function process_payment_return() { global $label; if ($_REQUEST['key'] != '') { $order_number = $_REQUEST['order_number']; //$order_number = _2CO_SID."-".$order_number; //.Demo mode:The order number used to create the Hash is forced to equal 1. This designates that the order is a demo order. if (_2CO_DEMO == 'Y') { $hash_order_number = 1; } else { $hash_order_number = $order_number; } $card_holder_name = $_REQUEST['card_holder_name']; $street_address = $_REQUEST['street_address']; $city = $_REQUEST['city']; $state = $_REQUEST['state']; $zip = $_REQUEST['zip']; $country = $_REQUEST['country']; $email = $_REQUEST['email']; $phone = $_REQUEST['phone']; $credit_card_processed = $_REQUEST['credit_card_processed']; // Y = successfull. K = pending $total = $_REQUEST['total']; $product_id = $_REQUEST['product_id']; // c2o product id $quantity = $_REQUEST['quantity']; // quantity $merchant_product_id = $_REQUEST['merchant_product_id']; // $cart_order_id = $_REQUEST['cart_order_id']; $cart_order_id = jb_strip_order_id($cart_order_id); $product_type = substr($cart_order_id, 0, 1); // 'P' or 'S' or 'M' $cart_order_id = substr($cart_order_id, 1); $product_description = $_REQUEST['product_description']; $x_MD5_Hash = strtolower($_REQUEST['key']); // md5 (secret word + vendor number + order number + total) foreach ($_REQUEST as $key => $val) { $req .= "&" . $key . "=" . $val; } _2co_log_entry("2checkout: " . $req); // process order $_2CO = new _2CO(); // load in the constants.. // md5 (secret word + vendor number + order number + total) $md5_str = _2CO_SECRET_WORD . _2CO_SID . $hash_order_number . $total; $hash = md5($md5_str); if (strcmp($hash, $x_MD5_Hash) == 0) { JBPLUG_do_callback('pay_trn_verification_passed', $cart_order_id, $product_type); if ($credit_card_processed == 'Y') { # Credit card processed OK if ($product_type == 'P') { JB_complete_package_invoice($cart_order_id, '2co'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_posts_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_posts_completed2']); ?> <p><?php echo $label['payment_posts_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'S') { JB_complete_subscription_invoice($cart_order_id, '2co'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_subscription_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_subscription_completed2']); ?> <p><?php echo $label['payment_subscription_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'M') { JB_complete_membership_invoice($cart_order_id, '2co'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_membership_completed']; ?> </p> </center> <?php } JBPLUG_do_callback('pay_trn_passed', $cart_order_id, $product_type); JB_debit_transaction($cart_order_id, $total, 'USD', $order_number, $reason, '2co', $product_type); } elseif ($credit_card_processed == 'K') { # credit card pending if ($product_type == 'P') { JB_pend_package_invoice($cart_order_id, '2co', ''); } elseif ($product_type == 'S') { JB_pend_subscription_invoice($cart_order_id, '2co', ''); } elseif ($product_type == 'M') { JB_pend_membership_invoice($cart_order_id, '2co', ''); } JBPLUG_do_callback('pay_trn_pending', $cart_order_id, $product_type); $label['payment_return_pending'] = str_replace("%PAYMENT_GW%", $this->name, $label['payment_return_pending']); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_return_pending']; ?> </p> </center> <?php } } else { JBPLUG_do_callback('pay_trn_verification_failed', $cart_order_id, $product_type); echo "Invalid."; echo "Invalid. Was this a demo transaction?" . "Has does not match...: [{$hash}] != [{$x_MD5_Hash}] (original string: " . $md5_str . ") "; JB__2co_mail_error("Has does not match...: [{$hash}] != [{$x_MD5_Hash}] (original string: " . $md5_str . ") "); } } ?> <p> </p> <p> </p> <p> </p> <p> </p> <?php }
function process_payment_return() { global $label; if ($_POST['Merchant_Id'] != '') { foreach ($_POST as $key => $value) { $req .= "&{$key}={$value}"; } cc_log_entry('ccAvenue:' . $req); $Checksum = cc_verifychecksum($_POST['Merchant_Id'], $_POST['Order_Id'], $_POST['Amount'], $_POST['AuthDesc'], $_POST['Checksum'], CCAVENUE_WORKING_KEY); $label['payment_ccave_go_back'] = str_replace("%ADV_LINK%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_ccave_go_back']); $invoice_id = jb_strip_order_id($_POST['Order_Id']); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); if ($Checksum == "true") { JBPLUG_do_callback('pay_trn_verification_passed', $invoice_id, $product_type); } else { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); } if ($Checksum == "true" && $_POST['AuthDesc'] == "Y") { if ($product_type == 'P') { JB_complete_package_invoice($invoice_id, 'ccAvenue'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_posts_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_posts_completed2']); ?> <p><?php echo $label['payment_posts_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'S') { JB_complete_subscription_invoice($invoice_id, 'ccAvenue'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_subscription_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_subscription_completed2']); ?> <p><?php echo $label['payment_subscription_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'M') { JB_complete_membership_invoice($invoice_id, 'ccAvenue'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_membership_completed']; ?> </p> </center> <?php } JBPLUG_do_callback('pay_trn_completed', $invoice_id, $product_type); JB_debit_transaction($invoice_id, $_POST['Amount'], CCAVENUE_CURRENCY, $_POST['Order_Id'], $reason, 'ccAvenue', $product_type); //Here you need to put in the routines for a successful //transaction such as sending an email to customer, //setting database status, informing logistics etc etc } else { if ($Checksum == "true" && $_POST['AuthDesc'] == "B") { if ($product_type == 'P') { JB_pend_package_invoice($invoice_id, 'ccAvenue', $_POST['AuthDesc']); } elseif ($product_type == 'S') { JB_pend_subscription_invoice($invoice_id, 'ccAvenue', $_POST['AuthDesc']); } elseif ($product_type == 'M') { JB_pend_membership_invoice($invoice_id, 'ccAvenue', $_POST['AuthDesc']); } JBPLUG_do_callback('pay_trn_pending', $invoice_id, $product_type); $label['payment_return_pending'] = str_replace("%PAYMENT_GW%", $this->name, $label['payment_return_pending']); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_return_pending']; ?> </p> </center> <?php //Here you need to put in the routines/e-mail for a "Batch Processing" order //This is only if payment for this transaction has been made by an American Express Card //since American Express authorisation status is available only after 5-6 hours by mail from ccavenue and at the "View Pending Orders" } else { if ($Checksum == "true" && $_POST['AuthDesc'] == "N") { JBPLUG_do_callback('pay_trn_failed', $invoice_id, $product_type); $label['payment_return_denied'] = str_replace("%PAYMENT_GW%", $this->name, $label['payment_return_denied']); echo $label["payment_return_denied"]; //Here you need to put in the routines for a failed //transaction such as sending an email to customer //setting database status etc etc ?> <?php } else { echo "<br>Security Error. Illegal access detected"; //Here you need to simply ignore this and dont need //to perform any operation in this condition } } } } ?> <p> </p> <p> </p> <p> </p> <p> </p> <?php }
function process_payment_return() { global $label; if ($_REQUEST['order_id'] != '' && $_REQUEST['nhezk5'] != '') { $invoice_id = jb_strip_order_id($_REQUEST['order_id']); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); if ($_SESSION['JB_ID'] == '') { echo "Error: You must be logged in to view this page"; JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); } else { JBPLUG_do_callback('pay_trn_verification_passed', $invoice_id, $product_type); ?> <div style='background-color: #ffffff; border-color:#C0C0C0; border-style:solid;padding:10px'> <p align="center"><center> <?php if ($product_type == 'P') { $sql = "SELECT * from package_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'S') { $sql = "SELECT * from subscription_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'M') { $sql = "SELECT * from membership_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and user_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error() . $sql); $order_row = mysql_fetch_array($result, MYSQL_ASSOC); if (BANK_TAX_RATE > 0) { if (BANK_ADD_TAX != 'Y') { // taxes included in prices // work out the tax paid in the amount $tax = $order_row['amount'] - $order_row['amount'] / (1.0 + BANK_TAX_RATE); } else { $tax = $order_row['amount'] * BANK_TAX_RATE; $order_row['amount'] = $order_row['amount'] + $tax; // update the amount on the invoice row if (!does_field_exist("package_invoices", "invoice_tax")) { $sql = "ALTER TABLE `package_invoices` ADD `invoice_tax` FLOAT NOT NULL DEFAULT '0';"; mysql_query($sql) or die($sql . mysql_error()); $sql = "ALTER TABLE `subscription_invoices` ADD `invoice_tax` FLOAT NOT NULL DEFAULT '0';"; mysql_query($sql) or die($sql . mysql_error()); $sql = "ALTER TABLE `membership_invoices` ADD `invoice_tax` FLOAT NOT NULL DEFAULT '0';"; mysql_query($sql) or die($sql . mysql_error()); } if ($product_type == 'P') { $sql = "UPDATE package_invoices SET invoice_tax='" . (0 - $tax) . "', amount = amount + '" . jb_escape_sql($order_row['amount']) . "' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "' AND invoice_tax != '' "; } elseif ($product_type == 'S') { $sql = "UPDATE subscription_invoices SET invoice_tax='" . (0 - $tax) . "', amount = amount + '" . jb_escape_sql($order_row['amount']) . "' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "' AND invoice_tax != ''"; } elseif ($product_type == 'M') { $sql = "UPDATE membership_invoices SET invoice_tax='" . (0 - $tax) . "', amount = amount + '" . jb_escape_sql($order_row['amount']) . "' WHERE invoice_id='" . jb_escape_sql($invoice_id) . "' and user_id='" . jb_escape_sql($_SESSION['JB_ID']) . "' AND invoice_tax != ''"; } } } if (BANK_ADVANCE_CREDIT == 'YES' && strtolower($order_row['status']) != 'pending') { // place the order as 'pending' and advance the credits if ($product_type == 'P') { // posting credits $order_row = JB_pend_package_invoice($invoice_id, $payment_method = 'bank', $pending_reason = 'jb_credit_advanced'); // credit the points to the customer's account JB_add_posting_credits($order_row); } if ($product_type == 'S') { // subscription to view resumes $order_row = JB_pend_subscription_invoice($invoice_id, $payment_method = 'bank', $pending_reason = 'jb_credit_advanced'); JB_start_employer_subscription($order_row); } if ($product_type == 'M') { // membership $order_row = JB_pend_membership_invoice($invoice_id, $payment_method = 'bank', $pending_reason = 'jb_credit_advanced'); JB_start_membership($order_row); } JBPLUG_do_callback('pay_trn_pending', $invoice_id, $product_type); } $bank_amount = JB_convert_to_currency($order_row['amount'], $order_row['currency_code'], BANK_CURRENCY); $bank_amount = JB_format_currency($bank_amount, BANK_CURRENCY, true); $label['payment_bank_heading'] = str_replace("%INVOICE_AMOUNT%", $bank_amount, $label['payment_bank_heading']); $label['payment_bank_note'] = str_replace("%CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $label['payment_bank_note']); $label['payment_bank_note'] = str_replace("%INVOICE_CODE%", $product_type . $invoice_id, $label['payment_bank_note']); $label['payment_bank_tax'] = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $label['payment_bank_tax']); if (JB_get_default_currency() != BANK_CURRENCY) { echo JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']) . " = " . $bank_amount; echo "<br>"; } ?> <table width="70%"><tr><td> <?php if (BANK_TAX_RATE > 0) { ?> <b><?php echo $label['payment_bank_tax']; ?> </b><br> <?php } ?> <b><?php echo $label['payment_bank_heading']; ?> </b><br> <?php if (BANK_NAME != '') { ?> <b><?php echo $label['payment_bank_name']; ?> </b> <?php echo BANK_NAME; ?> <br> <?php } ?> <?php if (BANK_ADDRESS != '') { ?> <b><?php echo $label['payment_bank_addr']; ?> </b> <?php echo BANK_ADDRESS; ?> <br> <?php } ?> <?php if (BANK_ACCOUNT_NAME != '') { ?> <b><?php echo $label['payment_bank_ac_name']; ?> </b> <?php echo BANK_ACCOUNT_NAME; ?> <br> <?php } ?> <?php if (BANK_ACCOUNT_NUMBER != '') { ?> <b><?php echo $label['payment_bank_ac_number']; ?> </b> <?php echo BANK_ACCOUNT_NUMBER; ?> <br> <?php } ?> <?php if (BANK_BRANCH_NUMBER != '') { ?> <b><?php echo $label['payment_bank_branch_number']; ?> </b> <?php echo BANK_BRANCH_NUMBER; ?> <br> <?php } ?> <?php if (BANK_SWIFT != '') { ?> <b><?php echo $label['payment_bank_swift']; ?> </b> <?php echo BANK_SWIFT; ?> <br> <?php } ?> <?php echo $label['payment_bank_note']; ?> </td></tr> </table> </p> </center> </div> <?php if ($order_row['user_type'] == 'C') { $sql = "Select * from users where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } else { $sql = "Select * from employers where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error()); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); if ($product_type == 'P') { $template_r = JB_get_email_template(60, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "P" . $order_row['invoice_id'], $msg); $msg = str_replace("%QUANTITY%", $order_row['posts_quantity'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%BANK_NAME%", BANK_NAME, $msg); $msg = str_replace("%BANK_ADDRESS%", BANK_ADDRESS, $msg); $msg = str_replace("%BANK_AC_SWIFT%", BANK_SWIFT, $msg); $msg = str_replace("%BANK_AC_CURRENCY%", BANK_CURRENCY, $msg); $msg = str_replace("%BANK_AC_BRANCH%", BANK_AC_BRANCH, $msg); $msg = str_replace("%AC_NAME%", BANK_ACCOUNT_NAME, $msg); $msg = str_replace("%AC_NUMBER%", BANK_ACCOUNT_NUMBER, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); if (BANK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 60); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'S') { // subscription invoice confirmed (id 80) $template_r = JB_get_email_template(80, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "S" . $order_row['invoice_id'], $msg); $msg = str_replace("%QUANTITY%", $order_row['posts_quantity'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%BANK_NAME%", BANK_NAME, $msg); $msg = str_replace("%BANK_ADDRESS%", BANK_ADDRESS, $msg); $msg = str_replace("%BANK_AC_SWIFT%", BANK_SWIFT, $msg); $msg = str_replace("%BANK_AC_CURRENCY%", BANK_CURRENCY, $msg); $msg = str_replace("%BANK_AC_BRANCH%", BANK_AC_BRANCH, $msg); $msg = str_replace("%AC_NAME%", BANK_ACCOUNT_NAME, $msg); $msg = str_replace("%AC_NUMBER%", BANK_ACCOUNT_NUMBER, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SUB_DURATION%", $order_row['months_duration'], $msg); if (BANK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 80); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'M') { // membership invoice confirmed (id 100) $template_r = JB_get_email_template(100, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, BANK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "M" . $order_row['invoice_id'], $msg); $msg = str_replace("%INVOICE_CODE%", "M" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%BANK_NAME%", BANK_NAME, $msg); $msg = str_replace("%BANK_ADDRESS%", BANK_ADDRESS, $msg); $msg = str_replace("%BANK_AC_SWIFT%", BANK_SWIFT, $msg); $msg = str_replace("%BANK_AC_CURRENCY%", BANK_CURRENCY, $msg); $msg = str_replace("%BANK_AC_BRANCH%", BANK_AC_BRANCH, $msg); $msg = str_replace("%AC_NAME%", BANK_ACCOUNT_NAME, $msg); $msg = str_replace("%AC_NUMBER%", BANK_ACCOUNT_NUMBER, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); if ($order_row['months_duration'] == '0') { $order_row['months_duration'] = $label['member_not_expire']; } $msg = str_replace("%MEM_DURATION%", $order_row['months_duration'], $msg); if (BANK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 100); JB_process_mail_queue(1, $email_id); } } JB_update_payment_method($product_type, $order_row['invoice_id'], "bank"); } } else { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); } }
function process_payment_return() { global $label; if (PAYPAL_USE_CURL == 'YES') { // cannot use cURL for PTD, use for IPN only //return false; } //////////// // Paypal ########################### // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-synch'; $tx_token = $_GET['tx']; $auth_token = PAYPAL_AUTH_TOKEN; $req .= "&tx={$tx_token}&at={$auth_token}"; $result = ''; if (PAYPAL_USE_CURL == 'YES') { // Use curl to post back to PayPAl // and put the result in a file. // open the file using $fp pp_log_entry('PDD - Using cURL to POST to PayPal'); $URL = "https://" . PAYPAL_SERVER . "/cgi-bin/webscr"; $ch = curl_init(); if (PAYPAL_CURL_PROXY != '') { curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, TRUE); curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); curl_setopt($ch, CURLOPT_PROXY, PAYPAL_CURL_PROXY); } //$req = "username=test&password=test"; curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_URL, $URL); curl_setopt($ch, CURLOPT_TIMEOUT, 20); curl_setopt($ch, CURLOPT_POST, TRUE); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); pp_log_entry('PDT posting to PayPal and using cURL: ' . $result); $result = curl_exec($ch); pp_log_entry(curl_error($ch)); curl_close($ch); pp_log_entry('PDD -Got this from result from cURL: ' . $result); $filename = JB_get_cache_dir() . md5(time() . PAYPAL_AUTH_TOKEN) . 'PDT.paypal'; $fp = fopen($filename, 'w'); fwrite($fp, $result, strlen($result)); $fp = fclose($fp); // open for reading $fp = fopen($filename, 'r'); } else { // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen(PAYPAL_SERVER, 80, $errno, $errstr, 30); // If possible, securely post back to paypal using HTTPS // Your PHP server will need to be SSL enabled // $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); } if (!$fp) { // HTTP ERROR //echo "fp error"; pp_log_entry('PDD -Could not open socket / file'); } else { if (PAYPAL_USE_CURL != 'YES') { fputs($fp, $header . $req); // post to paypal } // read the body data $res = ''; $headerdone = false; while (!feof($fp)) { $line = fgets($fp, 1024); if (strcmp($line, "\r\n") == 0) { // read the header $headerdone = true; } else { if ($headerdone) { // header has been read. now read the contents $res .= $line; } } } } fclose($fp); if (PAYPAL_USE_CURL == 'YES') { unlink($filename); } // parse the data $lines = explode("\n", $res); $keyarray = array(); if (strcmp($lines[0], "SUCCESS") == 0 || strpos($result, 'SUCCESS') !== false) { pp_log_entry('PDD - Notification verfified'); for ($i = 1; $i < count($lines); $i++) { list($key, $val) = explode("=", $lines[$i]); $keyarray[urldecode($key)] = urldecode($val); } //print_r($_REQUEST); // check the payment_status is Completed // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment $firstname = $keyarray['first_name']; $lastname = $keyarray['last_name']; $itemname = $keyarray['item_name']; $amount = $keyarray['payment_gross']; $txn_id = $keyarray['txn_id']; $mc_gross = $keyarray['mc_gross']; $mc_currency = $keyarray['mc_currency']; $payer_email = $keyarray['payer_email']; $payment_status = $keyarray['payment_status']; $invoice_id = jb_strip_order_id($keyarray['invoice']); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); JBPLUG_do_callback('pay_trn_verification_passed', $invoice_id, $product_type); if ($payment_status == 'Completed') { if ($product_type == 'P') { ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_posts_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER . 'manager.php', $label['payment_posts_completed2']); ?> <p><?php echo $label['payment_posts_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'S') { ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_subscription_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER . 'search.php', $label['payment_subscription_completed2']); ?> <p><?php echo $label['payment_subscription_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'M') { // membership completed ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php //$label['payment_membership_completed'] = str_replace("%URL%", JB_BASE_HTTP_PATH.JB_EMPLOYER_FOLDER, $label['payment_membership_completed']); ?> <p><?php echo $label['payment_membership_completed']; ?> </p> </center> <?php } $sql = "SELECT * FROM jb_txn WHERE txn_id='" . jb_escape_sql($txn_id) . "' and origin='PayPal' "; $result = JB_mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($result) > 0) { // already in the database, possibly entered in by the IPN System } else { if ($product_type == 'P') { JB_complete_package_invoice($invoice_id, 'PayPal'); } elseif ($product_type == 'S') { if (PAYPAL_MANUAL_APPROVE == 'Y') { pp_subscr_manual_approve($invoice_id); } else { JB_complete_subscription_invoice($invoice_id, 'PayPal'); } } elseif ($product_type == 'M') { JB_complete_membership_invoice($invoice_id, 'PayPal'); } JB_debit_transaction($invoice_id, $mc_gross, $mc_currency, $txn_id, $reason_code, 'PayPal', $product_type, $_REQUEST['subscr_id']); } JBPLUG_do_callback('pay_trn_completed', $invoice_id, $product_type); } elseif ($payment_status == 'Pending') { if ($product_type == 'P') { JB_pend_package_invoice($invoice_id, 'PayPal', $reason_code); } elseif ($product_type == 'S') { JB_pend_subscription_invoice($invoice_id, 'PayPal', $reason_code); } elseif ($product_type == 'M') { JB_pend_membership_invoice($invoice_id, 'PayPal', $reason_code); } JBPLUG_do_callback('pay_trn_pending', $invoice_id, $product_type); $label['payment_return_pending'] = str_replace("%PAYMENT_GW%", $this->name, $label['payment_return_pending']); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_return_pending']; ?> </p> </center> <?php } else { echo "Payment status: {$payment_status}"; } } else { if (strcmp($lines[0], "FAIL") == 0) { // log for manual investigation pp_log_entry('PDD - verification failed'); JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); echo $label['paypal_ipn_fail']; ?> <?php } } ?> <p> </p> <p> </p> <p> </p> <p> </p> <?php }
function process_payment_return() { global $label; if ($_REQUEST['order_id'] != '' && $_REQUEST['nhezk5'] != '') { $invoice_id = jb_strip_order_id($_REQUEST['order_id']); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); if ($_SESSION['JB_ID'] == '') { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); echo "Error: You must be logged in to view this page"; } else { JBPLUG_do_callback('pay_trn_verification_passed', $invoice_id, $product_type); ?> <div style='background-color: #ffffff; border-color:#C0C0C0; border-style:solid;padding:10px'> <p align="center"><center> <?php if ($product_type == 'P') { $sql = "SELECT * from package_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'S') { $sql = "SELECT * from subscription_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and employer_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } elseif ($product_type == 'M') { $sql = "SELECT * from membership_invoices where invoice_id='" . jb_escape_sql($invoice_id) . "' and user_id='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error() . $sql); $order_row = mysql_fetch_array($result, MYSQL_ASSOC); if (CHECK_TAX_RATE > 0) { if (CHECK_ADD_TAX != 'Y') { // work out the tax paid in the amount $tax = $order_row['amount'] - $order_row['amount'] / (1.0 + CHECK_TAX_RATE); } else { $tax = $order_row['amount'] * CHECK_TAX_RATE; $order_row['amount'] = $order_row['amount'] + $tax; } } if (CHECK_ADVANCE_CREDIT == 'YES' && strtolower($order_row['status']) != 'pending') { // place the order as 'pending' and advance the credits if ($product_type == 'P') { // posting credits $order_row = JB_pend_package_invoice($invoice_id, $payment_method = 'check', $pending_reason = 'jb_credit_advanced'); // credit the points to the customer's account JB_add_posting_credits($order_row); } if ($product_type == 'S') { // subscription to view resumes $order_row = JB_pend_subscription_invoice($invoice_id, $payment_method = 'check', $pending_reason = 'jb_credit_advanced'); JB_start_employer_subscription($order_row); } if ($product_type == 'M') { // membership $order_row = JB_pend_membership_invoice($invoice_id, $payment_method = 'check', $pending_reason = 'jb_credit_advanced'); JB_start_membership($order_row); } JBPLUG_do_callback('pay_trn_pending', $invoice_id, $product_type); } $check_amount = JB_convert_to_currency($order_row['amount'], $order_row['currency_code'], CHECK_CURRENCY); $check_amount = JB_format_currency($check_amount, CHECK_CURRENCY, true); $label['payment_check_sub_head'] = str_replace("%INVOICE_CODE%", $product_type . $_REQUEST['order_id'], $label['payment_check_sub_head']); echo $label['payment_check_sub_head']; $label['payment_check_heading'] = str_replace("%INVOICE_AMOUNT%", $check_amount, $label['payment_check_heading']); $label['payment_check_tax'] = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $label['payment_check_tax']); if (JB_get_default_currency() != CHECK_CURRENCY) { echo JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']) . " = " . $check_amount; echo "<br>"; } ?> <table width="70%"><tr><td> <?php if (CHECK_TAX_RATE > 0) { ?> <b><?php echo $label['payment_check_tax']; ?> </b><br> <?php } ?> <b><?php echo $label['payment_check_heading']; ?> </b><br> <?php if (CHECK_NAME != '') { ?> <b><?php echo $label['payment_check_payable']; ?> </b><pre><?php echo CHECK_PAYABLE; ?> </pre><br> <?php } ?> <?php if (CHECK_ADDRESS != '') { ?> <b><?php echo $label['payment_check_address']; ?> </b><pre><?php echo CHECK_ADDRESS; ?> </pre><br> <?php } ?> <?php /*if ( CHECK_ACCOUNT_NAME != '') { ?> <b><?php echo $label['payment_check_currency'];?></b><pre><?php echo CHECK_CURRENCY; ?></pre><br> <?php } */ ?> </td></tr> </table> </p> </center> </div> <?php if ($order_row['user_type'] == 'C') { $sql = "Select * from users where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } else { $sql = "Select * from employers where ID='" . jb_escape_sql($_SESSION['JB_ID']) . "'"; } $result = JB_mysql_query($sql) or die(mysql_error()); $e_row = mysql_fetch_array($result, MYSQL_ASSOC); if ($product_type == 'S') { $template_r = JB_get_email_template(81, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "S" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%SUB_DURATION%", $order_row['months_duration'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%PAYEE_NAME%", CHECK_PAYABLE, $msg); $msg = str_replace("%PAYEE_ADDRESS%", CHECK_ADDRESS, $msg); $msg = str_replace("%CHECK_CURRENCY%", CHECK_CURRENCY, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); //echo $msg; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); if (CHECK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 81); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'M') { $template_r = JB_get_email_template(101, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "S" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); if ($order_row['months_duration'] == '0') { $order_row['months_duration'] = $label['member_not_expire']; } $msg = str_replace("%MEM_DURATION%", $order_row['months_duration'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%PAYEE_NAME%", CHECK_PAYABLE, $msg); $msg = str_replace("%PAYEE_ADDRESS%", CHECK_ADDRESS, $msg); $msg = str_replace("%CHECK_CURRENCY%", CHECK_CURRENCY, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); //echo $msg; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); if (CHECK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 101); JB_process_mail_queue(1, $email_id); } } elseif ($product_type == 'P') { $template_r = JB_get_email_template(61, $_SESSION['LANG']); $template = mysql_fetch_array($template_r); $msg = $template['EmailText']; $from = $template['EmailFromAddress']; $from_name = $template['EmailFromName']; $subject = $template['EmailSubject']; $msg = str_replace("%INVOICE_TAX%", JB_format_currency($tax, CHECK_CURRENCY, true), $msg); $msg = str_replace("%FNAME%", $e_row['FirstName'], $msg); $msg = str_replace("%LNAME%", $e_row['LastName'], $msg); $msg = str_replace("%SITE_NAME%", JB_SITE_NAME, $msg); $msg = str_replace("%INVOICE_CODE%", "P" . $order_row['invoice_id'], $msg); $msg = str_replace("%ITEM_NAME%", $order_row['item_name'], $msg); $msg = str_replace("%QUANTITY%", $order_row['posts_quantity'], $msg); $msg = str_replace("%INVOICE_AMOUNT%", JB_convert_to_default_currency_formatted($order_row['currency_code'], $order_row['amount']), $msg); $msg = str_replace("%PAYEE_NAME%", CHECK_PAYABLE, $msg); $msg = str_replace("%PAYEE_ADDRESS%", CHECK_ADDRESS, $msg); $msg = str_replace("%CHECK_CURRENCY%", CHECK_CURRENCY, $msg); $msg = str_replace("%SITE_CONTACT_EMAIL%", JB_SITE_CONTACT_EMAIL, $msg); $msg = str_replace("%SITE_URL%", JB_BASE_HTTP_PATH, $msg); //echo $msg; $to = $e_row['Email']; $to_name = jb_get_formatted_name($e_row['FirstName'], $e_row['LastName']); if (CHECK_EMAIL_CONFIRM == 'YES') { $email_id = JB_queue_mail($to, $to_name, $from, $from_name, $subject, $msg, '', 61); JB_process_mail_queue(1, $email_id); } } JB_update_payment_method($product_type, $order_row['invoice_id'], "check"); } } else { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); } }
function process_payment_return() { global $label; if ($_POST['merchant_id'] != '') { $merchant_id = $_POST['merchant_id']; $transaction_id = $_POST['transaction_id']; $secret = strtoupper(MONEYBOOKERS_SECRET_WORD); $mb_amount = $_POST['mb_amount']; $mb_currency = $_POST['currency']; $status = $_POST['status']; $md5sig = $_POST['md5sig']; $status = $_POST['Status']; foreach ($_POST as $key => $value) { $req .= "&{$key}={$value}"; } mb_log_entry('moneybookers: ' . $req); $working_sig = strtoupper(md5($merchant_id . $transaction_id . $secret . $mb_amount . $mb_currency . $status)); $invoice_id = jb_strip_order_id($transaction_id); $product_type = substr($invoice_id, 0, 1); // 'P' or 'S' $invoice_id = substr($invoice_id, 1); if ($working_sig == $md5sig) { JBPLUG_do_callback('pay_trn_verification_passed', $invoice_id, $product_type); switch ($status) { case "-2": // failed $label['payment_return_denied'] = str_replace("%PAYMENT_GW%", $this->name, $label['payment_return_denied']); echo "<p align='center'> " . $label['payment_return_denied'] . "</p>"; JBPLUG_do_callback('pay_trn_failed', $invoice_id, $product_type); break; case "2": // processed ?> <?php if ($product_type == 'P') { JB_complete_package_invoice($invoice_id, 'moneybookers.com'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_posts_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_posts_completed2']); ?> <p><?php echo $label['payment_posts_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'S') { JB_complete_subscription_invoice($invoice_id, 'moneybookers.com'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <?php $label['payment_subscription_completed2'] = str_replace("%URL%", JB_BASE_HTTP_PATH . JB_EMPLOYER_FOLDER, $label['payment_subscription_completed2']); ?> <p><?php echo $label['payment_subscription_completed2']; ?> </p> </center> <?php } elseif ($product_type == 'M') { JB_complete_membership_invoice($invoice_id, 'moneybookers.com'); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_membership_completed']; ?> </p> </center> <?php } JBPLUG_do_callback('pay_trn_completed', $invoice_id, $product_type); JB_debit_transaction($transaction_id, $mb_amount, MONEYBOOKERS_CURRENCY, $_POST['transaction_id'], $reason, 'moneybookers.com', $product_type); break; case "1": // scheduled (wait for 2 or -2) break; case "0": // pending if ($product_type == 'P') { JB_pend_package_invoice($invoice_id, 'moneybookers.com'); } elseif ($product_type == 'S') { JB_pend_subscription_invoice($invoice_id, 'moneybookers.com'); } JBPLUG_do_callback('pay_trn_pending', $invoice_id, $product_type); $label['payment_return_pending'] = str_replace("%PAYMENT_GW%", $this->name, $label['payment_return_pending']); ?> <center> <img src="<?php echo JB_SITE_LOGO_URL; ?> "> <p><?php echo $label['payment_return_pending']; ?> </p> </center> <?php break; case "-1": // cancelled break; } } else { JBPLUG_do_callback('pay_trn_verification_failed', $invoice_id, $product_type); echo "Invalid signiture"; } } ?> <!-- <p align="center"> Your order is being processed. To get the status of your order, please go to the <a href="credits.php">Credits Page</a> or <a href="subscriptions.php">Subscription Page</a></p> --> <p> </p> <p> </p> <p> </p> <p> </p> <?php }