function handle_paypal_return() { // PayPal IPN handling code if ((isset($_POST['payment_status']) || isset($_POST['txn_type'])) && isset($_POST['custom'])) { if (get_option($this->gateway . "_paypal_status") == 'live') { $domain = 'https://www.paypal.com'; } else { $domain = 'https://www.sandbox.paypal.com'; } $req = 'cmd=_notify-validate'; if (!isset($_POST)) { $_POST = $HTTP_POST_VARS; } foreach ($_POST as $k => $v) { if (get_magic_quotes_gpc()) { $v = stripslashes($v); } $req .= '&' . $k . '=' . $v; } $header = 'POST /cgi-bin/webscr HTTP/1.0' . "\r\n" . 'Content-Type: application/x-www-form-urlencoded' . "\r\n" . 'Content-Length: ' . strlen($req) . "\r\n" . "\r\n"; @set_time_limit(60); if ($conn = @fsockopen($domain, 80, $errno, $errstr, 30)) { fputs($conn, $header . $req); socket_set_timeout($conn, 30); $response = ''; $close_connection = false; while (true) { if (feof($conn) || $close_connection) { fclose($conn); break; } $st = @fgets($conn, 4096); if ($st === false) { $close_connection = true; continue; } $response .= $st; } $error = ''; $lines = explode("\n", str_replace("\r\n", "\n", $response)); // looking for: HTTP/1.1 200 OK if (count($lines) == 0) { $error = 'Response Error: Header not found'; } else { if (substr($lines[0], -7) != ' 200 OK') { $error = 'Response Error: Unexpected HTTP response'; } else { // remove HTTP header while (count($lines) > 0 && trim($lines[0]) != '') { array_shift($lines); } // first line will be empty, second line will have the result if (count($lines) < 2) { $error = 'Response Error: No content found in transaction response'; } else { if (strtoupper(trim($lines[1])) != 'VERIFIED') { $error = 'Response Error: Unexpected transaction response'; } } } } if ($error != '') { echo $error; exit; } } // handle cases that the system must ignore //if ($_POST['payment_status'] == 'In-Progress' || $_POST['payment_status'] == 'Partially-Refunded') exit; $new_status = false; // process PayPal response switch ($_POST['payment_status']) { case 'Partially-Refunded': break; case 'In-Progress': break; case 'Completed': case 'Processed': // case: successful payment $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], ''); // Added for affiliate system link do_action('membership_payment_processed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Reversed': // case: charge back $note = 'Last transaction has been reversed. Reason: Payment has been reversed (charge back)'; $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); $member = new M_Membership($user_id); if ($member) { $member->expire_subscription($sub_id); $member->deactivate(); } do_action('membership_payment_reversed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Refunded': // case: refund $note = 'Last transaction has been reversed. Reason: Payment has been refunded'; $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); $member = new M_Membership($user_id); if ($member) { $member->expire_subscription($sub_id); } do_action('membership_payment_refunded', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Denied': // case: denied $note = 'Last transaction has been reversed. Reason: Payment Denied'; $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); $member = new M_Membership($user_id); if ($member) { $member->expire_subscription($sub_id); $member->deactivate(); } do_action('membership_payment_denied', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Pending': // case: payment is pending $pending_str = array('address' => 'Customer did not include a confirmed shipping address', 'authorization' => 'Funds not captured yet', 'echeck' => 'eCheck that has not cleared yet', 'intl' => 'Payment waiting for aproval by service provider', 'multi-currency' => 'Payment waiting for service provider to handle multi-currency process', 'unilateral' => 'Customer did not register or confirm his/her email yet', 'upgrade' => 'Waiting for service provider to upgrade the PayPal account', 'verify' => 'Waiting for service provider to verify his/her PayPal account', '*' => ''); $reason = @$_POST['pending_reason']; $note = 'Last transaction is pending. Reason: ' . (isset($pending_str[$reason]) ? $pending_str[$reason] : $pending_str['*']); $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); do_action('membership_payment_pending', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; default: // case: various error cases } //check for subscription details switch ($_POST['txn_type']) { case 'subscr_signup': // start the subscription list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); // create_subscription $member = new M_Membership($user_id); if ($member) { $member->create_subscription($sub_id, $this->gateway); } do_action('membership_payment_subscr_signup', $user_id, $sub_id); break; case 'subscr_modify': // modify the subscription list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); // create_subscription $member = new M_Membership($user_id); if ($member) { // Remove the old subscription $member->drop_subscription($sub_id); // Join the new subscription $member->create_subscription((int) $_POST['item_number'], $this->gateway); // Timestamp the update update_user_meta($user_id, '_membership_last_upgraded', time()); } do_action('membership_payment_subscr_signup', $user_id, $sub_id); break; case 'subscr_cancel': // mark for removal list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $member = new M_Membership($user_id); if ($member) { $member->mark_for_expire($sub_id); } do_action('membership_payment_subscr_cancel', $user_id, $sub_id); break; case 'new_case': // a dispute if ($_POST['case_type'] == 'dispute') { // immediately suspend the account $member = new M_Membership($user_id); if ($member) { $member->deactivate(); } } do_action('membership_payment_new_case', $user_id, $sub_id, $_POST['case_type']); break; } } else { // Did not find expected POST variables. Possible access attempt from a non PayPal site. header('Status: 404 Not Found'); echo 'Error: Missing POST variables. Identification is not possible.'; exit; } }
function handle_2checkout_return() { // Return handling code $timestamp = time(); if (isset($_REQUEST['key'])) { $total = $_REQUEST['total']; $sub_id = false; $user_id = false; list($sub_id, $user_id) = explode(':', $_REQUEST['merchant_order_id']); if (esc_attr(get_option($this->gateway . "_twocheckout_status")) == 'test') { $hash = strtoupper(md5(esc_attr(get_option($this->gateway . "_twocheckout_secret_word")) . esc_attr(get_option($this->gateway . "_twocheckout_sid")) . 1 . $total)); } else { $hash = strtoupper(md5(esc_attr(get_option($this->gateway . "_twocheckout_secret_word")) . esc_attr(get_option($this->gateway . "_twocheckout_sid")) . $_REQUEST['order_number'] . $total)); } if ($sub_id && $user_id && $_REQUEST['key'] == $hash && $_REQUEST['credit_card_processed'] == 'Y') { $this->record_transaction($user_id, $sub_id, $_REQUEST['total'], $_REQUEST['currency'], $timestamp, $_REQUEST['order_number'], 'Processed', ''); // Added for affiliate system link do_action('membership_payment_processed', $user_id, $sub_id, $_REQUEST['total'], $_REQUEST['currency'], $_REQUEST['order_number']); $member = new M_Membership($user_id); if ($member) { $member->create_subscription($sub_id, $this->gateway); } do_action('membership_payment_subscr_signup', $user_id, $sub_id); wp_redirect(get_option('home')); exit; } } else { if (isset($_REQUEST['message_type'])) { $md5_hash = strtoupper(md5("{$_REQUEST['sale_id']}" . esc_attr(get_option($this->gateway . "_twocheckout_sid")) . "{$_REQUEST['invoice_id']}" . esc_attr(get_option($this->gateway . "_twocheckout_secret_word")))); $sub_id = false; $user_id = false; //$product_id = $_REQUEST['item_id_1']; list($sub_id, $user_id) = explode(':', $_REQUEST['vendor_order_id']); if ($md5_hash == $_REQUEST['md5_hash']) { switch ($_REQUEST['message_type']) { case 'RECURRING_INSTALLMENT_SUCCESS': if (!$this->duplicate_transaction($user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $timestamp, $_POST['invoice_id'], 'Processed', '')) { $this->record_transaction($user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $timestamp, $_POST['invoice_id'], 'Processed', ''); $member = new M_Membership($user_id); if ($member) { remove_action('membership_expire_subscription', 'membership_record_user_expire', 10, 2); remove_action('membership_add_subscription', 'membership_record_user_subscribe', 10, 4); $member->expire_subscription($sub_id); $member->create_subscription($sub_id, $this->gateway); } // Added for affiliate system link do_action('membership_payment_processed', $user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $_POST['invoice_id']); } break; case 'FRAUD_STATUS_CHANGED': case 'INVOICE_STATUS_CHANGED': // We don't really want to do anything here without pulling out more information break; case 'ORDER_CREATED': case 'RECURRING_RESTARTED': $this->record_transaction($user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $timestamp, $_POST['invoice_id'], 'Processed', ''); $member = new M_Membership($user_id); if ($member) { $member->create_subscription($sub_id, $this->gateway); } break; case 'RECURRING_STOPPED': case 'RECURRING_COMPLETE': case 'RECURRING_INSTALLMENT_FAILED': default: $member = new M_Membership($user_id); if ($member) { $member->mark_for_expire($sub_id); } do_action('membership_payment_subscr_cancel', $user_id, $sub_id); break; } } else { // MD5 Hash Failed header('Status: 403 Forbidden'); echo 'Error: Unexpected Security Value. Verification is not possible.'; exit; } echo "OK"; exit; } else { // Did not find expected POST variables. Possible access attempt from a non PayPal site. header('Status: 400 Bad Request'); echo 'Error: Missing POST variables. Identification is not possible.'; exit; } } }