<?php
error_reporting(E_ALL);
ini_set('display_errors', true);
include ("includes/header.inc");
include ("includes/config.inc");
if (isset($_GET['txn_id'])&&($_GET['item_name'])){
$txn_id = $_GET['txn_id'];
$item_name = $_GET['item_name'];
$query3 = "SELECT * FROM downloads WHERE txn_id='$txn_id'";
$result3 = mysql_query($query3) or die(mysql_error());
while ($row3 = mysql_fetch_assoc($result3)) {
$count=$row3['count'];
}
if($count == 5){
echo "<div class=\"errortext\">We\'re sorry, you have downloaded this track 5 times</div>";
}else{
$count++;
$query4 = "UPDATE downloads SET count='$count' WHERE id='$download_id'";
$result4 = mysql_query($query4) or die(mysql_error());
}
}elseif(isset($_GET['id'])&& ($_GET['id']=='5723')){
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$payment_status = $_POST['payment_status'];
$txn_id = $_POST['txn_id'];
$payer_email = $_POST['payer_email'];
$payment_amount = $_POST['mc_gross'];
$receiver_email = $_POST['receiver_email'];
//$item_number = $_POST['item_number'];
//$payment_currency = $_POST['mc_currency'];
if (!$fp) {
// HTTP ERROR
echo "<div class=\"errortext\">http error</div>";
}else{
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
if ($payment_status=="Denied"){
echo "<div class=\"errortext\">your payment has been denied</div>";
}elseif ($payment_status=="Pending"){
echo "<div class=\"errortext\">your payment is pending.</div>";
}elseif (($_POST['payment_status']=='Completed') && ($_POST['receiver_email'] == 'paypal@myweb.com') && ($_POST('payment_amount')=='1.50')){
$query8 = "SELECT txn_id FROM downloads WHERE txn_id = '".$_POST['txn_id']."'";
$result8 = mysql_query($query8) or die(mysql_error());
if (mysql_num_rows($result8)==0){
$query0 = "SELECT * FROM tracks WHERE name = '$item_name'";
$result0 = mysql_query($query0) or die(mysql_error());
while ($row0 = mysql_fetch_assoc($result0)){
$track_id = $row0['id'];
$path = $row0['path'];
}
$query5 = "INSERT INTO downloads (count,txn_id) VALUES ('0','$txn_id')";
$result5 = mysql_query($query5) or die(mysql_error());
$query6 = "SELECT id FROM downloads WHERE txn_id = '$txn_id'";
$result6 = mysql_query($query6) or die(mysql_error());
$row6 = mysql_fetch_array($result6);
$download_id = $row6[0];
$query7 = "INSERT INTO downloads2tracks (download_id,track_id) VALUES ('$download_id','$track_id')";
$result7 = mysql_query($query7) or die(mysql_error());
echo "<a href=\"download.php?file='.$item_name.mp3.'\">Download file</a>";
$subject = "Digital Download Delivery from myweb.com";
$body = "testing 123 http://www.myweb.com/new_web/thankyou.php?txn_id=$txn_id&file=$item_name.mp3";
}else{
echo "<div class=\"errortext\">transaction id exists</div>";
}
}
}elseif (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
echo "<div class=\"errortext\">We cannot verify your purchase. Please contact test@test.com</div>";
}
}
fclose ($fp);
}
}else{
echo "<div class=\"errortext\">invalid access to page</div>";
}
?>
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
When asked, what has been your best career decision?
Deciding to stick with EE.
Being involved with EE helped me to grow personally and professionally.
Connect with Certified Experts to gain insight and support on specific technology challenges including:
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE