function _verify_postback() { // system $system_obj = mgm_get_class('system'); $dge = bool_from_yn($system_obj->get_setting('disable_gateway_emails')); // parse the paypal URL $url_parsed = parse_url($this->_get_endpoint()); // domain/host $domain = $url_parsed['host']; // str_replace('https://', '', $this->_get_endpoint()); // post vars $request = 'cmd=_notify-validate'; // loop post foreach ($_POST as $key => $value) { // strip //issue#: 552(verification fails if get_magic_quotes_gpc() turned off and doesn't strip slashes ) /*if (get_magic_quotes_gpc()) { $value = stripslashes($value); }*/ $value = mgm_stripslashes_deep($value); // request $request .= '&' . $key . '=' . urlencode($value); } // get conn @set_time_limit(60); // fosockopen if ($conn = @fsockopen("ssl://" . $domain, 443, $errno, $errstr, 60)) { fputs($conn, "POST /cgi-bin/webscr HTTP/1.1\r\n"); fputs($conn, "Host: " . $domain . "\r\n"); fputs($conn, "Content-type: application/x-www-form-urlencoded\r\n"); fputs($conn, "Content-length: " . strlen($request) . "\r\n"); fputs($conn, "Connection: close\r\n\r\n"); fputs($conn, $request . "\r\n\r\n"); // get response $response = ''; while (!feof($conn)) { $response .= fgets($conn, 1024); } // close fclose($conn); // close connection // check if (!preg_match('/VERIFIED/i', $response)) { // notify admin, only if gateway emails on if (!$dge) { $message = sprintf("sent a request to host: '%s'. \n\n <br />response was: \n\n <br />\r\r\n\t\t\t\t\t\t %s \n\n <br />post vars: <pre>%s</pre><br />\n", $domain, $response, print_r($_POST, true)); mgm_notify_admin('callback failed', $message); } else { // log mgm_log('PAYPAL verification failed(fsockopen): paypal', $this->module); } // error return false; } // valid return true; } elseif (extension_loaded('curl')) { // open $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->_get_endpoint()); curl_setopt($ch, CURLOPT_USERAGENT, 'Magic Members Membership Software'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded")); curl_setopt($ch, CURLOPT_POSTFIELDS, $request); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_NOPROGRESS, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_REFERER, get_option('siteurl')); curl_setopt($ch, CURLOPT_HEADER, 0); $response = curl_exec($ch); // check if (!preg_match('/VERIFIED/i', $response)) { // notify admin, only if gateway emails on if (!$dge) { $message = sprintf("sent a request to host: '%s'. \n\n <br />response was: \n\n <br />\r\r\n\t\t\t\t\t\t %s\n\n <br />post vars: <pre>%s</pre>", $domain, $response, print_r($_POST, true)); mgm_notify_admin('callback failed', $message); } else { // log mgm_log('PAYPAL verification failed(curl): paypal', $this->module); } // error return false; } // valid return true; } else { // notify admin, only if gateway emails on if (!$dge) { mgm_admin_mail('callback failed', sprintf('fsockopen/curl to %s failed. Would have sent: %s', $domain, $request)); } else { // log mgm_log('PAYPAL verification failed(NOT SENT): paypal', $this->module); } // error return false; } }
/** * Send Email Notification to Admin on IPN verification failed * * @uses mgm_notify_admin() * @param string $module * @return bool @send */ function mgm_notify_admin_ipn_verification_failed($module) { // subject $subject = sprintf('Error in %s IPN verification', ucwords($module)); // message $message = sprintf('Could not verify IPN:<br />post data: %s;', print_r($_POST, true)); // mail return @mgm_notify_admin(null, $subject, $message); }
/** * create recurring profile */ function _create_paypal_profile() { // double check if ($_POST['RESULT'] != 0) { return; } // @todo // void the auth // $this->_void_auth(); // tran $tran = mgm_get_transaction($_POST['M_CUSTOM']); // pack $pack = $tran['data']; // log // mgm_log($pack, $this->module . __FUNCTION__); // one time billing cycle if (isset($pack['num_cycles']) && (int) $pack['num_cycles'] == 1) { // log mgm_log('Exit Flag for One time billing', $this->module . __FUNCTION__); // exit return; } // log mgm_log('Process flag to Create Profile', $this->module . __FUNCTION__); // user data $user_id = $pack['user_id']; $user = get_userdata($user_id); // item $item = $this->get_pack_item($pack); // periods $pay_periods = array('d' => 'DAYS', 'w' => 'WEEK', 'm' => 'MONT', 'y' => 'YEAR'); // day not supported by Paypal $pay_terms = array('d' => 365, 'w' => 52, 'm' => 12, 'y' => 1); // secured $secured = array('PARTNER' => $this->setting['partner'], 'VENDOR' => $this->setting['vendor'], 'USER' => $this->setting['username'], 'PWD' => $this->setting['password'], 'MAXFAILPAYMENTS' => (int) $this->setting['max_failed_payments']); // greater than 0, set term to ongoing if ((int) $pack['num_cycles'] > 1) { $term = $pay_terms[$pack['duration_type']] * ($pack['num_cycles'] - 1); // reduce 1 since auth captures first payment right away } else { $term = 0; } // exprs $duration_exprs = mgm_get_class('subscription_packs')->get_duration_exprs(); //array('d'=>'DAY','w' => 'WEEK', 'm'=>'MONTH', 'y'=>'YEAR' ); // start date should be next billing cycle date, //date('mdY', strtotime('+1 DAY')),//MMDDYYYY $start_date = date('mdY', strtotime('+' . 1 * (int) $pack['duration'] . ' ' . $duration_exprs[$pack['duration_type']])); // method switch ($_POST['METHOD']) { case 'CC': // Credit Card DCC // comment $comment = sprintf('%s By %s', $item['name'], $user->user_email); # code... $data = array('TRXTYPE' => 'R', 'TENDER' => 'C', 'ACTION' => 'A', 'PROFILENAME' => $item['name'], 'ORIGID' => $_POST['PNREF'], 'START' => $start_date, 'PAYPERIOD' => $pay_periods[$pack['duration_type']], 'TERM' => $term, 'AMT' => $pack['cost'], 'EMAIL' => $user->user_email, 'DESC' => $item['name'], 'COMMENT1' => $this->_remove_special_chars($comment)); break; case 'P': // PayPal, EC // PayPal, EC default: // comment $comment = sprintf('%s By %s', $item['name'], $user->user_email); # code... $data = array('TRXTYPE' => 'R', 'TENDER' => 'P', 'ACTION' => 'A', 'PROFILENAME' => $item['name'], 'BAID' => isset($_POST['BAID']) && !empty($_POST['BAID']) ? $_POST['BAID'] : $_POST['PNREF'], 'START' => $start_date, 'PAYPERIOD' => $pay_periods[$pack['duration_type']], 'TERM' => $term, 'AMT' => $pack['cost'], 'EMAIL' => $user->user_email, 'DESC' => $item['name'], 'COMMENT1' => $this->_remove_special_chars($comment)); // check, notify admin if (!isset($_POST['BAID']) || empty($_POST['BAID'])) { // subject $subject = 'BAID missing in PayPal Payflow Profile Creation'; // message $message = sprintf('BAID missing in PayPal Payflow Profile Creation, Please contact PayPal, POST DATA: %s', print_r($_POST, true)); // send mgm_notify_admin(null, $subject, $message); // log mgm_log($message, $this->module . __FUNCTION__); } break; } // additional fields $this->_set_address_fields($user, $data); // merge $data = array_merge($secured, $data); // log mgm_log($data, $this->module . __FUNCTION__); // data $data_post = _http_build_query($data, null, '&', '', false); // do not encode // link $post_url = $this->_get_endpoint(); //issue #1508 $url_parsed = parse_url($post_url); // domain/host $domain = $url_parsed['host']; // headers $http_headers = array('POST /cgi-bin/webscr HTTP/1.1\\r\\n', 'Content-Type: application/x-www-form-urlencoded\\r\\n', 'Host: ' . $domain . '\\r\\n', 'Connection: close\\r\\n\\r\\n'); // post $http_response = mgm_remote_post($post_url, $data_post, array('headers' => $http_headers, 'timeout' => 30, 'sslverify' => false)); // parse $response = array(); // parse parse_str($http_response, $response); // log mgm_log($response, $this->module . __FUNCTION__); // profile id if ($response['RESULT'] == 0) { // set in post $_POST['PROFILEID'] = $response['PROFILEID']; // set in option mgm_add_transaction_option(array('transaction_id' => $_POST['M_CUSTOM'], 'option_name' => strtolower($this->module . '_PROFILEID'), 'option_value' => isset($_POST['PROFILEID']) ? $_POST['PROFILEID'] : '')); } }