public function doPayment()
{
//This method verifies that the user has paid for what has purchased.
//First, make sure that the request came from Paypal
//Second, make sure the payment status is "Completed", which means the funds have been added to the merchant's account.
//Third, check the amount and currency
$verifyIPN = $this->verifyIPNRequest();
//Log the request, and then make sure it is from paypal
$tid = @$_REQUEST["custom"];
if (!$tid) {
//There is no transaction ID here. EXIT
return false;
}
$transaction = Transaction::getTransactionBasedOnTID($tid);
if (!$verifyIPN) {
$transaction->setStatus("Not verified, hacking attempt");
$transaction->save();
return false;
}
if (@$_REQUEST["payment_status"] != "Completed") {
$transaction->setStatus("Status is: " . @$_REQUEST["payment_status"]);
$transaction->save();
return false;
}
$paymentVerification = Module_EComm::verifyPayment(@$_POST["mc_gross"], @$_POST["mc_currency"], $tid);
if (!$paymentVerification[0]) {
$st = "The user has not paid for what they ordered. Amont paid is: " . $paymentVerification[1] . " " . $paymentVerification[2];
$st .= " Amount required is: " . $paymentVerification[3] . " " . $paymentVerification[4];
$transaction->setStatus($st);
$transaction->save();
return false;
}
$transaction->setStatus("Complete");
$transaction->save();
return true;
}
