public function doPayment() { //This method verifies that the user has paid for what has purchased. //First, make sure that the request came from Paypal //Second, make sure the payment status is "Completed", which means the funds have been added to the merchant's account. //Third, check the amount and currency $verifyIPN = $this->verifyIPNRequest(); //Log the request, and then make sure it is from paypal $tid = @$_REQUEST["custom"]; if (!$tid) { //There is no transaction ID here. EXIT return false; } $transaction = Transaction::getTransactionBasedOnTID($tid); if (!$verifyIPN) { $transaction->setStatus("Not verified, hacking attempt"); $transaction->save(); return false; } if (@$_REQUEST["payment_status"] != "Completed") { $transaction->setStatus("Status is: " . @$_REQUEST["payment_status"]); $transaction->save(); return false; } $paymentVerification = Module_EComm::verifyPayment(@$_POST["mc_gross"], @$_POST["mc_currency"], $tid); if (!$paymentVerification[0]) { $st = "The user has not paid for what they ordered. Amont paid is: " . $paymentVerification[1] . " " . $paymentVerification[2]; $st .= " Amount required is: " . $paymentVerification[3] . " " . $paymentVerification[4]; $transaction->setStatus($st); $transaction->save(); return false; } $transaction->setStatus("Complete"); $transaction->save(); return true; }