/    Sign up×
Community /Pin to ProfileBookmark

Adding size variable to paypal ipn

Copy linkTweet thisAlerts:
Apr 14.2011

I’m just trying to add a size variable to the IPN so when the client receives the order information, they can view what size was requested, so far I’ve added this to my button:

[code=php]<input type=”hidden” name=”on0″ value=”CustomID”>
<input type=”hidden” name=”os0″ value=”echo $size[size]”>[/code]

and this to the IPN

[code=php]$customid = $_POST[‘option_selection1’];[/code]

as well as updating the database INSERT, can anyone see any reason why this wouldn’t work properly as I’m having trouble with it, here is the cart page

[code=php]<?php
session_start(); // Start session first thing in script
// Script Error Reporting
error_reporting(E_ALL);
ini_set(‘display_errors’, ‘1’);
?>
<?php

if (isset($_POST[‘pid’])) {
$pid = $_POST[‘pid’];
$size = $_POST[‘size’];
$wasFound = false;
$i = 0;
// If the cart session variable is not set or cart array is empty
if (!isset($_SESSION[“cart_array”]) || count($_SESSION[“cart_array”]) < 1) {
// RUN IF THE CART IS EMPTY OR NOT SET
$_SESSION[“cart_array”] = array(1 => array(“item_id” => $pid, “size” => $size, “quantity” => 1));
} else {
// RUN IF THE CART HAS AT LEAST ONE ITEM IN IT
foreach ($_SESSION[“cart_array”] as $each_item) {
$i++;
while (list($key, $value) = each($each_item)) {

if ($key == “item_id” && $value == $pid){
if ($each_item[‘size’] == $size){

// That item is in cart already so let’s adjust its quantity using array_splice()
array_splice($_SESSION[“cart_array”], $i-1, 1, array(array(“item_id” => $pid, “size” => $size, “quantity” => $each_item[‘quantity’] + 1)));
$wasFound = true;
}} // close if condition
} // close while loop
} // close foreach loop

if ($wasFound == false) {
array_push($_SESSION[“cart_array”], array(“item_id” => $pid,”size” => $size, “quantity” => 1));
}
}
header(“location: cart.php”);
exit();
}
?>
<?php

if (isset($_GET[‘cmd’]) && $_GET[‘cmd’] == “emptycart”) {
unset($_SESSION[“cart_array”]);
unset($_SESSION[“tradesrgr”]); //unset all sessions if cart is empty
unset($_SESSION[‘amount’]); //unset all sessions if cart is empty
unset($_SESSION[‘final’]);//unsets user cart cartTotal
}
?>
<?php

if (isset($_POST[‘item_to_adjust’]) && $_POST[‘item_to_adjust’] != “”) {
// execute some code
$item_to_adjust = $_POST[‘item_to_adjust’];
$size = $_POST[‘size’];
$quantity = $_POST[‘quantity’];
$quantity = preg_replace(‘#[^0-9]#i’, ”, $quantity); // filter everything but numbers
if ($quantity >= 100) { $quantity = 99; }
if ($quantity < 1) { $quantity = 1; }
if ($quantity == “”) { $quantity = 1; }
$i = 0;
foreach ($_SESSION[“cart_array”] as $each_item) {
$i++;
while (list($key, $value) = each($each_item)) {
if ($key == “item_id” && $value == $item_to_adjust) {
if ($each_item[‘size’] == $size){
// That item is in cart already so let’s adjust its quantity using array_splice()
array_splice($_SESSION[“cart_array”], $i-1, 1, array(array(“item_id” => $item_to_adjust, “size” => $size, “quantity” => $quantity)));
} // close if condition
} // close while loop
} // close foreach loop
}
}
?>
<?php

if (isset($_POST[‘index_to_remove’]) && $_POST[‘index_to_remove’] != “”) {
// Access the array and run code to remove that array index
$key_to_remove = $_POST[‘index_to_remove’];
if (count($_SESSION[“cart_array”]) <= 1) {
unset($_SESSION[“cart_array”]);
unset($_SESSION[‘final’]);//unsets user cart cartTotal
} else {
unset($_SESSION[“cart_array”][“$key_to_remove”]);
sort($_SESSION[“cart_array”]);
}
}
?>

<?php

// Connect to the MySQL database
require “storescripts/connect_to_mysql.php”;
$myConnection= mysqli_connect(“$db_host”,”$db_username”,”$db_pass”, “$db_name”) or die (“could not connect to mysql”);
$note=””;
$Empty = “”;
$cartOutput = “”;
$cartTotal = “”;
$pid = “”;
$product_name = “”;
$price = “”;
$pp_checkout_btn = ”;
$product_id_array = ”;
$amount=”;
$details=”;
$size=”;

if (!isset($_SESSION[“cart_array”]) || count($_SESSION[“cart_array”]) < 1) {
$Empty = “<br/>Your shopping cart is empty<br/>”;
} else {
// Start PayPal Checkout Button
$pp_checkout_btn .= ‘<form action=”https://www.paypal.co.uk/cgi-bin/webscr” method=”post”>
<input type=”hidden” name=”cmd” value=”_cart”>
<input type=”hidden” name=”upload” value=”1″>
<input type=”hidden” name=”business” value=”#@gmail.com”>’;
// Start the For Each loop
$i = 0;
foreach ($_SESSION[“cart_array”] as $each_item) {
$item_id = $each_item[‘item_id’];

$sql = mysql_query(“SELECT * FROM products WHERE id=’$item_id’ LIMIT 1”);
while ($row = mysql_fetch_array($sql)) {

$pid = $row[“id”];
$product_name = $row[“product_name”];
$price = $row[“price”];
$details = $row[“details”];
}

$pricetotal = $price * $each_item[‘quantity’];
$cartTotal = $pricetotal + $cartTotal;
setlocale(LC_MONETARY, “en_GB”);
$pricetotal = money_format(“&#37;!4.2n”, $pricetotal);
// Dynamic Checkout Btn Assembly
$x = $i + 1;
$pp_checkout_btn .= ‘<input type=”hidden” name=”item_name_’ . $x . ‘” value=”‘ . $product_name . ‘”>
<input type=”hidden” name=”amount_’ . $x . ‘” value=”‘ . $price . ‘”>
<input type=”hidden” name=”size_’. $x . ‘” value=”‘. $each_item[‘size’] . ‘”>
<input type=”hidden” name=”quantity_’ . $x . ‘” value=”‘ . $each_item[‘quantity’] . ‘”> ‘;

// Create the product array variable
$product_id_array .= “$item_id-“.$each_item[‘quantity’].”,”;
// Dynamic table row assembly
$cartOutput .= “<tr>”;
$cartOutput .= ‘<td><a href=”product.php?id=’ . $item_id . ‘”>’ . $product_name . ‘</a><br /><img src=”../inventory_images/’ . $item_id . ‘.jpg” alt=”‘ . $product_name. ‘” width=”40″ height=”52″ border=”1″ /></td>’;
$cartOutput .= ‘<td>’ . $pid . ‘</td>’;
$cartOutput .= ‘<td>’ . $product_name .'</td>’;
$cartOutput .= ‘<td>’ . $each_item[‘size’] .'</td>’;
$cartOutput .= ‘<td>&#163;’. $price . ‘</td>’;
$cartOutput .= ‘<td><form action=”cart.php” method=”post”>
<input name=”quantity” type=”text” value=”‘ . $each_item[‘quantity’] . ‘” size=”1″ maxlength=”2″ />
<input name=”adjustBtn’ . $item_id . ‘” type=”submit” value=”change” />
<input name=”item_to_adjust” type=”hidden” value=”‘ . $item_id . ‘” />
<input name=”size” type=”hidden” value=”‘ . $each_item[‘size’] . ‘” />
</form></td>’;
//$cartOutput .= ‘<td>’ . $each_item[‘quantity’] . ‘</td>’;
$cartOutput .= ‘<td>&#163;’.$pricetotal.'</td>’;

$cartOutput .= ‘<td><form action=”cart.php” method=”post”><input name=”deleteBtn’ . $item_id . ‘” type=”submit” value=”X” /><input name=”index_to_remove” type=”hidden” value=”‘ . $i . ‘” /></form></td>’;
$cartOutput .= ‘</tr>’;
$i++;
$loop = $i ;

$count = $cartTotal;

if ($loop == 1 ){
$_SESSION[‘final’] = $count;
}else if ($loop > 1 ){
$display = $_SESSION[‘final’];
$count2 = $display;
$display = $count2 = $count;
$_SESSION[‘final’] = $display;
}

$show = $_SESSION[‘final’];
$count .= ”.$i.”;
$items_in_cart=’Current Spend &nbsp;<strong>&#163;’ . $show;

}

setlocale(LC_MONETARY, “en_GB”);
$cartTotal = money_format(“%!10.2n”, $cartTotal);
$cartTotal = “<div style=’font-size:18px; margin-top:12px;’ align=’right’>Cart Total : &#163;”.$cartTotal.” GBP
<p></p></div>”;
// Finish the Paypal Checkout Btn
$pp_checkout_btn .= ‘<input type=”hidden” name=”custom” value=”‘ . $product_id_array . ‘”>
<input type=”hidden” name=”notify_url” value=”#”>
<input type=”hidden” name=”return” value=”#”>

<input type=”hidden” name=”rm” value=”2″>
<input type=”hidden” name=”cbt” value=”Return to The Store”>
<input type=”hidden” name=”cancel_return” value=”#”>
<input type=”hidden” name=”lc” value=”GB”>
<input type=”hidden” name=”currency_code” value=”GBP”>
<input type=”hidden” name=”on0″ value=”CustomID”>
<input type=”hidden” name=”os0″ value=”echo $size[size]”>
<input type=”image” src=”https://www.paypal.com/en_GB/i/btn/x-click-but5.gif” name=”submit” alt=”Make payments with PayPal – its fast, free and secure!” align=”right”>

</form>’;
}

?>[/code]

thanks for any help ?

to post a comment
PHP

1 Comments(s)

Copy linkTweet thisAlerts:
@AntiFaith33authorApr 14.2011 — and heres the IPN

[code=php]<?php

if ($_SERVER['REQUEST_METHOD'] != "POST") die ("No Post Variables");
// Initialize the $req variable and add CMD key value pair
$req = 'cmd=_notify-validate';
// Read the post from PayPal
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// Now Post all of that back to PayPal's server using curl, and validate everything with PayPal
// We will use CURL instead of PHP for this for a more universally operable script (fsockopen has issues on some environments)
//$url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
$url = "https://www.paypal.com/cgi-bin/webscr";
$curl_result=$curl_err='';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", "Content-Length: " . strlen($req)));
curl_setopt($ch, CURLOPT_HEADER , 0);

curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$curl_result = @curl_exec($ch);
$curl_err = curl_error($ch);
curl_close($ch);

$req = str_replace("&", "n", $req); // Make it a nice list in case we want to email it to ourselves for reporting

// Check that the result verifies
if (strpos($curl_result, "VERIFIED") !== false) {
$req .= "nnPaypal Verified OK";
} else {
$req .= "nnData NOT verified from Paypal!";
mail("#@gmail.com", "IPN interaction not verified", "$req", "From: #@gmail.com" );
exit();
}

/* CHECK THESE 4 THINGS BEFORE PROCESSING THE TRANSACTION, HANDLE THEM AS YOU WISH
1. Make sure that business email returned is your business email
2. Make sure that the transaction’s payment status is “completed”
3. Make sure there are no duplicate txn_id
4. Make sure the payment amount matches what you charge for items. (Defeat Price-Jacking) */

// Check Number 1 ------------------------------------------------------------------------------------------------------------
$receiver_email = $_POST['receiver_email'];
if ($receiver_email != "#@gmail.com") {
$message = "Investigate why and how receiver email is wrong. Email = " . $_POST['receiver_email'] . "nnn$req";
mail("#@gmail.com", "Receiver Email is incorrect", $message, "From: #@gmail.com" );
exit(); // exit script
}
// Check number 2 ------------------------------------------------------------------------------------------------------------
if ($_POST['payment_status'] != "Completed") {
// Handle how you think you should if a payment is not complete yet, a few scenarios can cause a transaction to be incomplete
}
// Connect to database ------------------------------------------------------------------------------------------------------
require_once 'connect_to_mysql.php';
// Check number 3 ------------------------------------------------------------------------------------------------------------
$this_txn = $_POST['txn_id'];
$sql = mysql_query("SELECT id FROM transactions WHERE txn_id='$this_txn' LIMIT 1");
$numRows = mysql_num_rows($sql);
if ($numRows > 0) {
$message = "Duplicate transaction ID occured so we killed the IPN script. nnn$req";
mail("#@gmail.com", "Duplicate txn_id in the IPN system", $message, "From: #@gmail.com" );
exit(); // exit script
}
// Check number 4 ------------------------------------------------------------------------------------------------------------
$product_id_string = $_POST['custom'];
$product_id_string = rtrim($product_id_string, ","); // remove last comma
// Explode the string, make it an array, then query all the prices out, add them up, and make sure they match the payment_gross amount
$id_str_array = explode(",", $product_id_string); // Uses Comma(,) as delimiter(break point)
$fullAmount = 0;
foreach ($id_str_array as $key => $value) {

$id_quantity_pair = explode("-", $value); // Uses Hyphen(-) as delimiter to separate product ID from its quantity
$product_id = $id_quantity_pair[0]; // Get the product ID
$product_quantity = $id_quantity_pair[1]; // Get the quantity
$sql = mysql_query("SELECT price FROM products WHERE id='$product_id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$product_price = $row["price"];
}
$product_price = $product_price * $product_quantity;
$fullAmount = $fullAmount + $product_price;
}
$fullAmount = number_format($fullAmount, 2);
$grossAmount = $_POST['mc_gross'];
if ($fullAmount != $grossAmount) {
$message = "Possible Price Jack: " . $_POST['payment_gross'] . " != $fullAmount nnn$req";
mail("#@gmail.com", "Price Jack or Bad Programming", $message, "From: #@gmail.com" );
exit(); // exit script
}
// END ALL SECURITY CHECKS NOW IN THE DATABASE IT GOES ------------------------------------
////////////////////////////////////////////////////
// Homework - Examples of assigning local variables from the POST variables
$txn_id = $_POST['txn_id'];
$payer_email = $_POST['payer_email'];
$custom = $_POST['custom'];
$product_id_array = $_POST['product_id_array'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$payment_date = $_POST['payment_date'];
$mc_gross = $_POST['mc_gross'];
$payment_currency = $_POST['payment_currency'];
$receiver_email = $_POST['receiver_email'];
$payment_type = $_POST['payment_type'];
$payment_status = $_POST['payment_status'];
$txn_type = $_POST['txn_type'];
$payer_status = $_POST['payer_status'];
$address_street = $_POST['address_street'];
$address_city = $_POST['address_city'];

$customid = $_POST['option_selection1'];
$address_postcode = $_POST['address_zip'];
$address_status = $_POST['address_status'];
$notify_version = $_POST['notify_version'];
$verify_sign = $_POST['verify_sign'];
$payer_id = $_POST['payer_id'];
$mc_currency = $_POST['mc_currency'];
$mc_fee = $_POST['mc_fee'];
// Place the transaction into the database
$sql = mysql_query("INSERT INTO transactions (product_id_array, payer_email, first_name, last_name, payment_date, mc_gross, payment_currency, txn_id, receiver_email, payment_type, payment_status, txn_type, payer_status, address_street, address_city, address_zip, address_status, notify_version, verify_sign, payer_id, mc_currency, mc_fee, option_selection1)
VALUES('$custom','$payer_email','$first_name','$last_name','$payment_date','$mc_gross','$payment_currency','$txn_id','$receiver_email','$payment_type','$payment_status','$txn_type','$payer_status','$address_street','$address_city','$address_zip','$address_status','$notify_version','$verify_sign','$payer_id','$mc_currency','$mc_fee','$customid')") or die ("unable to execute the query");

mysql_close();
// Mail yourself the details
mail("#@gmail.com", "Successful Transaction", $req, "From: #@gmail.com");
?>[/code]
×

Success!

Help @AntiFaith33 spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.29,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...