Allright.. after several hours of trying to figure this out.. I came close but I still need help
Current code
<?php
// Database variables
$host = "localhost"; //database location
$user = "geekinc0_usr"; //database username
$pass = "TbIb)1{d56K"; //database password
$db_name = "geekinc0_paypal"; //database name
mysql_connect($host, $user, $pass);
mysql_select_db($db_name);
// Paypal POSTs HTML FORM variables to this page
// we must post all the variables back to paypal exactly unchanged and add an extra parameter cmd with value _notify-validate
// initialise a variable with the requried cmd parameter
$req = 'cmd=_notify-validate';
// go through each of the POSTed vars and add them to the variable
foreach ($_POST as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
//Uncomment for Sandbox
$fp = fsockopen ('www.sandbox.paypal.com', 80, $errno, $errstr, 30);
//Uncomment for non SSL connection
//$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
// Uncomment for an SSL connection
////$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
if (!$fp)
{
$mail_From = "From: miles@geekinc.org";
$mail_To = "miles@geekinc.org";
$mail_Subject = "HTTP ERROR";
$mail_Body = $errstr; // error string from fsockopen
mail($mail_To, $mail_Subject, $mail_Body, $mail_From);
}
else
{
fputs($fp, $header . $req);
while(!feof($fp))
{
$res = fgets ($fp, 1024);
if(strcmp($res, "VERIFIED") == 0)
{
// if you have many complex variables to pass it is possible to use session variables to pass them.
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross']; //full amount of payment. payment_gross in US
$txn_id = $_POST['txn_id']; //unique transaction id
$receiver_email = $_POST['receiver_email'];
// use the above params to look up what the price of "item_name" should be.
//$amount_they_should_have_paid = lookup_price($item_name);
// the next part is also very important from a security point of view. You must check at the least the following...
if (($payment_status == 'Completed') && ($receiver_email == "miles_1305613642_per@geekinc.org"))
{
mysql_query("INSERT INTO payments (first_name, last_name, mc_gross, mc_currency) VALUES ('" . $_POST['first_name'] . "', '" . $_POST['last_name'] . "', " . $_POST['mc_gross'] . ", '" . $_POST['mc_currency'] . "')");
$mail_From = "miles@geekinc.org";
$mail_To = "miles@geekinc.org";
$mail_Subject = "completed IPN";
$mail_Body = print_r($_POST, TRUE);
mail($mail_To, $mail_Subject, $mail_Body, $mail_From);
}
else if(($payment_status == 'Refunded'))
{
$mail_From = "miles@geekinc.org";
$mail_To = "miles@geekinc.org";
$mail_Subject = "completed IPN";
$mail_Body = print_r($_POST, TRUE);
mail($mail_To, $mail_Subject, $mail_Body, $mail_From);
}
else
{
//
// paypal replied with something other than completed or one of the security checks failed.
// you might want to do some extra processing here
//
//in this application we only accept a status of "Completed" and treat all others as failure. You may want to handle the other possibilities differently
//payment_status can be one of the following
//Canceled_Reversal: A reversal has been canceled. For example, you won a dispute with the customer, and the funds for
// Completed the transaction that was reversed have been returned to you.
//Completed: The payment has been completed, and the funds have been added successfully to your account balance.
//Denied: You denied the payment. This happens only if the payment was previously pending because of possible
// reasons described for the PendingReason element.
//Expired: This authorization has expired and cannot be captured.
//Failed: The payment has failed. This happens only if the payment was made from your customer’s bank account.
//Pending: The payment is pending. See pending_reason for more information.
//Refunded: You refunded the payment.
//Reversed: A payment was reversed due to a chargeback or other type of reversal. The funds have been removed from
// your account balance and returned to the buyer. The reason for the
// reversal is specified in the ReasonCode element.
//Processed: A payment has been accepted.
//Voided: This authorization has been voided.
//
$mail_From = "From: miles@geekinc.org";
$mail_To = "miles@geekinc.org";
$mail_Subject = "PayPal IPN status not completed or security check fail";
$mail_Body = "Something wrong. \n\nThe transaction ID number is: $txn_id \n\n Payment status = $payment_status \n\n Payment amount = $payment_amount";
mail($mail_To, $mail_Subject, $mail_Body, $mail_From);
}
}
else if(strcmp($res, "INVALID") == 0)
{
$mail_From = "From: miles@geekinc.org";
$mail_To = "miles@geekinc.org";
$mail_Subject = "PayPal - Invalid IPN ";
$mail_Body = "We have had an INVALID response. \n\nThe transaction ID number is: $txn_id \n\n username = $username";
mail($mail_To, $mail_Subject, $mail_Body, $mail_From);
}
}
fclose($fp);
}
?>
Gets me this : http://geekinc.org/test/ which then I hit Send Payment, everything works ok sends it to the database.
I want 3 BOX's on a simple HTML Form : Room name : Username : $amount once they enter all that information it sends it to the database in that format. Once a certain quota has been raised for that user $200 lets say then they get it for lifetime.
The part thats confusing for me is getting the HTML form to work with the IPN script 3 boxes (TEXT ) (Text) (Test) in each box... Send payment button They can pay with paypal / credit card etc.. Sends it to the database and stores it.
Sounds simple.........