Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
32 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

[web] Help with paypal purchase script

Started by
8 comments, last by CelticSir 15 years, 6 months ago
Hey everyone, Really badly need help with this been trying to get it working for last week or two but i cannot seem to get it to work... so wondering if any one here can help me out.. I have a buy form on my site which is below: 

<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="custom" value="=$_SESSION['Current_User']">

<img alt="" border="0" src="https://www.paypal.com/en_GB/i/scr/pixel.gif" width="1" height="1">
<img alt="" border="0" src="https://www.paypal.com/en_GB/i/scr/pixel.gif" width="1" height="1">
<input type="hidden" name="encrypted" value=" huge encryption garbage here">
<input type="hidden" name="rm" value="2">
<input type="image" src="https://www.paypal.com/en_GB/i/btn/btn_buynow_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
Now the next bit is the IPN script which is where it all goes wrong.... i have it checking if its verified or invalid but it comes out as neither and errors at the bottom of the page which is not making sense.. so kinda need help with this as its confusing.. In short its basically this: 

<?php
if (strcmp ($res, "VERIFIED") == 0) {

// code here

}else if (strcmp ($res, "INVALID") == 0) {
log for manual investigation

// code here

}Else{

//code here
(THIS IS WHERE THE SCRIPT ENDS UP)
}
?>
Main script: 

<?php
include("connect.php");

$Date = date("Y-m-d H:i:s",time());
$insert = mysql_query("INSERT INTO gamelogs (Log,LogTime)
VALUES('connect established','$Date')")
	Or die(mysql_error());


// ------------------------------------------------
// Read post from PayPal system and create reply
// starting with: 'cmd=_notify-validate'...
// then repeating all values sent - VALIDATION.
// ------------------------------------------------

$postvars = array();
while (list ($key, $value) = each ($HTTP_POST_VARS)) {
$postvars[] = $key;
}
$req = 'cmd=_notify-validate';
for ($var = 0; $var < count ($postvars); $var++) {
$postvar_key = $postvars[$var];
$postvar_value = $postvars[$var];
$req .= "&" . $postvar_key . "=" . urlencode ($postvar_value);
}

// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$business = $_POST['business'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$mc_gross = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$receiver_id = $_POST['receiver_id'];
$quantity = $_POST['quantity'];
$payment_date = $_POST['payment_date'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$payment_type = $_POST['payment_type'];
$payment_status = $_POST['payment_status'];
$payment_gross = $_POST['payment_gross'];
$payment_fee = $_POST['payment_fee'];
$payer_email = $_POST['payer_email'];
$txn_type = $_POST['txn_type'];
$payer_status = $_POST['payer_status'];
$item_number = $_POST['item_number'];
$tax = $_POST['tax'];
$custom = $_POST['custom'];
$notify_version = $_POST['notify_version'];
$verify_sign = $_POST['verify_sign'];
$payer_id =$_POST['payer_id'];
$mc_currency = $_POST['mc_currency'];
$mc_fee = $_POST['mc_fee'];
$custom = $_POST['custom'];


// DB connect creds and email 
$notify_email =  "email@email.com"; 

if (!$fp) {
mail($notify_email, "HTTP error", "admin");
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
$fecha = date("m")."/".date("d")."/".date("Y");
$fecha = date("Y").date("m").date("d");

// check if transaction ID has been processed before
$checkquery = "select txnid from donatorlogs where txnid='".$txn_id."'";
$sihay = mysql_query($checkquery) or die("Duplicate txn id check query failed:<br>" . mysql_error() . "<br>" . mysql_errno());
$nm = mysql_num_rows($sihay);
if ($nm == 0){
mail($notify_email, "$txn_type txntype fromat", "admin");
if ($txn_type == "web_accept"){
$qry = mysql_query("INSERT into donatorlogs 
(
userid, invoice, receiver_email, item_name, item_number, quantity, 

payment_status, pending_reason, payment_date, payment_gross, payment_fee, 

txn_id, txn_type, first_name, last_name, address_street, address_city, 

address_state, address_zip, address_country, address_status, payer_email,

 payer_status, payment_type, notify_version , verify_sign 
)
VALUES
(
 \"$custom\", \"$invoice\", \"$receiver_email\", \"$item_name\",
 
\"$item_number\", \"$quantity\", \"$payment_status\", \"$pending_reason\", 

\"$payment_date\", \"$payment_gross\", \"$payment_fee\", \"$txn_id\",
 
\"$txn_type\", \"$first_name\", \"$last_name\", \"$address_street\", 

\"$address_city\", \"$address_state\", \"$address_zip \", \"$address_country\",

\"$address_status\", \"$payer_email\", \"$payer_status \", \"$payment_type\",
 
\"$notify_version\", \"$verify_sign\" 
) ")
Or die(mysql_error());


		$insert = mysql_query("INSERT INTO  eventslogs (Log,Date,UserID)
			VALUES ('Your donation has been logged into the 
database for reference if a problem ever arises please contact staff! DO NOT provide details of your donation
			to any staff member that is not in charge of donation issues!','$Date','$custom')")
		Or die(mysql_error());


if (strcmp ($payment_status, "Completed") == 0) {
$UPDATE = mysql_query("UPDATE userpacks SET Quantity=Quantity+$quantity WHERE UserID='$custom'");
If(mysql_affected_rows()>0){
		$insert = mysql_query("INSERT INTO  eventslogs (Log,Date,UserID)
			VALUES ('You have received your $quantity donator packs
 they have been added to your donator packs page','$Date','$custom')")
		Or die(mysql_error());
		}Else{
		$insert = mysql_query("INSERT INTO  eventslogs (Log,Date,UserID)
			VALUES ('You have failed to receive your $quantity 
donator packs contact admin!','$Date','$custom')")
		Or die(mysql_error());
		}
	}
}Else{
mail($notify_email, "$txn_type txntype format", "admin");
}
// send an email in any case
mail($notify_email, "VERIFIED IPN UserID $custom", "$res\n $req\n $qry\n");
}
else {
// send an email
mail($notify_email, "VERIFIED DUPLICATED TRANSACTION relating to UserID $custom", "$res\n $req \n $strQuery\n $struery\n  $strQuery2");
}
mail($notify_email, "VERIFIED IPN", "$res\n $req\n $strQuery\n $struery\n  $strQuery2");
}
// if the IPN POST was 'INVALID'...do this
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
$Log = 'IPN POST was INVALID';
$INSERT = mysql_query("INSERT INTO gamelogs (Log,LogTime)
	VALUES ('$Log','$Date')")
Or die(mysql_error());
mail($notify_email, "INVALID IPN", "$res\n $req");
		}Else{
// log for manual investigation
$Log = 'IPN POST was NEITHER';
$INSERT = mysql_query("INSERT INTO gamelogs (Log,LogTime)
	VALUES ('$Log','$Date')")
Or die(mysql_error());
mail($notify_email, "Something Wrong", "$res\n $req");
		}
	}
}
fclose ($fp);
?>
hope you can help me out. [Edited by - thefollower on October 12, 2008 4:05:12 PM]
Advertisement
Your code is really hard to read, but I'd guess $res is a long, URL-encoded text that you're trying to compare to the string "VERIFIED". Don't you need to break that up into a bunch of name-value pairs?
Aragon Online
Sorry i dunno how to make it formatted into the forum post in code tags to make it easy to read my apologise.


But i would guess you are correct but sadly I have no idea how to do that sorry... tis why i need help badly :(

Hope you can help me out here... would it be easier if I attatched my php script its neater to read that way ?
Quote:Original post by ID Merlin
Your code is really hard to read, but I'd guess $res is a long, URL-encoded text that you're trying to compare to the string "VERIFIED". Don't you need to break that up into a bunch of name-value pairs?


Sorry for my double post but just wondering if this section of my script at very start is what you mean :

$postvars = array();while (list ($key, $value) = each ($HTTP_POST_VARS)) {$postvars[] = $key;}$req = 'cmd=_notify-validate';for ($var = 0; $var < count ($postvars); $var++) {$postvar_key = $postvars[$var];$postvar_value = $postvars[$var];$req .= "&" . $postvar_key . "=" . urlencode ($postvar_value);}
Quote:Original post by thefollower
Sorry i dunno how to make it formatted into the forum post in code tags to make it easy to read my apologise.


See The FAQ about the "source" tags.

<hr />
Sander Marechal<small>[Lone Wolves][Hearts for GNOME][E-mail][Forum FAQ]</small>

Quote:Original post by Sander
Quote:Original post by thefollower
Sorry i dunno how to make it formatted into the forum post in code tags to make it easy to read my apologise.


See The FAQ about the "source" tags.


Thank you Sander though it doesn't have php as one of the options but i have put them in code tags none the less hope you will be able to help me out better :)

Apolgise for my ignorance on that ill remember it for future posts.
The code where it reads the file should accumulate everything, then add
$vars = explode($res,"&");

$vars will be an array of name-value pairs, like "VERIFIED=1". The PayPal docs will tell you what you should expect to get back.

The simplest way to see what you're getting would be to echo $res after you read the file.
Aragon Online
So i get rid of all the POST['varname']

And put
$vars = explode($res,"&");

And then use for example:
$item_name = $vars['item_name'];

Instead of :
$item_name = $_POST['item_name'];



Is that what you mean?
You'd probably be best advised to download the PayPal toolkit for PHP and study how their example works. Or even better, use their toolkit: http://developer.ebay.com/community/featured_projects/?name=paypal-toolkit
Aragon Online
Quote:Original post by ID Merlin
You'd probably be best advised to download the PayPal toolkit for PHP and study how their example works. Or even better, use their toolkit: http://developer.ebay.com/community/featured_projects/?name=paypal-toolkit


Thanks it works now ! Your a star!

This topic is closed to new replies.

Advertisement

Popular Topics

Aybe One
How do you manage yourself and your time as years pass on? GDNet Lounge
Jikoob
Too many managers? General and Gameplay Programming
ReignOnU
Do your part to stop global warming and climate change GDNet Lounge
aigan
The promise of freedom in story games Game Design and Theory
robertrobert
Facebook Ads for sales on steam, does it work? Games Business and Law
AliAbdulKareem
Understanding the wavy-like shape in alpha-testing magnification for text rendering Graphics and GPU Programming
Advertisement

Recommended Tutorials

Myopic Rhino
Texturing Heightmaps Graphics and GPU Programming
GameDev.net
A* Pathfinding Tutorial with Unity General and Gameplay Programming
Klutzershy
Static, zero-overhead (probably) PIMPL in C++ General and Gameplay Programming
xiaoan
Engaging Independent Creative Professionals Music and Sound FX
TheComet
Using DOT to Debug Data Structures General and Gameplay Programming

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top