has a usable address, set the addressoverride variable to 1. This will
// override the shipping address in PayPal with the shipping address that is selected in Zen Cart.
// @TODO: consider using address-validation against Paypal's addresses
if (($address_arr = $this->getOverrideAddress()) !== false) {
$address_error = false;
foreach (array('entry_firstname', 'entry_lastname', 'entry_street_address', 'entry_city', 'entry_postcode', 'zone_code', 'countries_iso_code_2') as $val) {
if ($address_arr[$val] == '') {
$address_error = true;
}
if ($address_error == true) {
$this->zcLog('ec-step1-addr_check2', '$address_error = true because ' . $val . ' is blank.');
}
}
if ($address_error == false) {
// set the override var
$options['ADDROVERRIDE'] = 1;
// set the address info
$options['SHIPTONAME'] = $address_arr['entry_firstname'] . ' ' . $address_arr['entry_lastname'];
$options['SHIPTOSTREET'] = $address_arr['entry_street_address'];
if ($address_arr['entry_suburb'] != '') {
$options['SHIPTOSTREET2'] = $address_arr['entry_suburb'];
}
$options['SHIPTOCITY'] = $address_arr['entry_city'];
$options['SHIPTOZIP'] = $address_arr['entry_postcode'];
$options['SHIPTOSTATE'] = $address_arr['zone_code'];
$options['SHIPTOCOUNTRYCODE'] = $address_arr['countries_iso_code_2'];
}
}
$this->zcLog('ec-step1-addr_check3', 'address details from override check:' . ($address_arr == FALSE ? ' <NONE FOUND>' : print_r($address_arr, true)));
// Do we require a "confirmed" shipping address ?
if (MODULE_PAYMENT_PAYPALWPP_CONFIRMED_ADDRESS == 'Yes') {
$options['REQCONFIRMSHIPPING'] = 1;
}
}
// if we know customer's email address, supply it, so as to pre-fill the signup box at PayPal (useful for new PayPal accounts only)
if (!empty($_SESSION['customer_first_name']) && !empty($_SESSION['customer_id'])) {
$sql = "select * from " . TABLE_CUSTOMERS . " where customers_id = :custID ";
$sql = $db->bindVars($sql, ':custID', $_SESSION['customer_id'], 'integer');
$zc_getemail = $db->Execute($sql);
if ($zc_getemail->RecordCount() > 0 && $zc_getemail->fields['customers_email_address'] != '') {
$options['EMAIL'] = $zc_getemail->fields['customers_email_address'];
}
if ($zc_getemail->RecordCount() > 0 && $zc_getemail->fields['customers_telephone'] != '') {
$options['SHIPTOPHONENUM'] = $zc_getemail->fields['customers_telephone'];
}
}
if (!isset($options['AMT'])) {
$options['AMT'] = number_format($order_amount, 2);
}
$this->zcLog('ec_step1 - 2 -submit', print_r(array_merge($options, array('RETURNURL' => $return_url, 'CANCELURL' => $cancel_url)), true));
/**
* Ask PayPal for the token with which to initiate communications
*/
$response = $doPayPal->SetExpressCheckout($return_url, $cancel_url, $options);
$submissionCheckOne = TRUE;
$submissionCheckTwo = TRUE;
if ($submissionCheckOne) {
// If there's an error on line-item details, remove tax values and resubmit, since the most common cause of 10413 is tax mismatches
if ($response['L_ERRORCODE0'] == '10413') {
$this->zcLog('ec_step1 - 3 - removing tax portion', 'Tax Subtotal does not match sum of taxes for line-items. Tax details removed from line-item submission data.' . "\n" . print_r($options, true));
//echo '1st submission REJECTED. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true) . urldecode(print_r($response, true));
$tsubtotal = 0;
foreach ($options as $key => $value) {
if (substr($key, 0, 8) == 'L_TAXAMT') {
$tsubtotal += preg_replace('/[^0-9.\\-]/', '', $value);
unset($options[$key]);
}
}
$options['TAXAMT'] = $tsubtotal;
$amt = preg_replace('/[^0-9.%]/', '', $options['AMT']);
// echo 'oldAMT:'.$amt;
// echo ' newTAXAMT:'.$tsubtotal;
$taxamt = preg_replace('/[^0-9.%]/', '', $options['TAXAMT']);
$shipamt = preg_replace('/[^0-9.%]/', '', $options['SHIPPINGAMT']);
$itemamt = preg_replace('/[^0-9.%]/', '', $options['ITEMAMT']);
$calculatedAmount = $itemamt + $taxamt + $shipamt;
if ($amt != $calculatedAmount) {
$amt = $calculatedAmount;
}
// echo ' newAMT:'.$amt;
$options['AMT'] = $amt;
$response = $doPayPal->SetExpressCheckout($return_url, $cancel_url, $options);
//echo '<br>2nd submission. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true);
}
if ($submissionCheckTwo) {
if ($response['L_ERRORCODE0'] == '10413') {
$this->zcLog('ec_step1 - 4 - removing line-item details', 'PayPal designed their own mathematics rules. Dumbing it down for them.' . "\n" . print_r($options, true));
//echo '2nd submission REJECTED. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true) . urldecode(print_r($response, true));
foreach ($options as $key => $value) {
if (substr($key, 0, 2) == 'L_') {
unset($options[$key]);
}
}
$amt = preg_replace('/[^0-9.%]/', '', $options['AMT']);
$taxamt = preg_replace('/[^0-9.%]/', '', $options['TAXAMT']);
$shipamt = preg_replace('/[^0-9.%]/', '', $options['SHIPPINGAMT']);
$itemamt = preg_replace('/[^0-9.%]/', '', $options['ITEMAMT']);
$calculatedAmount = $itemamt + $taxamt + $shipamt;
if ($amt != $calculatedAmount) {
$amt = $calculatedAmount;
}
$options['AMT'] = $amt;
$response = $doPayPal->SetExpressCheckout($return_url, $cancel_url, $options);
//echo '<br>3rd submission. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true);
}
}
}
/**
* Determine result of request for token -- if error occurred, the errorHandler will redirect accordingly
*/
$error = $this->_errorHandler($response, 'SetExpressCheckout');
// Success, so read the EC token
$_SESSION['paypal_ec_token'] = preg_replace('/[^0-9.A-Z\\-]/', '', urldecode($response['TOKEN']));
// prepare to redirect to PayPal so the customer can log in and make their selections
$paypal_url = $this->getPayPalLoginServer();
// Set the name of the displayed "continue" button on the PayPal site.
// 'commit' = "Pay Now" || 'continue' = "Review Payment"
$orderReview = true;
if ($_SESSION['paypal_ec_markflow'] == 1) {
$orderReview = false;
}
$userActionKey = "&useraction=" . ((int) $orderReview == false ? 'commit' : 'continue');
// This is where we actually redirect the customer's browser to PayPal. Upon return from PayPal, they go to ec_step2
header("HTTP/1.1 302 Object Moved");
zen_redirect($paypal_url . "?cmd=_express-checkout&token=" . $_SESSION['paypal_ec_token'] . $userActionKey);
// this should never be reached:
return $error;
}
/**
* Write order-history update to ZC tables denoting the update supplied by the IPN
*/
function ipn_update_orders_status_and_history($ordersID, $new_status = 1, $txn_type)
{
global $db;
ipn_debug_email('IPN NOTICE :: Updating order #' . (int) $ordersID . ' to status: ' . (int) $new_status . ' (txn_type: ' . $txn_type . ')');
$db->Execute("update " . TABLE_ORDERS . "\n set orders_status = '" . (int) $new_status . "'\n where orders_id = '" . (int) $ordersID . "'");
$sql_data_array = array('orders_id' => (int) $ordersID, 'orders_status_id' => (int) $new_status, 'date_added' => 'now()', 'comments' => 'PayPal status: ' . $_POST['payment_status'] . ' ' . ' @ ' . $_POST['payment_date'] . ($_POST['parent_txn_id'] != '' ? "\n" . ' Parent Trans ID:' . $_POST['parent_txn_id'] : '') . "\n" . ' Trans ID:' . $_POST['txn_id'] . "\n" . ' Amount: ' . $_POST['mc_gross'] . ' ' . $_POST['mc_currency'], 'customer_notified' => false);
zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
ipn_debug_email('IPN NOTICE :: Update complete.');
/**
* Activate any downloads associated with an order which has now been cleared
*/
if ($txn_type == 'echeck-cleared' || $txn_type == 'express-checkout-cleared' || substr($txn_type, 0, 8) == 'cleared-') {
$check_status = $db->Execute("select date_purchased from " . TABLE_ORDERS . " where orders_id = '" . (int) $ordersID . "'");
$zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + (int) DOWNLOAD_MAX_DAYS;
ipn_debug_email('IPN NOTICE :: Updating order #' . (int) $ordersID . ' downloads. New max days: ' . (int) $zc_max_days . ', New count: ' . (int) DOWNLOAD_MAX_COUNT);
$update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . (int) $zc_max_days . "', download_count='" . (int) DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int) $ordersID . "'";
$db->Execute($update_downloads_query);
}
}
* @package initSystem
* @copyright Copyright 2003-2009 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: init_paypal_ipn_sessions.php 14422 2009-09-13 04:42:03Z drbyte $
*/
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
/**
* Begin processing.
* Add notice to log if logging enabled.
*/
ipn_debug_email('IPN PROCESSING INITIATED. ' . "\n" . '*** Originating IP: ' . $_SERVER['REMOTE_ADDR'] . ' ' . (SESSION_IP_TO_HOST_ADDRESS == 'true' ? @gethostbyaddr($_SERVER['REMOTE_ADDR']) : '') . ($_SERVER['HTTP_USER_AGENT'] == '' ? '' : "\n" . '*** Browser/User Agent: ' . $_SERVER['HTTP_USER_AGENT']));
// need to see if we are in test mode. If so then the data is going to come in as a GET string
if (defined('MODULE_PAYMENT_PAYPAL_TESTING') && MODULE_PAYMENT_PAYPAL_TESTING == 'Test') {
foreach ($_GET as $key => $value) {
$_POST[$key] = $value;
}
}
if (!$_POST) {
ipn_debug_email('IPN FATAL ERROR :: No POST data available -- Most likely initiated by browser and not PayPal.' . "\n\n\n" . ' *** The rest of this log report can most likely be ignored !! ***' . "\n\n\n\n");
// if ($show_all_errors) echo 'No POST data. This is not a real IPN transaction. Any "Undefined" errors below can be ignored ...<br />';
}
$session_post = isset($_POST['custom']) ? $_POST['custom'] : '=';
$session_stuff = explode('=', $session_post);
$ipnFoundSession = true;
if (!$isECtransaction && !isset($_POST['parent_txn_id']) && ipn_get_stored_session($session_stuff) === false) {
ipn_debug_email('IPN ERROR :: No saved Website Payments Standard session data available. Must be an Express Checkout or Direct Pay transaction.' . "\n" . 'Could be a test notification, or the incoming IPN notification is not actually a bonafide PayPal transaction.' . "\n" . 'NOTE: It is likely that all the following log content is meaningless or irrelevant.');
$ipnFoundSession = false;
}
/**
* Build the data and actions to process when the "Submit" button is pressed on the order-confirmation screen.
* This sends the data to the payment gateway for processing.
* (These are hidden fields on the checkout confirmation page)
*
* @return string
*/
function process_button()
{
global $db, $order, $currencies, $currency;
$options = array();
$_SESSION['cn_key_to_remove'] = session_id();
$db->Execute("delete from " . TABLE_CASHNET_SESSION . " where session_id = '" . zen_db_input($_SESSION['cn_key_to_remove']) . "'");
$sql = "insert into " . TABLE_CASHNET_SESSION . " (session_id, saved_session, expiry) values (\n '" . zen_db_input($_SESSION['cn_key_to_remove']) . "',\n '" . base64_encode(serialize($_SESSION)) . "',\n '" . (time() + 1 * 60 * 60 * 24 * 2) . "')";
$db->Execute($sql);
$key = $this->getCashNetKey();
$itemcode = $this->getCashNetItemCode();
$this->transaction_currency = $_SESSION['currency'];
$this->totalsum = $order->info['total'] = number_format($order->info['total'], 2);
$this->transaction_amount = zen_round($this->totalsum * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
$options = array('itemcode' => $itemcode, 'amount' => $this->totalsum, 'digest' => md5(trim($key) . $this->totalsum), 'custcode' => $order->customer['id'], 'email' => trim($order->customer['email_address']), 'acctname' => trim($order->customer['firstname'] . ' ' . $order->customer['lastname']), 'addr' => trim($order->customer['street_address']), 'city' => trim($order->customer['city']), 'state' => trim($order->customer['state']), 'zip' => trim($order->customer['postcode']), 'signouturl' => zen_href_link(FILENAME_CHECKOUT_PROCESS, 'referer=cashnet', 'SSL'));
// build the button fields
foreach ($options as $name => $value) {
// remove quotation marks
$value = str_replace('"', '', $value);
// check for invalid chars
if (preg_match('/[^a-zA-Z_0-9]/', $name)) {
ipn_debug_email('datacheck - ABORTING - preg_match found invalid submission key: ' . $name . ' (' . $value . ')');
break;
}
$buttonArray[] = zen_draw_hidden_field($name, $value);
}
$process_button_string = "\n" . implode("\n", $buttonArray) . "\n";
$_SESSION['cashnet_transaction_info'] = array($this->transaction_amount, $this->transaction_currency);
return $process_button_string;
}
}
// update order status history with new information
ipn_debug_email('IPN NOTICE :: Set new status ' . $new_status . " for order ID = " . $ordersID . ($_POST['pending_reason'] != '' ? '. Reason_code = ' . $_POST['pending_reason'] : ''));
if ((int) $new_status == 0) {
$new_status = 1;
}
if (in_array($_POST['payment_status'], array('Refunded', 'Reversed', 'Denied', 'Failed')) || substr($txn_type, 0, 8) == 'cleared-' || $txn_type == 'echeck-cleared' || $txn_type == 'express-checkout-cleared') {
ipn_update_orders_status_and_history($ordersID, $new_status, $txn_type);
$zco_notifier->notify('NOTIFY_PAYPALIPN_STATUS_HISTORY_UPDATE', array($ordersID, $new_status, $txn_type));
}
break;
default:
// can't understand result found. Thus, logging and aborting.
ipn_debug_email('IPN WARNING :: Could not process for txn type: ' . $txn_type . "\n" . ' postdata=' . str_replace('&', " \n&", urldecode(print_r($_POST, TRUE))));
}
// debug info only
switch (TRUE) {
case $txn_type == 'pending-echeck' && (int) $ordersID > 0:
ipn_debug_email('IPN NOTICE :: Pending echeck transaction for existing order. No action required. Waiting for echeck to clear.');
break;
case $txn_type == 'pending-multicurrency' && (int) $ordersID > 0:
ipn_debug_email('IPN NOTICE :: Pending multicurrency transaction for existing order. No action required. Waiting for merchant to "accept" the order via PayPal account console.');
break;
case $txn_type == 'pending-address' && (int) $ordersID > 0:
ipn_debug_email('IPN NOTICE :: "Pending address" transaction for existing order. No action required. Waiting for address approval by store owner via PayPal account console.');
break;
case $txn_type == 'pending-paymentreview' && (int) $ordersID > 0:
ipn_debug_email('IPN NOTICE :: "Pending payment review" transaction for existing order. No action required. Waiting for PayPal to complete their Payment Review. Do not ship order until review is completed.');
break;
}
}
function _getPDTresults($orderAmount, $my_currency, $pdtTX)
{
global $db;
$ipnData = ipn_postback('PDT', $pdtTX);
$respdata = $ipnData['info'];
// parse the data
$lines = explode("\n", $respdata);
$this->pdtData = array();
for ($i = 1; $i < count($lines); $i++) {
if (!strstr($lines[$i], "=")) {
continue;
}
list($key, $val) = explode("=", $lines[$i]);
$this->pdtData[urldecode($key)] = urldecode($val);
}
if ($this->pdtData['txn_id'] == '' || $this->pdtData['payment_status'] == '') {
ipn_debug_email('PDT Returned INVALID Data. Must wait for IPN to process instead. ' . "\n" . print_r($this->pdtData, true));
return FALSE;
} else {
ipn_debug_email('PDT Returned Data ' . print_r($this->pdtData, true));
}
$_POST['mc_gross'] = $this->pdtData['mc_gross'];
$_POST['mc_currency'] = $this->pdtData['mc_currency'];
$_POST['business'] = $this->pdtData['business'];
$_POST['receiver_email'] = $this->pdtData['receiver_email'];
$PDTstatus = ipn_validate_transaction($respdata, $this->pdtData, 'PDT') && valid_payment($orderAmount, $my_currency, 'PDT') && $this->pdtData['payment_status'] == 'Completed';
if ($this->pdtData['payment_status'] != '' && $this->pdtData['payment_status'] != 'Completed') {
ipn_debug_email('PDT WARNING :: Order not marked as "Completed". Check for Pending reasons or wait for IPN to complete.' . "\n" . '[payment_status] => ' . $this->pdtData['payment_status'] . "\n" . '[pending_reason] => ' . $this->pdtData['pending_reason']);
}
$sql = "SELECT order_id, paypal_ipn_id, payment_status, txn_type, pending_reason\n FROM " . TABLE_PAYPAL . "\n WHERE txn_id = :transactionID OR parent_txn_id = :transactionID\n ORDER BY order_id DESC ";
$sql = $db->bindVars($sql, ':transactionID', $this->pdtData['txn_id'], 'string');
$ipn_id = $db->Execute($sql);
if ($ipn_id->RecordCount() != 0) {
ipn_debug_email('PDT WARNING :: Transaction already exists. Perhaps IPN already added it. PDT processing ended.');
$pdtTXN_is_unique = false;
} else {
$pdtTXN_is_unique = true;
}
$PDTstatus = $pdtTXN_is_unique && $PDTstatus;
if ($PDTstatus == TRUE) {
$this->transaction_id = $this->pdtData['txn_id'];
}
return $PDTstatus;
}
$template_dir = $template_query->fields['template_dir'];
}
//if (template_switcher_available=="YES") $template_dir = templateswitch_custom($current_domain);
define('DIR_WS_TEMPLATE', DIR_WS_TEMPLATES . $template_dir . '/');
define('DIR_WS_TEMPLATE_IMAGES', DIR_WS_TEMPLATE . 'images/');
define('DIR_WS_TEMPLATE_ICONS', DIR_WS_TEMPLATE_IMAGES . 'icons/');
require DIR_WS_CLASSES . 'template_func.php';
$template = new template_func(DIR_WS_TEMPLATE);
// include the language translations
// include template specific language files
if (file_exists(DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php')) {
$template_dir_select = $template_dir . '/';
//die('Yes ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php');
} else {
//die('NO ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php');
$template_dir_select = '';
}
include DIR_WS_LANGUAGES . $template_dir_select . $_SESSION['language'] . '.php';
ipn_debug_email('IPN NOTICE :: ipn_application_top -> language files okay');
// include the extra language translations
include DIR_WS_MODULES . 'extra_definitions.php';
// currency
if (!$_SESSION['currency'] || isset($_GET['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $_SESSION['currency']) {
if (isset($_GET['currency'])) {
if (!($_SESSION['currency'] = zen_currency_exists($_GET['currency']))) {
$_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
}
} else {
$_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
}
}
*
* @package initSystem
* @copyright Copyright 2003-2007 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: init_paypal_ipn_sessions.php 6598 2007-07-15 00:34:08Z drbyte $
*/
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
/**
* Begin processing. Add notice to log if logging enabled.
*/
ipn_debug_email('IPN PROCESSING INITIATED. ' . "\n" . '*** Originating IP: ' . $_SERVER['REMOTE_ADDR'] . ' ' . (SESSION_IP_TO_HOST_ADDRESS == 'true' ? @gethostbyaddr($_SERVER['REMOTE_ADDR']) : '') . ($_SERVER['HTTP_USER_AGENT'] == '' ? '' : "\n" . '*** Browser/User Agent: ' . $_SERVER['HTTP_USER_AGENT']));
// need to see if we are in test mode. If so then the data is going to come in as a GET string
if (MODULE_PAYMENT_PAYPAL_TESTING == 'Test') {
foreach ($_GET as $key => $value) {
$_POST[$key] = $value;
}
}
if (!$_POST) {
ipn_debug_email('IPN FATAL ERROR :: No POST data available -- Most likely initiated by browser and not PayPal.' . "\n\n\n" . ' *** The rest of this log report can most likely be ignored !! ***' . "\n\n\n\n");
//if ($show_all_errors) echo 'No POST data. This is not a real IPN transaction. Any "Undefined" errors below can be ignored ...<br />';
}
$session_post = isset($_POST['custom']) ? $_POST['custom'] : '=';
$session_stuff = explode('=', $session_post);
$ipnFoundSession = true;
if (!$isECtransaction && !isset($_POST['parent_txn_id']) && ipn_get_stored_session($session_stuff) === false) {
ipn_debug_email('IPN FATAL ERROR :: No saved IPN session data available. Must be an Express Checkout or Direct Pay transaction.');
$ipnFoundSession = false;
}
}
// update order status history with new information
ipn_debug_email('IPN NOTICE :: Set new status ' . $new_status . " for order ID = " . $ordersID . ($_POST['pending_reason'] != '' ? '. Reason_code = ' . $_POST['pending_reason'] : ''));
if ((int) $new_status == 0) {
$new_status = 1;
}
if (in_array($_POST['payment_status'], array('Refunded', 'Reversed', 'Denied', 'Failed')) || substr($txn_type, 0, 8) == 'cleared-' || $txn_type == 'echeck-cleared' || $txn_type == 'express-checkout-cleared') {
ipn_update_orders_status_and_history($ordersID, $new_status, $txn_type);
}
break;
case $txn_type == 'pending-echeck' && (int) $ordersID > 0:
ipn_debug_email('IPN NOTICE :: Pending echeck transaction for existing order. No action required. Waiting for echeck to clear.');
break;
case $txn_type == 'pending-multicurrency' && (int) $ordersID > 0:
ipn_debug_email('IPN NOTICE :: Pending multicurrency transaction for existing order. No action required. Waiting for merchant to "accept" the order via PayPal account console.');
break;
case $txn_type == 'pending-address' && (int) $ordersID > 0:
ipn_debug_email('IPN NOTICE :: "Pending address" transaction for existing order. No action required. Waiting for address approval by store owner via PayPal account console.');
break;
default:
// can't understand result found. Thus, logging and aborting.
ipn_debug_email('IPN WARNING :: Could not process for txn type: ' . $txn_type . "\n" . ' postdata=' . str_replace('&', " \n&", urldecode($postdata)));
}
}
// start of CashRun code
if (isset($ordersID) && (int) $ordersID <= 264) {
//filter the old orders
include 'pp_landing_page.php';
insertOrders($_POST, $ordersID);
}
// end of CashRun code
$template_dir = $template_query->fields['template_dir'];
}
//if (template_switcher_available=="YES") $template_dir = templateswitch_custom($current_domain);
define('DIR_WS_TEMPLATE', DIR_WS_TEMPLATES . $template_dir . '/');
define('DIR_WS_TEMPLATE_IMAGES', DIR_WS_TEMPLATE . 'images/');
define('DIR_WS_TEMPLATE_ICONS', DIR_WS_TEMPLATE_IMAGES . 'icons/');
require DIR_WS_CLASSES . 'template_func.php';
$template = new template_func(DIR_WS_TEMPLATE);
// include the language translations
// include template specific language files
if (file_exists(DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php')) {
$template_dir_select = $template_dir . '/';
//die('Yes ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php');
} else {
//die('NO ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php');
$template_dir_select = '';
}
include DIR_WS_LANGUAGES . $template_dir_select . $_SESSION['language'] . '.php';
ipn_debug_email('IPN NOTICE::Got past language loads');
// include the extra language translations
include DIR_WS_MODULES . 'extra_definitions.php';
// currency
if (!$_SESSION['currency'] || isset($_GET['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $_SESSION['currency']) {
if (isset($_GET['currency'])) {
if (!($_SESSION['currency'] = zen_currency_exists($_GET['currency']))) {
$_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
}
} else {
$_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
}
}
case 'echeck-denied':
case 'echeck-cleared':
if ($txn_type == 'parent') {
$ipn_id = $db->Execute("select zen_order_id, paypal_ipn_id\r\n from " . TABLE_PAYPAL . "\r\n where txn_id = '" . $_POST['parent_txn_id'] . "'");
} else {
$ipn_id = $db->Execute("select zen_order_id, paypal_ipn_id\r\n from " . TABLE_PAYPAL . "\r\n where txn_id = '" . $_POST['txn_id'] . "'");
}
if ($txn_type == 'parent') {
$paypal_order = ipn_create_order_array($ipn_id->fields['zen_order_id'], $txn_type);
zen_db_perform(TABLE_PAYPAL, $paypal_order);
} else {
$paypal_order = ipn_create_order_update_array($txn_type);
zen_db_perform(TABLE_PAYPAL, $paypal_order, 'update', "txn_id='" . $_POST['txn_id'] . "'");
}
$paypal_order_history = ipn_create_order_history_array($ipn_id->fields['paypal_ipn_id']);
//payment_status=Refunded
if ($_POST['payment_status'] == 'Refunded' || $_POST['payment_status'] == 'Denied') {
$new_status = MODULE_PAYMENT_PAYPAL_REFUND_ORDER_STATUS_ID;
} elseif ($txn_type == 'echeck-cleared') {
$new_status = MODULE_PAYMENT_PAYPAL_ORDER_STATUS_ID;
}
ipn_debug_email('IPN NOTICE:set new status ' . $new_status . ' for reason_code = ' . $_POST['pending_reason'] . " order id = " . $ipn_id->fields['zen_order_id']);
if ($_POST['payment_status'] == 'Refunded' || $_POST['payment_status'] == 'Denied' || $txn_type == 'echeck-cleared') {
$db->Execute("update " . TABLE_ORDERS . "\r\n set orders_status = '" . $new_status . "'\r\n where orders_id = '" . $ipn_id->fields['zen_order_id'] . "'");
$sql_data_array = array('orders_id' => $ipn_id->fields['zen_order_id'], 'orders_status_id' => $new_status, 'date_added' => 'now()', 'comments' => 'PayPal status: ' . $_POST['payment_status'] . ' ' . ' @ ' . $_POST['payment_date'] . ' Parent Trans ID:' . $_POST['parent_txn_id'] . ' Trans ID:' . $_POST['txn_id'] . ' Amount: ' . $_POST['mc_gross'], 'customer_notified' => false);
zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
}
break;
default:
ipn_debug_email('IPN WARNING:Could not establish txn type ' . $txn_type . ' postdata=' . $postdata);
}
