Jump to content

Show receipt of purchase to buyer using php paypal ipn

dezkit

By dezkit
in PHP Coding Help

 Share

Recommended Posts

dezkit Advanced Member

dezkit

Posted
Posted

Hey guys I currently have this code:

<?php

  if($_SERVER['HTTPS']!="on")  {
  $redirect= "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
  header("Location:$redirect");  }
  
require_once('paypal.class.php');  // include the class file
$p = new paypal_class;             // initiate an instance of the class
$p->paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';   // testing paypal url
//$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';     // paypal url
            
// setup a variable for this script (ie: 'http://www.micahcarrick.com/paypal.php')
$p->connect();
$this_script = 'https://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$custom = $_POST['custom'];
$first_name = $_POST["first_name"];
$last_name = $_POST["last_name"];
$payer_email = $_POST['payer_email'];
$txn_id = $_POST['txn_id'];

if (empty($_GET['action'])) $_GET['action'] = 'process';  

switch ($_GET['action']) {
    
   case 'process':      // Process and order...
      
      $p->add_field('business', 'xx');
      $p->add_field('return', $this_script.'?action=success');
      $p->add_field('cancel_return', $this_script.'?action=cancel');
      $p->add_field('notify_url', $this_script.'?action=ipn');
      $p->add_field('item_name', 'PIN Number');
      $p->add_field('amount', '3.75');

      $p->submit_paypal_post(); // submit the fields to paypal
      //$p->dump_fields();      // for debugging, output a table of all the fields
      break;
      
   case 'success':     
   


      $p->begin();
      $p->connect();
      //foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }

echo "We are sending you a reminder that you bought a PIN from our shop recently,<br/><br/>";
echo "Your PIN Number: <b>{$get1pin}</b><br/>";
echo "The Paypal Username that you had used: <b>{$payer_email}</b><br/>";
echo "Your Username: <b>{$custom}</b><br/>";
echo "Transaction ID: <b>{$txn_id}</b><br/>";
echo "A receipt of the purchase had been sent to your paypal email.<br/>";
echo "We hope to see you as a customer again soon!";

      $p->end();
      

      
      break;
      
   case 'cancel':

      $p->begin();
      echo "You canceled the order. <a href=\"".$this_script."\">Go back</a>";
      $p->end();
      
      break;
      
   case 'ipn': 
      
      if ($p->validate_ipn()) {

        $query3 = mysql_query("SELECT * FROM pins WHERE used='0' ORDER BY RAND() LIMIT 1") or die(mysql_error());
$row1 = mysql_fetch_array( $query3 );
$get1pin = mysql_escape_string($row1["pins"]);
mysql_query("UPDATE pins SET used='1' WHERE pins='".$get1pin."'");
mysql_query("INSERT INTO soldpins (pin, paypal, transaction, name, first_name, last_name, broke) VALUES('".$get1pin."', '".$payer_email."', '".$txn_id."', '".$custom."', '".$first_name."', '".$last_name."', '0') ") or die(mysql_error());

        $message = "	
        <html>
<head>
<title>PIN Number</title>
</head>
<body>
Dear <b>{$first_name} {$last_name}</b>,<br/>
We are sending you a reminder that you bought a PIN from our shop recently,<br/><br/>

Your PIN Number: <b>{$get1pin}</b><br/>
The Paypal Username that you had used: <b>{$payer_email}</b><br/>
Your Sythe Username: <b>{$custom}</b><br/>
Transaction ID: <b>{$txn_id}</b><br/><br/>

We hope to see you as a customer again soon!<br/><br/>

Regards, xx.
</body>
</html>
";

$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";
$headers .= 'From: <xx>' . "\r\n";
mail("xx","xx",$message,$headers);
}
      
      break;
}     

?>

 

The thing that I am having a trouble with is that showing the randomly generated pin number that is inserted into the database from the IPN part, which can only be read by paypal and not the buyer, I was thinking about using the transaction id to get the pin number* but can anybody suggest something else, or is this the most secure way to do this, are the transaction id's all unique?

 

Thanks guys.

 

*I thought of this just as i was making the thread

Link to comment
Share on other sites
dezkit Advanced Member

dezkit

Posted
  • Author
Posted

Ok i Implemented so that the script searches the database for the transaction id, but I have a new problem,

Whenever in the success page, the person sees the receipt perfectly, But when they refresh the page, everything is gone, even though i made it so that if the session isn't made, make it.

 

please help, thanks all

<?php
session_start();
  if($_SERVER['HTTPS']!="on")  {
  $redirect= "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
  header("Location:$redirect");  }
  
require_once('paypal.class.php');  // include the class file
$p = new paypal_class;             // initiate an instance of the class
$p->paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';   // testing paypal url
//$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';     // paypal url
            
$p->connect();
$this_script = 'https://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$custom = $_POST['custom'];
$first_name = $_POST["first_name"];
$last_name = $_POST["last_name"];
$payer_email = $_POST['payer_email'];
$txn_id = $_POST['txn_id'];


if (empty($_GET['action'])) $_GET['action'] = 'process';  

switch ($_GET['action']) {
    
   case 'process':
   
      $p->add_field('business', 'xx');
      $p->add_field('return', $this_script.'?action=success');
      $p->add_field('cancel_return', $this_script.'?action=cancel');
      $p->add_field('notify_url', $this_script.'?action=ipn');
      $p->add_field('item_name', 'PIN Number');
      $p->add_field('amount', '3.75');

      $p->submit_paypal_post(); // submit the fields to paypal
      //$p->dump_fields();      // for debugging, output a table of all the fields
      break;
      
   case 'success': 
      $p->begin();
      $p->connect();
      //foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }

if(!$_SESSION["txn_id"]){
	$_SESSION["txn_id"] = $txn_id;
}
echo $_SESSION["txn_id"];
$query4 = mysql_query("SELECT * FROM soldpins WHERE transaction='".$_SESSION["txn_id"]."'") or die(mysql_error());
$row4 = mysql_fetch_array( $query4 );
echo "Receipt of your purchase<br/><br/>";
echo "Your PIN Number: <b>".$row4["pin"]."</b><br/>";
echo "The Paypal Username that you had used: <b>".$row4["paypal"]."</b><br/>";
echo "Your Sythe Username: <b>".$row4["name"]."</b><br/>";
echo "Transaction ID: <b>".$row4["transaction"]."</b><br/><br/>";
echo "A receipt of the purchase had been sent to your paypal email.<br/>";
echo "We hope to see you as a customer again soon!";

      $p->end();
      
      
      break;

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.