PEEL Shopping
Open source ecommerce : PEEL Shopping
ipn.php
Go to the documentation of this file.
1 <?php
2 // This file should be in UTF8 without BOM - Accents examples: éèê
3 // +----------------------------------------------------------------------+
4 // | Copyright (c) 2004-2015 Advisto SAS, service PEEL - contact@peel.fr |
5 // +----------------------------------------------------------------------+
6 // | This file is part of PEEL Shopping 8.0.0, which is subject to an |
7 // | opensource GPL license: you are allowed to customize the code |
8 // | for your own needs, but must keep your changes under GPL |
9 // | More information: https://www.peel.fr/lire/licence-gpl-70.html |
10 // +----------------------------------------------------------------------+
11 // | Author: Advisto SAS, RCS 479 205 452, France, https://www.peel.fr/ |
12 // +----------------------------------------------------------------------+
13 // $Id: ipn.php 47008 2015-09-22 18:56:27Z sdelaporte $
14 define('DISABLE_INPUT_ENCODING_CONVERT', true);
15 include("../../configuration.inc.php");
16 include($fonctionspaypal);
17 // Ce fichier est appelé directement pas Paypal après chaque transaction, échouée ou fructueuse
18 if (empty($_POST)) {
19  die();
20 }
21 
22 if (PAYPAL_SANDBOX) {
23  $paypal_domain = 'www.sandbox.paypal.com';
24 } else {
25  $paypal_domain = 'ipnpb.paypal.com';
26 }
27 
28 // send_email($GLOBALS['support'], 'INFOS - commande '.$_POST['item_number'], 'Les informations techniques sont : ' . "\n\n" . print_r($_REQUEST, true));
29 
30 $req = 'cmd=_notify-validate';
31 foreach ($_POST as $key => $value) {
32  $req .= "&" . $key . "=" . urlencode($value);
33 }
34 if (!empty($_POST['item_number'])) {
35  $item_number = intval($_POST['item_number']);
36 } elseif (!empty($_POST['custom'])) {
37  // si paypal intégrale évolution.
38  $item_number = intval($_POST['custom']);
39 }
40 $q = query('SELECT id, montant, devise, currency_rate
41  FROM peel_commandes
42  WHERE id="' . intval($item_number) . '" AND ' . get_filter_site_cond('commandes') . '
43  LIMIT 1');
44 if ($r = fetch_assoc($q)) {
45  if (round(fprix($r['montant'], false, $r['devise'], true, $r['currency_rate'], false, false) * 100) == round($_POST['mc_gross'] * 100)) {
46  // post back to PayPal system to validate
47  $header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
48  $header .= "Host: " . $paypal_domain . ":443\r\n";
49  $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
50  $header .= "Content-Length: " . String::strlen($req) . "\r\n";
51  $header .= "Connection: close\r\n\r\n";
52  $fp = fsockopen ('ssl://' . $paypal_domain, 443, $errno, $errstr, 30);
53  if (!$fp) {
54  $header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
55  $header .= "Host: " . str_replace('ipnpb', 'www', $paypal_domain) . "\r\n";
56  $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
57  $header .= "Content-Length: " . String::strlen($req) . "\r\n";
58  $header .= "Connection: close\r\n\r\n";
59  // On essaie sans SSL si l'hébergement ne le permet pas
60  $fp = fsockopen (str_replace('ipnpb', 'www', $paypal_domain), 80, $errno, $errstr, 30);
61  }
62  if (!$fp) {
63  // HTTP ERROR
64  send_email($GLOBALS['support'], 'Problème d\'échange de données Paypal IPN - commande ' . $r['id'], 'Un paiement n\'a pas pu être pris en compte pour des raisons techniques : ' . $errno . ' - ' . $errstr . '. L\'IP du serveur qui a voulu confirmer une transaction est : ' . $_SERVER['REMOTE_ADDR']);
65  } else {
66  $item_name = vb($_POST['item_name']);
67  $payment_status = vb($_POST['payment_status']);
68  $payment_amount = vb($_POST['mc_gross']);
69  $payment_currency = vb($_POST['mc_currency']);
70  // $txn_id = $_POST['txn_id'];
71  // $receiver_email = $_POST['receiver_email'];
72  // $payer_email = $_POST['payer_email'];
73  // $pending_reason = $_POST['pending_reason'];
74  // $txn_type = $_POST['txn_type'];
75  fputs ($fp, $header . $req);
76  while (!String::feof($fp)) {
77  $res = fgets ($fp, 1024);
78  // $res vaut d'abord des entêtes HTTP, puis VERIFIED ou INVALID, puis d'autres entêtes HTTP pour fermer connexion
79  if (strcmp(trim(strip_tags($res)), "VERIFIED") == 0) {
80  if ($payment_status == "Completed") {
81  $update_status = 'completed';
82  email_commande($item_number);
83  } elseif ($payment_status == "Pending") {
84  $update_status = 'being_checked';
85  } elseif ($payment_status == "Failed") {
86  $update_status = 'cancelled';
87  } elseif ($payment_status == "Denied") {
88  $update_status = 'cancelled';
89  } elseif ($payment_status == "Refunded") {
90  $update_status = 'refunded';
91  } else {
92  send_email($GLOBALS['support'], 'Problème d\'échange de données Paypal IPN - commande ' . $r['id'], 'Un paiement a été passé "en cours de vérification" sur votre site car Paypal n\'a pas confirmé ou infirmé le paiement.' . "\n\n" . ' Réponse par Paypal : ' . $res . "\n\n" . 'Les informations techniques sont : ' . "\n\npayment_status : " . $payment_status . "\n\n" . print_r($_REQUEST, true));
93  }
94  } elseif (strcmp(trim(strip_tags($res)), "INVALID") == 0) {
95  $update_status = 'being_checked';
96  send_email($GLOBALS['support'], 'Problème d\'échange de données Paypal IPN - commande ' . $r['id'], 'Un paiement a été passé "en cours de vérification" sur votre site car Paypal n\'a pas confirmé ou infirmé le paiement.' . "\n\n" . ' Réponse par Paypal : ' . $res . "\n\n" . 'Les informations techniques sont : ' . "\n\n" . print_r($_REQUEST, true));
97  }
98  if (!empty($update_status)) {
99  if(in_array($update_status, array('being_checked', 'completed'))) {
100  accounting_insert_transaction($r['id'], 'paypal', array('ORDER_ID' => $r['id'], 'MONTANT_CREDIT' => $payment_amount, 'CURRENCY_CODE' => $payment_currency));
101  }
102  update_order_payment_status($item_number, $update_status, true, null, null, false, 'paypal');
103  unset($update_status);
104  } else {
105  send_email($GLOBALS['support'], 'Alerte : Erreur sur update_status. Commande ' . intval($_POST['item_number']) . '', 'La mise à jour de la commande a échouée.');
106  }
107  }
108  fclose ($fp);
109  }
110  } else {
111  send_email($GLOBALS['support'], 'Alerte : Montant altéré de la transaction Paypal - commande ' . intval($_POST['item_number']) . '', round($r['montant'] * 100) . ' = ' . round($_POST['mc_gross'] * 100));
112  }
113 } else {
114  send_email($GLOBALS['support'], 'Alerte : problème sur transaction Paypal commande non trouvée ' . intval($_POST['item_number']) . '', 'Les informations Paypal semblent incorrectes ' . "\n\n" . print_r($_REQUEST, true));
115 }
116 
static strlen($string)
Returns the length of the given string.
Definition: String.php:36
foreach($_POST as $key=> $value) if(!empty($_POST['item_number'])) elseif(!empty($_POST['custom'])) $q
Definition: ipn.php:40
static feof($handle)
Tests for end-of-file on a file pointer In contrary of the default feof function, it returns true if ...
Definition: String.php:866
get_filter_site_cond($table_technical_code, $table_alias=null, $use_strict_rights_if_in_admin=false, $specific_site_id=null, $exclude_public_items=false, $admin_force_multisite_if_allowed=false)
Retourne la condition SQL permettant de filtrer les données pour une table.
Definition: fonctions.php:4643
query($query, $die_if_error=false, $database_object=null, $silent_if_error=false, $security_sql_filter=true)
The query() function is meant to be called anywhere you want to make a query.
Definition: database.php:158
vb(&$var, $default=null)
Variable blanche if $var n'est pas défini, retourne $default, sinon retourne $var.
Definition: format.php:97
if(strlen($date2)== '10') if($type== 'users-by-age'&&a_priv('admin_users', true)) elseif($type== 'forums-count'&&a_priv('admin_content', true)) elseif($type== 'forums-categories'&&a_priv('admin_content', true)) elseif($type== 'users-count'&&a_priv('admin_users', true)) elseif($type== 'product-categories'&&a_priv('admin_products', true)) elseif($type== 'users-by-sex'&&a_priv('admin_users', true)) elseif($type== 'users-by-country'&&a_priv('admin_users', true)) elseif($type== 'sales'&&a_priv('admin_sales', true))
Definition: chart-data.php:160
if(!defined('IN_PEEL')) send_email($to, $mail_subject= '', $mail_content= '', $template_technical_code=null, $template_tags=null, $format=null, $sender=null, $html_add_structure=true, $html_correct_conformity=false, $html_convert_url_to_links=true, $reply_to=null, $attached_files_infos_array=null, $lang=null, $additional_infos_array=array(), $attachment_not_sent_by_email=false)
Envoi d'un email à un utilisateur.
Definition: emails.php:38
accounting_insert_transaction($order_id, $technical_code, $data)
Crée une transaction d'encaissement.
Definition: order.php:113
fetch_assoc($query_result)
fetch_assoc()
Definition: database.php:283
$GLOBALS['page_columns_count']
email_commande($order_id)
email_commande()
Definition: order.php:970
$req
Definition: ipn.php:30
fprix($price, $display_currency=false, $currency_code_or_default=null, $convertion_needed_into_currency=true, $currency_rate=null, $display_iso_currency_code=false, $format=true, $force_format_separator=null, $add_rdfa_properties=false, $round_even_if_no_format=false)
fprix formatte le prix donné en le convertissant si nécessaire au préalable et en ajoutant éventuelle...
Definition: fonctions.php:242
update_order_payment_status($order_id, $status_or_is_payment_validated, $allow_update_paid_orders=true, $statut_livraison_new=null, $delivery_tracking=null, $no_stock_decrement_already_done=false, $payment_technical_code=null)
Met à jour le status de paiement et/ou de livraison d'une commande, et gère les stocks suivant le sta...
Definition: order.php:178

This documentation for Open ecommerce PEEL Shopping and PEEL.fr has been generated by Doxygen on Thu Oct 15 2015 14:41:32 - Peel ecommerce is a product of Agence web Advisto SAS. All rights reserved.