Ejemplo n.º 1
0
        private bool IsFromReceiver(PayPalIPNParameters ipn)
        {
            // Receiver_email MUST BE equal to the PayPal account ID
            bool verified = string.Compare(ipn.receiver_email, _settings.PayPalID, true) == 0;

            // If Secure Merchand ID is present and equal to the receiver ID
            if (verified && !string.IsNullOrEmpty(_settings.SecureID))
            {
                verified = verified & (string.Compare(_settings.SecureID, ipn.receiver_id, true) == 0);
            }
            return(verified);
        }
Ejemplo n.º 2
0
        protected void Page_Load(object sender, EventArgs e)
        {
            _portalLanguage = PortalSettings.DefaultLanguage;
            string subject          = string.Empty;
            string reason           = string.Empty;
            bool   sendEmail        = false;
            PayPalIPNParameters ipn = new PayPalIPNParameters(Request.Form, Request.BinaryRead(Request.ContentLength));

            _settings        = new PayPalSettings(StoreSettings.GatewaySettings);
            _verificationURL = _settings.UseSandbox ? SandboxVerificationURL : _settings.VerificationURL;
            // Verify payment with PayPal
            PaymentStatus status = VerifyPayment(ipn);

            // What's the user language?
            _userLanguage = Request.QueryString["language"];
            switch (status)
            {
            case PaymentStatus.Payed:
                int portalId = PortalSettings.PortalId;
                // Set order status to "Paid"...
                OrderInfo order = UpdateOrderStatus(ipn.invoice, OrderInfo.OrderStatusList.Paid, _userLanguage);
                // Add User to Product Roles
                OrderController orderController = new OrderController();
                orderController.AddUserToRoles(portalId, order);
                // Add User to Order Role
                StoreInfo storeSetting = StoreController.GetStoreInfo(portalId);
                if (storeSetting.OnOrderPaidRoleID != Null.NullInteger)
                {
                    orderController.AddUserToPaidOrderRole(portalId, order.CustomerID, storeSetting.OnOrderPaidRoleID);
                }
                break;

            case PaymentStatus.Pending:
                // Inform Store Admin
                subject   = Localization.GetString("StorePayPalGateway", LocalResourceFile, _portalLanguage) + Localization.GetString("IPNInfo", LocalResourceFile, _portalLanguage);
                reason    = Localization.GetString("PendingReason_" + ipn.pending_reason, LocalResourceFile, _portalLanguage);
                sendEmail = true;
                break;

            case PaymentStatus.Refunded:
                // Inform Store Admin
                subject   = Localization.GetString("StorePayPalGateway", LocalResourceFile, _portalLanguage) + Localization.GetString("IPNInfo", LocalResourceFile, _portalLanguage);
                reason    = Localization.GetString("ReasonCode_" + ipn.reason_code, LocalResourceFile, _portalLanguage);
                sendEmail = true;
                break;

            case PaymentStatus.Reversed:
                // Inform Store Admin
                subject   = Localization.GetString("StorePayPalGateway", LocalResourceFile, _portalLanguage) + Localization.GetString("IPNInfo", LocalResourceFile, _portalLanguage);
                reason    = Localization.GetString("ReasonCode_" + ipn.reason_code, LocalResourceFile, _portalLanguage);
                sendEmail = true;
                break;

            case PaymentStatus.Unattended:
                // Alert Store Admin
                subject   = Localization.GetString("StorePayPalGateway", LocalResourceFile, _portalLanguage) + Localization.GetString("IPNAlert", LocalResourceFile, _portalLanguage);
                reason    = Localization.GetString("ReasonCode_" + ipn.reason_code, LocalResourceFile, _portalLanguage);
                sendEmail = true;
                break;

            default:
                break;
            }
            // Do we need to send an email to the store admin?
            if (sendEmail)
            {
                if (string.IsNullOrEmpty(reason))
                {
                    reason = ipn.reason_code;
                }
                string paymentType = Localization.GetString("PaymentType_" + ipn.payment_type, LocalResourceFile, _portalLanguage);
                if (string.IsNullOrEmpty(paymentType))
                {
                    paymentType = ipn.payment_type;
                }
                string paymentStatus = Localization.GetString("PaymentStatus_" + ipn.payment_status, LocalResourceFile, _portalLanguage);
                if (string.IsNullOrEmpty(paymentStatus))
                {
                    paymentStatus = ipn.payment_status;
                }
                string emailIPN = Localization.GetString("EmailIPN", LocalResourceFile, _portalLanguage);
                string body     = string.Format(emailIPN, ipn.invoice, ipn.txn_id, paymentType, paymentStatus, reason);
                SendEmailToAdmin(subject, body);
            }
        }
Ejemplo n.º 3
0
        private PaymentStatus VerifyPayment(PayPalIPNParameters ipn)
        {
            PaymentStatus status = PaymentStatus.Invalid;
            // Default Alert Reason
            string alertReason = Localization.GetString("InvalidIPN", LocalResourceFile, _portalLanguage);

            if (ipn.IsValid)
            {
                // Process notification validation
                HttpWebRequest request = WebRequest.Create(_verificationURL) as HttpWebRequest;
                if (request != null)
                {
                    request.Method        = "POST";
                    request.ContentLength = ipn.PostString.Length;
                    request.ContentType   = "application/x-www-form-urlencoded";

                    using (StreamWriter writer = new StreamWriter(request.GetRequestStream()))
                    {
                        writer.Write(ipn.PostString);
                        writer.Close();
                    }

                    HttpWebResponse response = request.GetResponse() as HttpWebResponse;
                    if (response != null)
                    {
                        string responseString;
                        using (StreamReader reader = new StreamReader(response.GetResponseStream()))
                        {
                            responseString = reader.ReadToEnd();
                            reader.Close();
                        }

                        // If the transaction is VERIFIED by PayPal
                        if (string.Compare(responseString, "VERIFIED", true) == 0)
                        {
                            // Security checking: is this request come from right PayPal account ID
                            if (IsFromReceiver(ipn))
                            {
                                // Security checking: compares some PayPal fields with order fields
                                alertReason = Localization.GetString("WrongOrderInfos", LocalResourceFile, _portalLanguage);
                                OrderController orderController = new OrderController();
                                OrderInfo       order           = orderController.GetOrder(PortalSettings.PortalId, ipn.invoice);
                                // If this order exist
                                if (order != null)
                                {
                                    // Currency MUST BE the same!
                                    if (_settings.Currency == ipn.mc_currency)
                                    {
                                        // Everything looks good, validate the transaction!
                                        switch (ipn.payment_status.ToLower())
                                        {
                                        case "completed":
                                            // Grand Total MUST BE the same!
                                            if (Math.Round(order.GrandTotal, 2, MidpointRounding.AwayFromZero) == ipn.mc_gross)
                                            {
                                                status = PaymentStatus.Payed;
                                            }
                                            break;

                                        case "pending":
                                        case "in-progress":
                                            // Grand Total MUST BE the same!
                                            if (Math.Round(order.GrandTotal, 2, MidpointRounding.AwayFromZero) == ipn.mc_gross)
                                            {
                                                status = PaymentStatus.Pending;
                                            }
                                            break;

                                        case "refunded":
                                            status = PaymentStatus.Refunded;
                                            break;

                                        case "reversed":
                                            status = PaymentStatus.Reversed;
                                            break;

                                        default:
                                            status = PaymentStatus.Unattended;
                                            break;
                                        }
                                    }
                                }
                            }
                            else
                            {
                                alertReason = Localization.GetString("DifferentReceiverEmail", LocalResourceFile, _portalLanguage);
                            }
                        }
                        else
                        {
                            alertReason = Localization.GetString("VerificationFailed", LocalResourceFile, _portalLanguage);
                        }
                    }
                }
            }

            // If the transaction is invalid
            if ((status == PaymentStatus.Invalid) || (status == PaymentStatus.Unattended))
            {
                // Add an Admin Alert to the DNN Log
                string        paypalGateway = Localization.GetString("StorePayPalGateway", LocalResourceFile, _portalLanguage);
                string        adminAlert    = Localization.GetString("SecurityAlert", LocalResourceFile, _portalLanguage);
                LogProperties properties    = new LogProperties
                {
                    new LogDetailInfo(paypalGateway, adminAlert),
                    new LogDetailInfo(Localization.GetString("AlertReason", LocalResourceFile, _portalLanguage), alertReason),
                    new LogDetailInfo(Localization.GetString("FromIP", LocalResourceFile, _portalLanguage), Request.UserHostAddress),
                    new LogDetailInfo(Localization.GetString("IPNPOSTString", LocalResourceFile, _portalLanguage), ipn.PostString)
                };
                AddEventLog(EventLogController.EventLogType.ADMIN_ALERT.ToString(), properties, true);
                // Send an email to the store admin
                SendEmailToAdmin(paypalGateway + " " + adminAlert, Localization.GetString("EmailAlert", LocalResourceFile, _portalLanguage) + "\r\n\r\n" + alertReason);
            }

            return(status);
        }
Ejemplo n.º 4
0
        protected void Page_Load(object sender, EventArgs e)
        {
            // Do we have any special handling?
            PayPalNavigation nav = new PayPalNavigation(Request.QueryString);

            switch (nav.GatewayExit.ToUpper())
            {
            case "CANCEL":
            {
                InvokePaymentCancelled();
                CheckoutControl.Hide();
                pnlProceedToPayPal.Visible = false;
                return;
            }

            case "RETURN":
            {
                PayPalIPNParameters ipn = new PayPalIPNParameters(Request.Form, Request.BinaryRead(Request.ContentLength));
                // Here there is no check about the validity of the PayPal response (IPN),
                // because it's just a message displayed to the customer.
                // Everything is checked in the NOTIFY case received from PayPal in the PayPalIPN.aspx page.
                switch (ipn.payment_status.ToLower())
                {
                case "completed":
                    InvokePaymentSucceeded();
                    break;

                default:
                    InvokePaymentRequiresConfirmation();
                    break;
                }
                CheckoutControl.Hide();
                pnlProceedToPayPal.Visible = false;
                return;
            }
            }

            if (nav.GatewayExit.Length > 0)
            {
                //If the PayPalExit is anything else with length > 0, then don't do any processing
                HttpContext.Current.Response.Redirect(Common.Globals.NavigateURL(PortalSettings.ActiveTab.TabID), false);
                return;
            }

            // Continue with display of payment control...
            if (Page.IsPostBack == false)
            {
                PayPalSettings settings = new PayPalSettings(StoreSettings.GatewaySettings);
                if (!settings.IsValid())
                {
                    lblError.Text              = Localization.GetString("GatewayNotConfigured", LocalResourceFile);
                    lblError.Visible           = true;
                    pnlProceedToPayPal.Visible = false;
                    return;
                }

                SurchargePercent = settings.SurchargePercent;
                SurchargeFixed   = settings.SurchargeFixed;

                btnConfirmOrder.Attributes.Add("OnClick", ScriptAvoidDoubleClick(btnConfirmOrder, Localization.GetString("Processing", this.LocalResourceFile)));
                string message = Localization.GetString("lblConfirmMessage", LocalResourceFile);
                lblConfirmMessage.Text = string.Format(message, PortalSettings.PortalName);
                message = Localization.GetString("paypalimage", LocalResourceFile);
                paypalimage.AlternateText = message;

                lblError.Text        = string.Empty;
                lblError.Visible     = false;
                paypalimage.ImageUrl = settings.ButtonURL;
            }
        }