public function action_ipn()
{
//todo delete
//paypal::validate_ipn();
$this->auto_render = FALSE;
//START PAYPAL IPN
//manual checks
$id_order = Core::post('item_number');
$paypal_amount = Core::post('mc_gross');
$payer_id = Core::post('payer_id');
//retrieve info for the item in DB
$order = new Model_Order();
$order = $order->where('id_order', '=', $id_order)->where('status', '=', Model_Order::STATUS_CREATED)->limit(1)->find();
if ($order->loaded()) {
//same amount and same currency
if (Core::post('payment_status') == 'Completed' and Core::post('mc_gross') == number_format($order->amount, 2, '.', '') and Core::post('mc_currency') == $order->currency and Core::post('receiver_email') == core::config('payment.paypal_account') || Core::post('business') == core::config('payment.paypal_account')) {
//same price , currency and email no cheating ;)
if (paypal::validate_ipn()) {
$order->confirm_payment('paypal', Core::post('txn_id'), NULL, NULL, NULL, Core::post('mc_fee'));
} else {
Kohana::$log->add(Log::ERROR, 'A payment has been made but is flagged as INVALID');
$this->response->body('KO');
}
} else {
Kohana::$log->add(Log::ERROR, 'Attempt illegal actions with transaction');
$this->response->body('KO');
}
} else {
Kohana::$log->add(Log::ERROR, 'Order not loaded');
$this->response->body('KO');
}
$this->response->body('OK');
}
public function action_ipn()
{
//todo delete
//paypal::validate_ipn();
$this->auto_render = FALSE;
//START PAYPAL IPN
//manual checks
$id_order = Core::post('item_number');
$paypal_amount = Core::post('mc_gross');
$payer_id = Core::post('payer_id');
//retrieve info for the item in DB
$order = new Model_Order();
$order = $order->where('id_order', '=', $id_order)->where('status', '=', Model_Order::STATUS_CREATED)->limit(1)->find();
if ($order->loaded()) {
// detect product to be processed
if (is_numeric($order->id_product)) {
$id_category = new Model_Category();
$id_category = $id_category->where('id_category', '=', $order->id_product)->limit(1)->find();
$product_id = $id_category->id_category;
} else {
$product_id = $order->id_product;
}
if (Core::post('mc_gross') == number_format($order->amount, 2, '.', '') && Core::post('mc_currency') == core::config('payment.paypal_currency') && (Core::post('receiver_email') == core::config('payment.paypal_account') || Core::post('business') == core::config('payment.paypal_account'))) {
//same price , currency and email no cheating ;)
if (paypal::validate_ipn()) {
$order->confirm_payment($id_order, core::config('general.moderation'));
} else {
Kohana::$log->add(Log::ERROR, 'A payment has been made but is flagged as INVALID');
$this->response->body('KO');
}
} else {
Kohana::$log->add(Log::ERROR, 'Attempt illegal actions with transaction');
$this->response->body('KO');
}
} else {
Kohana::$log->add(Log::ERROR, 'Order not loaded');
$this->response->body('KO');
}
$this->response->body('OK');
}
