<?php 
//Wordpress context
define('WP_USE_THEMES', false);
require('../../../wp-blog-header.php');

require('are-paypal-configuration.php');

$appcfg = new Are_PayPal_Configuration();


$prefix = $appcfg->prefix;

/////////////////////////////////////////////////
/////////////Begin Script below./////////////////
/////////////////////////////////////////////////

// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_REQUEST as $key => $value) {
	$value = urlencode(stripslashes($value));
	$req .= "&$key=$value";
}

// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

$paypal_postback_url=$appcfg->paypal_postback_url;
$fp = fsockopen ($paypal_postback_url, 80, $errno, $errstr, 30);


// assign posted variables to local variables
$item_name = $_REQUEST['item_name'];
$business = $_REQUEST['business'];
$item_number = $_REQUEST['item_number'];
$payment_status = $_REQUEST['payment_status'];
$mc_gross = $_REQUEST['mc_gross'];
$payment_currency = $_REQUEST['mc_currency'];
$txn_id = $_REQUEST['txn_id'];
$receiver_email = $_REQUEST['receiver_email'];
$receiver_id = $_REQUEST['receiver_id'];
$quantity = $_REQUEST['quantity'];
$num_cart_items = $_REQUEST['num_cart_items'];
$payment_date = $_REQUEST['payment_date'];
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$payment_type = $_REQUEST['payment_type'];
$payment_status = $_REQUEST['payment_status'];
$payment_gross = $_REQUEST['payment_gross'];
$payment_fee = $_REQUEST['payment_fee'];
$settle_amount = $_REQUEST['settle_amount'];
$memo = $_REQUEST['memo'];
$payer_email = $_REQUEST['payer_email'];
$txn_type = $_REQUEST['txn_type'];
$payer_status = $_REQUEST['payer_status'];
$address_street = $_REQUEST['address_street'];
$address_city = $_REQUEST['address_city'];
$address_state = $_REQUEST['address_state'];
$address_zip = $_REQUEST['address_zip'];
$address_country = $_REQUEST['address_country'];
$address_status = $_REQUEST['address_status'];
$item_number = $_REQUEST['item_number'];
$tax = $_REQUEST['tax'];
$option_name1 = $_REQUEST['option_name1'];
$option_selection1 = $_REQUEST['option_selection1'];
$option_name2 = $_REQUEST['option_name2'];
$option_selection2 = $_REQUEST['option_selection2'];
$for_auction = $_REQUEST['for_auction'];
$invoice = $_REQUEST['invoice'];
$custom = $_REQUEST['custom'];
$notify_version = $_REQUEST['notify_version'];
$verify_sign = $_REQUEST['verify_sign'];
$payer_business_name = $_REQUEST['payer_business_name'];
$payer_id =$_REQUEST['payer_id'];
$mc_currency = $_REQUEST['mc_currency'];
$mc_fee = $_REQUEST['mc_fee'];
$exchange_rate = $_REQUEST['exchange_rate'];
$settle_currency  = $_REQUEST['settle_currency'];
$parent_txn_id  = $_REQUEST['parent_txn_id'];
$pending_reason = $_REQUEST['pending_reason'];
$reason_code = $_REQUEST['reason_code'];


$notify_email =  get_option('admin_email');		 //email address to which debug emails are sent to
error_reporting(E_ALL);
$RequestID = store_paypal_request_fields();

if (!$fp) {
	// HTTP ERROR
} else {

	fputs ($fp, $header . $req);
	while (!feof($fp)) {
		$res = fgets ($fp, 1024);
		if (strcmp ($res, "VERIFIED") == 0) {
			process_txn_type($txn_type,$RequestID);
			ArePayPalMail($notify_email, "VERIFIED IPN", "$res\n $req");
		}else if (strcmp ($res, "INVALID") == 0) {
			// log for manual investigation
			ArePayPalMail($notify_email, "INVALID IPN", "$res\n $req");
		}
	}
	fclose ($fp);
}
function store_paypal_request_fields(){
	global $wpdb;
	global $appcfg;
	$wpdb->show_errors();
	$wpdb->query("insert into $appcfg->paypal_requests_table(RequestID)Values('')");
	$requestid=$wpdb->insert_id;
	foreach ($_REQUEST as $key => $value) {
		$value = mysql_escape_string($value);
		$key = mysql_escape_string($key);
		store_field($key);
		$wpdb->query("INSERT INTO $appcfg->paypal_fields_table(RequestID,Name,Value) Values('$requestid','$key','$value')");
	}
	return $requestid;
}
function store_field($fieldName){
	global $wpdb;
	global $appcfg;
	$sihay = $wpdb->get_results("SELECT * FROM $appcfg->paypal_field_types_table WHERE FieldTypeName='$fieldName'");
	if (!$sihay){
		$wpdb->query("INSERT INTO $appcfg->paypal_field_types_table (FieldTypeName) Values('$fieldName')");
	}
}
function process_txn_type($txn_type,$RequestID){
	mailIPN($RequestID,$txn_type);
	if  (function_exists($txn_type.'_handler')){
		$TxnTypeHandler = create_function('$RequestID', 'return '.$txn_type.'_handler($RequestID);');
		return $TxnTypeHandler($RequestID);
	}
}

function cart_handler($RequestID){
}
function express_checkout_handler($RequestID){
}
function merch_pmt_handler($RequestID){
}
function send_money_handler($RequestID){
}
function virtual_terminal_handler($RequestID){
}
function web_accept_handler($RequestID){
	global $wpdb;
	global $appcfg;

	$IPNVarArr = IPNVariableArray($RequestID);
	list($price_post_id,$user_id) = explode("|",$IPNVarArr["custom"]);

	//Duplicate txn_id
	$txn_id = $IPNVarArr['txn_id'];
	$cnt = $wpdb->get_results("SELECT count(*) as Cnt FROM $appcfg->paypal_fields_table WHERE Name='txn_id' and Value='$txn_id' ");
	if ($cnt[0]->Cnt > 1){
		mailIPNStatus("Duplicate txt","Duplicate Txn");
		return;
	}
	//False email
	$paypal_email = get_option($appcfg->prefix.'_PayPal_Email');
	if ($paypal_email != $IPNVarArr ['receiver_email']){
		mailIPNStatus("Wrong email","Wrong email");
		return;
	}
	//Wrong amount
	if ($price_post_id>0){
		$sql = "SELECT items.* FROM $appcfg->paied_items_table items WHERE items.id='$price_post_id'";
		$items = $wpdb->get_results($sql);
		if($items) {
			if ($items[0]->amount != $IPNVarArr['mc_gross']){
				mailIPNStatus("Wrong amount","Wrong amount");
				return;
			}
		}
	}else if($price_post_id==-1){
		if (get_option($appcfg->prefix.'_BlogAmount') != $IPNVarArr['mc_gross']){
			mailIPNStatus("Wrong amount","Wrong amount");
			return;
		}
	}

	PayForItem($price_post_id,$user_id);
}
function masspay_handler($RequestID){
}
function subscr_failed_handler($RequestID){
	global $wpdb;
	global $appcfg;

	$IPNVarArr = IPNVariableArray($RequestID);
	list($price_post_id,$user_id) = explode("|",$IPNVarArr["custom"]);
	UnPayForItem($price_post_id,$user_id);
}
function subscr_cancel_handler($RequestID){
	subscr_failed_handler($RequestID);
}
function subscr_payment_handler($RequestID){
	web_accept_handler($RequestID);
}
function subscr_signup_handler($RequestID){
}
function subscr_eot_handler($RequestID){
	subscr_failed_handler($RequestID);
}
function subscr_modify_handler($RequestID){
}
function new_case_handler($RequestID){
}
function IPNVariableArray($RequestID){
	$RequestID = mysql_escape_string($RequestID);
	global $wpdb;
	global $appcfg;
	$items = $wpdb->get_results("SELECT * FROM $appcfg->paypal_fields_table WHERE RequestID='$RequestID'");
	$IPNVariableArr = array();
	if ($items){
		foreach($items as $item){
			$IPNVariableArr	[$item->Name]=$item->Value;
		}
	}
	return $IPNVariableArr;
}
function IPNVariableArray2EmailText($IPNVariableArr){
	$str="";
	foreach($IPNVariableArr as $key => $value){
		$str.=$key."\t".$value."\n";
	}
	return $str;
}
function mailIPNStatus($Subj,$Content){
	$notify_email =  get_option('admin_email');
	ArePayPalMail($notify_email, "IPN ".$Subj, $Content);
	echo($Subj." ".$Content);
}
function mailIPN($RequestID,$txnType){
	$notify_email =  get_option('admin_email');
	ArePayPalMail($notify_email, "IPN ".$txnType, IPNVariableArray2EmailText(IPNVariableArray($RequestID)));
}

function UnPayForItem($price_post_id,$user_id){
	global $wpdb;
	global $appcfg;
	$price_post_id=mysql_escape_string($price_post_id);
	$user_id=mysql_escape_string($user_id);

	$wpdb->query("DELETE FROM $appcfg->paied_users_table WHERE price_post_id='$price_post_id' AND user_id='$user_id'");

/*
	$bonuses = $wpdb->get_results("SELECT post2_id FROM . $appcfg->bonus_posts_table WHERE post1_id='$post_id' AND price_post_id='$price_post_id'");
	foreach($bonuses as $bonus) {
		UnPayForItem2($price_post_id,$bonus->post2_id,$user_id);
		
	}
*/
}


function PayForItem($price_post_id,$user_id){
	global $wpdb;
	global $appcfg;
	$price_post_id=mysql_escape_string($price_post_id);
	$user_id=mysql_escape_string($user_id);

	$items = $wpdb->get_results("SELECT * FROM . $appcfg->paied_items_table WHERE id='$price_post_id'");
	$expire='';
	$post_id=$items[0]->post_id;
	
	if ($items){
		$expire=$items[0]->expire;
	}
	if ($price_post_id=="-1"){
		$expire=get_option($appcfg->prefix.'_BlogExpire');
		$post_id="-1";
	}
	

	
	$wpdb->query("INSERT INTO $appcfg->paied_users_table(price_post_id,post_id,user_id,expire) VALUES('$price_post_id','$post_id','$user_id','$expire')");

	$bonuses = $wpdb->get_results("SELECT post2_id FROM . $appcfg->bonus_posts_table WHERE post1_id='$post_id'");
	
	foreach($bonuses as $bonus) {
		//PayForItem2($price_post_id,$bonus->post2_id,$user_id);
		$bono=$bonus->post2_id;
	$wpdb->query("INSERT INTO $appcfg->paied_users_table(price_post_id,post_id,user_id,expire) VALUES('$price_post_id','$bono','$user_id','$expire')");

	}
}


function ArePayPalMail($email,$subject,$content){
	global $appcfg;
	if ($appcfg->Suppress_Notification_Emails != 'checked'){
		mail($email,$subject,$content);
	}
}
?>