function validate_transaction($item_name, $item_number, $quantity, $payment_amount, $payment_currency, $receiver_email, &$pg)
{
global $DB;
// $item_number is actually our page_id. Get the page.
if (KFuncs::is_natural($item_number)) {
$rs = $DB->select(K_TBL_PAGES, array('id', 'template_id'), "id = '" . $DB->sanitize($item_number) . "' AND page_title = '" . $DB->sanitize(trim($item_name)) . "'");
if (count($rs)) {
$rec = $rs[0];
$pg = new KWebpage($rec['template_id'], $rec['id']);
if (!$pg->error) {
for ($x = 0; $x < count($pg->fields); $x++) {
if ($pg->fields[$x]->name == 'pp_price') {
$pp_price = trim($pg->fields[$x]->get_data());
}
}
if (isset($pp_price)) {
// Validate payment made is not less than price * quantity (allow a little margin to take rounding into consideration)
if ($payment_amount < $pp_price * $quantity * 0.995) {
return KFuncs::raise_error('Payment made(' . $payment_amount . ') less than price(' . $pp_price . ') x quantity(' . $quantity . ')');
}
// Validate currency of payment matches currency of price
if (trim($payment_currency) != trim(K_PAYPAL_CURRENCY)) {
return KFuncs::raise_error('Payment currency(' . $payment_currency . ') does not match price currency(' . K_PAYPAL_CURRENCY . ')');
}
// Finally validate that the payment has been made to the right account
if (trim($receiver_email) != trim(K_PAYPAL_EMAIL)) {
return KFuncs::raise_error('Receiver email(' . $receiver_email . ') does not match seller\'s email(' . K_PAYPAL_EMAIL . ')');
}
// if we are here, everything is ok
return;
} else {
return KFuncs::raise_error('Item number(' . $item_number . ') has no price field associated');
}
} else {
return KFuncs::raise_error('Error occured while creating Page object for item number(' . $item_number . '). Error:' . $pg->err_msg . '');
}
} else {
return KFuncs::raise_error('No item number(' . $item_number . ') with the item_name(' . $item_name . ') found');
}
} else {
return KFuncs::raise_error('Invalid item number(' . $item_number . ')');
}
}
