I am building a subscription site. At its current state, the user would be able to pay the subscription but my handler cannot handle the IPN correctly. Here's the flow: Signup -> Subscribe -> Pay -> Return to site -> My handler -> Home. The user cannot login until my handler activates his account from the database. Here's my code:
<?php
require_once 'classes/Mysql.php';
// define array to store PayPal request
// as key-value pair
$postvars = array();
// read post from PayPal into local array
while (list ($key, $value) = each ($HTTP_POST_VARS)) {
$postvars[] = $key;
}
// add a 'cmd' parameter to the parameter list that is POSTed // back, as required by
PayPal
$req = 'cmd=_notify-validate';
// append each parameter posted by the PayPal // as name value pair to the "req"
variable
for ($var = 0; $var < count ($postvars); $var++) {
$postvar_key = $postvars[$var];
$postvar_value = $$postvars[$var];
$req .= "&" . $postvar_key . "=" . urlencode ($postvar_value); }
// post the request back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-
www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen ($req) . "\r\n\r\n";
// open file pointer to the paypal server
$fp = fsockopen ("www.paypal.com", 80, $errno, $errstr, 30);
if (!$fp) {
// HTTP error
// log an error
}
else {
// POST the data using the file pointer created above
fputs ($fp, $header . $req);
while (!feof($fp)) {
// read the response from the PayPal server
$res = fgets ($fp, 1024);
// check if the request has been VERIFIED by PayPal
// if it is, then you can proceed further
// if it is INVALID, then abort the process
if (strcmp ($res, "VERIFIED") == 0) {
// get the value stored in the "custom" field
// (username) in a local variable
$username = $HTTP_POST_VARS["custom"];
$mysql = New Mysql();
// check if the username sent with the PayPal IPN request exists in the database
// using a custom function called userExists()
if($mysql->check_if_username_exists($username)) {
$code = $mysql->get_confirmreg_code($username);
// check the transaction type for the subscription sent by PayPal
// and take action accordingly
if(isset($HTTP_POST_VARS["txn_type"]) && strtolower($HTTP_POST_VARS["txn_type"])
== "subscr_payment") {
// a subscriber just paid
// increase the subscription period by X days
header("location: confirm.php?code=".$code."");
} else {
// incorrect transaction type
// log an error
header("location: signup.php?paymenterror=true");
}
}
} else if (strcmp ($res, "INVALID") == 0) {
// an INVALID transaction
// log an error
header("location: signup.php?paymenterror=true");
}
}
}
I am sorry it's a bit long. When I tested it, it redirects me to signup.php wich I assume paypal failed to process it. Could you pls tell what's wrong with this? Im sorry for my english. I am too lazy to correct it for now. mind exploding