Chris@76: $txt['paypal_email_desc']),
Chris@76: );
Chris@76:
Chris@76: return $setting_data;
Chris@76: }
Chris@76:
Chris@76: // Is this enabled for new payments?
Chris@76: public function gatewayEnabled()
Chris@76: {
Chris@76: global $modSettings;
Chris@76:
Chris@76: return !empty($modSettings['paypal_email']);
Chris@76: }
Chris@76:
Chris@76: // What do we want?
Chris@76: public function fetchGatewayFields($unique_id, $sub_data, $value, $period, $return_url)
Chris@76: {
Chris@76: global $modSettings, $txt, $boardurl;
Chris@76:
Chris@76: $return_data = array(
Chris@76: 'form' => 'https://www.' . (!empty($modSettings['paidsubs_test']) ? 'sandbox.' : '') . 'paypal.com/cgi-bin/webscr',
Chris@76: 'id' => 'paypal',
Chris@76: 'hidden' => array(),
Chris@76: 'title' => $txt['paypal'],
Chris@76: 'desc' => $txt['paid_confirm_paypal'],
Chris@76: 'submit' => $txt['paid_paypal_order'],
Chris@76: 'javascript' => '',
Chris@76: );
Chris@76:
Chris@76: // All the standard bits.
Chris@76: $return_data['hidden']['business'] = $modSettings['paypal_email'];
Chris@76: $return_data['hidden']['item_name'] = $sub_data['name'] . ' ' . $txt['subscription'];
Chris@76: $return_data['hidden']['item_number'] = $unique_id;
Chris@76: $return_data['hidden']['currency_code'] = strtoupper($modSettings['paid_currency_code']);
Chris@76: $return_data['hidden']['no_shipping'] = 1;
Chris@76: $return_data['hidden']['no_note'] = 1;
Chris@76: $return_data['hidden']['amount'] = $value;
Chris@76: $return_data['hidden']['cmd'] = !$sub_data['repeatable'] ? '_xclick' : '_xclick-subscriptions';
Chris@76: $return_data['hidden']['return'] = $return_url;
Chris@76: $return_data['hidden']['a3'] = $value;
Chris@76: $return_data['hidden']['src'] = 1;
Chris@76: $return_data['hidden']['notify_url'] = $boardurl . '/subscriptions.php';
Chris@76:
Chris@76: // Now stuff dependant on what we're doing.
Chris@76: if ($sub_data['flexible'])
Chris@76: {
Chris@76: $return_data['hidden']['p3'] = 1;
Chris@76: $return_data['hidden']['t3'] = strtoupper(substr($period, 0, 1));
Chris@76: }
Chris@76: else
Chris@76: {
Chris@76: preg_match('~(\d*)(\w)~', $sub_data['real_length'], $match);
Chris@76: $unit = $match[1];
Chris@76: $period = $match[2];
Chris@76:
Chris@76: $return_data['hidden']['p3'] = $unit;
Chris@76: $return_data['hidden']['t3'] = $period;
Chris@76: }
Chris@76:
Chris@76: // If it's repeatable do soem javascript to respect this idea.
Chris@76: if (!empty($sub_data['repeatable']))
Chris@76: $return_data['javascript'] = '
Chris@76: document.write(\'
\');
Chris@76:
Chris@76: function switchPaypalRecur()
Chris@76: {
Chris@76: document.getElementById("paypal_cmd").value = document.getElementById("do_paypal_recur").checked ? "_xclick-subscriptions" : "_xclick";
Chris@76: }';
Chris@76:
Chris@76: return $return_data;
Chris@76: }
Chris@76: }
Chris@76:
Chris@76: class paypal_payment
Chris@76: {
Chris@76: private $return_data;
Chris@76:
Chris@76: // This function returns true/false for whether this gateway thinks the data is intended for it.
Chris@76: public function isValid()
Chris@76: {
Chris@76: global $modSettings;
Chris@76:
Chris@76: // Has the user set up an email address?
Chris@76: if (empty($modSettings['paypal_email']))
Chris@76: return false;
Chris@76: // Check the correct transaction types are even here.
Chris@76: if ((!isset($_POST['txn_type']) && !isset($_POST['payment_status'])) || (!isset($_POST['business']) && !isset($_POST['receiver_email'])))
Chris@76: return false;
Chris@76: // Correct email address?
Chris@76: if (!isset($_POST['business']))
Chris@76: $_POST['business'] = $_POST['receiver_email'];
Chris@76: if ($modSettings['paypal_email'] != $_POST['business'] && (empty($modSettings['paypal_additional_emails']) || !in_array($_POST['business'], explode(',', $modSettings['paypal_additional_emails']))))
Chris@76: return false;
Chris@76: return true;
Chris@76: }
Chris@76:
Chris@76: // Validate all the data was valid.
Chris@76: public function precheck()
Chris@76: {
Chris@76: global $modSettings, $txt;
Chris@76:
Chris@76: // Put this to some default value.
Chris@76: if (!isset($_POST['txn_type']))
Chris@76: $_POST['txn_type'] = '';
Chris@76:
Chris@76: // Build the request string - starting with the minimum requirement.
Chris@76: $requestString = 'cmd=_notify-validate';
Chris@76:
Chris@76: // Now my dear, add all the posted bits.
Chris@76: foreach ($_POST as $k => $v)
Chris@76: $requestString .= '&' . $k . '=' . urlencode($v);
Chris@76:
Chris@76: // Can we use curl?
Chris@76: if (function_exists('curl_init') && $curl = curl_init((!empty($modSettings['paidsubs_test']) ? 'https://www.sandbox.' : 'http://www.') . 'paypal.com/cgi-bin/webscr'))
Chris@76: {
Chris@76: // Set the post data.
Chris@76: curl_setopt($curl, CURLOPT_POST, true);
Chris@76: curl_setopt($curl, CURLOPT_POSTFIELDSIZE, 0);
Chris@76: curl_setopt($curl, CURLOPT_POSTFIELDS, $requestString);
Chris@76:
Chris@76: curl_setopt($curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
Chris@76: curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
Chris@76: curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
Chris@76: curl_setopt($curl, CURLOPT_FORBID_REUSE, 1);
Chris@76: curl_setopt($curl, CURLOPT_HTTPHEADER, array(
Chris@76: 'Host: www.' . (!empty($modSettings['paidsubs_test']) ? 'sandbox.' : '') . 'paypal.com',
Chris@76: 'Connection: close'
Chris@76: ));
Chris@76:
Chris@76: // Fetch the data returned as a string.
Chris@76: curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
Chris@76:
Chris@76: // Fetch the data.
Chris@76: $this->return_data = curl_exec($curl);
Chris@76:
Chris@76: // Close the session.
Chris@76: curl_close($curl);
Chris@76: }
Chris@76: // Otherwise good old HTTP.
Chris@76: else
Chris@76: {
Chris@76: // Setup the headers.
Chris@76: $header = 'POST /cgi-bin/webscr HTTP/1.1' . "\r\n";
Chris@76: $header .= 'Content-Type: application/x-www-form-urlencoded' . "\r\n";
Chris@76: $header .= 'Host: www.' . (!empty($modSettings['paidsubs_test']) ? 'sandbox.' : '') . 'paypal.com' . "\r\n";
Chris@76: $header .= 'Content-Length: ' . strlen ($requestString) . "\r\n";
Chris@76: $header .= 'Connection: close' . "\r\n\r\n";
Chris@76:
Chris@76: // Open the connection.
Chris@76: if (!empty($modSettings['paidsubs_test']))
Chris@76: $fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
Chris@76: else
Chris@76: $fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
Chris@76:
Chris@76: // Did it work?
Chris@76: if (!$fp)
Chris@76: generateSubscriptionError($txt['paypal_could_not_connect']);
Chris@76:
Chris@76: // Put the data to the port.
Chris@76: fputs($fp, $header . $requestString);
Chris@76:
Chris@76: // Get the data back...
Chris@76: while (!feof($fp))
Chris@76: {
Chris@76: $this->return_data = fgets($fp, 1024);
Chris@76: if (strcmp(trim($this->return_data), 'VERIFIED') == 0)
Chris@76: break;
Chris@76: }
Chris@76:
Chris@76: // Clean up.
Chris@76: fclose($fp);
Chris@76: }
Chris@76:
Chris@76: // If this isn't verified then give up...
Chris@76: // !! This contained a comment "send an email", but we don't appear to send any?
Chris@76: if (strcmp(trim($this->return_data), 'VERIFIED') != 0)
Chris@76: exit;
Chris@76:
Chris@76: // Check that this is intended for us.
Chris@76: if ($modSettings['paypal_email'] != $_POST['business'] && (empty($modSettings['paypal_additional_emails']) || !in_array($_POST['business'], explode(',', $modSettings['paypal_additional_emails']))))
Chris@76: exit;
Chris@76:
Chris@76: // Is this a subscription - and if so it's it a secondary payment that we need to process?
Chris@76: if ($this->isSubscription() && (empty($_POST['item_number']) || strpos($_POST['item_number'], '+') === false))
Chris@76: // Calculate the subscription it relates to!
Chris@76: $this->_findSubscription();
Chris@76:
Chris@76: // Verify the currency!
Chris@76: if (strtolower($_POST['mc_currency']) != $modSettings['paid_currency_code'])
Chris@76: exit;
Chris@76:
Chris@76: // Can't exist if it doesn't contain anything.
Chris@76: if (empty($_POST['item_number']))
Chris@76: exit;
Chris@76:
Chris@76: // Return the id_sub and id_member
Chris@76: return explode('+', $_POST['item_number']);
Chris@76: }
Chris@76:
Chris@76: // Is this a refund?
Chris@76: public function isRefund()
Chris@76: {
Chris@76: if ($_POST['payment_status'] == 'Refunded' || $_POST['payment_status'] == 'Reversed' || $_POST['txn_type'] == 'Refunded' || ($_POST['txn_type'] == 'reversal' && $_POST['payment_status'] == 'Completed'))
Chris@76: return true;
Chris@76: else
Chris@76: return false;
Chris@76: }
Chris@76:
Chris@76: // Is this a subscription?
Chris@76: public function isSubscription()
Chris@76: {
Chris@76: if (substr($_POST['txn_type'], 0, 14) == 'subscr_payment' && $_POST['payment_status'] == 'Completed')
Chris@76: return true;
Chris@76: else
Chris@76: return false;
Chris@76: }
Chris@76:
Chris@76: // Is this a normal payment?
Chris@76: public function isPayment()
Chris@76: {
Chris@76: if ($_POST['payment_status'] == 'Completed' && $_POST['txn_type'] == 'web_accept')
Chris@76: return true;
Chris@76: else
Chris@76: return false;
Chris@76: }
Chris@76:
Chris@76: // How much was paid?
Chris@76: public function getCost()
Chris@76: {
Chris@76: return (isset($_POST['tax']) ? $_POST['tax'] : 0) + $_POST['mc_gross'];
Chris@76: }
Chris@76:
Chris@76: // exit.
Chris@76: public function close()
Chris@76: {
Chris@76: global $smcFunc, $subscription_id;
Chris@76:
Chris@76: // If it's a subscription record the reference.
Chris@76: if ($_POST['txn_type'] == 'subscr_payment' && !empty($_POST['subscr_id']))
Chris@76: {
Chris@76: $_POST['subscr_id'] = $_POST['subscr_id'];
Chris@76: $smcFunc['db_query']('', '
Chris@76: UPDATE {db_prefix}log_subscribed
Chris@76: SET vendor_ref = {string:vendor_ref}
Chris@76: WHERE id_sublog = {int:current_subscription}',
Chris@76: array(
Chris@76: 'current_subscription' => $subscription_id,
Chris@76: 'vendor_ref' => $_POST['subscr_id'],
Chris@76: )
Chris@76: );
Chris@76: }
Chris@76:
Chris@76: exit();
Chris@76: }
Chris@76:
Chris@76: // A private function to find out the subscription details.
Chris@76: private function _findSubscription()
Chris@76: {
Chris@76: global $smcFunc;
Chris@76:
Chris@76: // Assume we have this?
Chris@76: if (empty($_POST['subscr_id']))
Chris@76: return false;
Chris@76:
Chris@76: // Do we have this in the database?
Chris@76: $request = $smcFunc['db_query']('', '
Chris@76: SELECT id_member, id_subscribe
Chris@76: FROM {db_prefix}log_subscribed
Chris@76: WHERE vendor_ref = {string:vendor_ref}
Chris@76: LIMIT 1',
Chris@76: array(
Chris@76: 'vendor_ref' => $_POST['subscr_id'],
Chris@76: )
Chris@76: );
Chris@76: // No joy?
Chris@76: if ($smcFunc['db_num_rows']($request) == 0)
Chris@76: {
Chris@76: // Can we identify them by email?
Chris@76: if (!empty($_POST['payer_email']))
Chris@76: {
Chris@76: $smcFunc['db_free_result']($request);
Chris@76: $request = $smcFunc['db_query']('', '
Chris@76: SELECT ls.id_member, ls.id_subscribe
Chris@76: FROM {db_prefix}log_subscribed AS ls
Chris@76: INNER JOIN {db_prefix}members AS mem ON (mem.id_member = ls.id_member)
Chris@76: WHERE mem.email_address = {string:payer_email}
Chris@76: LIMIT 1',
Chris@76: array(
Chris@76: 'payer_email' => $_POST['payer_email'],
Chris@76: )
Chris@76: );
Chris@76: if ($smcFunc['db_num_rows']($request) == 0)
Chris@76: return false;
Chris@76: }
Chris@76: else
Chris@76: return false;
Chris@76: }
Chris@76: list ($member_id, $subscription_id) = $smcFunc['db_fetch_row']($request);
Chris@76: $_POST['item_number'] = $member_id . '+' . $subscription_id;
Chris@76: $smcFunc['db_free_result']($request);
Chris@76: }
Chris@76: }
Chris@76:
Chris@76: ?>