User management for the world wide web

PayPal.php

<?php
class PayPal {
    var $log_file = FALSE;

    var $host = "www.paypal.com";
    var $port = 80;
    var $timeout = 45;
    
    var $debug_response = FALSE;
    
    // This is a dispatch array for the payment_status.
    var $STATUS = array(    Completed           => 'status_completed',
                            Canceled_Reversal   => 'status_cancel_reverse',
                            Denied              => 'status_denied',
                            Failed              => 'status_failed',
                            Pending             => 'status_pending',
                            Refunded            => 'status_refunded',
                            Reversed            => 'status_reversed'                            
                        );

    // Table lookup of codes for their meanings.
    var $RC_CODES = array( "Success",
                           "Socket or network problem",
                           "Email verification failed",
                           "txn_id is invalid or a duplicate",
                           "Payment amount or currency incorrect",
                           "Payment status not recognized",
                           "INVALID transaction (possible attempted forgery?)",
                           "Problem dealing with transaction status",
                           "Neither VERIFIED nor INVALID was recieved from paypal"
                          );
    function PayPal(){
    }
    
    function log_file($filename = FALSE){
        if($filename){
            $this->log_file = $filename;
        }
        return($this->log_file);
    }
    
    function logit($level,$message){
        if(! $this->log_file){
            return;
        }
        if(substr($message, -1) != "\n"){
                $message .= "\n";
        }
        error_log($level . "\t" . $message,3,$this->log_file);
        if($level == "E"){
            error_log($message);
        }
    }
    function status_completed(){
        $this->logit("D","Not doing anything about status_completed");
        return(TRUE);
    }
    function status_pending(){
        $this->logit("D","Not doing anything about status_pending: " . $_POST[pending_reason]);
        return(TRUE);
    }
    function status_cancel_reverse(){
        $this->logit("D","Not doing anything about status_cancel_reverse");
        return(TRUE);
    }
    function status_denied(){
        $this->logit("D","Not doing anything about status_denied");
        return(TRUE);
    }
    function status_failed(){
        $this->logit("D","Not doing anything about status_failed");
        return(TRUE);
    }
    function status_refunded(){
        $this->logit("D","Not doing anything about status_refunded");
        return(TRUE);
    }
    function status_reversed(){
        $this->logit("D","Not doing anything about status_reversed " . $_POST[reason_code]);
        return(TRUE);
    }
    function debug_response($filename){
        $this->debug_response = $filename;
    }
    function paypal_host($timeout = 45,$host = "www.paypal.com",$port = 80){
        $this->host = $host;
        $this->port = $port;
        $this->timeout = $timeout;
    }
    
    function connect_paypal(){
        // Using a debug response file.
        if($this->debug_response){
            $fp = fopen($this->debug_response,"r");
            if(! $fp){
                $this->logit("E","Error opening debug response file: $this->debug_response");
            }
            $this->logit("D","Using debug file $this->debug_response");
            return($fp);
        }
        $this->logit("D","Connecting to: $this->host $this->port");
        $fp = fsockopen($this->host, $this->port, $errno, $errstr, $this->timeout);
        if(! $fp){
            $this->logit("E","Socket error: [" . $errno . "] " . $errstr);
        }
        return($fp);
    }
    function test_form($form_tags = TRUE){
        if($form_tags){
            echo "<FORM ACTION=\"$_SERVER[PHP_SELF]\" METHOD=\"POST\">";
        }
        ?>
        <LI>DEBUG (for internal debug flags):<INPUT NAME="DEBUG">
        <LI>receiver_email:<INPUT NAME="receiver_email">
        <LI>item_number:<INPUT NAME="item_number">
        <LI>mc_gross:<INPUT NAME="mc_gross">
        <LI>mc_currency:<SELECT NAME="mc_currency">
                            <OPTION VALUE="USD">USD</OPTION>
                            <OPTION VALUE="CAD">CAD</OPTION>
                            <OPTION VALUE="GBP">GBP</OPTION>
                            <OPTION VALUE="EUR">EUR</OPTION>
                            <OPTION VALUE="JPY">JPY</OPTION>
                        </SELECT>
        <LI>txn_id<INPUT NAME="txn_id" VALUE="">
        <LI>parent_txn_id:<INPUT NAME="parent_txn_id">
        <LI>invoice:<INPUT NAME="invoice">
        <LI>custom:<INPUT NAME="custom">
        <LI>first_name:<INPUT NAME="first_name">
        <LI>last_name:<INPUT NAME="last_name">
        <LI>payer_business_name:<INPUT NAME="payer_business_name">
        <LI>address_street:<INPUT NAME="address_street">
        <LI>address_city:<INPUT NAME="address_city">
        <LI>address_state:<INPUT NAME="address_state">
        <LI>address_zip:<INPUT NAME="address_zip">
        <LI>address_country:<INPUT NAME="address_country">
        <LI>payer_email:<INPUT NAME="payer_email">
        <LI>payment_status:<SELECT NAME="payment_status">
                                <OPTION VALUE="Canceled_Reversal">Canceled_Reversal</OPTION>
                                <OPTION VALUE="Completed">Completed</OPTION>
                                <OPTION VALUE="Denied">Denied</OPTION>
                                <OPTION VALUE="Failed">Failed</OPTION>
                                <OPTION VALUE="Pending">Pending</OPTION>
                                <OPTION VALUE="Refunded">Refunded</OPTION>
                                <OPTION VALUE="Reversed">Reversed</OPTION>
                          </SELECT>
        <LI><B>This variable is only set if payment_status=&quot;Pending&quot;</B>
        <LI>pending_reason:<SELECT NAME="pending_reason">
                            <OPTION VALUE="">(None)</OPTION>
                            <OPTION VALUE="address">address</OPTION>
                            <OPTION VALUE="echeck">echeck</OPTION>
                            <OPTION VALUE="intl">intl</OPTION>
                            <OPTION VALUE="multi_currency">multi_currency</OPTION>
                            <OPTION VALUE="unilateral">unilateral</OPTION>
                            <OPTION VALUE="upgrade">upgrade</OPTION>
                            <OPTION VALUE="verify">verify</OPTION>
                            <OPTION VALUE="other">other</OPTION>
                            </SELECT>
        <LI><B>This variable is only set if payment_status=&quot;Reversed&quot;</B>
        <LI>reason_code:<SELECT NAME="reason_code">
                        <OPTION VALUE="">(None)</OPTION>
                        <OPTION VALUE="buyer_complaint">buyer_complaint</OPTION>
                        <OPTION VALUE="chargeback">chargeback</OPTION>
                        <OPTION VALUE="guarantee">guarantee</OPTION>
                        <OPTION VALUE="refund">refund</OPTION>
                        <OPTION VALUE="other">other</OPTION>
                        </SELECT>       
                
        <?php
        if($form_tags){
            echo "<INPUT TYPE=\"SUBMIT\" VALUE=\"Run Test\">";
            echo "</FORM>";
        }
    }
    
    function processIPN(){
        $this->logit("D","Processing paypal IPN");
        // read the post from PayPal system and add 'cmd'
        $req = 'cmd=_notify-validate';
        foreach ($_POST as $key => $value) {
            $this->logit("D","Variable: $key=[$value]");
            $value = urlencode(stripslashes($value));
            $req .= "&$key=$value";
        }
        // Connect with paypal.
        $fp = $this->connect_paypal();
        if(! $fp){
            return(-1);
        }
        // If in debug mode, don't post anything.
        if(! $this->debug_response){
            // post back to corroborate with PayPal 
            $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
            $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
            $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
            fputs ($fp, $header . $req);
        }
        $return_code = -8;
        $payment_status = $_POST[payment_status];
        $in_hdr = TRUE;
        while (!feof($fp)) {
            $res = trim(fgets ($fp, 1024));

            // Don't process the header.
            if(strlen($res) == 0){
                $in_hdr = FALSE;
                continue;
            }
            if($in_hdr){
                continue;
            }
            
            $this->logit("D","Response: [" . $res . "]");
            if (strcmp ($res, "VERIFIED") == 0) {
                $return_code = 0;
                $this->logit("D","Verified");
                // Make sure credit wasn't toward someone else.
                if(! $this->check_email($_POST[receiver_email])){
                    $return_code = -2;
                    break;
                }
                // Check txn_id is OK. (not been re-used)
                if(! $this->check_txn_id($_POST[txn_id])){
                    $return_code = -3;
                    break;
                }
                // Check that the ammount was correct for this item.
                if(! $this->check_amount($_POST[item_number],$_POST[mc_gross],$_POST[mc_currency])){
                    $return_code = -4;
                    break;
                }
                // Determine disposition of payment_status
                if($return_code == 0){
                    // payment_status is Completed, Pending
                    $method = $this->STATUS[$payment_status];
                    if($method){
                        $this->logit("D","Running: $method (from $payment_status)");
                        $meth_code = $this->$method();
                        if(! $meth_code){
                            $this->logit("E","Method [$method] did not return TRUE");
                            $return_code = -7;
                        }
                    }else{
                        $this->logit("E","Payment Status: $payment_status not recognized");
                        $return_code = -5;
                    }
                    break;
                }
                break;
            }else if (strcmp ($res, "INVALID") == 0) {
                $this->logit("I","Invalid response: " . $res);
                $return_code = -6;
                break;
            }
        }
        fclose ($fp);
        return($return_code);
    }

    function errstr($code){
        $code = abs($code);
        return($this->RC_CODES[$code]);
    }
    function check_amount($item_no,$amount,$currency){
        $this->logit("D","Not doing check_amount($item_no,$amount,$currency)");
        return(TRUE);
    }
    function check_txn_id($id){
        $this->logit("D","Not doing check_txn_id($id)");
        return(TRUE);
    }
    function check_email($email){
        $this->logit("D","Not doing check_email($email)");
        return(TRUE);
    }
}
?>

---

Documentation generated by DoxyGen