Here is the receiving IPN code, the error email is being sent but not
including any data.
Any pointers greatly appreciated.
regards
Tim
<?php
/* $Id: module-paypal.php,v 1.1 2006-05-17 09:58:13-07 brian Exp brian
$ */
// vim: expandtab sw=4 ts=4 sts=4:
########################################################################
## Built2Go PHP Realestate v1.0
##
## ----------------------------------------------------------------
##
## Copyright © Big Resources, Inc. All Rights Reserved.
##
## This software must be used in accordance with its licensing
##
## terms and conditions at: http://www.built2go.com/faq.php
##
##
##
## This file may not be redistributed in whole or significant part.
##
## ---------------- BUILT2GO IS NOT FREE SOFTWARE -----------------
##
########################################################################
require_once("../config.php");
function PErroremail($subject,$message){
global $_PAYPAL,$name_of_site,$SystemInfo->_systemstatus;
$message .= "\r\n\r\n";
$message .= "_PAYPAL Variables\r\n\r\n";
while (list ($key, $value) = each ($_PAYPAL)){
$message .= "[$key] => $value\r\n";
}
$message .= "\r\n----Variables sent from Paypal IPN
script----\r\n\r\n";
$header = "From: $name_of_site Paypal Debug <".FROM.">\r\n";
if ($SystemInfo->_systemstatus['Debug']){
mail (FROM,$subject,$message, $header);
}
}
if (!$_POST['txn_type']){
header("Status: 404 Not Found"); exit;
} else {
header("Status: 200 OK");
}
$postvars = array();
foreach ($_POST as $ipnkey => $ipnvalue){
$GLOBALS[$ipnkey] = $ipnvalue; // Posted variable Localization
$postvars[] = $ipnkey;
$_PAYPAL[$ipnkey] = $ipnvalue; // Posted variable Localization
}
$postipn = 'cmd=_notify-validate';
$noteipn = "IPN post variables in order of appearance:\r\n\r\n";
for ($x=0; $x < count($postvars); $x++){
$y=$x+1;
$postkey = $postvars[$x];
$postval = $$postvars[$x];
$postipn.= "&" . $postkey . "=" .
urlencode(stripslashes($postval));
$noteipn.= "#" . $y . " [$postkey] => $postval \r\n";
}
unset($_POST);
if ($SysmteInfo->_systemstatus['Membership'] == 'A') {
$domain = "www.paypal.com";
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; // paypal
} elseif ($SysmteInfo->_systemstatus['Membership'] == 'P') {
// IPN validation mode 2: Test Via belahost
$domain = "www.belahost.com";
$header = "POST /pp/ HTTP/1.0\r\n"; // belahost.com
}else{
// IPN validation mode was not set to 1 or 2
$error=1;
$bmode=1;
SendUserEmail(FROM,"Postmode Error");
}
$socket = fsockopen($domain,80,$errno,$errstr,30);
$header.= "Host: ".$domain."\r\n";
$header.= "Content-Type: application/x-www-form-urlencoded\r\n";
$header.= "Content-Length: ".strlen($postipn)."\r\n";
$header.= "Accept: */*\r\n\r\n";
// Note: "Connection: Close" is Not required Using HTTP/1.0
// Problem: Now is this your Firewall or your Ports?
// Maybe Setup a little email Notification here. . .
if (!$socket && !$error){
echo "Problem: Error Number: " . $errno . " Error
String: " . $errstr;
exit;
}
// If No Problems have Occured then We proceed With the Processing
else{
fputs ($socket, $header . $postipn);
while (!feof($socket)){
$reply = fgets ($socket, 1024);
$reply = trim ($reply); // Required on some
Environments
}
// Prepare debug Report for Browser display
$report = $noteipn . "\r\n" . "IPN Reply: " . $reply
. "";
// IPN was Confirmed as both Genuine and VERIFIED
// for testing purposes
$message = "\r\nPosted variables\r\n";
$message .= $report."\r\n";
PErroremail("IPN Posted Variables!!",$message);
if (!strcmp ($reply, "VERIFIED")){
$member_price = ($_PAYPAL['payment_gross'] ==
"")?$_PAYPAL['amount3']:$_PAYPAL['mc_gross'];
$_PAYPAL['name2'] =EscapeString($_PAYPAL['first_name'])." ".
EscapeString($_PAYPAL['last_name']);
$email_ok = ($_PAYPAL['receiver_email'] ==
FROM_PAYPAL)?TRUE:FALSE;
$option_selection =
($_PAYPAL['option_selection1_1'])?$_PAYPAL['option_selection1_1']:$_PAYPAL['option_selection1'];
$option_selection2 =
($_PAYPAL['option_selection2_1'])?$_PAYPAL['option_selection2_1']:$_PAYPAL['option_selection2'];
if ($_PAYPAL['custom'] == "ce11c816"){
$User=new owner();
$User->owner_id=$_PAYPAL['item_number'];
$Price = $SystemInfo->_systemstatus['Owner Price'];
} elseif ($_PAYPAL['custom'] == "7523f185") {
$User=new Buyer();
$User->buyer_id=$_PAYPAL['item_number'];
$Price = $SystemInfo->_systemstatus['Buyer Price'];
}
$User->Load();
$User->GetPaymentHistory();
if ($email_ok == FALSE){
$message = "\r\nPossbile email fraud\r\n\r\n";
$message .= "Somebody used a different email than
what's on the account for ".$name_of_site."\r\n";
$message .= "here are the user's variables that where
sent.\r\n";
$message .= "[Resolution] => $reply \r\n\r\n";
SendUserEmail(FROM,"paypal IPN email
Error!!",$message);
fclose ($socket);
exit;
} elseif ($_PAYPAL['txn_type'] == "send_money" OR
$_PAYPAL['txn_type'] == ""){
fclose ($socket);
exit;
} elseif ($_PAYPAL['txn_type'] == "reversal"){
// if reversal was submitted then we just update the
database.
// think about sending email to admin
fclose ($socket);
exit;
} elseif ($_PAYPAL['payment_status'] == "Pending" OR
$_PAYPAL['payment_status'] == "Refunded"){
// catch pending and refunded here but don't do
anything.
// might think about adding a emil to the user
//telling them it was pending
} elseif (($_PAYPAL['payment_status'] == "Completed") AND
(isset($option_selection2) AND $option_selection2 != "" ) AND
(($_PAYPAL['txn_type'] == "subscr_payment"))){
// renewals only
if ($member_price < $Price){
$User->transId = $_PAYPAL['txn_type'];
$User->amount = $member_price;
$User->invoice = $_PAYPAL['invoice'];
$User->Rectype = "paypal";
$User->payer_email = $_PAYPAL['payer_email'];
$User->subscr_id=$_PAYPAL['subscr_id'];
$User->_type=$_PAYPAL['txn_type'];
$User->name2 = $_PAYPAL['name2'];
$User->txn_id = $_PAYPAL['txn_id'];
$User->UpdateFailedPrice();
$_PAYPAL['price_rrenew_fail'] = TRUE;
$message = "Somebody tried to change the price on
the purchase for ".$name_of_site."\r\n";
$message .= "here are the user's variables that
where sent.\r\n\r\n";
$message .= "[Resolution] => $reply\r\n\r\n";
$message .= "[Expected Price] => ".$Price."\r\n";
$message .= "[Price Sent from paypal] =>
$member_price\r\n";
$message .= "$report\r\n";
SendUserEmail(FROM, "IPN Error Renew
(price)!!",$message);
} else {
$fullname = $User->fname." ".$User->lname;
// Update your DB and Process this Payment
accordingly
// process payment
$User->Membership =
$SystemInfo->_systemstatus['Membership'];
$User->UpdateRenewPaypalPaid();
$_PAYPAL['renewal_set'] = TRUE;
$SignupEmail = str_replace("{PRICEPAID}",
$member_price,$SignupRenewConfirmEmail);
$SignupEmail = str_replace("{NAME}",
$fullname,$SignupEmail);
$SignupEmail = str_replace("{MONTHLY}",
$SystemInfo->_systemstatus['Membership'],$SignupEmail);
// setup the thank you email
SendUserEmail($_PAYPAL['payer_email'],
$SignupRenewConfirmEmailSubject, $SignupEmail);
PErroremail("IPN Success!!",$message);
}
} elseif (($_PAYPAL['payment_status'] == "Completed") AND
isset($_PAYPAL['invoice'])){
if ($member_price < $Price){
$User->transId = $_PAYPAL['txn_type'];
$User->amount = $member_price;
$User->invoice = $_PAYPAL['invoice'];
$User->Rectype = "paypal";
$User->payer_email = $_PAYPAL['payer_email'];
$User->subscr_id=$_PAYPAL['subscr_id'];
$User->_type=$_PAYPAL['txn_type'];
$User->name2 = $_PAYPAL['name2'];
$User->txn_id = $_PAYPAL['txn_id'];
$User->UpdateFailedPrice();
$_PAYPAL['pricefail'] = TRUE;
$message = "Somebody tried to change the price on
the purchase for ".$name_of_site."\r\n";
$message .= "here are the user's variables that
where sent.\r\n\r\n";
$message .= "[Resolution] => $reply\r\n\r\n";
$message .= "[Expected Price] => ".$Price."\r\n";
$message .= "[Price Sent from paypal] =>
$member_price\r\n";
$message .= "$report\r\n";
SendUserEmail(FROM,"IPN Error (price)!!",$message);
} else {
$fullname = $User->fname." ".$User->lname;
// Update your DB and Process this Payment
accordingly
// process payment
//if (!$User->pid){
$User->Membership =
$SystemInfo->_systemstatus['Membership'];
$User->UpdatePaypalPaid();
$_PAYPAL['signup_set'] = TRUE;
$SignupEmail = str_replace("{PRICEPAID}",
$member_price,$SignupConfirmEmail);
$SignupEmail = str_replace("{NAME}",
$fullname,$SignupEmail);
$SignupEmail = str_replace("{MONTHLY}",
$SystemInfo->_systemstatus['Membership'],$SignupEmail);
// setup the thank you email
SendUserEmail($_PAYPAL['payer_email'],
$SignupConfirmEmailSubject, $SignupEmail);
PErroremail("IPN Success!!",$message);
//}
}
} elseif ($_PAYPAL['payment_status'] != "Pending"){
$message = "\r\nPossbile fraud\r\n\r\n";
$message .= "Somebody sent a txn_type that is not
regonized by this script.\r\n";
$message .= "Check the user id and the method of
payment, either txn_type or payment_status \r\n";
$message .= "as these are what was picked by the user.
Counld be nothing but double check.\r\n\r\n";
$message .= "$report\n\r";
PErroremail("IPN Error!!",$message);
} else {
$message = "\r\nPossbile fraud\r\n\r\n";
$message .= "Somebody sent a txn_type that is not
regonized by this script.\r\n";
$message .= "Somebody just accessed this scrpt by some
other means. Possible trying to force a payment\r\n";
$message .= "as these are what was picked by the user.
Counld be nothing but double check.\r\n\r\n";
$message .= "[IP of visitor] =>
".$_SERVER['REMOTE_ADDR']."\n\r";
$message .= "[Referer] =>
".$_SERVER['HTTP_REFERER']."\n\r";
$message .= "$report\n\r";
PErroremail("IPN Error nothing set??!!",$message);
}
} elseif (!strcmp ($reply, "INVALID")){// IPN was Not Validated as
Genuine and is INVALID
// Check your code for any Post back Validation problems
// Investigate the Fact that this Could be a spoofed IPN
// If updating your DB, Ensure this "txn_id" is Not a Duplicate
#echo "Result: $res"; // Remove: # for Testing
// store invalid code here
mysql_query("UPDATE ".TABLE_PREFIX."pay_history SET
rectype='paypal', txn_id='{$_PAYPAL['txn_id']}',
subscr_id='{$_PAYPAL['subscr_id']}',payment_status='$reply',
_type='{$_PAYPAL['txn_type']}',status='5',price='$member_price',
invoice='{$_PAYPAL['invoice']}' WHERE siteid =
'{$_PAYPAL['item_number1']}'") OR die(mysql_error());
$message = "\r\nPossible credit fraud!!\r\n\r\n";
$message .= "here are the user's variables that where
sent.\r\n";
$message .= "check payment_status as it should be
INVALID\r\n\r\n";
$message .= "$report\r\n\r\n";
PErroremail("IPN Invalid info",$message);
} else {
// Just incase Something serious Should ever Happen!
$message = "<html><head></head><body>variables\r\n\r\n";
$message .= "here are the user's variables that where
sent.\r\n";
$message .= "check payment_status as it should be
INVALID\r\n\r\n";
$message .= "$report\r\n\r\n";
PErroremail("IPN Invalid info",$message);
}
}
// Terminate the Socket connection and Exit
fclose ($socket);
exit;
?>
Post by Norman PeelmanPost by t***@gmail.comThanks,
We do have some logging in place which is recording empty post
variables so it does seem that the data is not actually reaching our
server.
thanks
Tim
Can you post the code...
Norm