PHP Classes

File: trialpayipn.php

Recommend this page to a friend!
  Classes of Steven   TrialPay Dynamic Products Generator   trialpayipn.php   Download  
File: trialpayipn.php
Role: Auxiliary script
Content type: text/plain
Description: post order processing page
Class: TrialPay Dynamic Products Generator
Create buttons to pay for products using TrialPay
Author: By
Last change:
Date: 11 years ago
Size: 3,894 bytes
 

Contents

Class file image Download
<?PHP

unset($error);unset($debug);unset($TRIALPAY);

##SETTINGS##
define('EMAILADMIN', "sales@domain.com");
define('SITENAME', "My Site");
define('SECRETKEY', "");

//Globals:
$error = false;
$TRIALPAY = array();
$lng = "en";
$datetime = date("d-m-Y h:i:s");
define('DATETIME', $datetime);


//start script
if(!isset($_POST)){ //works only with POST request
   
$error['NoPost'] = "There is no POST data available. Possible direct access. IP: ".$_SERVER['REMOTE_ADDR'].". User agent: ".$_SERVER['HTTP_USER_AGENT'];
   
ErrorReport($error);
    @
header("Status: 404 Not Found");
    echo
"Error 404 - not found";
    exit;
}
@
header("Status: 200 OK");

array_walk($_POST, 'CheckValues');

unset(
$_POST);

if(
CheckSig() === false){
   
$error['Signature'] = "Bad signature on message";
   
ErrorReport($error);exit;
}

main($lng);

if(!empty(
$error)) ErrorReport($error,$error['close'] = 0);
      
@
mysql_close();
exit();

//-------------------------------------------------------------------------------------

function CheckSig(){
    global
$error, $TRIALPAY;

   
$message_signature = $_SERVER['HTTP_TRIALPAY_HMAC_MD5']; //dit zou moeten werken?
   
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
     
// the following is for POST notification
     
if (empty($HTTP_RAW_POST_DATA)) {
       
$recalculated_message_signature = hash_hmac('md5', file_get_contents('php://input'), SECRETKEY);
      } else {
       
$recalculated_message_signature = hash_hmac('md5', $HTTP_RAW_POST_DATA, SECRETKEY);
      }
    } else {
     
// the following is for GET notification
     
$recalculated_message_signature = hash_hmac('md5', $_SERVER['QUERY_STRING'], SECRETKEY);
    }
   
    if (
$message_signature == $recalculated_message_signature) {
        return
true;
    } else {
       
$error['SignatureErrdeb'] = "mess sig: -$message_signature- | calc sig: -$recalculated_message_signature-";
        return
false;
    }
}

function
main($lng = "en"){
    global
$error,
           
$TRIALPAY;
   
    if(!empty(
$error)){
       
ErrorReport($error); //stop script if error is found here
   
}else{
           if(
$TRIALPAY['event'] == "Adjustment"){ //its not an order thus must be adjustment
              
handleAdjustment();
        }elseif(
$TRIALPAY['event'] == "Order"){
           
//process order logic and deliver your product
       
}else{
           
$error['BadEvent'] = "Unknown event registered; ".$TRIALPAY['event'];
           
ErrorReport($error);
        }
    }
}

function
CheckValues($value, $key) {
   
//check all values plus convert them to local vars and make sure all vars are safe.
   
global $error, $TRIALPAY;
    if(
trim($value) != ""){
       
$key = htmlspecialchars(trim($key), ENT_QUOTES);
       
$value = htmlspecialchars(trim($value), ENT_QUOTES);
       
$TRIALPAY[$key] = $value; //to local
   
}
}

function
handleAdjustment(){
   
//Handle adjustments to existing orders.
   
global $error, $TRIALPAY;
   
   
#### Handle adjustment to an order logic####
   
   
   
$error['Adjustment'] = "There has been an order -adjustment- that requires attention. Order id: -".$TRIALPAY['oid']."-\n\nOld data:\n$olddata\n\nNew data:\n$newtrialpaydata\n\n -done- ";
   
ErrorReport($error);
}

function
ErrorReport($args){
   
//accepts multiple arguments constructed in an array
    //eg ErrorReport(array("Error" => value, "Error2" => value))
   
if( !is_array($args) || empty($args) ) {
        return
0;
    }
   
$errdata = "Following errors have been detected:\n";
    foreach(
$args as $key=>$error){
       
$errdata .= "$key - $error\n\n";
    }
   
mail(EMAILADMIN,"Error report- TrialPay (".SITENAME.")","TrialPay errors / notifications have been detected.\nMessage:\n$errdata\n\n Best regards,\n".SITENAME."\n","From: ".EMAILADMIN);
   
    if(
$args['close'] != 0){ //abort whole script by default except if 'close' isset to zero it wont
       
@mysql_close();
        exit();
    }
}
?>