<%@LANGUAGE="VBScript"%> <% Dim str,Txn_id,Payment_status,objHttp Set rs = Server.CreateObject("ADODB.RecordSet") Set rs2 = Server.CreateObject("ADODB.RecordSet") Set cnn=Server.CreateObject("ADODB.Connection") cnn.open sDSN alreadygotadmin = getadminsettings() sSQL = "SELECT payProvDemo,payProvData1,payProvData2,payProvMethod FROM payprovider WHERE payProvID=1" rs.Open sSQL,cnn,0,1 demomode=(rs("payProvDemo")="1") data1=trim(rs("payProvData1")&"") data2=trim(rs("payProvData2")&"") ppmethod=Int(rs("payProvMethod")) rs.Close ' read post from PayPal system and add 'cmd' str = Request.Form ' post back to PayPal system to validate str = str & "&cmd=_notify-validate" set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP") objHttp.open "POST", "https://www." & IIfVr(demomode, "sandbox.", "") & "paypal.com/cgi-bin/webscr", false objHttp.Send str ' assign posted variables to local variables Receiver_email = Request.Form("receiver_email") Item_number = Request.Form("item_number") Invoice = Request.Form("invoice") Payment_status = Request.Form("payment_status") Payment_gross = Request.Form("payment_gross") Txn_id = Request.Form("txn_id") ordID = trim(replace(request.form("custom"), "'", "")) Payer_email = Request.Form("payer_email") ' Check notification validation if (objHttp.status <> 200 ) then ' HTTP error handling elseif (objHttp.responseText = "VERIFIED") AND (ordID<>"") then ' check that Payment_status=Completed ' check that Txn_id has not been previously processed ' check that Receiver_email is an email address in your PayPal account ' process payment if False then rs.Open "ppVerify",cnn,1,3,&H0002 rs.AddNew rs.Fields("dateadded")=Date() rs.Fields("firstname")=Request.Form("first_name") rs.Fields("lastname")=Request.Form("last_name") rs.Fields("email")=Payer_email rs.Fields("sessionid")=ordID rs.Fields("paymentStatus")=Payment_status rs.Fields("pendingReason")=Request.Form("pending_reason") rs.Fields("verifysign")=Request.Form("verify_sign") rs.Fields("txn_id")=Txn_id rs.Fields("txn_type")=Request.Form("txn_type") rs.Fields("paymentGross")=Payment_gross rs.Update rs.Close end if if Payment_status="Completed" then do_stock_management(ordID) cnn.Execute("UPDATE cart SET cartCompleted=1 WHERE cartOrderID="&ordID) cnn.Execute("UPDATE orders SET ordStatus=3,ordAuthNumber='"&Txn_id&"' WHERE ordID="&ordID) Call do_order_success(ordID,emailAddr,sendEmail,FALSE,TRUE,TRUE,TRUE) elseif Payment_status="Pending" then cnn.Execute("UPDATE cart SET cartCompleted=2 WHERE cartCompleted=0 AND cartOrderID="&ordID) cnn.Execute("UPDATE orders SET ordAuthNumber='Pending: " & replace(Request.Form("pending_reason"),"'","''") & "' WHERE ordPayProvider=1 AND ordID="&ordID) end if elseif (objHttp.responseText = "INVALID") then ' log for manual investigation else if debugmode=TRUE then response.write objHttp.responseText ' error end if if debugmode=TRUE then if htmlemails=true then emlNl = "
" else emlNl=vbCrLf emailtxt = "Status: " & Payment_status & emlNl & "Txn ID: " & Txn_id & emlNl & "Response: " & objHttp.responseText & emlNl & "Ord ID: " & ordID & emlNl & "Pending Reason: " & Request.Form("pending_reason") & emlNl Call DoSendEmailEO(emailAddr,emailAddr,"","ppconfirm.asp debug",emailtxt,emailObject,themailhost,theuser,thepass) end if set objHttp = nothing %>