Quote:
|
Originally Posted by TPCCom
The question is can you or anyone install the mod. It doesnt have to list a token value for me to pay does it?
|
Yeah noticed that.. Paypal does have some new tools such as this token hash feature which (as followed in the authors install script) I followed each step by step and it worked no problem. It's even creating the proper IPN log files. If you do not see these from your paypal.com account, the chances are you are not setup as a Paypal Verified Business (account) and therefore will not be able to make use of this "token" feature provided to this exact script (however this can be EASILY re-written) along side with the results of IPN logs being stored in the db (vs file path).
The biggest problem (no disrepect whatsoever to author) with this script would have to be the part during paypal / ordering. As shown above, the coder has used $productinfo (or $product) .. (I cannot remember) for both arrays while inserting information into the DB. All I did to get it talking the the db properly was to carefully review the variables and what arrays were being passed around into the Query statements.
(If you notice, both arrays are on top of eachother.. one array is for the paypal response, the other is to build the array (I think) to pass into your mysql db).
Below you will find the code that works perfect for our use. As you'll see, there is a new customized email that is also sent to "you" and/or 1 other person you wish to send the order email notification to.
I am not supporting this hack, but I've noticed countless posts about IPN not working within this thread. Hopefully this code may shed some light on the subject.
<strong>Note:</strong> We have customized this script just a little to also support "product support renewals". Basically, this allows a user to download the software and they re-pay (later on) for a support "renewal". What it will do is let the user "pay to renew their downloads" and will only update the "expiry date" for that user (and will not insert a new order as it normally would). This simply prevents that 1 user from seeing many rows for the same product that expires using the original method. There is one basic if condition block in the code below that you can remove to reflect the original state of this script.
PHP Code:
if ($_GET['do'] == 'ipn')
{
// BUILD PAYPAL REQUEST STRING
$request = 'cmd=_notify-validate';
foreach ($_POST as $key => $value)
{
$value = urlencode(stripslashes($value));
$request .= "&$key=$value";
}
// POST TO PAYPAL FOR VALIDATION
$headerx .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$headerx .= "Content-Type: application/x-www-form-urlencoded\r\n";
$headerx .= "Content-Length: " . strlen($request) . "\r\n\r\n";
$sock = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
if (!$sock)
{
$file = fopen($config['log'].$_POST['txn_id'].'.ipn', "w", 0);
fputs($file, "FAILED TO CREATE SOCK | ".$_POST['custom']." | ".$_POST['item_name']." | ".$_POST['item_number']."\n");
fclose($file);
}
else
{
fputs ($sock, $headerx . $request);
while (!feof($sock))
{
$result = fgets ($sock, 1024);
}
if ($result != "VERIFIED")
{
$file = fopen($config['log'].$_POST['txn_id'].'.ipn', "w", 0);
fputs($file, "UNVERIFIED (".$result.") | ".$_POST['custom']." | ".$_POST['item_name']." | ".$_POST['item_number']."\n");
fclose($file);
}
else
{
$id = $_POST['txn_id'];
$user = explode(":",$_POST['custom']);
$product = explode("|",$_POST['item_number']);
$productinfo = $DB_site->query_first("SELECT * FROM ph_product WHERE `id`='".$product[0]."'");
$items = explode("-",$product[1]);
foreach($items as $temp)
{
$temp = explode(":",$temp);
$item = $DB_site->query_first("SELECT * FROM ph_item WHERE `id`='".$temp[0]."'");
if ($item['type'] == 'license')
{
$type = 'license';
}
elseif ($item['type'] == 'service')
{
$type = 'service';
}
elseif ($item['type'] == 'renewal')
{
$type = 'renewal';
}
// is this a support renewal order?
if ($item['name'] == 'Support Renewal')
{
$DB_site->query("UPDATE ph_order
SET date = '".time()."',
length = '".$item['length']."',
active = '1'
WHERE userid = '".$user[0]."'
AND productid = '".$productinfo['id']."'
LIMIT 1");
}
else
{
$DB_site->query("INSERT INTO ph_order (`userid`,`username`,`itemid`,`itemname`,`itemtype`,`productid`,`productname`,`price`,`quantity`,`date`,`length`,`active`)
VALUES('".$user[0]."','".$user[1]."','".$item['id']."','".$item['name']."','".$type."','".$productinfo['id']."','".$productinfo['name']."','".$item['price']."','".$temp[1]."','".time()."','".$item['length']."','1')");
}
}
$message = "Customer Payment via Paypal.com (ProductID# " . $product['id'] . ") was received: \n\n*************************\nProduct: " . $productinfo['name'] . "\nItem Name: " . $_POST['item_name'] . "\nItem Number: ". $_POST['item_number'] ."\nCustomer: " . $user[1] . "\nCustom: " . $_POST['custom'] . "\n*************************\n\nRegards,\n\nTeam ILance";
// Send e-mail to admin about new purchase via paypal
mail('????????????????????????????', '[ILance Store] New Paypal Order by '.$user[1], $message,
"From: ?????????????????????????\r\n" .
"Reply-To: $bbuserinfo[email]\r\n" .
"X-Mailer: PHP/" . phpversion());
// lets email one other staff / admin user about paypal (to be safe)
mail('??????????????????????', '[ILance Store] New Paypal Order by '.$user[1], $message,
"From: ?????????????????????\r\n" .
"Reply-To: $bbuserinfo[email]\r\n" .
"X-Mailer: PHP/" . phpversion());
$file = fopen($config['log'].$_POST['txn_id'].'.ipn', "w", 0);
fputs($file, "VERIFIED | ".$_POST['custom']." | [".$productinfo['name']."] ".$_POST['item_name']." | ".$_POST['item_number']."\n");
fclose($file);
}
}
fclose ($sock);
}
Let me know if this helps anyone.
Regards,
Peter
More Information