/** * (non-PHPdoc) * @see IActionController::executeAction() */ public function executeAction($parameters) { // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&{$key}={$value}"; } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Host: " . $this->_websoccer->getConfig("paypal_host") . "\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen($this->_websoccer->getConfig("paypal_url"), 443, $errno, $errstr, 30); if (!$fp) { throw new Exception("Error on HTTP(S) request. Error: " . $errno . " " . $errstr); } else { fputs($fp, $header . $req); $response = ""; while (!feof($fp)) { $res = fgets($fp, 1024); $response .= $res; if (strcmp($res, "VERIFIED") == 0) { // PAYMENT VALIDATED & VERIFIED! // check receiver e-mail if (strtolower($parameters["receiver_email"]) != strtolower($this->_websoccer->getConfig("paypal_receiver_email"))) { EmailHelper::sendSystemEmail($this->_websoccer, $this->_websoccer->getConfig("systememail"), "Failed PayPal confirmation: Invalid Receiver", "Invalid receiver: " . $parameters["receiver_email"]); throw new Exception("Receiver E-Mail not correct."); } if ($parameters["payment_status"] != "Completed") { EmailHelper::sendSystemEmail($this->_websoccer, $this->_websoccer->getConfig("systememail"), "Failed PayPal confirmation: Invalid Status", "A paypment notification has been sent, but has an invalid status: " . $parameters["payment_status"]); throw new Exception("Payment status not correct."); } // credit amount to user $amount = $parameters["mc_gross"]; $userId = $parameters["custom"]; PremiumDataService::createPaymentAndCreditPremium($this->_websoccer, $this->_db, $userId, $amount, "paypal-notify"); // we can exit script execution here, since action is called in background die(200); } else { if (strcmp($res, "INVALID") == 0) { // PAYMENT INVALID & INVESTIGATE MANUALY! throw new Exception("Payment is invalid"); } } } fclose($fp); header('X-Error-Message: invalid paypal response: ' . $response, true, 500); die('X-Error-Message: invalid paypal response: ' . $response); } return null; }
/** * (non-PHPdoc) * @see IActionController::executeAction() */ public function executeAction($parameters) { $configKey = trim($this->_websoccer->getConfig("sofortcom_configkey")); if (!strlen($configKey)) { throw new Exception("Sofort.com configuration key is not configured."); } // verify user $userId = $parameters['u']; $result = $this->_db->querySelect("id", $this->_websoccer->getConfig("db_prefix") . "_user", "id = %d", $userId); $user = $result->fetch_array(); $result->free(); if (!$user) { throw new Exception("illegal user id"); } // read the notification from php://input (http://php.net/manual/en/wrappers.php.php) $SofortLib_Notification = new SofortLibNotification(); $TestNotification = $SofortLib_Notification->getNotification(file_get_contents('php://input')); // read data $SofortLibTransactionData = new SofortLibTransactionData($configKey); $SofortLibTransactionData->addTransaction($TestNotification); // verify transaction data $SofortLibTransactionData->sendRequest(); if ($SofortLibTransactionData->isError()) { EmailHelper::sendSystemEmail($this->_websoccer, $this->_websoccer->getConfig("systememail"), "Failed Sofort.com payment notification", "Error: " . $SofortLibTransactionData->getError()); throw new Exception($SofortLibTransactionData->getError()); } else { // verify status if ($SofortLibTransactionData->getStatus() != 'received') { EmailHelper::sendSystemEmail($this->_websoccer, $this->_websoccer->getConfig("systememail"), "Failed Sofort.com payment notification: invalid status", "Status: " . $SofortLibTransactionData->getStatus()); throw new Exception("illegal status"); } // credit amount $amount = $SofortLibTransactionData->getAmount(); PremiumDataService::createPaymentAndCreditPremium($this->_websoccer, $this->_db, $userId, $amount, "sofortcom-notify"); } return null; }