/**
* This method is called whenever the IPN from PayPal is received
*
* The data from the IPN is verified and answered. After that,
* PayPal must reply again with either the "VERIFIED" or "INVALID"
* keyword.
* All parameter values are optional. Any that are non-empty are
* compared to their respective counterparts received in the post
* from PayPal. The verification fails if any comparison fails.
* You should consider the payment as failed whenever an empty
* (false or NULL) value is returned. The latter is intended for
* diagnostic purposes only, but will never be returned on success.
* @param string $amount The optional amount
* @param string $currency The optional currency code
* @param string $order_id The optional order ID
* @param string $customer_email The optional customer e-mail address
* @param string $account_email The optional PayPal account e-mail
* @return boolean True on successful verification,
* false on failure, or NULL when
* an arbitrary result is received.
*/
static function ipnCheck($amount = NULL, $currency = NULL, $order_id = NULL, $customer_email = NULL, $account_email = NULL)
{
global $objDatabase;
//DBG::log("ipnCheck($amount, $currency, $order_id, $customer_email, $account_email): Entered");
//DBG::log("Paypal::ipnCheck(): Checking POST");
if (empty($_POST['mc_gross']) || empty($_POST['mc_currency']) || empty($_POST['custom']) || empty($_POST['payer_email']) || empty($_POST['business'])) {
//DBG::log("Paypal::ipnCheck(): Incomplete IPN parameter values:");
//DBG::log(var_export($_POST, true));
return false;
}
// Copy the post from PayPal and prepend 'cmd'
$encoded = 'cmd=_notify-validate';
// Mind: It is absolutely necessary to clear keys not required for
// the verification. Otherwise, PayPal comes up with... nothing!
unset($_POST['section']);
unset($_POST['cmd']);
foreach ($_POST as $name => $value) {
$encoded .= '&' . urlencode($name) . '=' . urlencode($value);
}
//DBG::log("Paypal::ipnCheck(): Made parameters: $encoded");
// 20120530 cURL version
$host = \Cx\Core\Setting\Controller\Setting::getValue('paypal_active', 'Shop') ? 'www.paypal.com' : 'www.sandbox.paypal.com';
$uri = 'https://' . $host . '/cgi-bin/webscr?' . $encoded;
$res = $ch = '';
if (function_exists('curl_init')) {
$ch = curl_init();
}
if ($ch) {
curl_setopt($ch, CURLOPT_URL, $uri);
// Return the received data as a string
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$res = curl_exec($ch);
if (curl_errno($ch)) {
//DBG::log("Paypal::ipnCheck(): ERROR: cURL: ".curl_errno($ch)." - ".curl_error($ch));
return false;
}
curl_close($ch);
} else {
$res = file_get_contents($uri);
if (!$res) {
$res = Socket::getHttp10Response($uri);
}
if (!$res) {
//DBG::log("Paypal::ipnCheck(): ERROR: failed to connect to PayPal");
return false;
}
}
//DBG::log("Paypal::ipnCheck(): PayPal response: $res");
if (preg_match('/^VERIFIED/', $res)) {
//DBG::log("Paypal::ipnCheck(): PayPal IPN verification successful (VERIFIED)");
return true;
}
if (preg_match('/^INVALID/', $res)) {
// The payment failed.
//DBG::log("Paypal::ipnCheck(): PayPal IPN verification failed (INVALID)");
return false;
}
//DBG::log("Paypal::ipnCheck(): WARNING: PayPal IPN verification unclear (none of the expected results)");
return NULL;
}
/**
* Completes the payment transaction
* @access public
* @static
* @param array $arrOrder The attributes array
* @return boolean True on success, false otherwise
*/
static function payComplete($arrOrder)
{
$attributes = self::getAttributeList('payComplete', $arrOrder) . (\Cx\Core\Setting\Controller\Setting::getValue('saferpay_use_test_account', 'Shop') ? '&spPassword=XAjc3Kna' : '');
// This won't work without allow_url_fopen
$result = file_get_contents(self::$gateway['payComplete'] . '?' . $attributes);
if (!$result) {
// Try socket connection as well
$result = Socket::getHttp10Response(self::$gateway['payComplete'] . '?' . $attributes);
}
if (substr($result, 0, 2) == 'OK') {
return true;
}
self::$arrError[] = $result;
return false;
}
