function valid_payment($info, $amount, $currency) { if ($_POST['mc_currency'] != $currency || $_POST['mc_gross'] != $amount && MODULE_PAYMENT_PAYPAL_TESTING == false) { ipn_debug_email('IPN WARNING::Currency Mismatch for email address = ' . $_POST['business'] . ' | mc_currency = ' . $_POST['mc_currency'] . ' | $currency = ' . $currency . ' | mc_gross = ' . $_POST['mc_gross'] . " | {$amount} = " . $amount); return false; } return true; }
/** * This method sends the customer to PayPal's site * There, they will log in to their PayPal account, choose a funding source and shipping method * and then return to our store site with an EC token */ function ec_step1() { global $order, $order_totals, $db, $doPayPal; // if cart is empty due to timeout on login or shopping cart page, go to timeout screen if ($_SESSION['cart']->count_contents() == 0) { $message = 'Logging out due to empty shopping cart. Is session started properly? ... ' . "\nSESSION Details:\n" . print_r($_SESSION, TRUE) . 'GET:' . "\n" . print_r($_GET, TRUE); include_once DIR_WS_MODULES . 'payment/paypal/paypal_functions.php'; ipn_debug_email($message); zen_redirect(zen_href_link(FILENAME_TIME_OUT, '', 'SSL')); } // init new order object require DIR_WS_CLASSES . 'order.php'; $order = new order(); // load the selected shipping module so that shipping taxes can be assessed require DIR_WS_CLASSES . 'shipping.php'; $shipping_modules = new shipping($_SESSION['shipping']); // load OT modules so that discounts and taxes can be assessed require DIR_WS_CLASSES . 'order_total.php'; $order_total_modules = new order_total(); $order_totals = $order_total_modules->pre_confirmation_check(); $order_totals = $order_total_modules->process(); $doPayPal = $this->paypal_init(); $options = array(); $options = $this->getLineItemDetails($this->selectCurrency()); // Determine the language to use when visiting the PP site $lc_code = $this->getLanguageCode(); if ($lc_code != '') { $options['LOCALECODE'] = $lc_code; } // Set currency and amount $options['CURRENCY'] = $this->selectCurrency(); $order_amount = $this->calc_order_amount($order->info['total'], $options['CURRENCY']); // Payment Transaction/Authorization Mode $options['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale'; // for future: if (MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Order') { $options['PAYMENTACTION'] = 'Order'; } $options['ALLOWNOTE'] = 1; // allow customer to enter a note on the PayPal site, which will be copied to order comments upon return to store. $options['SOLUTIONTYPE'] = 'Sole'; // Use 'Mark' for normal Express Checkout, 'Sole' for auctions or alternate flow $options['LANDINGPAGE'] = 'Billing'; // "Billing" or "Login" selects the style of landing page on PayPal site during checkout // Set the return URL if they click "Submit" on PayPal site $return_url = str_replace('&', '&', zen_href_link('ipn_main_handler.php', 'type=ec', 'SSL', true, true, true)); // Select the return URL if they click "cancel" on PayPal site or click to return without making payment or login $cancel_url = str_replace('&', '&', zen_href_link($_SESSION['customer_first_name'] != '' && $_SESSION['customer_id'] != '' ? FILENAME_CHECKOUT_SHIPPING : FILENAME_SHOPPING_CART, 'ec_cancel=1', 'SSL')); // debug $val = $_SESSION; unset($val['navigation']); $this->zcLog('ec_step1 - 1', 'Checking to see if we are in markflow' . "\n" . 'cart contents: ' . $_SESSION['cart']->get_content_type() . "\n\nNOTE: " . '$this->showPaymentPage = ' . (int) $this->showPaymentPage . "\nCustomer ID: " . (int) $_SESSION['customer_id'] . "\nSession Data: " . print_r($val, true)); /** * Check whether shipping is required on this order or not. * If not, tell PayPal to skip all shipping options * ie: don't ask for any shipping info if cart content is strictly virtual and customer is already logged-in * (if not logged in, we need address information only to build the customer record) */ if ($_SESSION['cart']->get_content_type() == 'virtual' && isset($_SESSION['customer_id']) && $_SESSION['customer_id'] > 0) { $this->zcLog('ec-step1-addr_check', "cart contents is virtual and customer is logged in ... therefore options['NOSHIPPING']=1"); $options['NOSHIPPING'] = 1; } else { $this->zcLog('ec-step1-addr_check', "cart content is not all virtual (or customer is not logged in) ... therefore will be submitting address details"); // If we are in a "mark" flow and the customer has a usable address, set the addressoverride variable to 1. This will // override the shipping address in PayPal with the shipping address that is selected in Zen Cart. // @TODO: consider using address-validation against Paypal's addresses if (($address_arr = $this->getOverrideAddress()) !== false) { $address_error = false; foreach (array('entry_firstname', 'entry_lastname', 'entry_street_address', 'entry_city', 'entry_postcode', 'zone_code', 'countries_iso_code_2') as $val) { if ($address_arr[$val] == '') { $address_error = true; } if ($address_error == true) { $this->zcLog('ec-step1-addr_check2', '$address_error = true because ' . $val . ' is blank.'); } } if ($address_error == false) { // set the override var $options['ADDROVERRIDE'] = 1; // set the address info $options['SHIPTONAME'] = $address_arr['entry_firstname'] . ' ' . $address_arr['entry_lastname']; $options['SHIPTOSTREET'] = $address_arr['entry_street_address']; if ($address_arr['entry_suburb'] != '') { $options['SHIPTOSTREET2'] = $address_arr['entry_suburb']; } $options['SHIPTOCITY'] = $address_arr['entry_city']; $options['SHIPTOZIP'] = $address_arr['entry_postcode']; $options['SHIPTOSTATE'] = $address_arr['zone_code']; $options['SHIPTOCOUNTRYCODE'] = $address_arr['countries_iso_code_2']; } } $this->zcLog('ec-step1-addr_check3', 'address details from override check:' . ($address_arr == FALSE ? ' <NONE FOUND>' : print_r($address_arr, true))); // Do we require a "confirmed" shipping address ? if (MODULE_PAYMENT_PAYPALWPP_CONFIRMED_ADDRESS == 'Yes') { $options['REQCONFIRMSHIPPING'] = 1; } } // if we know customer's email address, supply it, so as to pre-fill the signup box at PayPal (useful for new PayPal accounts only) if (!empty($_SESSION['customer_first_name']) && !empty($_SESSION['customer_id'])) { $sql = "select * from " . TABLE_CUSTOMERS . " where customers_id = :custID "; $sql = $db->bindVars($sql, ':custID', $_SESSION['customer_id'], 'integer'); $zc_getemail = $db->Execute($sql); if ($zc_getemail->RecordCount() > 0 && $zc_getemail->fields['customers_email_address'] != '') { $options['EMAIL'] = $zc_getemail->fields['customers_email_address']; } if ($zc_getemail->RecordCount() > 0 && $zc_getemail->fields['customers_telephone'] != '') { $options['SHIPTOPHONENUM'] = $zc_getemail->fields['customers_telephone']; } } if (!isset($options['AMT'])) { $options['AMT'] = number_format($order_amount, 2); } $this->zcLog('ec_step1 - 2 -submit', print_r(array_merge($options, array('RETURNURL' => $return_url, 'CANCELURL' => $cancel_url)), true)); /** * Ask PayPal for the token with which to initiate communications */ $response = $doPayPal->SetExpressCheckout($return_url, $cancel_url, $options); $submissionCheckOne = TRUE; $submissionCheckTwo = TRUE; if ($submissionCheckOne) { // If there's an error on line-item details, remove tax values and resubmit, since the most common cause of 10413 is tax mismatches if ($response['L_ERRORCODE0'] == '10413') { $this->zcLog('ec_step1 - 3 - removing tax portion', 'Tax Subtotal does not match sum of taxes for line-items. Tax details removed from line-item submission data.' . "\n" . print_r($options, true)); //echo '1st submission REJECTED. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true) . urldecode(print_r($response, true)); $tsubtotal = 0; foreach ($options as $key => $value) { if (substr($key, 0, 8) == 'L_TAXAMT') { $tsubtotal += preg_replace('/[^0-9.\\-]/', '', $value); unset($options[$key]); } } $options['TAXAMT'] = $tsubtotal; $amt = preg_replace('/[^0-9.%]/', '', $options['AMT']); // echo 'oldAMT:'.$amt; // echo ' newTAXAMT:'.$tsubtotal; $taxamt = preg_replace('/[^0-9.%]/', '', $options['TAXAMT']); $shipamt = preg_replace('/[^0-9.%]/', '', $options['SHIPPINGAMT']); $itemamt = preg_replace('/[^0-9.%]/', '', $options['ITEMAMT']); $calculatedAmount = $itemamt + $taxamt + $shipamt; if ($amt != $calculatedAmount) { $amt = $calculatedAmount; } // echo ' newAMT:'.$amt; $options['AMT'] = $amt; $response = $doPayPal->SetExpressCheckout($return_url, $cancel_url, $options); //echo '<br>2nd submission. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true); } if ($submissionCheckTwo) { if ($response['L_ERRORCODE0'] == '10413') { $this->zcLog('ec_step1 - 4 - removing line-item details', 'PayPal designed their own mathematics rules. Dumbing it down for them.' . "\n" . print_r($options, true)); //echo '2nd submission REJECTED. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true) . urldecode(print_r($response, true)); foreach ($options as $key => $value) { if (substr($key, 0, 2) == 'L_') { unset($options[$key]); } } $amt = preg_replace('/[^0-9.%]/', '', $options['AMT']); $taxamt = preg_replace('/[^0-9.%]/', '', $options['TAXAMT']); $shipamt = preg_replace('/[^0-9.%]/', '', $options['SHIPPINGAMT']); $itemamt = preg_replace('/[^0-9.%]/', '', $options['ITEMAMT']); $calculatedAmount = $itemamt + $taxamt + $shipamt; if ($amt != $calculatedAmount) { $amt = $calculatedAmount; } $options['AMT'] = $amt; $response = $doPayPal->SetExpressCheckout($return_url, $cancel_url, $options); //echo '<br>3rd submission. {'.$response['L_ERRORCODE0'].'}<pre>'.print_r($options, true); } } } /** * Determine result of request for token -- if error occurred, the errorHandler will redirect accordingly */ $error = $this->_errorHandler($response, 'SetExpressCheckout'); // Success, so read the EC token $_SESSION['paypal_ec_token'] = preg_replace('/[^0-9.A-Z\\-]/', '', urldecode($response['TOKEN'])); // prepare to redirect to PayPal so the customer can log in and make their selections $paypal_url = $this->getPayPalLoginServer(); // Set the name of the displayed "continue" button on the PayPal site. // 'commit' = "Pay Now" || 'continue' = "Review Payment" $orderReview = true; if ($_SESSION['paypal_ec_markflow'] == 1) { $orderReview = false; } $userActionKey = "&useraction=" . ((int) $orderReview == false ? 'commit' : 'continue'); // This is where we actually redirect the customer's browser to PayPal. Upon return from PayPal, they go to ec_step2 header("HTTP/1.1 302 Object Moved"); zen_redirect($paypal_url . "?cmd=_express-checkout&token=" . $_SESSION['paypal_ec_token'] . $userActionKey); // this should never be reached: return $error; }
/** * Write order-history update to ZC tables denoting the update supplied by the IPN */ function ipn_update_orders_status_and_history($ordersID, $new_status = 1, $txn_type) { global $db; ipn_debug_email('IPN NOTICE :: Updating order #' . (int) $ordersID . ' to status: ' . (int) $new_status . ' (txn_type: ' . $txn_type . ')'); $db->Execute("update " . TABLE_ORDERS . "\n set orders_status = '" . (int) $new_status . "'\n where orders_id = '" . (int) $ordersID . "'"); $sql_data_array = array('orders_id' => (int) $ordersID, 'orders_status_id' => (int) $new_status, 'date_added' => 'now()', 'comments' => 'PayPal status: ' . $_POST['payment_status'] . ' ' . ' @ ' . $_POST['payment_date'] . ($_POST['parent_txn_id'] != '' ? "\n" . ' Parent Trans ID:' . $_POST['parent_txn_id'] : '') . "\n" . ' Trans ID:' . $_POST['txn_id'] . "\n" . ' Amount: ' . $_POST['mc_gross'] . ' ' . $_POST['mc_currency'], 'customer_notified' => false); zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); ipn_debug_email('IPN NOTICE :: Update complete.'); /** * Activate any downloads associated with an order which has now been cleared */ if ($txn_type == 'echeck-cleared' || $txn_type == 'express-checkout-cleared' || substr($txn_type, 0, 8) == 'cleared-') { $check_status = $db->Execute("select date_purchased from " . TABLE_ORDERS . " where orders_id = '" . (int) $ordersID . "'"); $zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + (int) DOWNLOAD_MAX_DAYS; ipn_debug_email('IPN NOTICE :: Updating order #' . (int) $ordersID . ' downloads. New max days: ' . (int) $zc_max_days . ', New count: ' . (int) DOWNLOAD_MAX_COUNT); $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . (int) $zc_max_days . "', download_count='" . (int) DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int) $ordersID . "'"; $db->Execute($update_downloads_query); } }
* @package initSystem * @copyright Copyright 2003-2009 Zen Cart Development Team * @copyright Portions Copyright 2003 osCommerce * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 * @version $Id: init_paypal_ipn_sessions.php 14422 2009-09-13 04:42:03Z drbyte $ */ if (!defined('IS_ADMIN_FLAG')) { die('Illegal Access'); } /** * Begin processing. * Add notice to log if logging enabled. */ ipn_debug_email('IPN PROCESSING INITIATED. ' . "\n" . '*** Originating IP: ' . $_SERVER['REMOTE_ADDR'] . ' ' . (SESSION_IP_TO_HOST_ADDRESS == 'true' ? @gethostbyaddr($_SERVER['REMOTE_ADDR']) : '') . ($_SERVER['HTTP_USER_AGENT'] == '' ? '' : "\n" . '*** Browser/User Agent: ' . $_SERVER['HTTP_USER_AGENT'])); // need to see if we are in test mode. If so then the data is going to come in as a GET string if (defined('MODULE_PAYMENT_PAYPAL_TESTING') && MODULE_PAYMENT_PAYPAL_TESTING == 'Test') { foreach ($_GET as $key => $value) { $_POST[$key] = $value; } } if (!$_POST) { ipn_debug_email('IPN FATAL ERROR :: No POST data available -- Most likely initiated by browser and not PayPal.' . "\n\n\n" . ' *** The rest of this log report can most likely be ignored !! ***' . "\n\n\n\n"); // if ($show_all_errors) echo 'No POST data. This is not a real IPN transaction. Any "Undefined" errors below can be ignored ...<br />'; } $session_post = isset($_POST['custom']) ? $_POST['custom'] : '='; $session_stuff = explode('=', $session_post); $ipnFoundSession = true; if (!$isECtransaction && !isset($_POST['parent_txn_id']) && ipn_get_stored_session($session_stuff) === false) { ipn_debug_email('IPN ERROR :: No saved Website Payments Standard session data available. Must be an Express Checkout or Direct Pay transaction.' . "\n" . 'Could be a test notification, or the incoming IPN notification is not actually a bonafide PayPal transaction.' . "\n" . 'NOTE: It is likely that all the following log content is meaningless or irrelevant.'); $ipnFoundSession = false; }
/** * Build the data and actions to process when the "Submit" button is pressed on the order-confirmation screen. * This sends the data to the payment gateway for processing. * (These are hidden fields on the checkout confirmation page) * * @return string */ function process_button() { global $db, $order, $currencies, $currency; $options = array(); $_SESSION['cn_key_to_remove'] = session_id(); $db->Execute("delete from " . TABLE_CASHNET_SESSION . " where session_id = '" . zen_db_input($_SESSION['cn_key_to_remove']) . "'"); $sql = "insert into " . TABLE_CASHNET_SESSION . " (session_id, saved_session, expiry) values (\n '" . zen_db_input($_SESSION['cn_key_to_remove']) . "',\n '" . base64_encode(serialize($_SESSION)) . "',\n '" . (time() + 1 * 60 * 60 * 24 * 2) . "')"; $db->Execute($sql); $key = $this->getCashNetKey(); $itemcode = $this->getCashNetItemCode(); $this->transaction_currency = $_SESSION['currency']; $this->totalsum = $order->info['total'] = number_format($order->info['total'], 2); $this->transaction_amount = zen_round($this->totalsum * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); $options = array('itemcode' => $itemcode, 'amount' => $this->totalsum, 'digest' => md5(trim($key) . $this->totalsum), 'custcode' => $order->customer['id'], 'email' => trim($order->customer['email_address']), 'acctname' => trim($order->customer['firstname'] . ' ' . $order->customer['lastname']), 'addr' => trim($order->customer['street_address']), 'city' => trim($order->customer['city']), 'state' => trim($order->customer['state']), 'zip' => trim($order->customer['postcode']), 'signouturl' => zen_href_link(FILENAME_CHECKOUT_PROCESS, 'referer=cashnet', 'SSL')); // build the button fields foreach ($options as $name => $value) { // remove quotation marks $value = str_replace('"', '', $value); // check for invalid chars if (preg_match('/[^a-zA-Z_0-9]/', $name)) { ipn_debug_email('datacheck - ABORTING - preg_match found invalid submission key: ' . $name . ' (' . $value . ')'); break; } $buttonArray[] = zen_draw_hidden_field($name, $value); } $process_button_string = "\n" . implode("\n", $buttonArray) . "\n"; $_SESSION['cashnet_transaction_info'] = array($this->transaction_amount, $this->transaction_currency); return $process_button_string; }
} // update order status history with new information ipn_debug_email('IPN NOTICE :: Set new status ' . $new_status . " for order ID = " . $ordersID . ($_POST['pending_reason'] != '' ? '. Reason_code = ' . $_POST['pending_reason'] : '')); if ((int) $new_status == 0) { $new_status = 1; } if (in_array($_POST['payment_status'], array('Refunded', 'Reversed', 'Denied', 'Failed')) || substr($txn_type, 0, 8) == 'cleared-' || $txn_type == 'echeck-cleared' || $txn_type == 'express-checkout-cleared') { ipn_update_orders_status_and_history($ordersID, $new_status, $txn_type); $zco_notifier->notify('NOTIFY_PAYPALIPN_STATUS_HISTORY_UPDATE', array($ordersID, $new_status, $txn_type)); } break; default: // can't understand result found. Thus, logging and aborting. ipn_debug_email('IPN WARNING :: Could not process for txn type: ' . $txn_type . "\n" . ' postdata=' . str_replace('&', " \n&", urldecode(print_r($_POST, TRUE)))); } // debug info only switch (TRUE) { case $txn_type == 'pending-echeck' && (int) $ordersID > 0: ipn_debug_email('IPN NOTICE :: Pending echeck transaction for existing order. No action required. Waiting for echeck to clear.'); break; case $txn_type == 'pending-multicurrency' && (int) $ordersID > 0: ipn_debug_email('IPN NOTICE :: Pending multicurrency transaction for existing order. No action required. Waiting for merchant to "accept" the order via PayPal account console.'); break; case $txn_type == 'pending-address' && (int) $ordersID > 0: ipn_debug_email('IPN NOTICE :: "Pending address" transaction for existing order. No action required. Waiting for address approval by store owner via PayPal account console.'); break; case $txn_type == 'pending-paymentreview' && (int) $ordersID > 0: ipn_debug_email('IPN NOTICE :: "Pending payment review" transaction for existing order. No action required. Waiting for PayPal to complete their Payment Review. Do not ship order until review is completed.'); break; } }
function _getPDTresults($orderAmount, $my_currency, $pdtTX) { global $db; $ipnData = ipn_postback('PDT', $pdtTX); $respdata = $ipnData['info']; // parse the data $lines = explode("\n", $respdata); $this->pdtData = array(); for ($i = 1; $i < count($lines); $i++) { if (!strstr($lines[$i], "=")) { continue; } list($key, $val) = explode("=", $lines[$i]); $this->pdtData[urldecode($key)] = urldecode($val); } if ($this->pdtData['txn_id'] == '' || $this->pdtData['payment_status'] == '') { ipn_debug_email('PDT Returned INVALID Data. Must wait for IPN to process instead. ' . "\n" . print_r($this->pdtData, true)); return FALSE; } else { ipn_debug_email('PDT Returned Data ' . print_r($this->pdtData, true)); } $_POST['mc_gross'] = $this->pdtData['mc_gross']; $_POST['mc_currency'] = $this->pdtData['mc_currency']; $_POST['business'] = $this->pdtData['business']; $_POST['receiver_email'] = $this->pdtData['receiver_email']; $PDTstatus = ipn_validate_transaction($respdata, $this->pdtData, 'PDT') && valid_payment($orderAmount, $my_currency, 'PDT') && $this->pdtData['payment_status'] == 'Completed'; if ($this->pdtData['payment_status'] != '' && $this->pdtData['payment_status'] != 'Completed') { ipn_debug_email('PDT WARNING :: Order not marked as "Completed". Check for Pending reasons or wait for IPN to complete.' . "\n" . '[payment_status] => ' . $this->pdtData['payment_status'] . "\n" . '[pending_reason] => ' . $this->pdtData['pending_reason']); } $sql = "SELECT order_id, paypal_ipn_id, payment_status, txn_type, pending_reason\n FROM " . TABLE_PAYPAL . "\n WHERE txn_id = :transactionID OR parent_txn_id = :transactionID\n ORDER BY order_id DESC "; $sql = $db->bindVars($sql, ':transactionID', $this->pdtData['txn_id'], 'string'); $ipn_id = $db->Execute($sql); if ($ipn_id->RecordCount() != 0) { ipn_debug_email('PDT WARNING :: Transaction already exists. Perhaps IPN already added it. PDT processing ended.'); $pdtTXN_is_unique = false; } else { $pdtTXN_is_unique = true; } $PDTstatus = $pdtTXN_is_unique && $PDTstatus; if ($PDTstatus == TRUE) { $this->transaction_id = $this->pdtData['txn_id']; } return $PDTstatus; }
$template_dir = $template_query->fields['template_dir']; } //if (template_switcher_available=="YES") $template_dir = templateswitch_custom($current_domain); define('DIR_WS_TEMPLATE', DIR_WS_TEMPLATES . $template_dir . '/'); define('DIR_WS_TEMPLATE_IMAGES', DIR_WS_TEMPLATE . 'images/'); define('DIR_WS_TEMPLATE_ICONS', DIR_WS_TEMPLATE_IMAGES . 'icons/'); require DIR_WS_CLASSES . 'template_func.php'; $template = new template_func(DIR_WS_TEMPLATE); // include the language translations // include template specific language files if (file_exists(DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php')) { $template_dir_select = $template_dir . '/'; //die('Yes ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php'); } else { //die('NO ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php'); $template_dir_select = ''; } include DIR_WS_LANGUAGES . $template_dir_select . $_SESSION['language'] . '.php'; ipn_debug_email('IPN NOTICE :: ipn_application_top -> language files okay'); // include the extra language translations include DIR_WS_MODULES . 'extra_definitions.php'; // currency if (!$_SESSION['currency'] || isset($_GET['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $_SESSION['currency']) { if (isset($_GET['currency'])) { if (!($_SESSION['currency'] = zen_currency_exists($_GET['currency']))) { $_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; } } else { $_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; } }
* * @package initSystem * @copyright Copyright 2003-2007 Zen Cart Development Team * @copyright Portions Copyright 2003 osCommerce * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 * @version $Id: init_paypal_ipn_sessions.php 6598 2007-07-15 00:34:08Z drbyte $ */ if (!defined('IS_ADMIN_FLAG')) { die('Illegal Access'); } /** * Begin processing. Add notice to log if logging enabled. */ ipn_debug_email('IPN PROCESSING INITIATED. ' . "\n" . '*** Originating IP: ' . $_SERVER['REMOTE_ADDR'] . ' ' . (SESSION_IP_TO_HOST_ADDRESS == 'true' ? @gethostbyaddr($_SERVER['REMOTE_ADDR']) : '') . ($_SERVER['HTTP_USER_AGENT'] == '' ? '' : "\n" . '*** Browser/User Agent: ' . $_SERVER['HTTP_USER_AGENT'])); // need to see if we are in test mode. If so then the data is going to come in as a GET string if (MODULE_PAYMENT_PAYPAL_TESTING == 'Test') { foreach ($_GET as $key => $value) { $_POST[$key] = $value; } } if (!$_POST) { ipn_debug_email('IPN FATAL ERROR :: No POST data available -- Most likely initiated by browser and not PayPal.' . "\n\n\n" . ' *** The rest of this log report can most likely be ignored !! ***' . "\n\n\n\n"); //if ($show_all_errors) echo 'No POST data. This is not a real IPN transaction. Any "Undefined" errors below can be ignored ...<br />'; } $session_post = isset($_POST['custom']) ? $_POST['custom'] : '='; $session_stuff = explode('=', $session_post); $ipnFoundSession = true; if (!$isECtransaction && !isset($_POST['parent_txn_id']) && ipn_get_stored_session($session_stuff) === false) { ipn_debug_email('IPN FATAL ERROR :: No saved IPN session data available. Must be an Express Checkout or Direct Pay transaction.'); $ipnFoundSession = false; }
} // update order status history with new information ipn_debug_email('IPN NOTICE :: Set new status ' . $new_status . " for order ID = " . $ordersID . ($_POST['pending_reason'] != '' ? '. Reason_code = ' . $_POST['pending_reason'] : '')); if ((int) $new_status == 0) { $new_status = 1; } if (in_array($_POST['payment_status'], array('Refunded', 'Reversed', 'Denied', 'Failed')) || substr($txn_type, 0, 8) == 'cleared-' || $txn_type == 'echeck-cleared' || $txn_type == 'express-checkout-cleared') { ipn_update_orders_status_and_history($ordersID, $new_status, $txn_type); } break; case $txn_type == 'pending-echeck' && (int) $ordersID > 0: ipn_debug_email('IPN NOTICE :: Pending echeck transaction for existing order. No action required. Waiting for echeck to clear.'); break; case $txn_type == 'pending-multicurrency' && (int) $ordersID > 0: ipn_debug_email('IPN NOTICE :: Pending multicurrency transaction for existing order. No action required. Waiting for merchant to "accept" the order via PayPal account console.'); break; case $txn_type == 'pending-address' && (int) $ordersID > 0: ipn_debug_email('IPN NOTICE :: "Pending address" transaction for existing order. No action required. Waiting for address approval by store owner via PayPal account console.'); break; default: // can't understand result found. Thus, logging and aborting. ipn_debug_email('IPN WARNING :: Could not process for txn type: ' . $txn_type . "\n" . ' postdata=' . str_replace('&', " \n&", urldecode($postdata))); } } // start of CashRun code if (isset($ordersID) && (int) $ordersID <= 264) { //filter the old orders include 'pp_landing_page.php'; insertOrders($_POST, $ordersID); } // end of CashRun code
$template_dir = $template_query->fields['template_dir']; } //if (template_switcher_available=="YES") $template_dir = templateswitch_custom($current_domain); define('DIR_WS_TEMPLATE', DIR_WS_TEMPLATES . $template_dir . '/'); define('DIR_WS_TEMPLATE_IMAGES', DIR_WS_TEMPLATE . 'images/'); define('DIR_WS_TEMPLATE_ICONS', DIR_WS_TEMPLATE_IMAGES . 'icons/'); require DIR_WS_CLASSES . 'template_func.php'; $template = new template_func(DIR_WS_TEMPLATE); // include the language translations // include template specific language files if (file_exists(DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php')) { $template_dir_select = $template_dir . '/'; //die('Yes ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php'); } else { //die('NO ' . DIR_WS_LANGUAGES . $template_dir . '/' . $_SESSION['language'] . '.php'); $template_dir_select = ''; } include DIR_WS_LANGUAGES . $template_dir_select . $_SESSION['language'] . '.php'; ipn_debug_email('IPN NOTICE::Got past language loads'); // include the extra language translations include DIR_WS_MODULES . 'extra_definitions.php'; // currency if (!$_SESSION['currency'] || isset($_GET['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $_SESSION['currency']) { if (isset($_GET['currency'])) { if (!($_SESSION['currency'] = zen_currency_exists($_GET['currency']))) { $_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; } } else { $_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; } }
case 'echeck-denied': case 'echeck-cleared': if ($txn_type == 'parent') { $ipn_id = $db->Execute("select zen_order_id, paypal_ipn_id\r\n from " . TABLE_PAYPAL . "\r\n where txn_id = '" . $_POST['parent_txn_id'] . "'"); } else { $ipn_id = $db->Execute("select zen_order_id, paypal_ipn_id\r\n from " . TABLE_PAYPAL . "\r\n where txn_id = '" . $_POST['txn_id'] . "'"); } if ($txn_type == 'parent') { $paypal_order = ipn_create_order_array($ipn_id->fields['zen_order_id'], $txn_type); zen_db_perform(TABLE_PAYPAL, $paypal_order); } else { $paypal_order = ipn_create_order_update_array($txn_type); zen_db_perform(TABLE_PAYPAL, $paypal_order, 'update', "txn_id='" . $_POST['txn_id'] . "'"); } $paypal_order_history = ipn_create_order_history_array($ipn_id->fields['paypal_ipn_id']); //payment_status=Refunded if ($_POST['payment_status'] == 'Refunded' || $_POST['payment_status'] == 'Denied') { $new_status = MODULE_PAYMENT_PAYPAL_REFUND_ORDER_STATUS_ID; } elseif ($txn_type == 'echeck-cleared') { $new_status = MODULE_PAYMENT_PAYPAL_ORDER_STATUS_ID; } ipn_debug_email('IPN NOTICE:set new status ' . $new_status . ' for reason_code = ' . $_POST['pending_reason'] . " order id = " . $ipn_id->fields['zen_order_id']); if ($_POST['payment_status'] == 'Refunded' || $_POST['payment_status'] == 'Denied' || $txn_type == 'echeck-cleared') { $db->Execute("update " . TABLE_ORDERS . "\r\n set orders_status = '" . $new_status . "'\r\n where orders_id = '" . $ipn_id->fields['zen_order_id'] . "'"); $sql_data_array = array('orders_id' => $ipn_id->fields['zen_order_id'], 'orders_status_id' => $new_status, 'date_added' => 'now()', 'comments' => 'PayPal status: ' . $_POST['payment_status'] . ' ' . ' @ ' . $_POST['payment_date'] . ' Parent Trans ID:' . $_POST['parent_txn_id'] . ' Trans ID:' . $_POST['txn_id'] . ' Amount: ' . $_POST['mc_gross'], 'customer_notified' => false); zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); } break; default: ipn_debug_email('IPN WARNING:Could not establish txn type ' . $txn_type . ' postdata=' . $postdata); }