1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
<?
include "functions/conn.php";
function VerifIXNID($txn_id)
{
include "functions/conn.php";
$req = mysql_query("select txnid from paypal_payment_info where txnid='".$txn_id."'");
$nbr = mysql_num_rows($req);
if ($nbr == 0)
{
return 0;
}
else
{
return 1;
}
}
?>
<?
// Lire le formulaire provenant du système PayPal et ajouter 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// Renvoyer au système PayPal pour validation
$header .= "POST /cgi-bin/webscr HTTP/1.0rn";
$header .= "Content-Type: application/x-www-form-urlencodedrn";
$header .= "Content-Length: " . strlen($req) . "rnrn";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$mc_gross = $_POST['mc_gross']; // payment_amount
$payment_currency = $_POST['mc_currency']; // Devise de paiement
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$custom = $_POST['custom']; //id_user
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$address_street = $_POST['address_street'];
$address_city = $_POST['address_city'];
$address_state = $_POST['address_state'];
$address_zip = $_POST['address_zip'];
$address_country = $_POST['address_country'];
$mc_fee = $_POST['mc_fee'];
$memo = $_POST['memo'];
$payment_type = $_POST['payment_type'];
$payment_date = $_POST['payment_date'];
$pending_reason = $_POST['pending_reason']; // Raison pour laquelle le paiement a été placé en attente.
$reason_code = $_POST['reason_code'];
$tax = $_POST['tax'];
$fecha = date("m")."/".date("d")."/".date("Y");
if (!$fp)
{
// ERREUR HTTP
}
else
{
fputs ($fp, $header . $req);
while (!feof($fp))
{
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0)
{
// transaction valide
// vérifier que payment_status a la valeur Completed
if ( $payment_status == "Completed")
{
// vérifier que txn_id n'a pas été précédemment traité: Créez une fonction qui va interroger votre base de données
if (VerifIXNID($txn_id) == 0)
{
// vérifier que receiver_email est votre adresse email PayPal principale
if ( "xxx@xxxxxxxxxx.be" == $receiver_email)
{
// vérifier que payment_amount et payment_currency sont corrects
// Traiter le paiement
$strQuery = mysql_query("INSERT INTO paypal_payment_info(paymentstatus, buyer_email, firstname, lastname, street, city,state, zipcode, country, mc_gross, mc_fee, memo, paymenttype, paymentdate, txnid, pendingreason, reasoncode, tax, datecreation, custom)
VALUES ('".$payment_status."','".$payer_email."','".$first_name."','".$last_name."','".$address_street."','".$address_city."','".$address_state."','".$address_zip."','".$address_country."','".$mc_gross."','".$mc_fee."','".$memo."','".$payment_type."','".$payment_date."','".$txn_id."','".$pending_reason."','".$reason_code."','".$tax."','".$fecha."','".$custom."')");
}
else
{
// Mauvaise adresse email paypal
}
}
else
{
// ID de transaction déjà utilisé
}
}
else
{
// Statut de paiement: Echec
}
}
else
{
if (strcmp ($res, "INVALID") == 0)
{
// Transaction invalide
}
}
fclose ($fp);
}
if (!$fp)
{
// ERREUR HTTP
}
else
{
fputs ($fp, $header . $req);
while (!feof($fp))
{
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0)
{
// transaction valide
}
else
{
if (strcmp ($res, "INVALID") == 0)
{
// Transaction invalide
}
}
fclose ($fp);
}
}
}
?> |
IPN Non exécuté
Répondre avec citation
Partager