<?php // STEP 1: Read POST data // reading posted data from directly from $_POST causes serialization // issues with array data in POST // reading raw POST data from input stream instead. $raw_post_data = file_get_contents('php://input'); $raw_post_array = explode('&', $raw_post_data); $myPost = array(); foreach ($raw_post_array as $keyval) { $keyval = explode ('=', $keyval); if (count($keyval) == 2) $myPost[$keyval[0]] = urldecode($keyval[1]); } // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; if(function_exists('get_magic_quotes_gpc')) { $get_magic_quotes_exists = true; } foreach ($myPost as $key => $value) { if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { $value = urlencode(stripslashes($value)); } else { $value = urlencode($value); } $req .= "&$key=$value"; } // STEP 2: Post IPN data back to paypal to validate $ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr'); // test paypal using developer account. //$ch = curl_init('https://ipnpb.sandbox.paypal.com/cgi-bin/webscr'); // test paypal using developer account. //$ch = curl_init('https://www.paypal.com/cgi-bin/webscr'); // actual payment by customer. //$ch = curl_init('https://ipnpb.paypal.com/cgi-bin/webscr'); // actual payment by customer. curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_FORBID_REUSE, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close')); $result = curl_exec($ch); $status = curl_getinfo($ch); // In wamp like environments that do not come bundled with root authority certificates, // please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path // of the certificate as shown below. // curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem'); $fh = fopen('result.txt', 'w'); fwrite($fh,$result ." -- ".$req); //fwrite($fh,$status ." -- ".$req); fclose($fh); //exit; if(!($result == "")) { error_log("Got " . curl_error($ch) . " when processing IPN data"); error_log("Got " . curl_errno($ch) . " when processing IPN data with error no 35"); curl_close($ch); } // STEP 3: Inspect IPN validation result and act accordingly if (strcmp ($result, "VERIFIED") == 0) { // check whether the payment_status is Completed // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; if ($_POST['mc_gross'] != NULL) $payment_amount = $_POST['mc_gross']; else $payment_amount = $_POST['mc_gross1']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $custom = $_POST['custom']; // Inserting actions here if($payment_status == "Completed") { header("location: checkoutconfirm.php?payment=true"); } } else if (strcmp ($result, "INVALID") == 0) { // log for manual investigation header("location: checkoutconfirm.php?payment=false"); } //exit; ?>
... View more