die("ERROR ON PAGE!");
}
$itemArr = array();
$id = $_SESSION["id"];
$query = "SELECT txn_id, PROD_NAME, purchase_date, quantity,bz_bookstore.id FROM shop_ipn,bz_bookstore WHERE user_id = '{$id}' AND shop_ipn.upc = bz_bookstore.upc";
$result = mysql_query($query);
$i = 0;
while ($row = mysql_fetch_assoc($result)) {
$itemArr[$i]["txn_id"] = $row["txn_id"];
$itemArr[$i]["PROD_NAME"] = $row["PROD_NAME"];
$itemArr[$i]["purchase_date"] = $row["purchase_date"];
$itemArr[$i]["quantity"] = $row["quantity"];
$itemArr[$i]["id"] = $row["id"];
$i++;
}
$giftObj = new lib_giftPoint($id);
$point = $giftObj->point;
$reduce = $giftObj->getReduction();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<style>
#main{
margin-top:20px;
margin-left:50px;
margin-right:50px;
font-size:15px;
}
public function displayPaypalForm()
{
$xStatus = new lib_userStatus();
?>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" class="paypal_btn">
<input type="hidden" value="utf-8" name="charset">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="*****@*****.**">
<input type="hidden" name="currency_code" value="US">
<?php
for ($i = 0; $i < count($this->itemArr); $i++) {
?>
<input type="hidden" name="item_name_<?php
echo $i + 1;
?>
" value="<?php
echo $this->itemArr[$i]["PROD_NAME"];
?>
">
<input type="hidden" name="amount_<?php
echo $i + 1;
?>
" value="<?php
echo $xStatus->price($this->itemArr[$i]["RETAIL"]);
?>
">
<input type="hidden" name="quantity_<?php
echo $i + 1;
?>
" value="<?php
echo $this->itemArr[$i]["quantity"];
?>
">
<?php
}
$pointObj = new lib_giftPoint($this->id);
$pointObj->applyDiscountHTML($this->getCostTotal());
?>
<input TYPE="hidden" name="return" value="http://jewel.ziggyism.com/test/BZcomic/confirm2.php">
<input TYPE="hidden" name="cancel_return" value="http://jewel.ziggyism.com/test/BZcomic/index.php">
<input type="hidden" name="notify_url" value="http://jewel.ziggyism.com/test/BZcomic/ipn/shop_ipn.php">
<input type="hidden" name="custom" value="<?php
echo $this->id;
?>
">
<input type="image" src="images/paypal_btn.jpg" width="150" height="30" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
<?php
}
curl_close($ch);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$user_custom = $_POST['custom'];
if (isset($user_custom)) {
//&&lib_int_validate($user_custom)
$id = mysql_real_escape_string($user_custom);
$obj = new cartDisplayer($id);
$obj2 = new lib_giftPoint($id);
}
if (strcmp($res, "VERIFIED") == 0) {
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
if ($payment_status == 'Completed') {
$query = "SELECT 'txn_id' FROM shop_ipn WHERE txn_id ='" . $txn_id . "'";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0) {
if ($receiver_email == '*****@*****.**') {
$totalcost = $obj->getCostTotal();
$shipcost = getShippingCost($obj->getItemTotal());
$taxcost = getTaxCost($totalcost);
