'; print_r($_GET); echo '
'; print_r($_POST); exit; // */ /** * @var string $includes_dir location of database connection details and global functions * @var string $template_dir location of template specific functions (and user connection details if different permissions supported) */ $data_dir = $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/'; $template_dir = $_SERVER['DOCUMENT_ROOT'].'/resources/template/'; require_once $data_dir.'universal.php'; require_once $template_dir.'functions.php'; $connID = connect_to_db(); /** * extract necessary variables from POST, validate booking status, process if necessary * @var string $amount transaction amount as passed back from paypal (probably the same as passed to paypal) * @var string $invoice invoice # as passed to paypal * @var string $payment_id payment database id as passed to paypal * @var string $txn_id paypal transaction id * @var string $message display on next page * @var string $title output to show customer * @var string $content output to show customer */ $amount = clean_plain_data($_POST['amount']); $reference = clean_plain_data($_POST['invoice']); $order_id = clean_plain_data($_POST['custom']); $txn_id = clean_plain_data($_POST['txn_id']); $message = $title = $content = ''; if(!($_POST['payment_status'] == 'Completed' || $_POST['payment_status'] == 'Pending')) { /** * payment unsuccessful. There is really no elegant way to handle 'Pending', so we assume the payment will go through. * This should never trigger legitimately, because paypal should send failed transactions to paypal_return_false script * redirect to cart */ setCookie('cartMessage','

There was an error processing your payment. Please try again

',time()+30,'/'); getout('',select_one('page_data','path','page_type','cart')); exit; } $cart = new cart; $cart->recreate_from_order($order_id); if(!$cart->reference) { $emailtext .= "Paypal-return-true: No matching order $order_id $txn_id"; send_email($emailtext,$subject,SITE_ADMIN_ADDRESS); } /** * check existing payment status of booking, process if necessary, redirect to main bookings page * @var string $message output to vistor on next page */ if(select_one('orders','paid',"concat(order_id,':',payment_ref)",$order_id.':'.$txn_id)) { /** * Assume IPN paid this * Continue */ } elseif(select_one('orders','paid','order_id',$order_id)) { /** * transaction id mismatch? or manually marked from admin panel? */ //$message = booking_additional_payment($booking_id,$txn_id,$amount); } else { /** * process payment */ //update database mysql_query("update orders set paid = '1', payment_ref = '$txn_id' where order_id = '$order_id'"); mysql_query("delete from order_temp where order_id = '$order_id'"); if($reference != $cart->reference) { /** * probably a hack * display a message in case it's just an expired session * @todo notify admin? */ $title ='We\'re sorry there was a error'; $content .= '

Thank you for your payment. Unfortunately we were unable to retrieve the contents of your order to display on your return but please be assured it has been received.

';//.print_r($_POST,true); } else { //send email/s $email_address = SITE_FROM_ADDRESS; //$email_address = 'matt@activatedesign.co.nz.co.nz'; //testing //$email_address = 'programmer@activatedesign.co.nz.'; //development //clean potential html entities foreach($cart->customer as $k => $v) { $cart->customer[$k] = html_entity_decode($v,ENT_QUOTES); } //to admin $subject = 'Payment confirmed for order '.$reference.' from '.SITE_FROM_NAME; $headers = "From: $email_address" . "\n" . "Reply-To: $email_address" . "\n" . "Return-Path: $email_address" . "\n" . 'X-Mailer: PHP/' . phpversion(); mail($email_address, $subject, $cart->customer['email_text'], $headers); //to customer $subject = 'Thank you for your payment to '.SITE_FROM_NAME; $mailbody = 'Dear '.$cart->customer['first_name'].', Thank you for your payment. We are now processing your order. '.$cart->customer['email_text'].' - The '.SITE_FROM_NAME.' team'; mail($cart->customer['email'], $subject, $mailbody, $headers); } } if($content == '') //not an error message { $title='Please print for your records'; $script_text = '

Thank you for your payment. We are now processing your order.

Your cart has now been emptied. You may wish to print this page for your reference.

'; $content = include 'resources/template/section_order_print.php'; } /** * @todo figure out a way of feeding this into template.php directly */ $pages = build_menu_tree(); $page_id = select_one('page_data','page_id','page_type','products'); $parent_chain = build_parent_chain($page_id); $breadcrumbs = build_breadcrumbs($parent_chain).$bcAppend; $nav = build_nav($pages,1,1,1); $categories = build_category_tree(); // recursive function $n = 0; //global for build_cat_nav() $pnav = build_cat_nav($categories); ob_start(); include $template_dir.'header.php'; echo $content; include $template_dir.'footer.php'; ob_end_flush(); exit; ?>