function validate_transaction($item_name, $item_number, $quantity, $payment_amount, $payment_currency, $receiver_email, &$pg) { global $DB; // $item_number is actually our page_id. Get the page. if (KFuncs::is_natural($item_number)) { $rs = $DB->select(K_TBL_PAGES, array('id', 'template_id'), "id = '" . $DB->sanitize($item_number) . "' AND page_title = '" . $DB->sanitize(trim($item_name)) . "'"); if (count($rs)) { $rec = $rs[0]; $pg = new KWebpage($rec['template_id'], $rec['id']); if (!$pg->error) { for ($x = 0; $x < count($pg->fields); $x++) { if ($pg->fields[$x]->name == 'pp_price') { $pp_price = trim($pg->fields[$x]->get_data()); } } if (isset($pp_price)) { // Validate payment made is not less than price * quantity (allow a little margin to take rounding into consideration) if ($payment_amount < $pp_price * $quantity * 0.995) { return KFuncs::raise_error('Payment made(' . $payment_amount . ') less than price(' . $pp_price . ') x quantity(' . $quantity . ')'); } // Validate currency of payment matches currency of price if (trim($payment_currency) != trim(K_PAYPAL_CURRENCY)) { return KFuncs::raise_error('Payment currency(' . $payment_currency . ') does not match price currency(' . K_PAYPAL_CURRENCY . ')'); } // Finally validate that the payment has been made to the right account if (trim($receiver_email) != trim(K_PAYPAL_EMAIL)) { return KFuncs::raise_error('Receiver email(' . $receiver_email . ') does not match seller\'s email(' . K_PAYPAL_EMAIL . ')'); } // if we are here, everything is ok return; } else { return KFuncs::raise_error('Item number(' . $item_number . ') has no price field associated'); } } else { return KFuncs::raise_error('Error occured while creating Page object for item number(' . $item_number . '). Error:' . $pg->err_msg . ''); } } else { return KFuncs::raise_error('No item number(' . $item_number . ') with the item_name(' . $item_name . ') found'); } } else { return KFuncs::raise_error('Invalid item number(' . $item_number . ')'); } }