id;
$notify_url = trailingslashit($thank_you_url) . $transaction->id;
$cancel_url = trailingslashit($cancel_url) . $transaction->id;
} else {
$return_url = add_query_arg(array('awpcp-txn' => $transaction->id), $thank_you_url);
$notify_url = add_query_arg(array('awpcp-txn' => $transaction->id), $thank_you_url);
$cancel_url = add_query_arg(array('awpcp-txn' => $transaction->id), $cancel_url);
}
return array($return_url, $notify_url, $cancel_url);
}
function awpcp_paypal_checkout_form($form, $transaction) {
if ($transaction->get('payment-method') != 'paypal') {
return $form;
}
global $awpcp_imagesurl;
$is_recurring = get_awpcp_option('paypalpaymentsrecurring');
$is_test_mode_enabled = get_awpcp_option('paylivetestmode') == 1;
$amount = $transaction->get('amount');
$currency = get_awpcp_option('paypalcurrencycode');
$custom = $transaction->id;
$item = $transaction->get_item(0); // no support for multiple items
if (is_null($item)) {
return __('There was an error processing your payment.', 'AWPCP');
}
list($return_url, $notify_url, $cancel_url) = awpcp_payment_urls($transaction);
if (get_awpcp_option('paylivetestmode') == 1) {
$paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
}
ob_start();
include(AWPCP_DIR . 'frontend/templates/checkout-form-paypal.tpl.php');
$html = ob_get_contents();
ob_end_clean();
return $html;
}
function awpcp_2checkout_checkout_form($form, $transaction) {
if ($transaction->get('payment-method') != '2checkout') {
return $form;
}
global $awpcp_imagesurl;
$is_recurring = get_awpcp_option('twocheckoutpaymentsrecurring');
$is_test_mode_enabled = get_awpcp_option('paylivetestmode') == 1;
$x_login = get_awpcp_option('2checkout');
$amount = $transaction->get('amount');
$custom = $transaction->id;
$item = $transaction->get_item(0); // no support for multiple items
if (is_null($item)) {
return __('There was an error processing your payment.', 'AWPCP');
}
list($return_url, $notify_url, $cancel_url) = awpcp_payment_urls($transaction);
ob_start();
include(AWPCP_DIR . 'frontend/templates/checkout-form-2checkout.tpl.php');
$html = ob_get_contents();
ob_end_clean();
return $html;
}
/**
* Verify data received from PayPal IPN notifications and returns PayPal's
* response.
*
* Request errors, if any, are returned by reference.
*
* @since 2.0.7
*/
function awpcp_paypal_verify_received_data($data=array(), &$errors=array()) {
$content = 'cmd=_notify-validate';
foreach ($data as $key => $value) {
$value = urlencode(stripslashes($value));
$content .= "&$key=$value";
}
$response = 'ERROR';
if (in_array('curl', get_loaded_extensions())) {
if (get_awpcp_option('paylivetestmode') == 1) {
$paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
}
$ch = curl_init($paypal_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, AWPCP_DIR . 'cacert.pem');
curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if (curl_errno($ch)) {
$errors[] = sprintf('%d: %s', curl_errno($ch), curl_error($ch));
}
curl_close($ch);
} else {
if (get_awpcp_option('paylivetestmode') == 1) {
$paypallink = "ssl://www.sandbox.paypal.com";
} else {
$paypallink = "ssl://www.paypal.com";
}
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header.= "Content-Type: application/x-www-form-urlencoded\r\n";
$header.= "Content-Length: " . strlen($content) . "\r\n\r\n";
$fp = fsockopen($paypallink, 443, $errno, $errstr, 30);
if ($fp) {
fputs ($fp, $header . $content);
while(!feof($fp)) {
$line = fgets($fp, 1024);
if (strcasecmp($line, "VERIFIED") == 0 || strcasecmp($line, "INVALID") == 0) {
$response = $line;
break;
}
}
fclose($fp);
} else {
$errors[] = sprintf('%d: %s', $errno, $errstr);
}
}
return $response;
}
function awpcp_paypal_verify_transaction($verified, $transaction) {
if ($verified || $transaction->get('payment-method') != 'paypal') {
return $verified;
}
// PayPal can redirect users using a GET request and issuing
// a POST request in the background. If the transaction was
// already verified during the POST transaction the result
// should be stored in the transaction's verified attribute
if (!empty($_POST)) {
$response = awpcp_paypal_verify_received_data($_POST);
$verified = strcasecmp($response, 'VERIFIED') === 0;
} else {
$verified = $transaction->get('verified', false);
}
if (!$verified) {
$variables = count($_POST);
$url = awpcp_current_url();
if ($variables <= 0) {
$msg = '
' . __("We haven't received your payment information from PayPal yet and we are unable to verify your transaction. Please reload this page or visit %s in 30 seconds to continue placing your Ad.", 'AWPCP') . '
' . __("If this status is not COMPLETED or VERIFIED, then you may need to wait a bit before your payment is approved, or contact PayPal directly as to the reason the payment is having a problem.",'AWPCP').'
';
}
$msg.= '
' . __("If you have any further questions, please contact this site administrator.",'AWPCP').'
';
$transaction->errors[] = $msg;
} else {
// clean up previous errors
$transaction->errors = array();
}
$transaction->set('txn-id', awpcp_post_param('txn_id'));
return $verified;
}
function awpcp_2checkout_verify_transaction($verified, $transaction) {
if ($verified || $transaction->get('payment-method') != '2checkout') {
return $verified;
}
$x_response_code = awpcp_post_param('x_response_code');
$x_twocorec = awpcp_posta_param('x_twocorec');
$transaction->set('txn-id', awpcp_posta_param('x_trans_id'));
if ($x_response_code == 1 || $x_twocorec == 1) {
return true;
}
$msg=__("There appears to be a problem. Please contact customer service if you are viewing this message after having made a payment via 2Checkout. If you have not tried to make a payment and you are viewing this message, it means this message has been sent in error and can be disregarded.","AWPCP");
$transaction->errors[] = $msg;
// TODO: fix email function
// $output .= abort_payment_no_email($msg,$ad_id,$txn_id,$gateway);
return false;
}
function awpcp_paypal_validate_transaction($valid, $transaction) {
if ($valid || $transaction->get('payment-method') != 'paypal') {
return $valid;
}
// PayPal can redirect users using a GET request and issuing
// a POST request in the background. If the transaction was
// already verified during the POST transaction the result
// should be stored in the transaction's validated attribute
if (empty($_POST)) {
return $transaction->get('validated', false);
}
$item_name = awpcp_post_param('item_name');
$item_name = awpcp_post_param('item_name');
$item_number = awpcp_post_param('item_number');
$receiver_email = awpcp_post_param('receiver_email');
$business = awpcp_post_param('business');
$quantity = awpcp_post_param('quantity');
$mc_gross = $mcgross = number_format(awpcp_post_param('mc_gross'), 2);
$payment_gross = number_format(awpcp_post_param('payment_gross'), 2);
$mc_fee = awpcp_post_param('mc_fee');
$tax = awpcp_post_param('tax');
$payment_currency = awpcp_post_param('mc_currency');
$exchange_rate = awpcp_post_param('exchange_rate');
$payment_status = awpcp_post_param('payment_status');
$payment_type = awpcp_post_param('payment_type');
$payment_date = awpcp_post_param('payment_date');
$txn_id = awpcp_post_param('txn_id');
$txn_type = awpcp_post_param('txn_type');
$first_name = awpcp_post_param('first_name');
$last_name = awpcp_post_param('last_name');
$payer_email = awpcp_post_param('payer_email');
$address_street = awpcp_post_param('address_street');
$address_zip = awpcp_post_param('address_zip');
$address_city = awpcp_post_param('address_city');
$address_state = awpcp_post_param('address_state');
$address_country = awpcp_post_param('address_country');
$address_country_code = awpcp_post_param('address_country_code');
$residence_country = awpcp_post_param('residence_country');
$custom = awpcp_post_param('custom');
// handle Subscription (PayPal Subscriptions) payments
// TODO: handle other Subscription related transaction types (out of the scope)
if (strcasecmp($txn_type, 'subscr-cancel') === 0) {
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_SUBSCRIPTION_CANCELED);
return true;
}
// handle regular payments
$amount = number_format($transaction->get('amount'), 2);
if ($amount != $mc_gross && $amount != $payment_gross) {
$msg = __("The amount you have paid does not match any of our Payment Terms amounts. Please contact us to clarify the problem.", "AWPCP");
$transaction->errors[] = $msg;
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_INVALID);
awpcp_abort_payment($msg, $transaction);
return false;
}
$paypal_email = get_awpcp_option('paypalemail');
if (strcasecmp($receiver_email, $paypal_email) !== 0 && strcasecmp($business, $paypal_email) !== 0) {
$msg = __("There was an error processing your transaction. If funds have been deducted from your account they have not been processed to our account. You will need to contact PayPal about the matter.", "AWPCP");
$transaction->errors[] = $msg;
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_INVALID);
awpcp_abort_payment($msg, $transaction);
return false;
}
// TODO: handle this filter for Ads and Subscriptions
$duplicated = apply_filters('awpcp-payments-is-duplicated-transaction', false, $txn_id);
if ($duplicated) {
$msg = __("It appears this transaction has already been processed. If you do not see your ad in the system please contact the site adminstrator for assistance.", "AWPCP");
$transaction->errors[] = $msg;
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_INVALID);
awpcp_abort_payment($msg, $transaction);
return false;
}
if (strcasecmp($payment_status, 'Completed') === 0) {
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_COMPLETED);
} else if (strcasecmp($payment_status, 'Pending') === 0) {
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_PENDING);
} else if (strcasecmp($payment_status, 'Refunded') === 0 ||
strcasecmp($payment_status, "Reversed") == 0 ||
strcasecmp($payment_status, "Partially-Refunded") == 0 ||
strcasecmp($payment_status, "Canceled_Reversal") == 0 ||
strcasecmp($payment_status, "Denied") == 0 ||
strcasecmp($payment_status, "Expired") == 0 ||
strcasecmp($payment_status, "Failed") == 0 ||
strcasecmp($payment_status, "Voided") == 0)
{
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_FAILED);
} else {
$msg = __("There appears to be a problem. Please contact customer service if you are viewing this message after having made a payment. If you have not tried to make a payment and you are viewing this message, it means this message is being shown in error and can be disregarded.", "AWPCP");
$transaction->errors[] = $msg;
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_UNKNOWN);
awpcp_abort_payment($msg, $transaction);
}
return empty($transaction->errors);
}
function awpcp_2checkout_validate_transaction($valid, $transaction) {
if ($transaction->get('payment-method') != '2checkout') {
return $valid;
}
$x_2checked = awpcp_post_param('x_2checked');
$x_MD5_Hash = awpcp_post_param('x_MD5_Hash');
$x_trans_id = awpcp_post_param('x_trans_id');
$card_holder_name = awpcp_post_param('card_holder_name');
$x_Country = awpcp_post_param('x_Country');
$x_City = awpcp_post_param('x_City');
$x_State = awpcp_post_param('x_State');
$x_Zip = awpcp_post_param('x_Zip');
$x_Address = awpcp_post_param('x_Address');
$x_Email = awpcp_post_param('x_Email');
$x_Phone = awpcp_post_param('x_Phone');
$x_Login = awpcp_post_param('x_Phone');
$demo = awpcp_post_param('demo');
$x_response_code= awpcp_post_param('x_response_code');
$x_response_reason_code = awpcp_post_param('x_response_reason_code');
$x_response_reason_text = awpcp_post_param('x_response_reason_text');
$x_item_number = awpcp_post_param('x_item_number');
$x_custom = awpcp_post_param('x_custom');
$x_buyer_mail = awpcp_post_param('email');
$x_twocorec = awpcp_post_param('x_twocorec');
$x_order_number = awpcp_post_param('order_number');
$x_sid = awpcp_post_param('sid');
$x_amount = number_format(awpcp_post_param('x_amount'), 2);
$amount = number_format($transaction->get('amount'), 2);
if ($amount !== $x_amount) {
$msg = __("The amount you have paid does not match any of our Payment Terms amounts. Please contact us to clarify the problem.", "AWPCP");
$transaction->errors[] = $msg;
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_INVALID);
awpcp_abort_payment($msg, $transaction);
return false;
}
if (strcasecmp($x_Login, get_awpcp_option('2checkout')) !== 0) {
$msg = __("There was an error processing your transaction. If funds have been deducted from your account they have not been processed to our account. You will need to contact PayPal about the matter.", "AWPCP");
$transaction->errors[] = $msg;
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_INVALID);
awpcp_abort_payment($msg, $transaction);
return false;
}
// TODO: handle this filter for Ads and Subscriptions
$duplicated = apply_filters('awpcp-payments-is-duplicated-transaction', false, $txn_id);
if ($duplicated) {
$msg = __("It appears this transaction has already been processed. If you do not see your ad in the system please contact the site adminstrator for assistance.", "AWPCP");
$transaction->errors[] = $msg;
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_INVALID);
awpcp_abort_payment($msg, $transaction);
return false;
}
$transaction->set('payment-status', AWPCP_Payment_Transaction::$PAYMENT_STATUS_COMPLETED);
return true;
}
// function awpcp_payment_encode_params($params) {
// $encoded = '';
// foreach($params as $name => $value) {
// $encoded .= "$name=" . urlencode($value) . "&";
// }
// return trim($encoded, '&');
// }
// function awpcp_payment_decode_params($encoded) {
// $params = array();
// $parts = explode('&', $encoded);
// foreach ($parts as $part) {
// $param = explode('=', $part);
// $params[$param[0]] = $param[1];
// }
// return $params;
// }
// /**
// * Returns HTML code to display a PayPal Payments button.
// *
// * @param $payment_period Time period for recurring payments in days [1,90].
// */
// // TODO: what to do with recurring payments?
// function awpcp_paypal_payment_button($item_id, $item_name, $amount,
// $payment_period='', $context='', $params=array())
// {
// global $awpcp_imagesurl;
// $is_recurring = get_awpcp_option('paypalpaymentsrecurring');
// $is_test_mode_enabled = get_awpcp_option('paylivetestmode') == 1;
// $curreny = get_awpcp_option('paypalcurrencycode');
// $params = array_merge($params, array('handler' => 'paypal', 'context' => $context));
// $custom = awpcp_payment_encode_params($params);
// // setup URLS
// list($return_url, $notify_url, $cancel_url) = awpcp_payment_urls($context, $params);
// if (get_awpcp_option('paylivetestmode') == 1) {
// $paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
// } else {
// $paypal_url = "https://www.paypal.com/cgi-bin/webscr";
// }
// ob_start();
// include(AWPCP_DIR . 'frontend/templates/paypal_payment_button.tpl.php');
// $content = ob_get_contents();
// ob_end_clean();
// return $content;
// }
// function awpcp_2checkout_payment_button($product_id, $c_prod, $c_name, $c_description, $amount, $x_item_number, $params=array()) {
// global $awpcp_imagesurl;
// $is_recurring = get_awpcp_option('twocheckoutpaymentsrecurring');
// $is_test_mode_enabled = get_awpcp_option('paylivetestmode') == 1;
// $x_login = get_awpcp_option('2checkout');
// $params = array_merge($params, array('handler' => '2checkout', 'context' => $context));
// $custom = awpcp_payment_encode_params($params);
// // setup URLS
// list($return_url, $notify_url, $cancel_url) = awpcp_payment_urls($context, $params);
// //debug($custom);
// ob_start();
// include(AWPCP_DIR . 'frontend/templates/2checkout_payment_button.tpl.php');
// $content = ob_get_contents();
// ob_end_clean();
// return $content;
// }
/**
* TODO: make this function call awpcp_paypal_payments_button()
* I would have done it but I don't want to risk breaking anything,
* maybe later when we have more time. --wvega.
*/
function awpcp_displaypaymentbutton_paypal($adid,$custom,$adterm_name,$adterm_id,$key,$amount,$recperiod,$permastruc,$quers,$paymentthankyoupageid,$paymentcancelpageid,$paymentthankyoupagename,$paymentcancelpagename,$base)
{
global $awpcp_imagesurl;
$showpaybuttonpaypal="";
if ( get_awpcp_option('seofriendlyurls') )
{
if (isset($permastruc) && !empty($permastruc))
{
$codepaymentthankyou="";
$codepaymentnotifyurl="";
$codepaymentcancel="";
}
else
{
$codepaymentthankyou="";
$codepaymentnotifyurl="";
$codepaymentcancel="";
}
}
elseif (!( get_awpcp_option('seofriendlyurls') ) )
{
if (isset($permastruc) && !empty($permastruc))
{
$codepaymentthankyou="";
$codepaymentnotifyurl="";
$codepaymentcancel="";
}
else
{
$codepaymentthankyou="";
$codepaymentnotifyurl="";
$codepaymentcancel="";
}
}
if (get_awpcp_option('paylivetestmode') == 1)
{
$paypalurl="https://www.sandbox.paypal.com/cgi-bin/webscr";
}
else
{
$paypalurl="https://www.paypal.com/cgi-bin/webscr";
}
$showpaybuttonpaypal.="";
return $showpaybuttonpaypal;
}
function awpcp_displaypaymentbutton_twocheckout($adid,$custom,$adterm_name,$adterm_id,$key,$amount,$recperiod,$permastruc,$quers,$paymentthankyoupageid,$paymentcancelpageid,$paymentthankyoupagename,$paymentcancelpagename,$base)
{
global $awpcp_imagesurl;
$showpaybuttontwocheckout="";
if ( get_awpcp_option('seofriendlyurls') )
{
if (isset($permastruc) && !empty($permastruc))
{
$x_receipt_link_url="$quers/$paymentthankyoupagename/$custom";
}
else
{
$x_receipt_link_url="$quers/?page_id=$paymentthankyoupageid&i=$custom";
}
}
elseif (!( get_awpcp_option('seofriendlyurls') ) )
{
if (isset($permastruc) && !empty($permastruc))
{
$x_receipt_link_url="$quers/$paymentthankyoupagename/$custom";
}
else
{
$x_receipt_link_url="$quers/?page_id=$paymentthankyoupageid&i=$custom";
}
}
if (get_awpcp_option('twocheckoutpaymentsrecurring'))
{
$x_login_sid="";
}
else
{
$x_login_sid="";
}
$showpaybuttontwocheckout.="";
return $showpaybuttontwocheckout;
}
// Process PayPal Payment
function do_paypal($payment_status, $item_name, $item_number, $receiver_email,
$quantity, $mcgross, $payment_gross, $txn_id, $custom, $txn_type)
{
$output = '';
global $wpdb;
$tbl_ads = $wpdb->prefix . "awpcp_ads";
$tbl_ad_fees = $wpdb->prefix . "awpcp_adfees";
$tbl_ad_photos = $wpdb->prefix . "awpcp_adphotos";
$gateway = "Paypal";
$pbizid = get_awpcp_option('paypalemail');
// Configure the data that will be needed for use depending on conditions met
// Split the data returned in $custom
$adidkey = $custom;
$adkeyelements = explode("_", $adidkey);
$ad_id=$adkeyelements[0];
$key=$adkeyelements[1];
$pproc=$adkeyelements[2];
$ad_id=clean_field($ad_id);
$key=clean_field($key);
// Get the item ID in order to calculate length of term
$adtermid=$item_number;
// Set the value of field: premiumstart
$ad_startdate=mktime();
// Determine when ad term ends based on start time and term length
//addurationfreemode
$days = get_num_days_in_term($adtermid);
$term_duration = awpcp_get_term_duration($adtermid);
$mysql_periods = array('D' => 'DAY', 'W' => 'WEEK', 'M' => 'MONTH', 'Y' => 'YEAR');
$duration = $term_duration['duration'];
$increment = $mysql_periods[$term_duration['increment']];
// Bypass amount email dupeid checks if this is a cancellation notification
$awpcp_ipn_is_cancellation = false;
$awpcp_subscr_cancel="subscr-cancel";
if (strcasecmp($txn_type, $awpcp_subscr_cancel) == 0)
{
// this is a cancellation notification so no need to run validation check on amount transaction id etc
$awpcp_ipn_is_cancellation = 1;
do_action('awpcp_disable_ad');
}
else
{
// Make sure the incoming payment amount received matches at least one of the payment ids in the system
$myamounts=array();
$query="SELECT amount FROM ".$tbl_ad_fees."";
$res = awpcp_query($query, __LINE__);
while ($rsrow=mysql_fetch_row($res))
{
$myamounts[]=number_format($rsrow[0],2);
}
//
// If the incoming payment amount does not match the system amounts
//
$amount_matches = in_array(number_format($mcgross,2),$myamounts) ||
in_array(number_format($payment_gross,2),$myamounts);
$amount_matches = apply_filters('awpcp_payment_amount_matches', $amount_matches, $mcgross, 'paypal');
if (!$amount_matches) {
$message=__("The amount you have paid does not match any of our listing fee amounts. Please contact us to clarify the problem.","AWPCP");
$awpcpshowadsample = 0;
$awpcppaymentresultmessage = abort_payment($message,$ad_id,$txn_id,$gateway);
do_action('awpcp_disable_ad');
}
// If the amount matches
////////
// Compare the incoming receiver email with the system receiver email
/////////
/////////
// If the emails do not match
/////////
if (!(strcasecmp($receiver_email, $pbizid) == 0)) {
$message=__("There was an error processing your transaction. If funds have been deducted from your account they have not been processed to our account. You will need to contact PayPal about the matter.","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=abort_payment_no_email($message,$ad_id,$txn_id,$gateway);
}
/////////
// If the emails do match
/////////
//////////////////////////
// Check for duplicate transaction ID
//////////////////////////
//////////
// If the transaction ID is a duplicate of an ID already in the system
/////////
if (isdupetransid($txn_id)) {
$message=__("It appears this transaction has already been processed. If you do not see your ad in the system please contact the site adminstrator for assistance.","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=abort_payment_no_email($message,$ad_id,$txn_id,$gateway);
}
///////////
// If the transaction ID is not a duplicate proceed with processing the transaction
///////////
}
///////////////////////////
// Begin updating based on payment status
///////////////////////////
if (strcasecmp($payment_status, "Completed") == 0)
{
///////////
//Set the ad start and end date and save the transaction ID (this will be changed reset upon manual admin approval if ad approval is in effect)
///////////
if (get_awpcp_option('adapprove') == 1)
{
$disabled=1;
}
else
{
$disabled=0;
}
if ($awpcp_ipn_is_cancellation == 1)
{
$query="UPDATE ".$tbl_ads." SET payment_status='$payment_status' WHERE ad_id='$ad_id' AND ad_key='$key'";
}
else
{
$query = "UPDATE ".$tbl_ads." SET adterm_id='".clean_field($item_number)."',";
$query.= "ad_startdate=NOW(), ad_enddate=NOW()+INTERVAL $duration $increment, ";
$query.= "ad_transaction_id='$txn_id', payment_status='$payment_status', ";
$query.= "payment_gateway='Paypal', disabled='$disabled', ";
$query.= "ad_fee_paid='".clean_field($mcgross)."', renew_email_sent=0 ";
$query.= "WHERE ad_id='$ad_id' AND ad_key='$key'";
}
$res = awpcp_query($query, __LINE__);
//Enable the images, if they were previously disabled
$query="UPDATE ".$tbl_ad_photos." set disabled=0 WHERE ad_id='$ad_id'";
$res2 = awpcp_query($query, __LINE__);
if (isset($item_number) && !empty($item_number))
{
$query="UPDATE ".$tbl_ad_fees." SET buys=buys+1 WHERE adterm_id='".clean_field($item_number)."'";
$res = awpcp_query($query, __LINE__);
}
if ($awpcp_ipn_is_cancellation == 1)
{
$message=__("Payment status has been changed to cancelled","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=ad_paystatus_change_email($ad_id,$txn_id,$key,$message,$gateway);
}
else
{
$message=__("Payment has been completed","AWPCP");
$awpcpshowadsample=1;
$awpcppaymentresultmessage=ad_success_email($ad_id,$txn_id,$key,$message,$gateway);
}
do_action('awpcp_edit_ad');
}
elseif (strcasecmp($payment_status, "Refunded") == 0 ||
strcasecmp($payment_status, "Reversed") == 0 ||
strcasecmp($payment_status, "Partially-Refunded") == 0 ||
strcasecmp($payment_status, "Canceled_Reversal") == 0 ||
strcasecmp($payment_status, "Denied") == 0 ||
strcasecmp($payment_status, "Expired") == 0 ||
strcasecmp($payment_status, "Failed") == 0 ||
strcasecmp($payment_status, "Voided") == 0 )
{
///////////
// Disable the ad since the payment has been refunded
///////////
if (get_awpcp_option(freepay) == 1)
{
$query="UPDATE ".$tbl_ads." SET disabled=1,payment_status='$payment_status', WHERE ad_id='$ad_id' AND ad_key='$key'";
$res = awpcp_query($query, __LINE__);
if (isset($item_number) && !empty($item_number))
{
$query="UPDATE ".$tbl_ad_fees." SET buys=buys-1 WHERE adterm_id='".clean_field($item_number)."'";
$res = awpcp_query($query, __LINE__);
}
}
$message=__("Payment status has been changed to refunded","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=ad_paystatus_change_email($ad_id,$txn_id,$key,$message,$gateway);
do_action('awpcp_disable_ad');
}
elseif (strcasecmp ($payment_status, "Pending") == 0 )
{
///////////
//Set the ad start and end date and save the transaction ID (this will be changed reset upon manual admin approval if ad approval is in effect)
///////////
if (get_awpcp_option('disablependingads') == 0)
{
$disabled=1;
}
else
{
$disabled=0;
}
if ($awpcp_ipn_is_cancellation == 1)
{
$query="UPDATE ".$tbl_ads." SET payment_status='$payment_status' WHERE ad_id='$ad_id' AND ad_key='$key'";
}
else
{
$query = "UPDATE ".$tbl_ads." SET adterm_id='".clean_field($item_number)."',";
$query.= "ad_startdate=NOW(), ad_enddate=NOW()+INTERVAL $duration $increment, ";
$query.= "ad_transaction_id='$txn_id', payment_status='$payment_status', ";
$query.= "payment_gateway='Paypal', disabled='$disabled', ";
$query.= "ad_fee_paid='".clean_field($mcgross)."', renew_email_sent=0 ";
$query.= "WHERE ad_id='$ad_id' AND ad_key='$key'";
}
$res = awpcp_query($query, __LINE__);
//Dis/enable the images, if they were previously disabled
$query="UPDATE ".$tbl_ad_photos." set disabled='$disabled' WHERE ad_id='$ad_id'";
$res2 = awpcp_query($query, __LINE__);
if (isset($item_number) && !empty($item_number))
{
$query="UPDATE ".$tbl_ad_fees." SET buys=buys+1 WHERE adterm_id='".clean_field($item_number)."'";
$res = awpcp_query($query, __LINE__);
}
$message=__("Payment is pending","AWPCP");
$awpcpshowadsample=1;
$awpcppaymentresultmessage=ad_success_email($ad_id,$txn_id,$key,$message,$gateway);
do_action('awpcp_edit_ad');
}
else
{
$message=__("There appears to be a problem. Please contact customer service if you are viewing this message after having made a payment. If you have not tried to make a payment and you are viewing this message, it means this message is being shown in error and can be disregarded.","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=abort_payment($message,$ad_id,$txn_id,$gateway);
do_action('awpcp_disable_ad');
}
$output .= "
";
return $output;
}
// End process
function do_2checkout($custom,$x_amount,$x_item_number,$x_trans_id,$x_Login)
{
$output = '';
global $wpdb;
$tbl_ads = $wpdb->prefix . "awpcp_ads";
$tbl_ad_fees = $wpdb->prefix . "awpcp_adfees";
$tbl_ad_photos = $wpdb->prefix . "awpcp_adphotos";
$gateway="2checkout";
$pbizid=get_awpcp_option('2checkout');
// Configure the data that will be needed for use depending on conditions met
// Split the data returned in $custom
$adidkey = $custom;
$adkeyelements = explode("_", $adidkey);
$ad_id=$adkeyelements[0];
$key=$adkeyelements[1];
$pproc=$adkeyelements[2];
$ad_id=clean_field($ad_id);
$key=clean_field($key);
// Get the item ID in order to calculate length of term
$adtermid=$x_item_number;
// Set the value of field: premiumstart
$ad_startdate=mktime();
// Determine when ad term ends based on start time and term length
$days = get_num_days_in_term($adtermid);
$term_duration = awpcp_get_term_duration($adtermid);
$mysql_periods = array('D' => 'DAY', 'W' => 'WEEK', 'M' => 'MONTH', 'Y' => 'YEAR');
$duration = $term_duration['duration'];
$increment = $mysql_periods[$term_duration['increment']];
// Make sure the incoming payment amount received matches at least one of the payment ids in the system
$myamounts=array();
$query="SELECT amount FROM ".$tbl_ad_fees."";
$res = awpcp_query($query, __LINE__);
while ($rsrow=mysql_fetch_row($res)) {
$myamounts[]=number_format($rsrow[0],2);
}
//
// If the incoming payment amount does not match the system amounts
//
$amount_matches = in_array(number_format($x_amount,2),$myamounts);
$amount_matches = apply_filters('awpcp_payment_amount_matches', $amount_matches, $x_amount, '2checkout');
if (!$amount_matches) {
$message=__("The amount you have paid does not match any of our listing fee amounts. Please contact us to clarify the problem","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=abort_payment($message,$ad_id,$x_trans_id,$gateway);
do_action('awpcp_edit_ad');
}
// If the amount matches
////////
// Compare the incoming receiver ID with the system receiver ID
/////////
/////////
// If the vendor IDs do not match
/////////
if (!(strcasecmp($x_Login, $pbizid) == 0))
{
$message=__("There was an error process your transaction. If funds have been deducted from your account they have not been processed to our account. You will need to contact 2Checkout about the matter","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=abort_payment($message,$ad_id,$x_trans_id,$gateway);
do_action('awpcp_edit_ad');
}
/////////
// If the vendor IDs do match
/////////
//////////////////////////
// Check for duplicate transaction ID
//////////////////////////
//////////
// If the transaction ID is a duplicate of an ID already in the system
/////////
if (isdupetransid($x_trans_id)) {
$message=__("It appears this transaction has already been processed. If you do not see your ad in the system please contact the site adminstrator for assistance","AWPCP");
$awpcpshowadsample=0;
$awpcppaymentresultmessage=abort_payment($message,$ad_id,$x_trans_id,$gateway);
}
///////////
// If the transaction ID is not a duplicate proceed with processing the transaction
///////////
///////////////////////////
// Begin updating based on payment status
///////////////////////////
///////////
//Set the ad start and end date and save the transaction ID (this will be changed reset upon manual admin approval if ad approval is in effect)
///////////
if ( (get_awpcp_option('adapprove') == 1) || (get_awpcp_option('disablependingads') == 0))
{
$disabled=1;
do_action('awpcp_disablead');
}
else
{
$disabled=0;
do_action('awpcp_approve_ad');
}
$query = "UPDATE ".$tbl_ads." SET adterm_id='".clean_field($x_item_number)."',";
$query.= "ad_startdate=NOW(), ad_enddate=NOW()+INTERVAL $duration $increment, ";
$query.= "ad_transaction_id='$x_trans_id', payment_status='Completed', ";
$query.= "payment_gateway='2Checkout', disabled='$disabled', ";
$query.= "ad_fee_paid='".clean_field($x_amount)."', renew_email_sent=0 ";
$query.= "WHERE ad_id='$ad_id' AND ad_key='$key'";
$res = awpcp_query($query, __LINE__);
//Enable the images, if they were previously disabled
$query="UPDATE ".$tbl_ad_photos." set disabled=0 WHERE ad_id='$ad_id'";
$res2 = awpcp_query($query, __LINE__);
// let plugins know an ad was successfully posted
// TODO: no matter what, the Ad is always posted with payment_status set
// to Complete. This surely is a bug...
do_action('awpcp_edit_ad');
if (isset($item_number) && !empty($item_number))
{
$query="UPDATE ".$tbl_ad_fees." SET buys=buys+1 WHERE adterm_id='".clean_field($x_item_number)."'";
$res = awpcp_query($query, __LINE__);
}
$message=__("Payment Status","AWPCP");
$message.=":";
$message.=__("Completed","AWPCP");
$awpcpshowadsample=1;
$awpcppaymentresultmessage=ad_success_email($ad_id,$x_trans_id,$key,$message,$gateway);
$output .= "
";
$output .= __("Buy With Google Checkout", "AWPCP");
$output .= "
";
$output .= "$showpaybuttongooglecheckout";
}
do_action('awpcp_disable_ad');
return $output;
}
// END FUNCTION
// START FUNCTION: Thank you page to display to user after successfully completing payment via paypal
/**
* Handles Payment Thank You page.
*
* On success, the users is redirected to this page. The payment gateway also send
* notifications to this page.
*/
function paymentthankyou() {
$output = '';
// Was commented and set to be deleted. However this variables is needed
// in the code below in order to extract payment information from URL.
// Also is very unsafe to extract such info from URL, but that's all we
// have.
$pathvaluepaymentthankyou=get_awpcp_option('pathvaluepaymentthankyou');
$permastruc=get_option('permalink_structure');
if (isset($_REQUEST['i']) && !empty($_REQUEST['i']))
{
$showawpcpadpage=$_REQUEST['i'];
$adkeyelements = explode("_", $showawpcpadpage);
$ad_id=$adkeyelements[0];
$key=$adkeyelements[1];
$pproc=$adkeyelements[2];
}
//debug($_REQUEST);
if (!isset($ad_id) || empty($ad_id))
{
if (isset($permastruc) && !empty($permastruc))
{
/* delete:
$awpcppaymentthankyou_requested_url = ( !empty($_SERVER['HTTPS'] ) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
$awpcppaymentthankyou_requested_url .= $_SERVER['HTTP_HOST'];
$awpcppaymentthankyou_requested_url .= $_SERVER['REQUEST_URI'];
$awpcpparsedpaymentthankyouURL = parse_url ($awpcppaymentthankyou_requested_url);
$awpcpsplitpaymentthankyouPath = preg_split ('/\//', $awpcpparsedpaymentthankyouURL['path'], 0, PREG_SPLIT_NO_EMPTY);
$ad_id_key=$awpcpsplitpaymentthankyouPath[$pathvaluepaymentthankyou];
*/
$ad_id_key = get_query_var('i');
$adkeyelements = explode("_", $ad_id_key);
$ad_id=$adkeyelements[0];
if (isset($adkeyelements[1]) && !empty($adkeyelements[1])){$awpcpadkey=$adkeyelements[1];} else {$awpcpadkey='';}
if (isset($adkeyelements[2]) && !empty($adkeyelements[2])){$pproc=$adkeyelements[2];} else {$pproc='';}
if (!isset($key) || empty($key)){$key=$awpcpadkey;}
}
}
// identify payments handler
if ((isset($_POST['x_response_code']) && !empty($_POST['x_response_code'])) ||
(isset($_POST['x_twocorec']) && !empty($_POST['x_twocorec']))) {
$awpcpayhandler="twocheckout";
}
if ((isset($_POST['custom']) && !empty($_POST['custom'])) &&
(isset($_POST['txn_type']) && !empty($_POST['txn_type'])) &&
(isset($_POST['txn_id']) && !empty($_POST['txn_id']))) {
$awpcpayhandler="paypal";
}
// attempt to identify payments handler from return URL, only if it hasn't
// been identified at this point.
if (($awpcpayhandler != 'paypal') || ($awpcpayhandler != 'twocheckout')) {
if (isset($permastruc) && !empty($permastruc)) {
$awpcppaymentthankyou_requested_url = ( !empty($_SERVER['HTTPS'] ) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
$awpcppaymentthankyou_requested_url .= $_SERVER['HTTP_HOST'];
$awpcppaymentthankyou_requested_url .= $_SERVER['REQUEST_URI'];
$awpcpparsedpaymentthankyouURL = parse_url ($awpcppaymentthankyou_requested_url);
$awpcpsplitpaymentthankyouPath = preg_split ('/\//', $awpcpparsedpaymentthankyouURL['path'], 0, PREG_SPLIT_NO_EMPTY);
$ad_id_key=$awpcpsplitpaymentthankyouPath[$pathvaluepaymentthankyou];
$adkeyelements = explode("_", $ad_id_key);
$ad_id = $adkeyelements[0];
if (isset($adkeyelements[1]) && !empty($adkeyelements[1])) {
$awpcpadkey=$adkeyelements[1];
} else {
$awpcpadkey='';
}
if (isset($adkeyelements[2]) && !empty($adkeyelements[2])) {
$pproc=$adkeyelements[2];
} else {
$pproc='';
}
if (!isset($key) || empty($key)){
$key=$awpcpadkey;
}
}
if (isset($pproc) && !empty($pproc) && ($pproc == 'GCH')) {
$awpcpayhandler="googlecheckout";
} elseif (isset($pproc) && !empty($pproc) && ($pproc == 'PP')) {
$awpcpayhandler="paypal";
}
if (isset($pproc) && !empty($pproc) && ($pproc == '2CH')) {
$awpcpayhandler="twocheckout";
}
}
if ($awpcpayhandler == 'paypal') {
//Handle PayPal
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
if ('cmd' != $key) {
$req .= "&$key=$value";
}
}
if (get_awpcp_option('paylivetestmode') == 1) {
$paypallink="ssl://www.sandbox.paypal.com";
$paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
$paypallink="ssl://www.paypal.com";
$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
}
$ch = curl_init($paypal_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
$payment_verified = strcmp($response, 'VERIFIED') === 0;
// post back to PayPal system to validate
/*$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen($paypallink, 443, $errno, $errstr, 30);
// Handle the postback and verification
if ($fp) {
fputs($fp, $header . $req);
$reply='';
$headerdone=false;
while(!feof($fp)) {
$line=fgets($fp);
if (strcmp($line,"\r\n")==0) {
// read the header
$headerdone=true;
} elseif ($headerdone) {
// header has been read. now read the contents
$reply.=$line;
}
}
fclose($fp);
$reply=trim($reply);
if (strcasecmp($reply,'VERIFIED')==0) {
$payment_verified = true;
}
}*/
// assign posted variables to local variables
$item_name = awpcp_post_param('item_name');
$item_name = awpcp_post_param('item_name');
$item_number = awpcp_post_param('item_number');
$receiver_email = awpcp_post_param('receiver_email');
$quantity = awpcp_post_param('quantity');
$business = awpcp_post_param('business');
$mcgross = awpcp_post_param('mc_gross');
$payment_gross = awpcp_post_param('payment_gross');
$mc_fee = awpcp_post_param('mc_fee');
$tax = awpcp_post_param('tax');
$payment_currency = awpcp_post_param('mc_currency');
$exchange_rate = awpcp_post_param('exchange_rate');
$payment_status = awpcp_post_param('payment_status');
$payment_type = awpcp_post_param('payment_type');
$payment_date = awpcp_post_param('payment_date');
$txn_id = awpcp_post_param('txn_id');
$txn_type = awpcp_post_param('txn_type');
$first_name = awpcp_post_param('first_name');
$last_name = awpcp_post_param('last_name');
$payer_email = awpcp_post_param('payer_email');
$address_street = awpcp_post_param('address_street');
$address_zip = awpcp_post_param('address_zip');
$address_city = awpcp_post_param('address_city');
$address_state = awpcp_post_param('address_state');
$address_country = awpcp_post_param('address_country');
$address_country_code = awpcp_post_param('address_country_code');
$residence_country = awpcp_post_param('residence_country');
$custom = awpcp_post_param('custom');
// If payment verified proceed
if ($payment_verified) {
$payment_output = false;
// newer paypal transactions include structured informatino in custom field
// let's find if that's the case
$__params = awpcp_payment_decode_params($custom);
if (isset($__params['context']) && !empty($__params['context'])) {
$filter = 'awpcp_payment_notification_' . $__params['context'];
// give plugins opportunity to handle this transaction
$payment_output = apply_filters($filter, false, 'paypal', $__params);
}
// if no plugin processed the transaction follow the normal
// workflow (for posting Ads)
if ($payment_output === false) {
$output .= do_paypal($payment_status,$item_name,$item_number,
$receiver_email,$quantity,$mcgross,
$payment_gross,$txn_id,$custom,$txn_type);
} else {
$output .= $payment_output;
}
} else {
$message = __("PayPal returned the following status from your payment:",'AWPCP');
$message .= '
'.$response.'
';
$message .= '
'.__("If this status is not Completed or Verified, then you may need to wait a bit before your payment is approved, or contact PayPal directly as to the reason the payment is having a problem.",'AWPCP').'
';
$message .= '
'.__("If you have any further questions, contact this site administrator.",'AWPCP').'
';
$output .= abort_payment_no_email($message,$ad_id,$txn_id,$gateway);
}
} elseif ($awpcpayhandler == 'twocheckout') {
$payment_verified=false;
$x_2checked = awpcp_post_param('x_2checked');
$x_MD5_Hash = awpcp_post_param('x_MD5_Hash');
$x_trans_id = awpcp_post_param('x_trans_id');
$card_holder_name = awpcp_post_param('card_holder_name');
$x_Country = awpcp_post_param('x_Country');
$x_City = awpcp_post_param('x_City');
$x_State = awpcp_post_param('x_State');
$x_Zip = awpcp_post_param('x_Zip');
$x_Address = awpcp_post_param('x_Address');
$x_Email = awpcp_post_param('x_Email');
$x_Phone = awpcp_post_param('x_Phone');
$x_Login = awpcp_post_param('x_Phone');
$demo = awpcp_post_param('demo');
$x_response_code= awpcp_post_param('x_response_code');
$x_response_reason_code = awpcp_post_param('x_response_reason_code');
$x_response_reason_text = awpcp_post_param('x_response_reason_text');
$x_item_number = awpcp_post_param('x_item_number');
$x_custom = awpcp_post_param('x_custom');
$x_buyer_mail = awpcp_post_param('email');
$x_twocorec = awpcp_post_param('x_twocorec');
$x_order_number = awpcp_post_param('order_number');
$x_sid = awpcp_post_param('sid');
if ($x_response_code == 1)
{
$payment_verified=true;
}
elseif (isset($x_twocorec) && !empty($x_twocorec) && ($x_twocorec == 1))
{
$payment_verified=true;
}
if ($payment_verified) {
// newer 2Checkout transactions include structured information in custom field
// let's find if that's the case
$__params = awpcp_payment_decode_params($x_custom);
if (isset($__params['context']) && !empty($__params['context'])) {
$filter = 'awpcp_payment_notification_' . $__params['context'];
// give plugins opportunity to handle this transaction
$payment_output = apply_filters($filter, false, 'paypal', $__params);
}
// if no plugin processed the transaction follow the normal
// workflow (for posting Ads)
if ($payment_output === false) {
$output .= do_2checkout($x_custom, $x_amount, $x_item_number, $x_trans_id, $x_Login);
} else {
$output .= $payment_output;
}
} else {
$message=__("There appears to be a problem. Please contact customer service if you are viewing this message after having made a payment via 2Checkout. If you have not tried to make a payment and you are viewing this message, it means this message has been sent in error and can be disregarded.","AWPCP");
$output .= abort_payment_no_email($message,$ad_id,$txn_id,$gateway);
}
} elseif ($awpcpayhandler == 'googlecheckout') {
//Handle Google Checkout
$payment_verified=true;
if (isset($adkeyelements[3])) {
$filter = 'awpcp_payment_notification_' . $adkeyelements[3];
$payment_output = apply_filters($filter, false, 'google-checkout', $adkeyelements);
}
// if no plugin processed the transaction follow the normal
// workflow (for posting Ads)
if ($payment_output === false) {
$output .= do_googlecheckout($ad_id,$key);
} else {
$output .= $payment_output;
}
} else {
$message=__("There appears to be a problem. Please contact customer service if you are viewing this message after having made a payment. If you have not tried to make a payment and you are viewing this message, it means this message is being shown in error and can be disregarded.","AWPCP");
$output .= abort_payment_no_email($message,$ad_id,$txn_id,$gateway);
}
return $output;
}