Location: PHPKode > scripts > ICAN > ipnforp.php
<?php
session_start();
?>

<?php
   $raw_post_data = file_get_contents('php://input');
   $raw_post_array = explode('&', $raw_post_data);
   $myPost = array();
   foreach ($raw_post_array as $keyval)
      {
      $keyval = explode ('=', $keyval);
      if (count($keyval) == 2)
         $myPost[$keyval[0]] = urldecode($keyval[1]);
      }
      $_req = 'cmd=_notify-validate';
      foreach ($myPost as $key => $value)
         {
         $value = urlencode(stripslashes($value));
         $_req .= "&$key=$value";
         }

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
//$header .= "Host: www.paypal.com:443\r\n";
$header .= "Content-type: text/html; charset=utf-8\r\n";
$header .= "Content-Length: " . strlen($_req) . "\r\n\r\n";

$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);


if (!$fp) {

$mail_From = "From: hide@address.com";
$mail_To = "hide@address.com";
$mail_Subject = "HTTP ERROR";
$mail_Body = "fail";

mail($mail_To, $mail_Subject, $mail_Body, $mail_From);

} else {
fputs ($fp, $header . $_req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {

$mail_From = "From: hide@address.com";
$mail_To = "hide@address.com";
$mail_Subject = "HTTP Success";
$mail_Body = $_req;

mail($mail_To, $mail_Subject, $mail_Body, $mail_From);


$payment_status = $_POST['status'];
$payment_status = strtolower($payment_status);
$trackingid = $_POST[tracking_id];

$tid1pos = stripos($_req,"transaction%5B0%5D.id=");
$tid1len = strlen("transaction%5B0%5D.id=");
$tid1rpos = (int)$tid1pos + (int)$tid1len;
$tid1ampos = stripos($_req,"&",$tid1rpos);
$tid1vlen = (int)$tid1ampos - (int)$tid1rpos;
$tid1 = substr($_req,$tid1rpos,$tid1vlen);

$amount1pos = stripos($_req,"transaction%5B0%5D.amount=");
$amount1len = strlen("transaction%5B0%5D.amount=");
$amount1rpos = (int)$amount1pos + (int)$amount1len;
$amount1ampos = stripos($_req,"&",$amount1rpos);
$amount1vlen = (int)$amount1ampos - (int)$amount1rpos;
$amount1 = substr($_req,$amount1rpos,$amount1vlen);

$rec1pos = stripos($_req,"transaction%5B0%5D.receiver=");
$rec1len = strlen("transaction%5B0%5D.receiver=");
$rec1rpos = (int)$rec1pos + (int)$rec1len;
$rec1ampos = stripos($_req,"&",$rec1rpos);
$rec1vlen = (int)$rec1ampos - (int)$rec1rpos;
$rec1 = substr($_req,$rec1rpos,$rec1vlen);

$status1pos = stripos($_req,"transaction%5B0%5D.status=");
$status1len = strlen("transaction%5B0%5D.status=");
$status1rpos = (int)$status1pos + (int)$status1len;
$status1ampos = stripos($_req,"&",$status1rpos);
$status1vlen = (int)$status1ampos - (int)$status1rpos;
$status1 = substr($_req,$status1rpos,$status1vlen);
$status1 = strtolower($status1);


$tid2pos = stripos($_req,"transaction%5B1%5D.id=");
$tid2len = strlen("transaction%5B1%5D.id=");
$tid2rpos = (int)$tid2pos + (int)$tid2len;
$tid2ampos = stripos($_req,"&",$tid2rpos);
$tid2vlen = (int)$tid2ampos - (int)$tid2rpos;
$tid2 = substr($_req,$tid2rpos,$tid2vlen);

$amount2pos = stripos($_req,"transaction%5B1%5D.amount=");
$amount2len = strlen("transaction%5B1%5D.amount=");
$amount2rpos = (int)$amount2pos + (int)$amount2len;
$amount2ampos = stripos($_req,"&",$amount2rpos);
$amount2vlen = (int)$amount2ampos - (int)$amount2rpos;
$amount2 = substr($_req,$amount2rpos,$amount2vlen);

$rec2pos = stripos($_req,"transaction%5B1%5D.receiver=");
$rec2len = strlen("transaction%5B1%5D.receiver=");
$rec2rpos = (int)$rec2pos + (int)$rec2len;
$rec2ampos = stripos($_req,"&",$rec2rpos);
$rec2vlen = (int)$rec2ampos - (int)$rec2rpos;
$rec2 = substr($_req,$rec2rpos,$rec2vlen);

$status2pos = stripos($_req,"transaction%5B1%5D.status=");
$status2len = strlen("transaction%5B1%5D.status=");
$status2rpos = (int)$status2pos + (int)$status2len;
$status2ampos = stripos($_req,"&",$status2rpos);
$status2vlen = (int)$status2ampos - (int)$status2rpos;
$status2 = substr($_req,$status2rpos,$status2vlen);
$status2 = strtolower($status2);

$senderidpos = stripos($_req,"sender_email=");
$senderidlen = strlen("sender_email=");
$senderidrpos = (int)$senderidpos + (int)$senderidlen;
$senderidampos = stripos($_req,"&",$senderidrpos);
$senderidvlen = (int)$senderidampos - (int)$senderidrpos;
$senderid = substr($_req,$senderidrpos,$senderidvlen);


include("pwd.php");
mysql_query("INSERT INTO payments (itemname, itemnumber, paystatus, payamt, paycurrency, tid, bemail, pemail, orderid) VALUES('$item_name','$item_number','$payment_status','$amount1','USD','$tid1','$receiver_email','$senderid','$trackingid')");
mysql_close();


}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation

$mail_From = "From: hide@address.com";
$mail_To = "hide@address.com";
$mail_Subject = "INVALID IPN (Script 2)";
$mail_Body = $_req;

mail($mail_To, $mail_Subject, $mail_Body, $mail_From);

}
}
fclose ($fp);
}
?>

Return current item: ICAN