[API] VIP IPN API not working
Hi there, im new to the retro world... but I have been learning ALOT! but anyway
Ive been searching for a working PAYPAL API script which will automatically query the user payee to rank number 2 (VIP)... Ive tried many, maybe its my lake of knowledge with SQL, PHP but to me it all looks good
Heres the script im using...
PHP Code:
//////////////////////////////
// Script written for RevCMS
// Coded by lDiverse
// Edits by LaceUp
// Free Released by LaceUp
// //////////////////////////
<?php
function filter($var)
{
return stripslashes(htmlspecialchars($var));
}
require_once('paypal.class.php');
$p = new paypal_class;
$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';
$this_script = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
if (empty($_GET['action'])) $_GET['action'] = 'process';
switch ($_GET['action']) {
case 'process':
if(!isset($_POST['username']) || !isset($_POST['amount']))
{
echo 'username and amount needed for purchase';
die;
}
$name = filter($_POST['username']);
switch($_POST['amount'])
{
case '1':
$cost = '0.01'; //Cost of VIP
$wut = 'PixelBurst VIP!'; //Name of Package
break;
default:
$cost = '0.01'; //Cost of VIP again
break;
}
$p->add_field('business', 'jan-london@hotmail.com'); // <---------------- CHANGE ME CHANGE ME CHANGE ME CHANGE ME <----------------
$p->add_field('return', 'http://'.$_SERVER['HTTP_HOST']);
$p->add_field('custom', $name);
$p->add_field('cancel_return', 'http://'.$_SERVER['HTTP_HOST']);
$p->add_field('notify_url', $this_script.'?action=ipn');
$p->add_field('item_number', filter($_POST['amount']));
$p->add_field('item_name', $wut);
$p->add_field('amount', $cost);
$p->submit_paypal_post();
break;
//EDIT YOUR DATABSE SETTINGS BELOW (Same as your Phoenix Database Info)
case 'ipn':
if ($p->validate_ipn()) {
$host = "localhost";
$username = "root"; //IIS and XAMPP is root
$password = ""; // <---------------- CHANGE ME CHANGE ME CHANGE ME CHANGE ME <----------------
$dbname = "phx1"; // <---------------- CHANGE ME CHANGE ME CHANGE ME CHANGE ME <----------------
$connect = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($dbname, $connect) or die("Could not connect to database, error: ".mysql_error());
switch($p->ipn_data['item_number'])
{
case '1':
$coins = '2000'; //Amount of coins they recieve
$pixels = '10'; //Amount of pixels they recieve
$rank = '2'; //Your Hotel's VIP rank (2 is default for Pheonix)
break;
}
mysql_query("UPDATE users SET vip = '1', rank = '2', credits = credits + 2000, activity_points = activity_points + 10 WHERE username = '".$p->ipn_data['custom']."' LIMIT 1");
}
break;
}
?>
Paypal.class
PHP Code:
//////////////////////////////
// Script written for RevCMS
// Coded by lDiverse
// Edits by LaceUp
// Free Released by LaceUp
// //////////////////////////
<?php
class paypal_class {
var $last_error;
var $ipn_log;
var $ipn_log_file;
var $ipn_response;
var $ipn_data = array();
var $fields = array();
function paypal_class() {
$this->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';
$this->last_error = '';
$this->ipn_log_file = './ipn_results.log';
$this->ipn_log = true;
$this->ipn_response = '';
$this->add_field('rm','2');
$this->add_field('cmd','_xclick');
}
function add_field($field, $value) {
$this->fields["$field"] = $value;
}
function submit_paypal_post() {
echo "<html>\n";
echo "<head><title>Processing Payment...</title>";
echo "<body onLoad=\"document.forms['paypal_form'].submit();\">\n";
echo "<center><h2>Please wait, your order is being processed and you";
echo " will be redirected to the paypal website.</h2></center>\n";
echo "<form method=\"post\" name=\"paypal_form\" ";
echo "action=\"".$this->paypal_url."\">\n";
foreach ($this->fields as $name => $value)
{
echo "<input type=\"hidden\" name=\"$name\" value=\"$value\"/>\n";
}
echo "<center><br/><br/>If you are not automatically redirected to ";
echo "paypal within 5 seconds...<br/><br/>\n";
echo "<input type=\"submit\" value=\"Click Here\"></center>\n";
echo "</body></html>\n";
}
function validate_ipn() {
$url_parsed=parse_url($this->paypal_url);
$post_string = '';
foreach ($_POST as $field=>$value) {
$this->ipn_data["$field"] = $value;
$post_string .= $field.'='.urlencode(stripslashes($value)).'&';
}
$post_string.="cmd=_notify-validate";
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
if(!$fp) {
$this->last_error = "fsockopen error no. $errnum: $errstr";
$this->log_ipn_results(false);
return false;
} else {
fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n");
fputs($fp, "Host: $url_parsed[host]\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: ".strlen($post_string)."\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $post_string . "\r\n\r\n");
while(!feof($fp)) {
$this->ipn_response .= fgets($fp, 1024);
}
fclose($fp);
}
if (eregi("VERIFIED",$this->ipn_response)) {
$this->log_ipn_results(true);
return true;
} else {
$this->last_error = 'IPN Validation Failed.';
$this->log_ipn_results(false);
return false;
}
}
function log_ipn_results($success) {
if (!$this->ipn_log) return; // is logging turned off?
$text = '['.date('m/d/Y g:i A').'] - ';
if ($success) $text .= "SUCCESS!\n";
else $text .= 'FAIL: '.$this->last_error."\n";
$text .= "IPN POST Vars from Paypal:\n";
foreach ($this->ipn_data as $key=>$value) {
$text .= "$key=$value, ";
}
$text .= "\nIPN Response from Paypal Server:\n ".$this->ipn_response;
$fp=fopen($this->ipn_log_file,'a');
fwrite($fp, $text . "\n\n");
fclose($fp);
}
function dump_fields() {
echo "<h3>paypal_class->dump_fields() Output:</h3>";
echo "<table width=\"95%\" border=\"1\" cellpadding=\"2\" cellspacing=\"0\">
<tr>
<td bgcolor=\"black\"><b><font color=\"white\">Field Name</font></b></td>
<td bgcolor=\"black\"><b><font color=\"white\">Value</font></b></td>
</tr>";
ksort($this->fields);
foreach ($this->fields as $key => $value) {
echo "<tr><td>$key</td><td>".urldecode($value)."Ā </td></tr>";
}
echo "</table><br>";
}
}
everything goes through, however the rank doesnt change
heres a screen shot of my IPN in paypal where I tested the system.
http://i44.photobucket.com/albums/f4...26at135128.png
and heres another screen shot of the notification URL when i go to it manually, could this mean something? http://i44.photobucket.com/albums/f4...26at135201.png
Thank you, I know I sound like a Noob but im still learning, id appreciate any support
-Jay
Re: [API] VIP IPN API not working
Quite simple, your script couldn't verify the payment because it hasn't installed the PHP SSL Extension.
(Have a look at http://pixelburst.zapto.org/pp/paypal.php?action=ipn)
To solve this go to your PHP.ini and search for
Code:
;extension=php_openssl.dll
then remove the ; and restart Apache.
Re: [API] VIP IPN API not working
I appreciate your support, could you come on TV? would be grateful
Re: [API] VIP IPN API not working
I've sent you a PM.
Ibtw this script isn't safe, because the username doesn't get filtered!
Re: [API] VIP IPN API not working
Quote:
Originally Posted by
flx5
I've sent you a PM.
Ibtw this script isn't safe, because the username doesn't get filtered!
Correct.
Let me break it down for ya.
PHP Code:
// Replace $p->ipn_data['custom'] in your script with $username, since $username is filtered.
$username = mysql_real_escape_string($p->ipn_data['custom']);
// For example, your SQL statement.
mysql_query("UPDATE users SET vip = '1', rank = '2', credits = credits + 2000, activity_points = activity_points + 10 WHERE username = '" . $username . "' LIMIT 1");
