hey i created this script:
// Check to see there are posted variables coming into the script
if ($_SERVER['REQUEST_METHOD'] != "POST") die ("No Post Variables");
// Initialize the $req variable and add CMD key value pair
$req = 'cmd=_notify-validate';
// Read the post from PayPal
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// Now Post all of that back to PayPal's server using curl, and validate everything with PayPal
// Use CURL instead of PHP for this for a more universally operable script (not fsockopen)
//$url = "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_notify-validate;
$url = "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_notify-validate";
$curl_result=$curl_err='';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", "Content-Length: " . strlen($req)));
curl_setopt($ch, CURLOPT_HEADER , 0);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$curl_result = @curl_exec($ch);
$curl_err = curl_error($ch);
curl_close($ch);
$req = str_replace("&", "
", $req); // Make it a nice list => Possibility to email it to yourselve for reporting
// Check that the result verifies
if (strpos($curl_result, "VERIFIED") !== false) {
$req .= "
Paypal Verified OK";
} else {
$req .= "
Data NOT verified from Paypal!";
mail("me@myemail.de", "IPN interaction not verified", "$req", "From: me@myemail.de" );
exit();
}
/* CHECK THESE 4 THINGS BEFORE PROCESSING THE TRANSACTION, HANDLE THEM AS YOU WISH
1. Make sure that business email returned is your business email
2. Make sure that the transaction’s payment status is “completed”
3. Make sure there are no duplicate txn_id
4. Make sure the payment amount matches what you charge for items. (Defeat Price-Jacking) */
// Connect to database -------------------------------------------------------------------------------------------------------
define('SECURE', true);
require_once 'connect_to_mysql.php';
$errors = array();
// PAYMENT VALID
// Check payment status
if ($_POST['payment_status'] != 'Completed') {
$errors[] .= "Payment not completed";
}
// Check seller e-mail
if ($_POST['receiver_email'] != 'email@gmx.de') {
$errors[] .= "Incorrect seller e-mail";
}
// Compare the amount received on PayPal with the price you charged for the product or service
if ($_POST['mc_gross'] != '100.00') {
$errors[] .= "Incorrect product price";
}
// Check the currency code
if ($_POST['mc_currency'] != 'USD') {
$errors[] .= "Incorrect currency code";
}
// Check transaction id
$txn_id = mysqli_real_escape_string($_POST['txn_id']);
$sql = "SELECT COUNT(*) AS count FROM `transactions` WHERE `txn_id` = $txn_id";
$q = mysqli_query($mysqli, $sql);
$f = mysqli_fetch_array($q);
if($f['count'] > 0) {
$errors[] .= “Transaction already processed”;
} else {
// Transaction not processed, store it in the database
$payer_email = mysqli_real_escape_string($_POST['payer_email']);
$mc_gross = mysqli_real_escape_string($_POST['mc_gross']);
$insert = mysqli_query($mysqli, “INSERT INTO transactions (`txn_id`, `payer_email`,`mc_gross`)
VALUES ($txn_id,$payer_email,$mc_gross)”);
}
if (count($errors) > 0) {
$ftp_pfad = "http://www.example.eu.pn";
$folder = "transactions";
$subfolder = "Ordner";
$pathBase1 = $ftp_pfad.'/'.$folder;
$pathBase2 = $ftp_pfad.'/'.$folder.'/'.$subfolder;
mkdir("/srv/disk8/1391019/www/example.eu.pn/$folder", 0755);
} else {
$ftp_pfad = "http://www.example.eu.pn";
$folder = "transactions";
$subfolder = "Ordner";
$pathBase1 = $ftp_pfad.'/'.$folder;
$pathBase2 = $ftp_pfad.'/'.$folder.'/'.$subfolder;
mkdir("/srv/disk8/1391019/www/example.eu.pn/$folder", 0755);
// PayPal payment is valid
// Process order here
}
mysqli_close($mysqli);
When i take a look on my sandbox-acount, the money is send, but i have to accept it,why? Moreover, the the function "mkdir" is not working, anybody can help me? i did all settings in my sandbox accounts, but i still have to accept the incoming money