Jump to content

Recommended Posts

yes, paypal's IPN (Instant Payment Notification) would allow you to send additional information (limited number of fields, i believe) through to the paypal server which would then be sent back to your script. now, keep in mind that if you're passing name and password, you're really opening yourself up to some security issues. you never want to pass username/password combinations across servers if at all possible. you can come up with some sort of hash that you can pass and then compare when a user purchase is sent back, though. that's typically a bit safer.

good luck!
Link to comment
https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106478
Share on other sites

Thanks,

I've been able to get the IPN working (sort of) - It passes everything through fine except for the custom fields.

[code]<?php

// Read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req   .= "&$key=$value";
}

// Post back to PayPal system to validate
$header   .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header   .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header   .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);

// Assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$amount_paid = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$pp_account = $_POST['receiver_email'];
$email = $_POST['payer_email'];
$username = $_POST['username'];
$password = $_POST['password'];
$num_days = $_POST['num_days'];
$order_date = time();

/*
if ($item_name == "Internet Access - 1 Day") {
$num_days = "1";
} elseif ($item_name == "Internet Access - 7 Days") {
$num_days = "7";
} elseif ($item_name == "Internet Access - 30 Days") {
$num_days = "30";
}
*/

if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment

// Insert into DB

include 'includes/common.php';
dbconn(); // Connect to the database

$sql = "SELECT * FROM accounts WHERE pp_account = '$pp_account'";
$res = mysql_query($sql);

while ($row = mysql_fetch_array($res)) {
$business = $row['id'];
}

$sql = "INSERT INTO user (
business,
username,
password,
email,
order_date,
txn_id,
amount_paid,
num_days,
mac_addr
) VALUES (
'$business',
'$username',
'$password',
'$email',
'$order_date',
'$txn_id',
'$amount_paid',
'$num_days',
''
)";
$res = mysql_query($sql);
} else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
?>[/code]

Can anyone see anything wrong here? The custom fields are 'username', 'password', and 'num_days'.

Thanks.
Link to comment
https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106589
Share on other sites

it's hard to know exactly what to tell you without knowing how your form is set up, but additional information you are passing should be done so through a "custom" field. [url=http://www.paypaldev.org/topic.asp?TOPIC_ID=13376]here is a discussion[/url] on passing multiple values through a single custom field that should help.
Link to comment
https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106765
Share on other sites

ah yes, paypal, the epitome of all evil.  This was my biggest challenge, there are a few way's to do this.

One way I started doing, was using sessions, I simply register a bunch of sessions on the last page before payment, then do all my data work on the thankyou page, and leave a note they have to come back to the site, or they don't get what they pay for.  WHen it comes to the actual ipn, I couldn't get it to work, It was easy setting up ipn, but fighting with there optional parameters, really isn't worth it.
Link to comment
https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106771
Share on other sites

Can you not insert all the data into your database first, including a uniqueID of some kind, then pass the unique ID to PayPal in the optional field.  When PayPal returns that field, along with the notification of APPROVED or whatever it is they do, then you can use the uniqueID to get all the information that you need back from the database?

Why not just process it first, why post the information to PayPal at all?

Regards
Huggie
Link to comment
https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106775
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.