function handle_paypal_return()
{
// PayPal IPN handling code
if ((isset($_POST['payment_status']) || isset($_POST['txn_type'])) && isset($_POST['custom'])) {
if (get_option($this->gateway . "_paypal_status") == 'live') {
$domain = 'https://www.paypal.com';
} else {
$domain = 'https://www.sandbox.paypal.com';
}
$req = 'cmd=_notify-validate';
if (!isset($_POST)) {
$_POST = $HTTP_POST_VARS;
}
foreach ($_POST as $k => $v) {
if (get_magic_quotes_gpc()) {
$v = stripslashes($v);
}
$req .= '&' . $k . '=' . $v;
}
$header = 'POST /cgi-bin/webscr HTTP/1.0' . "\r\n" . 'Content-Type: application/x-www-form-urlencoded' . "\r\n" . 'Content-Length: ' . strlen($req) . "\r\n" . "\r\n";
@set_time_limit(60);
if ($conn = @fsockopen($domain, 80, $errno, $errstr, 30)) {
fputs($conn, $header . $req);
socket_set_timeout($conn, 30);
$response = '';
$close_connection = false;
while (true) {
if (feof($conn) || $close_connection) {
fclose($conn);
break;
}
$st = @fgets($conn, 4096);
if ($st === false) {
$close_connection = true;
continue;
}
$response .= $st;
}
$error = '';
$lines = explode("\n", str_replace("\r\n", "\n", $response));
// looking for: HTTP/1.1 200 OK
if (count($lines) == 0) {
$error = 'Response Error: Header not found';
} else {
if (substr($lines[0], -7) != ' 200 OK') {
$error = 'Response Error: Unexpected HTTP response';
} else {
// remove HTTP header
while (count($lines) > 0 && trim($lines[0]) != '') {
array_shift($lines);
}
// first line will be empty, second line will have the result
if (count($lines) < 2) {
$error = 'Response Error: No content found in transaction response';
} else {
if (strtoupper(trim($lines[1])) != 'VERIFIED') {
$error = 'Response Error: Unexpected transaction response';
}
}
}
}
if ($error != '') {
echo $error;
exit;
}
}
// handle cases that the system must ignore
//if ($_POST['payment_status'] == 'In-Progress' || $_POST['payment_status'] == 'Partially-Refunded') exit;
$new_status = false;
// process PayPal response
switch ($_POST['payment_status']) {
case 'Partially-Refunded':
break;
case 'In-Progress':
break;
case 'Completed':
case 'Processed':
// case: successful payment
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key, $sublevel, $fromsub) = explode(':', $_POST['custom']);
$newkey = md5('MEMBERSHIP' . $amount);
if ($key != $newkey) {
$member = new M_Membership($user_id);
if ($member) {
if (defined('MEMBERSHIP_DEACTIVATE_USER_ON_CANCELATION') && MEMBERSHIP_DEACTIVATE_USER_ON_CANCELATION == true) {
$member->deactivate();
}
}
} else {
if (!$this->duplicate_transaction($user_id, $sub_id, $amount, $currency, $timestamp, trim($_POST['txn_id']), $_POST['payment_status'], '')) {
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, trim($_POST['txn_id']), $_POST['payment_status'], '');
if ($sublevel == '1') {
// This is the first level of a subscription so we need to create one if it doesn't already exist
$member = new M_Membership($user_id);
if ($member) {
$member->create_subscription($sub_id, $this->gateway);
do_action('membership_payment_subscr_signup', $user_id, $sub_id);
}
} else {
$member = new M_Membership($user_id);
if ($member) {
// Mark the payment so that we can move through ok
$member->record_active_payment($sub_id, $sublevel, $timestamp);
}
}
// remove any current subs for upgrades
if (!empty($fromsub) && $fromsub != 0) {
$member->drop_subscription($fromsub);
}
// Added for affiliate system link
do_action('membership_payment_processed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
}
}
break;
case 'Reversed':
// case: charge back
$note = __('Last transaction has been reversed. Reason: Payment has been reversed (charge back)', 'membership');
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key, $sublevel) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
$member = new M_Membership($user_id);
if ($member) {
$member->expire_subscription($sub_id);
if (defined('MEMBERSHIP_DEACTIVATE_USER_ON_CANCELATION') && MEMBERSHIP_DEACTIVATE_USER_ON_CANCELATION == true) {
$member->deactivate();
}
}
do_action('membership_payment_reversed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
case 'Refunded':
// case: refund
$note = __('Last transaction has been reversed. Reason: Payment has been refunded', 'membership');
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key, $sublevel) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
$member = new M_Membership($user_id);
if ($member) {
$member->expire_subscription($sub_id);
}
do_action('membership_payment_refunded', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
case 'Denied':
// case: denied
$note = __('Last transaction has been reversed. Reason: Payment Denied', 'membership');
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key, $sublevel) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
$member = new M_Membership($user_id);
if ($member) {
$member->expire_subscription($sub_id);
if (defined('MEMBERSHIP_DEACTIVATE_USER_ON_CANCELATION') && MEMBERSHIP_DEACTIVATE_USER_ON_CANCELATION == true) {
$member->deactivate();
}
}
do_action('membership_payment_denied', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
case 'Pending':
// case: payment is pending
$pending_str = array('address' => __('Customer did not include a confirmed shipping address', 'membership'), 'authorization' => __('Funds not captured yet', 'membership'), 'echeck' => __('eCheck that has not cleared yet', 'membership'), 'intl' => __('Payment waiting for aproval by service provider', 'membership'), 'multi-currency' => __('Payment waiting for service provider to handle multi-currency process', 'membership'), 'unilateral' => __('Customer did not register or confirm his/her email yet', 'membership'), 'upgrade' => __('Waiting for service provider to upgrade the PayPal account', 'membership'), 'verify' => __('Waiting for service provider to verify his/her PayPal account', 'membership'), '*' => '');
$reason = @$_POST['pending_reason'];
$note = 'Last transaction is pending. Reason: ' . (isset($pending_str[$reason]) ? $pending_str[$reason] : $pending_str['*']);
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key, $sublevel) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
do_action('membership_payment_pending', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
default:
// case: various error cases
}
//check for subscription details
switch ($_POST['txn_type']) {
case 'new_case':
// a dispute
if ($_POST['case_type'] == 'dispute') {
list($timestamp, $user_id, $sub_id, $key, $sublevel) = explode(':', $_POST['custom']);
// immediately suspend the account
$member = new M_Membership($user_id);
if ($member) {
$member->deactivate();
}
}
do_action('membership_payment_new_case', $user_id, $sub_id, $_POST['case_type']);
break;
}
} else {
// Did not find expected POST variables. Possible access attempt from a non PayPal site.
header('Status: 404 Not Found');
echo 'Error: Missing POST variables. Identification is not possible.';
exit;
}
}
