function makelog()
{
$listener = new IpnListener();
// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = true;
// try to process the IPN POST
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage());
exit(0);
}
if ($verified) {
$this->log($listener->getTextReport());
mail('*****@*****.**', 'Valid IPN', $listener->getTextReport());
return $listener->getTextReport();
} else {
return $listener->getTextReport();
}
}
include 'ipnlistener.php';
include "config.php";
if ($sqlTicketservertype = 'mysql') {
$db = new PDO('mysql:host=' . $sqlTicketserver . ';dbname=' . $sqlTicketdbname, $sqlTicketusername, $sqlTicketpassword);
}
// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__) . '/ipn_errors.log');
$listener = new IpnListener();
$listener->use_sandbox = true;
try {
$verified = $listener->processIpn();
} catch (Exception $e) {
// fatal error trying to process IPN.
error_log($e->getMessage());
exit(0);
}
if ($verified) {
// IPN response was "VERIFIED"
$email = $_POST['payer_email'];
$txn = $_POST['txn_id'];
$firstName = $_POST['first_name'];
$lastName = $_POST['last_name'];
$paymentDate = $_POST['payment_date'];
$query = $db->PREPARE("INSERT INTO Tickets ( email, txn, firstName, lastName, paymentDate ) VALUES ( '{$email}', '{$txn}', '{$firstName}', '{$lastName}', '{$paymentDate}' )");
$query->execute();
mail('*****@*****.**', 'Valid IPN', $listener->getTextReport());
} else {
// IPN response was "INVALID"
mail('*****@*****.**', 'Invalid IPN', $listener->getTextReport());
}
}
if (isset($_POST['payment_gross']) && !empty($_POST['payment_gross'])) {
update_post_meta($property_id, 'payment_gross', $_POST['payment_gross']);
}
if (isset($_POST['mc_currency']) && !empty($_POST['mc_currency'])) {
update_post_meta($property_id, 'mc_currency', $_POST['mc_currency']);
}
if ($publish_on_payment == "true") {
$property['post_status'] = 'publish';
wp_update_post($property);
}
error_log("SUCCESS: " . $_POST['txn_id']);
} else {
error_log("Target property id do not reside in database.");
}
}
} else {
error_log("Mismatched business address => Expected: {$paypal_merchant_id} - Recieved: " . $_POST['business']);
}
} else {
error_log("Mismatched Payment Status => Expected: Completed - Recieved: " . $_POST['payment_status']);
}
wp_mail($valid_ipn_email, 'Verified IPN', $listener->getTextReport(), $headers);
} else {
/*
An Invalid IPN *may* be caused by a fraudulent transaction attempt. It's
a good idea to have a developer or sys admin manually investigate any
invalid IPN.
*/
wp_mail($invalid_ipn_email, 'Invalid IPN', $listener->getTextReport(), $headers);
}
$r = $db->do_query($sql);
if (!$r) {
error_log(mysql_error());
exit(0);
}
*/
// $exists = mysql_result($r, 0);
// mysql_free_result($r);
// if ($exists) {
// $errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
// }
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
$body = "IPN failed fraud checks: \n{$errmsg}\n\n";
$body .= $listener->getTextReport();
mail('*****@*****.**', 'IPN Fraud Warning', $body);
}
// else {
$payer_email = mysql_real_escape_string($_POST['payer_email']);
$mc_gross = mysql_real_escape_string($_POST['mc_gross']);
$sql = "INSERT INTO summer_program_payments VALUES (NULL, '{$txn_id}', '{$payer_email}', '{$mc_gross}')";
$db->do_query($sql);
$payer_id = mysql_real_escape_string($_POST['custom']);
$sql = "UPDATE summer_program_class_registration SET paid_for='1' WHERE payer_id='{$payer_id}'";
$db->do_query($sql);
// summer_program_class_registration (contact_id, class_id, payer_id, paid_for)
$cids = array();
$classids = array();
$studentClassRows = "";
$sql = "SELECT * FROM forms.summer_program_class_registration WHERE payer_id={$payer_id}";
error_log($e->getMessage());
exit(0);
}
/*
The processIpn() method returned true if the IPN was "VERIFIED" and false if it
was "INVALID".
*/
if ($verified) {
/*
Once you have a verified IPN you need to do a few more checks on the POST
fields--typically against data you stored in your database during when the
end user made a purchase (such as in the "success" page on a web payments
standard button). The fields PayPal recommends checking are:
1. Check the $_POST['payment_status'] is "Completed"
2. Check that $_POST['txn_id'] has not been previously processed
3. Check that $_POST['receiver_email'] is your Primary PayPal email
4. Check that $_POST['payment_amount'] and $_POST['payment_currency']
are correct
Since implementations on this varies, I will leave these checks out of this
example and just send an email using the getTextReport() method to get all
of the details about the IPN.
*/
mail($email, 'Verified IPN', $listener->getTextReport());
} else {
/*
An Invalid IPN *may* be caused by a fraudulent transaction attempt. It's
a good idea to have a developer or sys admin manually investigate any
invalid IPN.
*/
mail($email, 'Invalid IPN', $listener->getTextReport());
}
/**
* Process PayPal IPN
*
* @access private
* @since 1.0
* @return void
*/
function edd_process_paypal_ipn()
{
global $edd_options;
// instantiate the IpnListener class
if (!class_exists('IpnListener')) {
include_once EDD_PLUGIN_DIR . 'includes/gateways/libraries/paypal/ipnlistener.php';
}
$listener = new IpnListener();
if (edd_is_test_mode()) {
$listener->use_sandbox = true;
}
if (isset($edd_options['ssl'])) {
$listener->use_ssl = false;
}
// to post using the fsockopen() function rather than cURL, use:
if (isset($edd_options['paypal_disable_curl'])) {
$listener->use_curl = false;
}
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
wp_mail(get_bloginfo('admin_email'), 'IPN Error', $e->getMessage());
exit(0);
}
if ($verified) {
$payment_id = $_POST['custom'];
$purchase_key = $_POST['item_number'];
$paypal_amount = $_POST['mc_gross'];
$payment_status = $_POST['payment_status'];
$currency_code = strtolower($_POST['mc_currency']);
// retrieve the meta info for this payment
$payment_meta = get_post_meta($payment_id, '_edd_payment_meta', true);
$payment_amount = edd_format_amount($payment_meta['amount']);
if ($currency_code != strtolower($edd_options['currency'])) {
return;
// the currency code is invalid
}
if ($paypal_amount != $payment_amount) {
return;
// the prices don't match
}
if ($purchase_key != $payment_meta['key']) {
return;
// purchase keys don't match
}
if (isset($_POST['txn_type']) && $_POST['txn_type'] == 'web_accept') {
$status = strtolower($payment_status);
if ($status == 'completed' || edd_is_test_mode()) {
// set the payment to complete. This also sends the emails
edd_update_payment_status($payment_id, 'publish');
} else {
if ($status == 'refunded') {
// this refund process doesn't work yet
$payment_data = get_post_meta($payment_id, '_edd_payment_meta', true);
$downloads = maybe_unserialize($payment_data['downloads']);
if (is_array($downloads)) {
foreach ($downloads as $download) {
edd_undo_purchase($download['id'], $payment_id);
}
}
wp_update_post(array('ID' => $payment_id, 'post_status' => 'refunded'));
}
}
}
} else {
wp_mail(get_bloginfo('admin_email'), __('Invalid IPN', 'edd'), $listener->getTextReport());
}
}
}
if (!empty($form_properties['payment_paypal_enable_test_mode'])) {
$listener->use_sandbox = true;
} else {
$listener->use_sandbox = false;
}
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage());
exit;
}
if ($use_debug_mode) {
error_log('IPN RECEIVED');
error_log($listener->getTextReport());
}
//valid IPN, verify the data further
if ($verified === true) {
if ($use_debug_mode) {
error_log('Valid IPN');
}
$error_message = '';
//make sure the payment status is completed
if ($_POST['payment_status'] != 'Completed') {
exit;
//ignore any non completed IPN
}
//parse the "custom" variable and make sure it's a valid entry within the database
$exploded = explode('_', $_POST['custom']);
//the "custom" variable from PayPal format: xx_yy_zzzzzzzz (xx: form_id, yy: entry_id, zzz: unix_timestamp of the date_created field)
/**
* Process PayPal IPN
*
* @since 2.1
*/
public function process_webhooks()
{
if (!isset($_GET['listener']) || strtoupper($_GET['listener']) != 'IPN') {
return;
}
global $rcp_options;
nocache_headers();
if (!class_exists('IpnListener')) {
// instantiate the IpnListener class
include RCP_PLUGIN_DIR . 'includes/gateways/paypal/paypal-ipnlistener.php';
}
$listener = new IpnListener();
$verified = false;
if ($this->test_mode) {
$listener->use_sandbox = true;
}
/*
if( isset( $rcp_options['ssl'] ) ) {
$listener->use_ssl = true;
} else {
$listener->use_ssl = false;
}
*/
//To post using the fsockopen() function rather than cURL, use:
if (isset($rcp_options['disable_curl'])) {
$listener->use_curl = false;
}
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
status_header(402);
//die( 'IPN exception: ' . $e->getMessage() );
}
/*
The processIpn() method returned true if the IPN was "VERIFIED" and false if it
was "INVALID".
*/
if ($verified || isset($_POST['verification_override']) || ($this->test_mode || isset($rcp_options['disable_ipn_verify']))) {
status_header(200);
$user_id = 0;
$posted = apply_filters('rcp_ipn_post', $_POST);
// allow $_POST to be modified
if (!empty($posted['custom']) && is_numeric($posted['custom'])) {
$user_id = absint($posted['custom']);
} else {
if (!empty($posted['subscr_id'])) {
$user_id = rcp_get_member_id_from_profile_id($posted['subscr_id']);
} else {
if (!empty($posted['payer_email'])) {
$user = get_user_by('email', $posted['payer_email']);
$user_id = $user ? $user->ID : false;
}
}
}
$member = new RCP_Member($user_id);
if (!$member || !$member->get_subscription_id()) {
die('no member found');
}
if (!rcp_get_subscription_details($member->get_subscription_id())) {
die('no subscription level found');
}
$subscription_name = $posted['item_name'];
$subscription_key = $posted['item_number'];
$amount = number_format((double) $posted['mc_gross'], 2);
$amount2 = number_format((double) $posted['mc_amount3'], 2);
$payment_status = $posted['payment_status'];
$currency_code = $posted['mc_currency'];
$subscription_price = number_format((double) rcp_get_subscription_price($member->get_subscription_id()), 2);
// setup the payment info in an array for storage
$payment_data = array('date' => date('Y-m-d g:i:s', strtotime($posted['payment_date'], current_time('timestamp'))), 'subscription' => $posted['item_name'], 'payment_type' => $posted['txn_type'], 'subscription_key' => $subscription_key, 'amount' => $amount, 'user_id' => $user_id, 'transaction_id' => $posted['txn_id']);
do_action('rcp_valid_ipn', $payment_data, $user_id, $posted);
if ($posted['txn_type'] == 'web_accept' || $posted['txn_type'] == 'subscr_payment') {
// only check for an existing payment if this is a payment IPD request
if (rcp_check_for_existing_payment($posted['txn_type'], $posted['payment_date'], $subscription_key)) {
$log_data = array('post_title' => __('Duplicate Payment', 'rcp'), 'post_content' => __('A duplicate payment was detected. The new payment was still recorded, so you may want to check into both payments.', 'rcp'), 'post_parent' => 0, 'log_type' => 'gateway_error');
$log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id);
$log_entry = WP_Logging::insert_log($log_data, $log_meta);
die('duplicate IPN detected');
}
if (strtolower($currency_code) != strtolower($rcp_options['currency'])) {
// the currency code is invalid
$log_data = array('post_title' => __('Invalid Currency Code', 'rcp'), 'post_content' => sprintf(__('The currency code in an IPN request did not match the site currency code. Payment data: %s', 'rcp'), json_encode($payment_data)), 'post_parent' => 0, 'log_type' => 'gateway_error');
$log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id);
$log_entry = WP_Logging::insert_log($log_data, $log_meta);
die('invalid currency code');
}
}
if (isset($rcp_options['email_ipn_reports'])) {
wp_mail(get_bloginfo('admin_email'), __('IPN report', 'rcp'), $listener->getTextReport());
}
/* now process the kind of subscription/payment */
$rcp_payments = new RCP_Payments();
// Subscriptions
switch ($posted['txn_type']) {
case "subscr_signup":
// when a new user signs up
// store the recurring payment ID
update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']);
$member->set_payment_profile_id($posted['subscr_id']);
do_action('rcp_ipn_subscr_signup', $user_id);
die('successful subscr_signup');
break;
case "subscr_payment":
// when a user makes a recurring payment
update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']);
$member->set_payment_profile_id($posted['subscr_id']);
$member->renew(true);
// record this payment in the database
$rcp_payments->insert($payment_data);
do_action('rcp_ipn_subscr_payment', $user_id);
die('successful subscr_payment');
break;
case "subscr_cancel":
// user is marked as cancelled but retains access until end of term
$member->set_status('cancelled');
// set the use to no longer be recurring
delete_user_meta($user_id, 'rcp_paypal_subscriber');
do_action('rcp_ipn_subscr_cancel', $user_id);
die('successful subscr_cancel');
break;
case "subscr_failed":
do_action('rcp_ipn_subscr_failed');
die('successful subscr_failed');
break;
case "subscr_eot":
// user's subscription has reached the end of its term
if ('cancelled' !== $member->get_status($user_id)) {
$member->set_status('expired');
}
do_action('rcp_ipn_subscr_eot', $user_id);
die('successful subscr_eot');
break;
case "web_accept":
switch (strtolower($payment_status)) {
case 'completed':
// set this user to active
$member->renew();
$rcp_payments->insert($payment_data);
break;
case 'denied':
case 'expired':
case 'failed':
case 'voided':
$member->set_status('cancelled');
break;
}
die('successful web_accept');
break;
case "cart":
case "express_checkout":
default:
break;
}
} else {
if (isset($rcp_options['email_ipn_reports'])) {
// an invalid IPN attempt was made. Send an email to the admin account to investigate
wp_mail(get_bloginfo('admin_email'), __('Invalid IPN', 'rcp'), $listener->getTextReport());
}
status_header(400);
die('invalid IPN');
}
}
}
if ($verified) {
$req = 'cmd=_notify-validate&' . file_get_contents("php://input");
$raw_post = file_get_contents("php://input");
$post_array = $listener->decodePayPalIPN($raw_post);
$fields = array('payment_date', 'last_name', 'first_name', 'payer_business_name', 'payer_email', 'payer_id', 'os0', 'mc_gross', 'payment_status', 'payment_type', 'address_name', 'address_street', 'address_city', 'address_state', 'address_zip', 'contact_phone');
$new_array = array();
for ($i = 0; $i < count($fields); $i++) {
$new_array[$fields[$i]] = str_replace(array("\r", "\n", ","), '', $post_array[$fields[$i]]);
}
if (isset($post_array['custom'])) {
$custom_array = str_replace(',', '', $post_array['custom']);
$custom_array = explode('|', $custom_array);
$new_array['is_gift'] = $custom_array[0];
$new_array['age'] = $custom_array[1];
$new_array['gender'] = $custom_array[2];
$new_array['favorite_cheese'] = $custom_array[3];
$new_array['billing_first_name'] = $custom_array[4];
$new_array['billing_last_name'] = $custom_array[5];
$new_array['billing_address1'] = $custom_array[6];
$new_array['billing_address2'] = $custom_array[7];
$new_array['billing_city'] = $custom_array[8];
$new_array['billing_state'] = $custom_array[9];
$new_array['billing_zip'] = $custom_array[10];
$new_array['source'] = $custom_array[11];
}
$post_value_string = implode(',', $new_array);
file_put_contents('subscribers.csv', PHP_EOL . $post_value_string, FILE_APPEND);
} else {
mail('*****@*****.**', 'Invalid IPN', $listener->getTextReport());
}
}
// 3. Make sure the amount(s) paid match
// if ($_POST['mc_gross'] != '9.99') {
// $errmsg .= "'mc_gross' does not match: ";
// $errmsg .= $_POST['mc_gross']."\n";
// }
// 4. Make sure the currency code matches
if ($_POST['mc_currency'] != 'USD') {
$errmsg .= "'mc_currency' does not match: ";
$errmsg .= $_POST['mc_currency'] . "\n";
}
$txn_id = mysql_real_escape_string($_POST['txn_id']);
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
$body = "IPN failed fraud checks: \n{$errmsg}\n\n";
$body .= $listener->getTextReport();
mail('*****@*****.**', 'IPN Fraud Warning', $body);
}
// else {
if (isset($_POST['mc_gross'])) {
$mc_gross = $_POST['mc_gross'];
} else {
$mc_gross = $_POST['mc_gross_1'];
}
$payer_email = mysql_real_escape_string($_POST['payer_email']);
// $mc_gross = mysql_real_escape_string($_POST['mc_gross_1']);
$sql = "INSERT INTO forms.fw_meal_payments_2016 VALUES (NULL, '{$txn_id}', '{$payer_email}', '{$mc_gross}')";
$db->do_query($sql);
$payer_id = mysql_real_escape_string($_POST['custom']);
$sql = "UPDATE fw_program_meal_registration_2016 SET paid_for='1' WHERE payer_id='{$payer_id}' AND mop='paypal'";
$db->do_query($sql);
$sql = "SELECT * FROM paypal WHERE txn_id = '{$txn_id}'";
$r = mssql_query($sql);
if (!$r) {
error_log(mysql_error());
exit(0);
}
// $exists = mssql_query($r, 0);
$exists = mssql_num_rows($r);
mssql_free_result($r);
if ($exists != 0) {
$errmsg .= "'txn_id' has already been processed: " . $_POST['txn_id'] . "\n";
}
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
$body = "IPN failed fraud checks: \n{$errmsg}\n\n";
$body .= $listener->getTextReport();
mail($personalEmail, 'Paypal Buyer Notice!', $body);
error_log($body);
exit(0);
} else {
$payer_email = ms_escape_string($_POST['payer_email']);
$mc_gross = ms_escape_string($_POST['mc_gross']);
$username = ms_escape_string($_POST['custom']);
$timenow = date("y-m-d H:i:s", time());
$sql = "INSERT INTO paypal (txn_id,payer_email,mc_gross,username,date)VALUES \r\n ('{$txn_id}', '{$payer_email}', {$mc_gross}, '{$username}', '{$timenow}')";
// Add A logs of buys for server owner [Naty48] .
if (!mssql_query($sql)) {
error_log(mysql_error());
exit(0);
}
//silk update [NATY48]
if ($_SERVER['REQUEST_METHOD'] && $_SERVER['REQUEST_METHOD'] != 'POST') {
header('Allow: POST', true, 405);
throw new Exception("Invalid HTTP request method.");
}
}
}
$listener = new IpnListener();
$listener->use_sandbox = false;
try {
$verified = $listener->processIpn();
} catch (Exception $e) {
// fatal error trying to process IPN.
file_put_contents('paypal_ipn.log', $e . "\n\n-------------------------------------\n\n", FILE_APPEND);
exit(0);
}
file_put_contents('paypal_ipn.log', $listener->getTextReport(), FILE_APPEND);
if ($verified) {
// IPN response was "VERIFIED"
$wpdb->query($wpdb->prepare('UPDATE ' . CarRental::$db['booking'] . ' SET `paid_online` = ' . (double) $_POST['mc_gross'] . ', `status` = 1 WHERE MD5(CONCAT(`id_order`, %s, `email`)) = %s', CarRental::$hash_salt, $_POST['item_number']));
file_put_contents('paypal_ipn.log', '***VERIFIED*** - ' . $wpdb->prepare('UPDATE ' . CarRental::$db['booking'] . ' SET `paid_online` = ' . (double) $_POST['mc_gross'] . ', `status` = 1 WHERE MD5(CONCAT(`id_order`, %s, `email`)) = %s', CarRental::$hash_salt, $_POST['item_number']), FILE_APPEND);
// Send e-mail
if (isset($_POST['custom']) && !empty($_POST['custom'])) {
$emailBody = get_option('carrental_reservation_email_' . $_POST['custom']);
if ($emailBody == '') {
$emailBody = get_option('carrental_reservation_email_en_GB');
}
$emailSubject = get_option('carrental_reservation_email_subject_' . $_POST['custom']);
if ($emailSubject == '') {
$emailSubject = get_option('carrental_reservation_email_subject_en_GB');
}
} else {
}
if (isset($_POST['payer_email']) && !empty($_POST['payer_email'])) {
update_post_meta($property_id, 'property_payment_payer_email', $_POST['payer_email']);
}
if (isset($_POST['mc_currency']) && !empty($_POST['mc_currency'])) {
update_post_meta($property_id, 'property_payment_mc_currency', $_POST['mc_currency']);
}
if (isset($_POST['mc_gross']) && !empty($_POST['mc_gross'])) {
update_post_meta($property_id, 'property_payment_mc_gross', $_POST['mc_gross']);
}
if (isset($_POST['txn_id']) && !empty($_POST['txn_id'])) {
update_post_meta($property_id, 'property_payment_txn_id', $_POST['txn_id']);
}
update_post_meta($property_id, 'property_payment_status', $_POST['payment_status']);
if ($paypal_settings_auto_publish) {
$property = array('ID' => $property_id, 'post_status' => 'publish');
wp_update_post($property);
}
error_log("SUCCESS: " . $_POST['txn_id']);
}
//mail('YOUR EMAIL ADDRESS', 'Verified IPN', $listener->getTextReport());
wp_mail($paypal_settings_ipn_email_address, 'Verified IPN', $listener->getTextReport(), $headers);
} else {
/*
An Invalid IPN *may* be caused by a fraudulent transaction attempt. It's
a good idea to have a developer or sys admin manually investigate any
invalid IPN.
*/
//mail('YOUR EMAIL ADDRESS', 'Invalid IPN', $listener->getTextReport());
wp_mail($paypal_settings_ipn_email_address, 'Invalid IPN', $listener->getTextReport(), $headers);
}
/**
* @param string $subject
* @param string $content
* @param string $loggerMethodName
* @throws \Exception
*/
protected function sendNotificationAndLog($subject, $content, $loggerMethodName = 'info')
{
\Aijko\Paypal\Service\Notification::sendNotification(array('email' => $this->settings['notification']['from']['email'], 'name' => $this->settings['notification']['from']['name']), array('email' => $this->settings['notification']['to']['email'], 'name' => $this->settings['notification']['to']['name']), $subject, $content . "\n\n" . $this->ipnListener->getTextReport());
\Aijko\SharepointConnector\Utility\Logger::$loggerMethodName($subject, array($content . $this->ipnListener->getTextReport()));
}
function checkAndvalidateIPN()
{
if ($this->booLogEvents) {
ini_set('log_errors', true);
ini_set('error_log', $this->strLogfile);
}
include 'PHP-PayPal-IPN/ipnlistener.php';
$listener = new IpnListener();
$listener->use_sandbox = PAYPAL_SANDBOX;
$listener->use_ssl = true;
$listener->use_curl = false;
if (function_exists('curl_init')) {
$listener->use_curl = true;
}
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage());
exit(0);
}
if ($this->booLogEvents) {
error_log($listener->getTextReport());
}
if ($verified) {
if ($_POST['payment_status'] != 'Completed') {
if ($this->booLogEvents) {
error_log('FAIL - payment_status is not Completed');
}
return false;
}
if ($_POST['receiver_email'] != $this->strPaypalAccount) {
if ($this->booLogEvents) {
error_log('FAIL - receiver_email is: ' . $_POST['receiver_email'] . ' expected: ' . $this->strPaypalAccount);
}
return false;
}
if ($_POST['mc_currency'] != PAYPAL_CURRENCY) {
if ($this->booLogEvents) {
error_log('FAIL - currency is: ' . $_POST['mc_currency'] . ' expected: ' . PAYPAL_CURRENCY);
}
return false;
}
// process payment
$objPayment = new GSALES2_OBJECT_PAYMENT();
$objPayment->setPaymentProvider('paypal');
$objPayment->setAmount($_POST['mc_gross']);
$objPayment->setInvoiceId($_POST['custom']);
$objPayment->setTransactionId($_POST['txn_id']);
if ($this->booLogEvents) {
error_log('Payment object:' . print_r($objPayment, true));
}
// set invoice to paid
return $objPayment->checkPaidAmountAndSetInvoiceAsPaid();
} else {
if ($this->booLogEvents) {
error_log('!!! Invalid IPN !!! ');
}
}
}
if ($_POST['test_ipn'] == 1) {
$error .= "No test payment are allowed test_ipn: {$_POST['test_ipn']}\n";
}
}
$Facture = new Facture();
$facture = $Facture->getInfos($paypal_return['id_invoice']);
$societe = GetCompanyInfo();
if ($facture->is_paye > 0) {
$error .= "We received a paypal payment for invoice: {$facture->num_facture} but it has already been paid ?!\n";
}
if ($facture->is_abandoned > 0) {
$error .= "We received a paypal payment for invoice: {$facture->num_facture} but invoice got abandoned status?!\n";
}
}
if (!empty($error)) {
mail($paypal_params['email'], 'PAYPAL WARNING - IPN PROCESSING ERROR', $error . "\n\nDEBUG: \n\n" . $listener->getTextReport());
error_log($listener->getTextReport());
//Transaction OK
} else {
//Update invoice
$req_update_invoice = "UPDATE webfinance_invoices SET \n\t\tpayment_method\t= 'paypal', \n\t\tis_paye\t\t\t= 1, \n\t\tdate_paiement\t= NOW() \n\t\tWHERE id_facture = " . $paypal_return[id_invoice];
mysql_query($req_update_invoice) or die(error_log($req_update_invoice . ' ' . mysql_error()));
//Send email to staff
mail($paypal_params['email'], "FA: #{$facture->num_facture} / {$facture->nom_client} has been paid with Paypal by {$paypal_return['email']}", "FYI:\n\n" . $listener->getTextReport());
//Send email to client
$mails = array();
$from = '';
$fromname = '';
$subject = '';
$body = "Bonjour,\nVeuillez trouver ci-joint la facture numéro #{$facture->num_facture} de {$facture->nice_total_ttc} Euro payée par Paypal, transaction numéro : {$_POST['txn_id']}.\n\t\t\nPour visualiser et imprimer cette facture (au format PDF) vous pouvez utiliser \"Adobe Acrobat Reader\" disponible à l'adresse suivante :\nhttp://www.adobe.com/products/acrobat/readstep2.html\n\nCordialement,\nL'équipe {$societe->raison_sociale}.";
if (!$Facture->sendByEmail($paypal_return['id_invoice'], $mails, $from, $fromname, $subject, $body)) {
/*
Once you have a verified IPN you need to do a few more checks on the POST
fields--typically against data you stored in your database during when the
end user made a purchase (such as in the "success" page on a web payments
standard button). The fields PayPal recommends checking are:
1. Check the $_POST['payment_status'] is "Completed"
2. Check that $_POST['txn_id'] has not been previously processed
3. Check that $_POST['receiver_email'] is your Primary PayPal email
4. Check that $_POST['payment_amount'] and $_POST['payment_currency']
are correct
Since implementations on this varies, I will leave these checks out of this
example and just send an email using the getTextReport() method to get all
of the details about the IPN.
*/
//mail('YOUR EMAIL ADDRESS', 'Verified IPN', $listener->getTextReport());
require_once dirname(__FILE__) . '/../../../wp-load.php';
ini_set("display_errors", "1");
error_reporting(E_ALL);
require_once dirname(__FILE__) . '/../factory/WordpressIPNProcessorFactory.php';
$wip = WordpressIPNProcessorFactory::create($_POST);
$wip->identifyAndNotifySubscriber();
} else {
/*
An Invalid IPN *may* be caused by a fraudulent transaction attempt. It's
a good idea to have a developer or sys admin manually investigate any
invalid IPN.
*/
mail('YOUR EMAIL ADDRESS', 'Invalid IPN', $listener->getTextReport());
}
function rcp_check_ipn()
{
global $rcp_options;
if (!class_exists('IpnListener')) {
// instantiate the IpnListener class
include RCP_PLUGIN_DIR . 'includes/gateways/paypal/ipnlistener.php';
}
$listener = new IpnListener();
if (isset($rcp_options['sandbox'])) {
$listener->use_sandbox = true;
}
if (isset($rcp_options['ssl'])) {
$listener->use_ssl = true;
} else {
$listener->use_ssl = false;
}
//To post using the fsockopen() function rather than cURL, use:
if (isset($rcp_options['disable_curl'])) {
$listener->use_curl = false;
}
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
//exit(0);
}
/*
The processIpn() method returned true if the IPN was "VERIFIED" and false if it
was "INVALID".
*/
if ($verified || isset($_POST['verification_override']) || (isset($rcp_options['sandbox']) || isset($rcp_options['disable_ipn_verify']))) {
$posted = apply_filters('rcp_ipn_post', $_POST);
// allow $_POST to be modified
$user_id = $posted['custom'];
$subscription_name = $posted['item_name'];
$subscription_key = $posted['item_number'];
$amount = number_format((double) $posted['mc_gross'], 2);
$amount2 = number_format((double) $posted['mc_amount3'], 2);
$payment_status = $posted['payment_status'];
$currency_code = $posted['mc_currency'];
$subscription_id = rcp_get_subscription_id($user_id);
$subscription_price = number_format((double) rcp_get_subscription_price(rcp_get_subscription_id($user_id)), 2);
$user_data = get_userdata($user_id);
if (!$user_data || !$subscription_id) {
return;
}
if (!rcp_get_subscription_details($subscription_id)) {
return;
}
// setup the payment info in an array for storage
$payment_data = array('date' => date('Y-m-d g:i:s', strtotime($posted['payment_date'])), 'subscription' => $posted['item_name'], 'payment_type' => $posted['txn_type'], 'subscription_key' => $subscription_key, 'amount' => $amount, 'user_id' => $user_id, 'transaction_id' => $posted['txn_id']);
do_action('rcp_valid_ipn', $payment_data, $user_id, $posted);
if ($posted['txn_type'] == 'web_accept' || $posted['txn_type'] == 'subscr_payment') {
// only check for an existing payment if this is a payment IPD request
if (rcp_check_for_existing_payment($posted['txn_type'], $posted['payment_date'], $subscription_key)) {
$log_data = array('post_title' => __('Duplicate Payment', 'rcp'), 'post_content' => __('A duplicate payment was detected. The new payment was still recorded, so you may want to check into both payments.', 'rcp'), 'post_parent' => 0, 'log_type' => 'gateway_error');
$log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id);
$log_entry = WP_Logging::insert_log($log_data, $log_meta);
return;
// this IPN request has already been processed
}
/* do some quick checks to make sure all necessary data validates */
if ($amount < $subscription_price && $amount2 < $subscription_price) {
/*
// the subscription price doesn't match, so lets check to see if it matches with a discount code
if( ! rcp_check_paypal_return_price_after_discount( $subscription_price, $amount, $amount2, $user_id ) ) {
$log_data = array(
'post_title' => __( 'Price Mismatch', 'rcp' ),
'post_content' => sprintf( __( 'The price in an IPN request did not match the subscription price. Payment data: %s', 'rcp' ), json_encode( $payment_data ) ),
'post_parent' => 0,
'log_type' => 'gateway_error'
);
$log_meta = array(
'user_subscription' => $posted['item_name'],
'user_id' => $user_id
);
$log_entry = WP_Logging::insert_log( $log_data, $log_meta );
//return;
}
*/
}
if (strtolower($currency_code) != strtolower($rcp_options['currency'])) {
// the currency code is invalid
$log_data = array('post_title' => __('Invalid Currency Code', 'rcp'), 'post_content' => sprintf(__('The currency code in an IPN request did not match the site currency code. Payment data: %s', 'rcp'), json_encode($payment_data)), 'post_parent' => 0, 'log_type' => 'gateway_error');
$log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id);
$log_entry = WP_Logging::insert_log($log_data, $log_meta);
return;
}
}
if (isset($rcp_options['email_ipn_reports'])) {
wp_mail(get_bloginfo('admin_email'), __('IPN report', 'rcp'), $listener->getTextReport());
}
if (rcp_get_subscription_key($user_id) != $subscription_key) {
// the subscription key is invalid
$log_data = array('post_title' => __('Subscription Key Mismatch', 'rcp'), 'post_content' => sprintf(__('The subscription key in an IPN request did not match the subscription key recorded for the user. Payment data: %s', 'rcp'), json_encode($payment_data)), 'post_parent' => 0, 'log_type' => 'gateway_error');
$log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id);
$log_entry = WP_Logging::insert_log($log_data, $log_meta);
return;
}
/* now process the kind of subscription/payment */
$rcp_payments = new RCP_Payments();
// Subscriptions
switch ($posted['txn_type']) {
case "subscr_signup":
// when a new user signs up
// store the recurring payment ID
update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']);
// set the user's status to active
rcp_set_status($user_id, 'active');
if (!isset($rcp_options['disable_new_user_notices'])) {
wp_new_user_notification($user_id);
}
// send welcome email
rcp_email_subscription_status($user_id, 'active');
update_user_meta($user_id, 'rcp_recurring', 'yes');
do_action('rcp_ipn_subscr_signup', $user_id);
break;
case "subscr_payment":
// when a user makes a recurring payment
// record this payment in the database
$rcp_payments->insert($payment_data);
$subscription = rcp_get_subscription_details(rcp_get_subscription_id($user_id));
// update the user's expiration to correspond with the new payment
$member_new_expiration = date('Y-m-d H:i:s', strtotime('+' . $subscription->duration . ' ' . $subscription->duration_unit . ' 23:59:59'));
rcp_set_expiration_date($user_id, $member_new_expiration);
update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']);
// make sure the user's status is active
rcp_set_status($user_id, 'active');
update_user_meta($user_id, 'rcp_recurring', 'yes');
delete_user_meta($user_id, '_rcp_expired_email_sent');
do_action('rcp_ipn_subscr_payment', $user_id);
break;
case "subscr_cancel":
// user is marked as cancelled but retains access until end of term
rcp_set_status($user_id, 'cancelled');
// set the use to no longer be recurring
delete_user_meta($user_id, 'rcp_recurring');
delete_user_meta($user_id, 'rcp_paypal_subscriber');
// send sub cancelled email
rcp_email_subscription_status($user_id, 'cancelled');
do_action('rcp_ipn_subscr_cancel', $user_id);
break;
case "subscr_failed":
do_action('rcp_ipn_subscr_failed');
break;
case "subscr_eot":
// user's subscription has reach the end of its term
// set the use to no longer be recurring
delete_user_meta($user_id, 'rcp_recurring');
if ('cancelled' !== rcp_get_status($user_id)) {
rcp_set_status($user_id, 'expired');
// send expired email
rcp_email_subscription_status($user_id, 'expired');
}
do_action('rcp_ipn_subscr_eot', $user_id);
break;
case "cart":
return;
// get out of here
// get out of here
case "express_checkout":
return;
// get out of here
// get out of here
case "web_accept":
switch (strtolower($payment_status)) {
case 'completed':
if (isset($_POST['verification_override'])) {
// this is a method for providing a new expiration if it doesn't exist
$subscription = rcp_get_subscription_details_by_name($payment_data['subscription']);
// update the user's expiration to correspond with the new payment
$member_new_expiration = date('Y-m-d H:i:s', strtotime('+' . $subscription->duration . ' ' . $subscription->duration_unit . ' 23:59:59'));
rcp_set_expiration_date($user_id, $member_new_expiration);
}
// set this user to active
rcp_set_status($user_id, 'active');
$rcp_payments->insert($payment_data);
rcp_email_subscription_status($user_id, 'active');
if (!isset($rcp_options['disable_new_user_notices'])) {
// send welcome email here
wp_new_user_notification($user_id);
}
delete_user_meta($user_id, '_rcp_expired_email_sent');
break;
case 'denied':
case 'expired':
case 'failed':
case 'voided':
rcp_set_status($user_id, 'cancelled');
// send cancelled email here
break;
}
break;
default:
break;
}
} else {
if (isset($rcp_options['email_ipn_reports'])) {
// an invalid IPN attempt was made. Send an email to the admin account to investigate
wp_mail(get_bloginfo('admin_email'), __('Invalid IPN', 'rcp'), $listener->getTextReport());
}
}
}
}
$price = $sale ? ceil($packages[$item_number]['price'] * (100 - $sale)) / 100 : $packages[$item_number]['price'];
if ($payment_amount != $price) {
$errmsg .= "'mc_gross' does not match: ";
$errmsg .= $payment_amount . "\n";
}
if ($mc_currency != 'USD') {
$errmsg .= "'mc_currency' does not match: ";
$errmsg .= $mc_currency . "\n";
}
if ($db->query("SELECT `id` FROM `transactions` WHERE `txn_id` = '{$txn_id}' LIMIT 1")->getNumRows()) {
$errmsg .= "'txn_id' has already been processed: " . $txn_id . "\n";
}
if (!empty($errmsg)) {
$body = "IPN failed fraud checks: \n{$errmsg}\n\n";
$body .= $listener->getTextReport();
mail('*****@*****.**', 'IPN Fraud Warning', $body);
} else {
if ($packages[$item_number]['type'] == "credit") {
$db->query("UPDATE `users` SET `credits` = `credits` + {$packages[$item_number]['value']} WHERE `id`='{$userid}'");
} else {
if ($packages[$item_number]['type'] == "month") {
$time = "1 MONTH";
} else {
if ($packages[$item_number]['type'] == "annual") {
$time = "1 YEAR";
} else {
if ($packages[$item_number]['type'] == "life") {
$time = "20 YEAR";
}
}
function bizz_check_ipn_response()
{
if (isset($_GET['paypalListener']) && $_GET['paypalListener'] == 'paypal_standard_IPN') {
// variables
$listener = new IpnListener();
$listener->use_sandbox = TEST_MODE;
$listener->use_ssl = true;
$listener->use_curl = false;
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage(), 3, 'error_log');
exit(0);
}
if ($verified) {
// Get transaction details
$posted = $listener->getPostData();
// Post ID
$order_id = $posted['custom'];
$order_key = $posted['invoice'];
// Save details
$r = '';
foreach ($posted as $key => $value) {
$r .= str_pad($key, 25) . "{$value}<br/>";
}
$transaction_details = get_post_meta($order_id, 'bizzthemes_booking_paypal_details', 1);
$transaction_details = !empty($transaction_details) ? $transaction_details . '<br/><hr/><br/>' . $r : $r;
update_post_meta($order_id, 'bizzthemes_booking_paypal_details', $transaction_details);
// get booking meta
$booking_custom = get_post_custom($order_id);
foreach ($booking_custom as $key => $value) {
$bookopts[$key] = $value[0];
}
// Lowercase
$posted['payment_status'] = strtolower($posted['payment_status']);
$posted['txn_type'] = strtolower($posted['txn_type']);
// Sandbox fix
if ($posted['test_ipn'] == 1 && $posted['payment_status'] == 'pending') {
$posted['payment_status'] = 'completed';
}
// We are here so lets check status and do actions
switch ($posted['payment_status']) {
case 'completed':
// Check valid txn_type
$accepted_types = array('cart', 'instant', 'express_checkout', 'web_accept', 'masspay', 'send_money');
if (!in_array($posted['txn_type'], $accepted_types)) {
if (DEBUG_MODE) {
error_log('Invalid type:' . $posted['txn_type'], 3, 'error_log');
}
exit;
}
// Saved booking
$deposit_amount = get_post_meta($order_id, 'bizzthemes_car_pay_deposit', 1);
$total_amount = get_post_meta($order_id, 'bizzthemes_car_pay_total', 1);
// Validate Amount
if (round($deposit_amount, 2) != $posted['mc_gross']) {
if (DEBUG_MODE) {
error_log('Payment error: Amounts do not match (gross ' . $posted['mc_gross'] . ', saved ' . round($deposit_amount, 2) . ')', 3, 'error_log');
}
exit;
}
// Store PP Details
if (!empty($posted['payer_email'])) {
update_post_meta($order_id, 'bizzthemes_bookings_email', $posted['payer_email']);
}
if (!empty($posted['txn_id'])) {
update_post_meta($order_id, 'bizzthemes_car_transaction_id', $posted['txn_id']);
}
if (!empty($posted['first_name'])) {
update_post_meta($order_id, 'bizzthemes_bookings_fname', $posted['first_name']);
}
if (!empty($posted['last_name'])) {
update_post_meta($order_id, 'bizzthemes_bookings_lname', $posted['last_name']);
}
// Paid
update_post_meta($order_id, 'bizzthemes_car_pay_paid', round($posted['mc_gross'], 2));
// Completed?
if (round($total_amount, 2) == $posted['mc_gross']) {
update_post_meta($order_id, 'bizzthemes_bookings_status', 'approved');
}
break;
case 'denied':
case 'expired':
case 'failed':
case 'voided':
// Only handle full refunds, not partial
update_post_meta($order_id, 'bizzthemes_bookings_status', 'cancelled');
break;
case "refunded":
// Only handle full refunds, not partial
update_post_meta($order_id, 'bizzthemes_bookings_status', 'refunded');
update_post_meta($order_id, 'bizzthemes_car_pay_paid', '0');
booking_send_notification('refunded', $bookopts);
break;
case "reversed":
case "chargeback":
// Mark order as refunded
update_post_meta($order_id, 'bizzthemes_bookings_status', 'refunded');
update_post_meta($order_id, 'bizzthemes_car_pay_paid', '0');
break;
default:
// No action
break;
}
exit;
// error_log('getPaymentData: '.$r, 3, 'error_log');
//error_log('getTextReport: '.$listener->getTextReport(), 3, 'error_log');
// mail('*****@*****.**', 'Verified IPN', $listener->getTextReport());
} else {
/* zapis v bazo o napačni transakciji */
// mail('*****@*****.**', 'Invalid IPN', $listener->getTextReport());
error_log('getTextReport: ' . $listener->getTextReport(), 3, 'error_log');
}
}
}
if ($verified) {
/*
Once you have a verified IPN you need to do a few more checks on the POST
fields--typically against data you stored in your database during when the
end user made a purchase (such as in the "success" page on a web payments
standard button). The fields PayPal recommends checking are:
1. Check the $_POST['payment_status'] is "Completed"
2. Check that $_POST['txn_id'] has not been previously processed
3. Check that $_POST['receiver_email'] is your Primary PayPal email
4. Check that $_POST['payment_amount'] and $_POST['payment_currency']
are correct
Since implementations on this varies, I will leave these checks out of this
example and just send an email using the getTextReport() method to get all
of the details about the IPN.
*/
mail($mail, 'Verified IPN', $listener->getTextReport());
JLog::add("Verified IPN. UserId=" . $user->id . " Username="******" Remote IP=" . JTrinityCoreUtilities::getRemoteIP() . " Report=" . $listener->getTextReport(), JLog::INFO, 'ipn.php');
JLog::add("Verified IPN. Payment amount=" . JRequest::getVar('payment_amount') . " Receiver mail=" . JRequest::getVar('receiver_email') . " Payment status=" . JRequest::getVar('payment_status'), 'ipn.php');
// Check if succesfull to add the points to the user
if (JRequest::getVar('payment_status') == 'Completed' && !transactionExist(JRequest::getVar('txn_id'))) {
// Add transaction ID to the database with status COMPLETED
// Add points to the user
// Message OK to the user
} else {
// Add transaction id to the database with status NO completed
// Message failed to the user
}
} else {
/*
An Invalid IPN *may* be caused by a fraudulent transaction attempt. It's
a good idea to have a developer or sys admin manually investigate any
mysql_query($updatetbl);
mysql_query($record_transaction);
}
}
if ($_POST['custom'] == $package2) {
if ($_POST['mc_gross'] == $ore2) {
$updatetbl = sprintf("UPDATE dep SET tokens = tokens + {$package2} WHERE email = '{$useremail}'");
$record_transaction = sprintf("INSERT INTO transactions (registered_email, tokens_purchased, total_paid, first_name, last_name, paypal_email, date)\r\n VALUES ('{$useremail}','{$newtoken}','{$gross}','{$firstname}','{$lastname}','{$payeremail}','{$current_date}')");
mysql_query($updatetbl);
mysql_query($record_transaction);
}
}
if ($_POST['custom'] == $package3) {
if ($_POST['mc_gross'] == $ore3) {
$updatetbl = sprintf("UPDATE dep SET tokens = tokens + {$package3} WHERE email = '{$useremail}'");
$record_transaction = sprintf("INSERT INTO transactions (registered_email, tokens_purchased, total_paid, first_name, last_name, paypal_email, date)\r\n VALUES ('{$useremail}','{$newtoken}','{$gross}','{$firstname}','{$lastname}','{$payeremail}','{$current_date}')");
mysql_query($updatetbl);
mysql_query($record_transaction);
}
}
if ($_POST['custom'] == $package4) {
if ($_POST['mc_gross'] == $ore4) {
$updatetbl = sprintf("UPDATE dep SET tokens = tokens + {$package4} WHERE email = '{$useremail}'");
$record_transaction = sprintf("INSERT INTO transactions (registered_email, tokens_purchased, total_paid, first_name, last_name, paypal_email, date)\r\n VALUES ('{$useremail}','{$newtoken}','{$gross}','{$firstname}','{$lastname}','{$payeremail}','{$current_date}')");
mysql_query($updatetbl);
mysql_query($record_transaction);
}
}
} else {
mail($admin_email, 'Donator Express - Invalid Payment Detected - Payment Log', $listener->getTextReport());
}