/**
* Handle IPN's. The function may produce output, which would be returned to the Payment Gateway. The function may do transaction verification.
*
* @return array A long tuple of collected data.
*/
function handle_transaction()
{
if (file_exists(get_file_base() . '/data_custom/ecommerce.log') && is_writable_wrap(get_file_base() . '/data_custom/ecommerce.log')) {
$myfile = fopen(get_file_base() . '/data_custom/ecommerce.log', 'at');
fwrite($myfile, serialize($_POST) . chr(10));
fclose($myfile);
}
// assign posted variables to local variables
$purchase_id = post_param_integer('custom', '-1');
$txn_type = post_param('txn_type', NULL);
if ($txn_type == 'cart') {
require_lang('shopping');
$item_name = do_lang('CART_ORDER', $purchase_id);
} else {
$item_name = substr(post_param('txn_type', ''), 0, 6) == 'subscr' ? '' : post_param('item_name', '');
}
$payment_status = post_param('payment_status', '');
// May be blank for subscription
$reason_code = post_param('reason_code', '');
$pending_reason = post_param('pending_reason', '');
$memo = post_param('memo', '');
$mc_gross = post_param('mc_gross', '');
// May be blank for subscription
$tax = post_param('tax', '');
if ($tax != '' && intval($tax) > 0 && $mc_gross != '') {
$mc_gross = float_to_raw_string(floatval($mc_gross) - floatval($tax));
}
$mc_currency = post_param('mc_currency', '');
// May be blank for subscription
$txn_id = post_param('txn_id', '');
// May be blank for subscription
$parent_txn_id = post_param('parent_txn_id', '-1');
$receiver_email = post_param('receiver_email');
// post back to PayPal system to validate
if (!ecommerce_test_mode()) {
require_code('files');
$pure_post = isset($GLOBALS['PURE_POST']) ? $GLOBALS['PURE_POST'] : $_POST;
$x = 0;
$res = mixed();
do {
$res = http_download_file('http://' . (ecommerce_test_mode() ? 'www.sandbox.paypal.com' : 'www.paypal.com') . '/cgi-bin/webscr', NULL, false, false, 'ocPortal', $pure_post + array('cmd' => '_notify-validate'));
$x++;
} while (is_null($res) && $x < 3);
if (is_null($res)) {
my_exit(do_lang('IPN_SOCKET_ERROR'));
}
if (!(strcmp($res, 'VERIFIED') == 0)) {
if (post_param('txn_type', '') == 'send_money') {
exit('Unexpected');
}
// PayPal has been seen to mess up on send_money transactions, making the IPN unverifiable
my_exit(do_lang('IPN_UNVERIFIED') . ' - ' . $res . ' - ' . flatten_slashed_array($pure_post), strpos($res, '<html') !== false);
}
}
$txn_type = str_replace('-', '_', post_param('txn_type'));
if ($txn_type == 'subscr-modify') {
$payment_status = 'SModified';
$txn_id = post_param('subscr_id') . '-m';
} elseif ($txn_type == 'subscr_signup') {
$payment_status = 'Completed';
$mc_gross = post_param('mc_amount3');
if (post_param_integer('recurring') != 1) {
my_exit(do_lang('IPN_SUB_RECURRING_WRONG'));
}
$txn_id = post_param('subscr_id');
} elseif ($txn_type == 'subscr_eot' || $txn_type == 'recurring_payment_suspended_due_to_max_failed_payment') {
$payment_status = 'SCancelled';
$txn_id = post_param('subscr_id') . '-c';
} elseif ($txn_type == 'subscr_payment' || $txn_type == 'subscr_failed' || $txn_type == 'subscr_cancel') {
exit;
}
$primary_paypal_email = get_value('primary_paypal_email');
if (!is_null($primary_paypal_email)) {
if ($receiver_email != $primary_paypal_email) {
my_exit(do_lang('IPN_EMAIL_ERROR'));
}
} else {
if ($receiver_email != $this->_get_payment_address()) {
my_exit(do_lang('IPN_EMAIL_ERROR'));
}
}
if (addon_installed('shopping')) {
$this->store_shipping_address($purchase_id);
}
return array($purchase_id, $item_name, $payment_status, $reason_code, $pending_reason, $memo, $mc_gross, $mc_currency, $txn_id, $parent_txn_id);
}
/**
* Turn an array into a humanely readable string.
*
* @param array Array to convert
* @return string A humanely readable version of the array.
*/
function flatten_slashed_array($array)
{
$ret = '';
foreach ($array as $key => $val) {
if (is_array($val)) {
$val = flatten_slashed_array($val);
}
if (get_magic_quotes_gpc()) {
$val = stripslashes($val);
}
$ret .= '<param>' . (is_integer($key) ? strval($key) : $key) . '=' . $val . '</param>' . "\n";
// $key may be integer, due to recursion line for list fields, above
}
return $ret;
}
/**
* Log statistics for the page view.
*
* @param string The string to the page file
* @param integer The time taken for page loading in milliseconds
*/
function log_stats($string, $pg_time)
{
if (!addon_installed('stats')) {
return;
}
if (get_option('site_closed') == '1' && get_option('no_stats_when_closed', true) === '1') {
return;
}
if (get_option('super_logging') == '1' || get_param('track', NULL) !== NULL) {
$get = substr(flatten_slashed_array($_GET), 0, 255);
$post2 = $_POST;
unset($post2['password']);
unset($post2['password_confirm']);
unset($post2['decrypt']);
$post = flatten_slashed_array($post2);
} else {
$get = '';
$post = '';
}
$page = $string;
$ip = get_ip_address();
$member = get_member();
if (is_guest($member)) {
$member = -get_session_id();
}
$time = time();
$referer = substr(ocp_srv('HTTP_REFERER'), 0, 255);
$browser = substr(get_browser_string(), 0, 255);
$os = substr(get_os_string(), 0, 255);
if ($os === NULL) {
$os = '';
}
if (get_option('no_bot_stats', true) === '1' && (strpos(strtolower($browser), 'http:') !== false || strpos(strtolower($browser), 'bot') !== false || get_bot_type() !== NULL)) {
return;
}
$GLOBALS['SITE_DB']->query_insert('stats', array('access_denied_counter' => 0, 'browser' => $browser, 'operating_system' => $os, 'the_page' => $page, 'ip' => $ip, 'the_user' => $member, 'date_and_time' => $time, 'referer' => $referer, 'get' => $get, 'post' => $post, 'milliseconds' => intval($pg_time * 1000)), false, true);
if (mt_rand(0, 1000) == 1) {
$GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'stats WHERE date_and_time<' . strval(time() - 60 * 60 * 24 * intval(get_option('stats_store_time'))));
}
global $SITE_INFO;
if (isset($SITE_INFO['throttle_bandwidth_views_per_meg'])) {
set_value('page_views', strval(intval(get_value('page_views')) + 1));
}
}
