afebmunn Posted February 8, 2011 Share Posted February 8, 2011 Hey Guys, i have another problem, i am using paypal IPN, and i want the details of the order to be stored in my orders table of the databse as well as sending me an email. Im pretty sure the code is ok, but it is not working. Can some one please take a look? <?php include('db_fns.php'); // change these to your paypal settings $paypal_email = "benmunns@gmail.com"; $paypal_currency = 'USD'; $shipping = 10.00; /** * checks if paypal trans id is already in database * @param int $trans_id * @return bool */ function no_paypal_trans_id($trans_id) { $connection = db_connect(); $query = sprintf("SELECT id from orders WHERE paypal_trans_id = '%s'", mysql_real_escape_string($trans_id)); $result = mysql_query($query); $num_results = mysql_num_rows($result); if($num_results == 0) { return true; } return false; } /** * checks to make sure that paypal payment amount is correct * @param int $shipping * @param array $params * @return bool */ function payment_amount_correct($shipping, $params) { $amount = 0.00; for ($i=1; $i <= $params['num_cart_items']; $i++) { $query = sprintf("SELECT price from products where id='%s'", mysql_real_escape_string($params["item_number{$i}"])); $result = mysql_query($query); if($result) { $item_price = mysql_result($result, 0, 'price'); $amount += $item_price * $params["quantity{$i}"]; } } if(($amount+$shipping) == $params['mc_gross']) { return true; } else { return false; } } /** * creates order and adds items * @param array $params * @return bool */ function create_order($params) { db_connect(); $query = sprintf("INSERT INTO orders set orders.firstname = '%s', orders.lastname = '%s', orders.email = '%s', orders.country = '%s', orders.address = '%s', orders.city = '%s', orders.zip_code = '%s', orders.state = '%s', orders.status = '%s', orders.amount = '%s', orders.paypal_trans_id = '%s', created_at = NOW() ", mysql_real_escape_string($params['first_name']), mysql_real_escape_string($params['last_name']), mysql_real_escape_string($params['payer_email']), mysql_real_escape_string($params['address_country']), mysql_real_escape_string($params['address_street']), mysql_real_escape_string($params['address_city']), mysql_real_escape_string($params['address_zip']), mysql_real_escape_string($params['address_state']), mysql_real_escape_string($params['payment_status']), mysql_real_escape_string($params['mc_gross']), mysql_real_escape_string($params['txn_id']) ); $result = mysql_query($query); if(!$result) { return false; } $order_id = mysql_insert_id(); for ($i=1; $i <= $params['num_cart_items'] ; $i++) { $product = find_product($params["item_number{$i}"]); $query = sprintf("INSERT INTO items set order_id = '%s', product_id = '%s', title = '%s', price = '%s', qty = '%s' ", mysql_real_escape_string($order_id), mysql_real_escape_string($product['id']), mysql_real_escape_string($product['title']), mysql_real_escape_string($product['price']), mysql_real_escape_string($params["quantity{$i}"]) ); $result = mysql_query($query); if(!$result) { return false; } } return true; } // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { if ($_POST['payment_status'] == 'Completed' && no_paypal_trans_id($_POST['txn_id']) && $paypal_email == $_POST['receiver_email'] && $paypal_currency == $_POST['mc_currency'] && payment_amount_correct($shipping, $_POST) ) { // process payment create_order($_POST); } } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation } } fclose ($fp); } ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted February 9, 2011 Share Posted February 9, 2011 When posting code, please enclose it within the forum's . . . BBCode tags. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.