protected bool PaymentMade(string ProfessionalID, string ProjectID)
{
bool result = false;
//// Checking if Payment for this project were already submitted by Professional ////
ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter ProfessionalCheckAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter();
ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable ProfessionalCheckTable = new ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable();
ProfessionalCheckAdapter.FillCheck(ProfessionalCheckTable, Convert.ToInt32(ProfessionalID.ToString()), Convert.ToInt32(ProjectID.ToString()));
//There can be only 1 row or 0 row
if (ProfessionalCheckTable.Rows.Count == 1)
{
if ((string.Equals(ProfessionalCheckTable.Rows[0]["CurrencyCode"].ToString(), CurrencyDropDownList.SelectedValue.ToString())) && (string.Equals(ProfessionalCheckTable.Rows[0]["GrossTotal"].ToString(), Amount.Text.ToString())))
{
string sucessmessage = ProfessionalCheckTable.Rows[0]["FirstName"].ToString() +
ProfessionalCheckTable.Rows[0]["LastName"].ToString() + ",<br/>";
sucessmessage += Resource.ThankPayment + "<br/>";
sucessmessage += Resource.PaymentOf + ProfessionalCheckTable.Rows[0]["CurrencyCode"].ToString() +
ProfessionalCheckTable.Rows[0]["GrossTotal"].ToString() + Resource.PaymentProcessed + "<br/><br/>";
sucessmessage += Resource.Sincerely + "<br/>";
sucessmessage += Resource.YourSideJobTeam + "<br/>";
HiddenLabel.Text = sucessmessage;
result = true;
}
else
{
string failuremessage = ProfessionalCheckTable.Rows[0]["FirstName"].ToString() +
ProfessionalCheckTable.Rows[0]["LastName"].ToString() + ",<br/>";
failuremessage += Resource.FailedTransaction + "<br/>";
failuremessage += Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
result = false;
}
}
else if (ProfessionalCheckTable.Rows.Count > 1)
{
EmailAdmin(String.Format("Multiple Payment from Professional {0} for Projet {1}", ProfessionalID.ToString(),
ProjectID.ToString()), "Check ProfessionalSuccessfulPDT Table", "*****@*****.**");
result = true;
}
return result;
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
// Used parts from https://www.paypaltech.com/PDTGen/
// Visit above URL to auto-generate PDT script
authToken = WebConfigurationManager.AppSettings["PROPDTToken"];
//read in txn token from querystring
txToken = Request.QueryString.Get("tx");
query = string.Format("cmd=_notify-synch&tx={0}&at={1}", txToken, authToken);
// Create the request back
string url = WebConfigurationManager.AppSettings["PayPalSubmitUrl"];
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
// Set values for the request back
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
req.ContentLength = query.Length;
// Write the request back IPN strings
StreamWriter stOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
stOut.Write(query);
stOut.Close();
// Do the request to PayPal and get the response
StreamReader stIn = new StreamReader(req.GetResponse().GetResponseStream());
strResponse = stIn.ReadToEnd();
stIn.Close();
string ProID = GetProfessionalID();
PDTHolder pdt = PDTHolder.Parse(strResponse);
ProfessionalPDTDataSetTableAdapters.ProfessionalStartingPaymentTableAdapter ProfessionalPDTAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalStartingPaymentTableAdapter();
ProfessionalPDTDataSet.ProfessionalStartingPaymentDataTable ProfessionalPDTTable = new ProfessionalPDTDataSet.ProfessionalStartingPaymentDataTable();
ProfessionalPDTAdapter.FillVerifyTransaction(ProfessionalPDTTable, Convert.ToInt32(pdt.Custom));
// If response was SUCCESS, parse response string and output details
//The payment is succesful
if (strResponse.StartsWith("SUCCESS"))
{
//If there is no match
//The Professional close the windows.
//If There is a match
//The Professional return back to the confirmation page.
foreach (DataRow row in ProfessionalPDTTable)
{
ProfessionalPDTDataSetTableAdapters.QueriesTableAdapter ProfessionalPDT = new ProfessionalPDTDataSetTableAdapters.QueriesTableAdapter();
if (pdt.Custom.ToString() == row["ProjectID"].ToString() && pdt.Currency.ToString() == row["CurrencyCode"].ToString() && (row["Amount"].ToString() == pdt.GrossTotal.ToString()))
{
//Insert it only 1 time
////Sucessful PDT////
ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter ProfessionalSuccessfulPDTAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter();
ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable ProfessionalSuccessfulPDTTable = new ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable();
ProfessionalSuccessfulPDTAdapter.FillProfessionalSuccededPDT(ProfessionalSuccessfulPDTTable, Convert.ToInt32(ProID), Convert.ToInt32(pdt.Custom.ToString()));
if (ProfessionalSuccessfulPDTTable.Rows.Count == 0)
{
ProfessionalPDT.SuccessPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken
, pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(ProID), Convert.ToInt32(pdt.Custom));
ProfessionalPDT.AddProfessionalPendingTransaction(Convert.ToInt32(ProID),
Convert.ToInt32(pdt.Custom));
string sucessmessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
sucessmessage += Resources.Resource.PaymentOf + " ";
sucessmessage += pdt.Currency + " " + pdt.GrossTotal +
Resources.Resource.PaymentProcessed + "<br/>";
sucessmessage += Resources.Resource.Sincerely + "<br/>";
sucessmessage += Resources.Resource.YourSideJobTeam + "<br/>";
}
else
{
HiddenLabel.Text = Resources.Resource.AlreadyPaid;
}
}
else
{
//Potential Hack
ProfessionalPDT.HackedPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken
, pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(ProID), Convert.ToInt32(pdt.Custom));
//Email The Hacker and Admin
string failuremessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
failuremessage += Resources.Resource.FailedTransaction + "<br/>";
failuremessage += Resources.Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
}
}
}
else
{
string failuremessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
failuremessage += Resources.Resource.FailedTransaction + "<br/>";
failuremessage += Resources.Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
}
}
}