paypal_2ipn_8php_source.html

 <?php

 // This file should be in UTF8 without BOM - Accents examples: éèê

 // +----------------------------------------------------------------------+

 // | Copyright (c) 2004-2015 Advisto SAS, service PEEL - contact@peel.fr  |

 // +----------------------------------------------------------------------+

 // | This file is part of PEEL Shopping 8.0.0, which is subject to an   |

 // | opensource GPL license: you are allowed to customize the code           |

 // | for your own needs, but must keep your changes under GPL                |

 // | More information: https://www.peel.fr/lire/licence-gpl-70.html          |

 // +----------------------------------------------------------------------+

 // | Author: Advisto SAS, RCS 479 205 452, France, https://www.peel.fr/      |

 // +----------------------------------------------------------------------+

 // $Id: ipn.php 47008 2015-09-22 18:56:27Z sdelaporte $

 define('DISABLE_INPUT_ENCODING_CONVERT', true);

 include("../../configuration.inc.php");

 include($fonctionspaypal);

 // Ce fichier est appelé directement pas Paypal après chaque transaction, échouée ou fructueuse

 if (empty($_POST)) {

      die();

 }


 if (PAYPAL_SANDBOX) {

      $paypal_domain = 'www.sandbox.paypal.com';

 } else {

      $paypal_domain = 'ipnpb.paypal.com';

 }


 // send_email($GLOBALS['support'], 'INFOS - commande '.$_POST['item_number'], 'Les informations techniques sont : ' . "\n\n" . print_r($_REQUEST, true));


 $req = 'cmd=_notify-validate';

 foreach ($_POST as $key => $value) {

      $req .= "&" . $key . "=" . urlencode($value);

 }

 if (!empty($_POST['item_number'])) {

      $item_number = intval($_POST['item_number']);

 } elseif (!empty($_POST['custom'])) {

      // si paypal intégrale évolution.

      $item_number = intval($_POST['custom']);

 }

 $q = query('SELECT id, montant, devise, currency_rate

      FROM peel_commandes

      WHERE id="' . intval($item_number) . '" AND ' . get_filter_site_cond('commandes') . '

      LIMIT 1');

 if ($r = fetch_assoc($q)) {

      if (round(fprix($r['montant'], false, $r['devise'], true, $r['currency_rate'], false, false) * 100) == round($_POST['mc_gross'] * 100)) {

           // post back to PayPal system to validate

           $header = "POST /cgi-bin/webscr HTTP/1.1\r\n";

           $header .= "Host: " . $paypal_domain . ":443\r\n";

           $header .= "Content-Type: application/x-www-form-urlencoded\r\n";

           $header .= "Content-Length: " . String::strlen($req) . "\r\n";

           $header .= "Connection: close\r\n\r\n";

           $fp = fsockopen ('ssl://' . $paypal_domain, 443, $errno, $errstr, 30);

           if (!$fp) {

                $header = "POST /cgi-bin/webscr HTTP/1.1\r\n";

                $header .= "Host: " . str_replace('ipnpb', 'www', $paypal_domain) . "\r\n";

                $header .= "Content-Type: application/x-www-form-urlencoded\r\n";

                $header .= "Content-Length: " . String::strlen($req) . "\r\n";

                $header .= "Connection: close\r\n\r\n";

                // On essaie sans SSL si l'hébergement ne le permet pas

                $fp = fsockopen (str_replace('ipnpb', 'www', $paypal_domain), 80, $errno, $errstr, 30);

           }

           if (!$fp) {

                // HTTP ERROR

                send_email($GLOBALS['support'], 'Problème d\'échange de données Paypal IPN - commande ' . $r['id'], 'Un paiement n\'a pas pu être pris en compte pour des raisons techniques : ' . $errno . ' - ' . $errstr . '. L\'IP du serveur qui a voulu confirmer une transaction est : ' . $_SERVER['REMOTE_ADDR']);

           } else {

                $item_name = vb($_POST['item_name']);

                $payment_status = vb($_POST['payment_status']);

                $payment_amount = vb($_POST['mc_gross']);

                $payment_currency = vb($_POST['mc_currency']);

                // $txn_id = $_POST['txn_id'];

                // $receiver_email = $_POST['receiver_email'];

                // $payer_email = $_POST['payer_email'];

                // $pending_reason = $_POST['pending_reason'];

                // $txn_type = $_POST['txn_type'];

                fputs ($fp, $header . $req);

                while (!String::feof($fp)) {

                     $res = fgets ($fp, 1024);

                     // $res vaut d'abord des entêtes HTTP, puis VERIFIED ou INVALID, puis d'autres entêtes HTTP pour fermer connexion

                     if (strcmp(trim(strip_tags($res)), "VERIFIED") == 0) {

                          if ($payment_status == "Completed") {

                               $update_status = 'completed';

                               email_commande($item_number);

                          } elseif ($payment_status == "Pending") {

                               $update_status = 'being_checked';

                          } elseif ($payment_status == "Failed") {

                               $update_status = 'cancelled';

                          } elseif ($payment_status == "Denied") {

                               $update_status = 'cancelled';

                          } elseif ($payment_status == "Refunded") {

                               $update_status = 'refunded';

                          } else {

                               send_email($GLOBALS['support'], 'Problème d\'échange de données Paypal IPN - commande ' . $r['id'], 'Un paiement a été passé "en cours de vérification" sur votre site car Paypal n\'a pas confirmé ou infirmé le paiement.' . "\n\n" . ' Réponse par Paypal : ' . $res . "\n\n" . 'Les informations techniques sont : ' . "\n\npayment_status : " . $payment_status . "\n\n" . print_r($_REQUEST, true));

                          }

                     } elseif (strcmp(trim(strip_tags($res)), "INVALID") == 0) {

                          $update_status = 'being_checked';

                          send_email($GLOBALS['support'], 'Problème d\'échange de données Paypal IPN - commande ' . $r['id'], 'Un paiement a été passé "en cours de vérification" sur votre site car Paypal n\'a pas confirmé ou infirmé le paiement.' . "\n\n" . ' Réponse par Paypal : ' . $res . "\n\n" . 'Les informations techniques sont : ' . "\n\n" . print_r($_REQUEST, true));

                     }

                     if (!empty($update_status)) {

                          if(in_array($update_status, array('being_checked', 'completed'))) {

                               accounting_insert_transaction($r['id'], 'paypal', array('ORDER_ID' => $r['id'], 'MONTANT_CREDIT' => $payment_amount, 'CURRENCY_CODE' => $payment_currency));

                          }

                          update_order_payment_status($item_number, $update_status, true, null, null, false, 'paypal');

                          unset($update_status);

                     } else {

                          send_email($GLOBALS['support'], 'Alerte : Erreur sur update_status. Commande ' . intval($_POST['item_number']) . '', 'La mise à jour de la commande a échouée.');

                     }

                }

                fclose ($fp);

           }

      } else {

           send_email($GLOBALS['support'], 'Alerte : Montant altéré de la transaction Paypal - commande ' . intval($_POST['item_number']) . '', round($r['montant'] * 100) . ' = ' . round($_POST['mc_gross'] * 100));

      }

 } else {

      send_email($GLOBALS['support'], 'Alerte : problème sur transaction Paypal commande non trouvée ' . intval($_POST['item_number']) . '', 'Les informations Paypal semblent incorrectes ' . "\n\n" . print_r($_REQUEST, true));

 }


$fp
$fp
Definition: configuration.php:313

String\strlen
static strlen($string)
Returns the length of the given string.
Definition: String.php:36

$q
foreach($_POST as $key=> $value) if(!empty($_POST['item_number'])) elseif(!empty($_POST['custom'])) $q
Definition: ipn.php:40

String\feof
static feof($handle)
Tests for end-of-file on a file pointer In contrary of the default feof function, it returns true if ...
Definition: String.php:866

get_filter_site_cond
get_filter_site_cond($table_technical_code, $table_alias=null, $use_strict_rights_if_in_admin=false, $specific_site_id=null, $exclude_public_items=false, $admin_force_multisite_if_allowed=false)
Retourne la condition SQL permettant de filtrer les données pour une table.
Definition: fonctions.php:4643

query
query($query, $die_if_error=false, $database_object=null, $silent_if_error=false, $security_sql_filter=true)
The query() function is meant to be called anywhere you want to make a query.
Definition: database.php:158

vb
vb(&$var, $default=null)
Variable blanche if $var n'est pas défini, retourne $default, sinon retourne $var.
Definition: format.php:97

elseif
if(strlen($date2)== '10') if($type== 'users-by-age'&&a_priv('admin_users', true)) elseif($type== 'forums-count'&&a_priv('admin_content', true)) elseif($type== 'forums-categories'&&a_priv('admin_content', true)) elseif($type== 'users-count'&&a_priv('admin_users', true)) elseif($type== 'product-categories'&&a_priv('admin_products', true)) elseif($type== 'users-by-sex'&&a_priv('admin_users', true)) elseif($type== 'users-by-country'&&a_priv('admin_users', true)) elseif($type== 'sales'&&a_priv('admin_sales', true))
Definition: chart-data.php:160

send_email
if(!defined('IN_PEEL')) send_email($to, $mail_subject= '', $mail_content= '', $template_technical_code=null, $template_tags=null, $format=null, $sender=null, $html_add_structure=true, $html_correct_conformity=false, $html_convert_url_to_links=true, $reply_to=null, $attached_files_infos_array=null, $lang=null, $additional_infos_array=array(), $attachment_not_sent_by_email=false)
Envoi d'un email à un utilisateur.
Definition: emails.php:38

accounting_insert_transaction
accounting_insert_transaction($order_id, $technical_code, $data)
Crée une transaction d'encaissement.
Definition: order.php:113

fetch_assoc
fetch_assoc($query_result)
fetch_assoc()
Definition: database.php:283

$GLOBALS
$GLOBALS['page_columns_count']
Definition: achat_maintenant.php:235

email_commande
email_commande($order_id)
email_commande()
Definition: order.php:970

$req
$req
Definition: ipn.php:30

fprix
fprix($price, $display_currency=false, $currency_code_or_default=null, $convertion_needed_into_currency=true, $currency_rate=null, $display_iso_currency_code=false, $format=true, $force_format_separator=null, $add_rdfa_properties=false, $round_even_if_no_format=false)
fprix formatte le prix donné en le convertissant si nécessaire au préalable et en ajoutant éventuelle...
Definition: fonctions.php:242

update_order_payment_status
update_order_payment_status($order_id, $status_or_is_payment_validated, $allow_update_paid_orders=true, $statut_livraison_new=null, $delivery_tracking=null, $no_stock_decrement_already_done=false, $payment_technical_code=null)
Met à jour le status de paiement et/ou de livraison d'une commande, et gère les stocks suivant le sta...
Definition: order.php:178