die("ERROR ON PAGE!"); } $itemArr = array(); $id = $_SESSION["id"]; $query = "SELECT txn_id, PROD_NAME, purchase_date, quantity,bz_bookstore.id FROM shop_ipn,bz_bookstore WHERE user_id = '{$id}' AND shop_ipn.upc = bz_bookstore.upc"; $result = mysql_query($query); $i = 0; while ($row = mysql_fetch_assoc($result)) { $itemArr[$i]["txn_id"] = $row["txn_id"]; $itemArr[$i]["PROD_NAME"] = $row["PROD_NAME"]; $itemArr[$i]["purchase_date"] = $row["purchase_date"]; $itemArr[$i]["quantity"] = $row["quantity"]; $itemArr[$i]["id"] = $row["id"]; $i++; } $giftObj = new lib_giftPoint($id); $point = $giftObj->point; $reduce = $giftObj->getReduction(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <style> #main{ margin-top:20px; margin-left:50px; margin-right:50px; font-size:15px; }
public function displayPaypalForm() { $xStatus = new lib_userStatus(); ?> <form action="https://www.paypal.com/cgi-bin/webscr" method="post" class="paypal_btn"> <input type="hidden" value="utf-8" name="charset"> <input type="hidden" name="cmd" value="_cart"> <input type="hidden" name="upload" value="1"> <input type="hidden" name="business" value="*****@*****.**"> <input type="hidden" name="currency_code" value="US"> <?php for ($i = 0; $i < count($this->itemArr); $i++) { ?> <input type="hidden" name="item_name_<?php echo $i + 1; ?> " value="<?php echo $this->itemArr[$i]["PROD_NAME"]; ?> "> <input type="hidden" name="amount_<?php echo $i + 1; ?> " value="<?php echo $xStatus->price($this->itemArr[$i]["RETAIL"]); ?> "> <input type="hidden" name="quantity_<?php echo $i + 1; ?> " value="<?php echo $this->itemArr[$i]["quantity"]; ?> "> <?php } $pointObj = new lib_giftPoint($this->id); $pointObj->applyDiscountHTML($this->getCostTotal()); ?> <input TYPE="hidden" name="return" value="http://jewel.ziggyism.com/test/BZcomic/confirm2.php"> <input TYPE="hidden" name="cancel_return" value="http://jewel.ziggyism.com/test/BZcomic/index.php"> <input type="hidden" name="notify_url" value="http://jewel.ziggyism.com/test/BZcomic/ipn/shop_ipn.php"> <input type="hidden" name="custom" value="<?php echo $this->id; ?> "> <input type="image" src="images/paypal_btn.jpg" width="150" height="30" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> </form> <?php }
curl_close($ch); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $user_custom = $_POST['custom']; if (isset($user_custom)) { //&&lib_int_validate($user_custom) $id = mysql_real_escape_string($user_custom); $obj = new cartDisplayer($id); $obj2 = new lib_giftPoint($id); } if (strcmp($res, "VERIFIED") == 0) { // check the payment_status is Completed // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment if ($payment_status == 'Completed') { $query = "SELECT 'txn_id' FROM shop_ipn WHERE txn_id ='" . $txn_id . "'"; $result = mysql_query($query); if (mysql_num_rows($result) == 0) { if ($receiver_email == '*****@*****.**') { $totalcost = $obj->getCostTotal(); $shipcost = getShippingCost($obj->getItemTotal()); $taxcost = getTaxCost($totalcost);