/**
* Order is completed = payment done.
* Update event booking meta to indicate this, for Event-related Products.
*/
function mp_product_order_paid($order)
{
$user_id = $order->post_author;
$total_payment = $event_ids = array();
if (is_array($order->mp_cart_info) && count($order->mp_cart_info)) {
foreach ($order->mp_cart_info as $product_id => $variations) {
foreach ($variations as $variation) {
$event_id = $this->order_to_event_id($product_id, $variation);
if (!$event_id) {
continue;
}
$event_ids[] = $event_id;
$tickets = !empty($total_payment[$event_id]) ? $total_payment[$event_id] : array('count' => 0, 'order_id' => $order->ID, 'product_id' => $product_id);
$tickets['count'] += (int) $variation['quantity'];
$total_payment[$event_id] = $tickets;
}
}
}
$user_bookings = array();
$event_ids = join(',', array_unique($event_ids));
global $wpdb;
$table = Eab_EventsHub::tablename(Eab_EventsHub::BOOKING_TABLE);
$bookings = $wpdb->get_results($wpdb->prepare("SELECT event_id,id FROM {$table} WHERE user_id=%d AND event_id IN ({$event_ids})", $user_id));
foreach ($bookings as $booking) {
$user_bookings[$booking->event_id] = $booking->id;
}
foreach ($total_payment as $event_id => $booking_info) {
if (empty($user_bookings[$event_id])) {
//continue; // Possibly paying for wrong variation!
// Well, the guy apparently paid... so book him
$wpdb->query($wpdb->prepare("INSERT INTO " . Eab_EventsHub::tablename(Eab_EventsHub::BOOKING_TABLE) . " VALUES(null, %d, %d, NOW(), 'yes') ON DUPLICATE KEY UPDATE `status` = 'yes';", $event_id, $user_id));
$user_bookings[$event_id] = $wpdb->insert_id;
// --todo: Add to BP activity stream
do_action('incsub_event_booking_yes', $event_id, $user_id);
// End booking extras
}
$booking_id = $user_bookings[$event_id];
Eab_EventModel::update_booking_meta($booking_id, 'booking_transaction_key', serialize($booking_info));
Eab_EventModel::update_booking_meta($booking_id, 'booking_ticket_count', $booking_info['count']);
}
}
/**
* Approve a payment on the admin side
*/
function approve_payment()
{
$user_id = $_POST["user_id"];
$event_id = $_POST["event_id"];
if (!$user_id or !$event_id) {
die(json_encode(array("error" => "User ID or Event ID is missing")));
}
$payments = maybe_unserialize(stripslashes(Eab_EventModel::get_booking_meta($event_id, "manual_payment")));
if (!is_array($payments)) {
die(json_encode(array("error" => "Record could not be found")));
} else {
foreach ($payments as $key => $payment) {
if ($payment["id"] == $user_id) {
$payments[$key]["stat"] = "paid";
$payments = array_filter(array_unique($payments));
Eab_EventModel::update_booking_meta($event_id, "manual_payment", serialize($payments));
die;
}
}
}
die(json_encode(array("error" => "Record could not be found")));
}
function process_paypal_ipn()
{
$req = 'cmd=_notify-validate';
$request = $_REQUEST;
$post_values = "";
$cart = array();
foreach ($request as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
$post_values .= " {$key} : {$value}\n";
}
$pay_to_email = $request['receiver_email'];
$pay_from_email = $request['payer_email'];
$transaction_id = $request['txn_id'];
$status = $request['payment_status'];
$amount = $request['mc_gross'];
$ticket_count = $request['quantity'];
// Ticket count is the number of paid for tickets
$currency = $request['mc_currency'];
$test_ipn = $request['test_ipn'];
$event_id = $request['item_number'];
$booking_id = (int) $request['booking_id'];
$blog_id = (int) $request['blog_id'];
if (is_multisite()) {
switch_to_blog($blog_id);
}
$eab_options = get_option('incsub_event_default');
$header = "";
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.1\r\n";
// Sandbox host: http://stackoverflow.com/questions/17477815/receiving-error-invalid-host-header-from-paypal-ipn
if ((int) @$eab_options['paypal_sandbox'] == 1) {
$header .= "Host: www.sandbox.paypal.com\r\n";
} else {
$header .= "Host: www.paypal.com\r\n";
}
// End host
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Connection: Close\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
if ((int) @$eab_options['paypal_sandbox'] == 1) {
$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
} else {
$fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30);
}
define('EAB_PROCESSING_PAYPAL_IPN', true);
$booking_obj = Eab_EventModel::get_booking($booking_id);
if (!$booking_obj || !$booking_obj->id) {
header('HTTP/1.0 404 Not Found');
header('Content-type: text/plain; charset=UTF-8');
print 'Booking not found';
exit(0);
}
if ($booking_obj->event_id != $event_id) {
header('HTTP/1.0 404 Not Found');
header('Content-type: text/plain; charset=UTF-8');
print 'Fake event id. REF: PP0';
exit(0);
}
if (@$eab_options['currency'] != $currency) {
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: PP1';
exit(0);
}
if ($amount != $ticket_count * apply_filters('eab-payment-event_price-for_user', get_post_meta($event_id, 'incsub_event_fee', true), $event_id, $booking_obj->user_id)) {
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: PP2';
exit(0);
}
if (!$ticket_count) {
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'Cheapskate. REF: PP2';
exit(0);
}
if (strtolower($pay_to_email) != strtolower(@$eab_options['paypal_email'])) {
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: PP3';
exit(0);
}
if (!$fp) {
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: PP4';
exit(0);
} else {
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = trim(fgets($fp, 1024));
if (strcmp($res, "VERIFIED") == 0) {
break;
}
if (strcmp($res, "INVALID") == 0) {
break;
}
}
if (strcmp($res, "VERIFIED") == 0) {
if ($test_ipn == 1) {
if ((int) @$eab_options['paypal_sandbox'] == 1) {
// Sandbox, it's allowed so do stuff
Eab_EventModel::update_booking_meta($booking_obj->id, 'booking_transaction_key', $transaction_id);
Eab_EventModel::update_booking_meta($booking_obj->id, 'booking_ticket_count', $ticket_count);
do_action('eab-ipn-event_paid', $event_id, $amount, $booking_obj->id);
} else {
// Sandbox, not allowed, bail out
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: PP1';
exit(0);
}
} else {
// Paid
Eab_EventModel::update_booking_meta($booking_obj->id, 'booking_transaction_key', $transaction_id);
Eab_EventModel::update_booking_meta($booking_obj->id, 'booking_ticket_count', $ticket_count);
do_action('eab-ipn-event_paid', $event_id, $amount, $booking_obj->id);
}
header('HTTP/1.0 200 OK');
header('Content-type: text/plain; charset=UTF-8');
print 'Success';
exit(0);
} else {
if (strcmp($res, "INVALID") == 0) {
$message = "Invalid PayPal IPN {$transaction_id}";
}
}
fclose($fp);
}
if (is_multisite()) {
restore_current_blog();
}
header('HTTP/1.0 200 OK');
header('Content-type: text/plain; charset=UTF-8');
print 'Thank you very much for letting us know. REF: ' . $message;
exit(0);
}
