* @copyright 2007-2011 PrestaShop SA * @version Release: $Revision: 7732 $ * @license http://opensource.org/licenses/afl-3.0.php Academic Free License (AFL 3.0) * International Registered Trademark & Property of PrestaShop SA */ include(dirname(__FILE__).'/../../config/config.inc.php'); include(dirname(__FILE__).'/paypal.php'); $errors = ''; $result = false; $paypal = new Paypal(); // Fill params $params = 'cmd=_notify-validate'; foreach ($_POST AS $key => $value) $params .= '&'.$key.'='.urlencode(stripslashes($value)); // PayPal Server $paypalServer = 'www.'.(Configuration::get('PAYPAL_SANDBOX') ? 'sandbox.' : '').'paypal.com'; // Getting PayPal data... if (function_exists('curl_exec')) { // curl ready $ch = curl_init('https://' . $paypalServer . '/cgi-bin/webscr'); // If the above fails, then try the url with a trailing slash (fixes problems on some servers) if (!$ch) $ch = curl_init('https://' . $paypalServer . '/cgi-bin/webscr/'); if (!$ch) $errors .= $paypal->getL('connect').' '.$paypal->getL('curlmethodfailed'); else { curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $params); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); if (strtoupper($result) != 'VERIFIED') $errors .= $paypal->getL('curlmethod').$result.' cURL error:'.curl_error($ch); curl_close($ch); } } elseif (($fp = @fsockopen('ssl://' . $paypalServer, 443, $errno, $errstr, 30)) || ($fp = @fsockopen($paypalServer, 80, $errno, $errstr, 30))) { // fsockopen ready $header = 'POST /cgi-bin/webscr HTTP/1.0'."\r\n" . 'Host: '.$paypalServer."\r\n". 'Content-Type: application/x-www-form-urlencoded'."\r\n". 'Content-Length: '.Tools::strlen($params)."\r\n". 'Connection: close'."\r\n\r\n"; fputs($fp, $header.$params); $read = ''; while (!feof($fp)) { $reading = trim(fgets($fp, 1024)); $read .= $reading; if (strtoupper($reading) == 'VERIFIED' OR strtoupper($reading) == 'INVALID') { $result = $reading; break; } } if (strtoupper($result) != 'VERIFIED') $errors .= $paypal->getL('socketmethod').$result; fclose($fp); } else $errors = $paypal->getL('connect').$paypal->getL('nomethod'); $cart_secure = (isset($_POST['custom']) ? explode('_', $_POST['custom']) : array()); // If there isn't any cart ID, set it to "0" if (!isset($cart_secure[0])) $cart_secure[0] = 0; // If there isn't any secure key, set it to anything short of "false" if (!isset($cart_secure[1])) $cart_secure[1] = '42'; // Printing errors... if (strtoupper($result) == 'VERIFIED') { if (!isset($_POST['mc_gross'])) { $errors .= $paypal->getL('mc_gross').'
'; $_POST['mc_gross'] = 0; } if (!isset($_POST['payment_status'])) { $errors .= $paypal->getL('payment_status').'
'; $_POST['payment_status'] = 'ko'; } elseif (strtoupper($_POST['payment_status']) != 'COMPLETED') $errors .= $paypal->getL('payment').$_POST['payment_status'].'
'; if (!isset($_POST['custom'])) $errors .= $paypal->getL('custom').'
'; if (!isset($_POST['txn_id'])) { $errors .= $paypal->getL('txn_id').'
'; $_POST['txn_id'] = 0; } if (!isset($_POST['mc_currency'])) $errors .= $paypal->getL('mc_currency').'
'; if (empty($errors)) { $cart = new Cart((int)$cart_secure[0]); if (!$cart->id) $errors = $paypal->getL('cart').'
'; elseif (Order::getOrderByCartId((int)($cart_secure[0]))) $errors = $paypal->getL('order').'
'; else $paypal->validateOrder((int)$cart_secure[0], Configuration::get('PS_OS_PAYMENT'), (float)($_POST['mc_gross']), $paypal->displayName, $paypal->getL('transaction').$_POST['txn_id'], array('transaction_id' => $_POST['txn_id'], 'payment_status' => $_POST['payment_status']), NULL, false, $cart_secure[1]); } } else $errors .= $paypal->getL('verified'); if (!empty($errors) AND isset($_POST['custom'])) { if (strtoupper($_POST['payment_status']) == 'PENDING') $paypal->validateOrder((int)$cart_secure[0], Configuration::get('PS_OS_PAYPAL'), (float)$_POST['mc_gross'], $paypal->displayName, $paypal->getL('transaction').$_POST['txn_id'].'
'.$errors, array('transaction_id' => $_POST['txn_id'], 'payment_status' => $_POST['payment_status']), NULL, false, $cart_secure[1]); else $paypal->validateOrder((int)$cart_secure[0], Configuration::get('PS_OS_ERROR'), 0, $paypal->displayName, $errors.'
', array(), NULL, false, $cart_secure[1]); }