public function verifyPurchase($userId, $itemId, $transactions)
{
$transactionId = null;
$transactions = json_decode(stripslashes($transactions));
for ($i = 0; $i < count($transactions); $i++) {
if ($transactions[$i]->itemId == $itemId) {
$transactionId = $transactions[$i]->transactionId;
}
}
if ($transactionId) {
$postDetails = array(USER => UID, PWD => PASSWORD, SIGNATURE => SIG, METHOD => "GetTransactionDetails", VERSION => VER, TRANSACTIONID => $transactionId);
$arrPostVals = array_map(create_function('$key, $value', 'return $key."=".$value."&";'), array_keys($postDetails), array_values($postDetails));
$postVals = rtrim(implode($arrPostVals), "&");
$response = parseString(runCurl(URLBASE, $postVals));
$custom = explode("%2c", $response["CUSTOM"]);
if (getUserId() == $custom[0] && $itemId == $custom[1]) {
// ADDED LINE TO GET KS SESSION
$ks = getSession($itemId, $userId);
// ADD KS to ARRAY
$returnObj = array(success => true, error => "", transactionId => $response["TRANSACTIONID"], orderTime => $response["ORDERTIME"], paymentStatus => $response["PAYMENTSTATUS"], itemId => $itemId, userId => $userId, ks => $ks);
}
} else {
$returnObj = array(success => false, error => "Item not found in transaction history");
}
echo json_encode($returnObj);
}
header("Content-Type: application/json");
echo "[{data {error: '{$e}'}}]";
}
}
//
function runCurl($params)
{
$postParams = "";
if (isset($params) && strlen($params) > 1) {
$postParams = "-d '" . $params . "'";
}
$runCmd = "curl -H 'content-type:application/json' {$postParams} " . $_GET['url'];
error_log("run cmd: " . $runCmd . "\n\n");
$output = shell_exec($runCmd);
error_log("exec ret: {$output}");
header("Content-Type: application/json");
echo "{$output}";
}
//
if (isset($_GET['url']) && isset($_GET['limit'])) {
$tmpParams = isset($cursor) ? "?cursor=" . $cursor . "&limit=" . $_GET['limit'] : "?limit=" . $_GET['limit'];
$tmpUrl = urldecode($_GET['url'] . $tmpParams);
error_log("===> Fetching GET: {$tmpUrl} with limit: " . $_GET['limit']);
getUrl($tmpUrl);
} elseif (isset($_GET['url']) && !isset($postData)) {
getUrl($_GET['url']);
} else {
error_log("=== postData: {$postData}");
runCurl($postData);
// TODO: should be $_POST
}
<?php
include_once "../../config/config.php";
session_start();
$api_endpoint = 'https://pilot-payflowpro.paypal.com';
$returl_url = 'http://api.local/api/PayFlowEC/return.php';
$cancel_url = $returl_url;
$process_amt = $_POST['amount'];
$_SESSION['amount'] = $process_amt;
// Send EC rerdirect to
// https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=<EC-TOKEN>
$api_request_params = array('TRXTYPE' => $_POST['trxtype'], 'ACTION' => $_POST['action'], 'AMT' => $_POST['amount'], 'CANCELURL' => $cancel_url, 'RETURNURL' => $returl_url, 'PARTNER' => $config['payFlow']['PARTNER'], 'PWD' => $config['payFlow']['PWD'], 'USER' => $config['payFlow']['USER'], 'VENDOR' => $config['payFlow']['VENDOR'], 'TENDER' => 'P');
$nvp = toNVP($api_request_params);
$result = runCurl($api_endpoint, $nvp);
$result_array = ppResponse($result);
printVars($result_array);
$ec_token = $result_array['TOKEN'];
$output = "Total: \${$process_amt}<br/><br/>";
$output .= '<a href="https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout
&token=' . urldecode($ec_token) . '" class="ec-submit">Click to Continue</a>';
echo $output;
<?php
include_once "../../config/config.php";
$reference_amt = $_POST['newamount'];
$api_endpoint = 'https://pilot-payflowpro.paypal.com';
$api_request_params = array('TRXTYPE' => 'S', 'USER' => $config['payFlow']['USER'], 'TENDER' => 'C', 'VENDOR' => $config['payFlow']['VENDOR'], 'PARTNER' => $config['payFlow']['PARTNER'], 'PWD' => $config['payFlow']['PWD'], 'ORIGID' => $_POST['pnref'], 'CURRENCY' => 'USD', 'AMT' => $reference_amt);
$params = toNVP($api_request_params);
$result = runCurl($api_endpoint, $params);
$result_array = ppResponse($result);
printVars($result_array);
