int insert_new_order(CoachOrder order, MySqlConnection connection)
{
int ordId = 0;
using (var cmd = connection.CreateCommand())
{
cmd.CommandText = "INSERT INTO esc_orders (txn_id, mc_gross, mc_currency, quantity, payer_email, payer_account_id, receiver_id, game_id, success, date, order_status) VALUES (@txnId, @mcGross, @mcCurrency, @qty, @payerMail, @payerid, @recieverId, @gameId, @success, @date, @ord_status)";
cmd.Parameters.AddWithValue("@txnId", order.txn_id);
cmd.Parameters.AddWithValue("@mcGross", order.mc_gross);
cmd.Parameters.AddWithValue("@mcCurrency", order.mc_currency);
cmd.Parameters.AddWithValue("@qty", order.quantity);
cmd.Parameters.AddWithValue("@payerMail", order.payer_mail);
cmd.Parameters.AddWithValue("@payerid", order.payer_account_id);
cmd.Parameters.AddWithValue("@recieverId", order.receiver_id);
cmd.Parameters.AddWithValue("@gameId", order.game_id);
cmd.Parameters.AddWithValue("@success", order.success);
cmd.Parameters.AddWithValue("@date", order.date);
cmd.Parameters.AddWithValue("@ord_status", "New");
cmd.ExecuteNonQuery();
//--Get Recently-Inserted Order-Id--
ordId = (int)cmd.LastInsertedId;
ChatHub c = new ChatHub();
c.SendNewOrderNotification(6, 5);
}
return(ordId);
}
void create_transaction(CoachOrder order, MySqlConnection connection)
{
using (var cmd = connection.CreateCommand())
{
decimal fee = 1.0M;
cmd.CommandText = "INSERT INTO esc_Transactions (Amount, Status, Date, ReceiverId, senderId) VALUES (@amount, @status, @date, @boosterid, @buyerid)";
cmd.Parameters.AddWithValue("@amount", order.mc_gross - fee);
cmd.Parameters.AddWithValue("@status", payment_status.Pending);
cmd.Parameters.AddWithValue("@date", DateTime.UtcNow);
cmd.Parameters.AddWithValue("@boosterid", order.receiver_id);
cmd.Parameters.AddWithValue("@buyerid", order.payer_account_id);
cmd.ExecuteNonQuery();
}
}
public async Task AddAsync(OrderInputModel inputModel)
{
var coachOrder = new CoachOrder
{
BuyerId = inputModel.BuyerId,
CoachId = inputModel.CoachId,
GameName = inputModel.GameName,
Region = inputModel.Region,
DiscordTag = inputModel.DiscordTag,
Hours = inputModel.Hours,
};
await this.coachOrdersRepository.AddAsync(coachOrder);
await this.coachOrdersRepository.SaveChangesAsync();
}
void create_transaction(int OrderId, CoachOrder order, MySqlConnection connection)
{
using (var cmd = connection.CreateCommand())
{
decimal final_price = PriceCalculator.CalculateCutFromTotalPriceWithFee(PriceCalculator.PayType.PayPal, order.mc_gross);
cmd.CommandText = "INSERT INTO esc_Transactions (Amount, Status, Date, ReceiverId, senderId, OrderId) VALUES (@amount, @status, @date, @boosterid, @buyerid, @order_id)";
cmd.Parameters.AddWithValue("@amount", final_price);
cmd.Parameters.AddWithValue("@status", payment_status.Pending.ToString());
cmd.Parameters.AddWithValue("@date", DateTime.UtcNow);
cmd.Parameters.AddWithValue("@boosterid", order.receiver_id);
cmd.Parameters.AddWithValue("@buyerid", order.payer_account_id);
cmd.Parameters.AddWithValue("@order_id", OrderId);
cmd.ExecuteNonQuery();
}
}
void insert_new_order(CoachOrder order, MySqlConnection connection)
{
using (var cmd = connection.CreateCommand())
{
cmd.CommandText = "INSERT INTO esc_orders (txn_id, mc_gross, mc_currency, quantity, payer_email, payer_account_id, receiver_id, game_id, success, date) VALUES (@txnId, @mcGross, @mcCurrency, @qty, @payerMail, @payerid, @recieverId, @gameId, @success, @date)";
cmd.Parameters.AddWithValue("@txnId", order.txn_id);
cmd.Parameters.AddWithValue("@mcGross", order.mc_gross);
cmd.Parameters.AddWithValue("@mcCurrency", order.mc_currency);
cmd.Parameters.AddWithValue("@qty", order.quantity);
cmd.Parameters.AddWithValue("@payerMail", order.payer_mail);
cmd.Parameters.AddWithValue("@payerid", order.payer_account_id);
cmd.Parameters.AddWithValue("@recieverId", order.receiver_id);
cmd.Parameters.AddWithValue("@gameId", order.game_id);
cmd.Parameters.AddWithValue("@success", order.success);
cmd.Parameters.AddWithValue("@date", order.date);
cmd.ExecuteNonQuery();
}
}
//Profile>My Selling Tools>Website preferences> Update
/*
* <form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
* <fieldset>
* <input class="full-width" type="hidden" name="business" value="*****@*****.**">
* <input type="hidden" name="cmd" value="_xclick">
* <input type="hidden" name="item_name" value="Coaching">
* <input type="hidden" name="amount" value="9">
* <input type="hidden" name="currency_code" value="USD" />
*
* <input type="hidden" name="no_shipping" value="1">
*
* <!-- coach_id,game_id -->
* <input type="hidden" name="custom" value="5,2">
*
* <input type=hidden name="RETURNURL"
* value="https://www.escademy.com/IPN">
* <input type="hidden" name="return" value="https://www.escademy.com/IPN">
* <input type="hidden" name="notify_url" value="https://www.escademy.com/IPN">
*
* <button type="submit">Order now!</button>
* </fieldset>
* </form>
*/
// GET: IPN
public ActionResult Index()
{
var order = new CoachOrder();
// Receive IPN request from PayPal and parse all the variables returned
var formVals = new Dictionary <string, string>();
formVals.Add("cmd", "_notify-synch"); //notify-synch_notify-validate
formVals.Add("at", "nrvfK97rEC_fq8xMdrFG3EjQTi2Pv4hhWzKK0dIKd4fK6-TEmizy9wBjI4G");
formVals.Add("tx", Request["tx"]);
// if you want to use the PayPal sandbox change this from false to true
string response = GetPayPalResponse(formVals, useSandbox: true);
if (response.Contains("SUCCESS"))
{
string transactionID = GetPDTValue(response, "txn_id"); // txn_id //d
string sAmountPaid = GetPDTValue(response, "mc_gross"); // d
string sCurrency = GetPDTValue(response, "mc_currency");
var custom_info = GetPDTValue(response, "custom").Split(','); // d
string payerEmail = GetPDTValue(response, "payer_email"); // d
string Item = GetPDTValue(response, "item_name");
string payment_status = GetPDTValue(response, "payment_status");
string sQuantity = custom_info[2];
int.TryParse(sQuantity, System.Globalization.NumberStyles.Number, System.Globalization.CultureInfo.InvariantCulture, out int quantity);
string sPayerId = custom_info[3];
int.TryParse(sPayerId, System.Globalization.NumberStyles.Number, System.Globalization.CultureInfo.InvariantCulture, out int payer_account_id);
//validate the order
decimal amountPaid = 0;
decimal.TryParse(sAmountPaid, System.Globalization.NumberStyles.Number, System.Globalization.CultureInfo.InvariantCulture, out amountPaid);
order.txn_id = transactionID;
order.mc_gross = amountPaid;
order.mc_currency = sCurrency;
order.payer_mail = payerEmail;
order.receiver_id = int.Parse(custom_info[0]);
order.game_id = int.Parse(custom_info[1]);
order.date = DateTime.UtcNow;
order.quantity = quantity;
order.payer_account_id = payer_account_id;
using (var conn = new MySqlConnection(ConnectionString.Get("EscademyMDB")))
{
conn.Open();
if (amountPaid >= retrieve_order_price(order.receiver_id, order.game_id, quantity, conn) - 0.1M &&
sCurrency == "USD" && payment_status == "Completed")
{
var new_order = !check_if_order_exists(transactionID, conn);
if (new_order)
{
order.success = true;
insert_new_order(order, conn);
create_transaction(order, conn);
}
else
{
order.success = false;
}
ViewBag.order = order;
}
else
{
order.success = false;
insert_new_order(order, conn);//Incorrect amount.. just log incident.
}
conn.Close();
}
}
else
{
//error
}
return(View());
}
public ActionResult Details(string tx)
{
#region Insert Order using IPN CODE
var order = new CoachOrder();
// Receive IPN request from PayPal and parse all the variables returned
var formVals = new Dictionary <string, string>();
formVals.Add("cmd", "_notify-synch"); //notify-synch_notify-validate
formVals.Add("at", "wABDeX0w9ivh2l8iWcH1kQOwVmTlOrox0oWCUQeDNqyZHKmBd8GjRy6s6c4");
formVals.Add("tx", Request["tx"]);
// if you want to use the PayPal sandbox change this from false to true
string response = GetPayPalResponse(formVals, useSandbox: false);
if (response.Contains("SUCCESS"))
{
string transactionID = GetPDTValue(response, "txn_id"); // txn_id //d
string sAmountPaid = GetPDTValue(response, "mc_gross"); // d
string sCurrency = GetPDTValue(response, "mc_currency");
var custom_info = GetPDTValue(response, "custom").Split(','); // d
string payerEmail = GetPDTValue(response, "payer_email"); // d
string Item = GetPDTValue(response, "item_name");
string payment_status = GetPDTValue(response, "payment_status");
string receiver_email = GetPDTValue(response, "receiver_email");
string sQuantity = custom_info[2];
int.TryParse(sQuantity, System.Globalization.NumberStyles.Number, System.Globalization.CultureInfo.InvariantCulture, out int quantity);
string sPayerId = custom_info[3];
int.TryParse(sPayerId, System.Globalization.NumberStyles.Number, System.Globalization.CultureInfo.InvariantCulture, out int payer_account_id);
//validate the order
decimal amountPaid = 0;
decimal.TryParse(sAmountPaid, System.Globalization.NumberStyles.Number, System.Globalization.CultureInfo.InvariantCulture, out amountPaid);
order.txn_id = transactionID;
order.mc_gross = amountPaid;
order.mc_currency = sCurrency;
order.payer_mail = payerEmail;
order.receiver_id = int.Parse(custom_info[0]);
order.game_id = int.Parse(custom_info[1]);
order.service_id = int.Parse(custom_info[4]);
order.date = DateTime.UtcNow;
order.quantity = quantity;
order.payer_account_id = payer_account_id;
using (var conn = new MySqlConnection(ConnectionString.Get("EscademyDB")))
{
conn.Open();
if (amountPaid >= PriceCalculator.CalculateTotalPrice(order.service_id, quantity, conn) - 0.1M &&
sCurrency == "USD" &&
payment_status == "Completed" &&
receiver_email.Equals("*****@*****.**", StringComparison.CurrentCultureIgnoreCase))
{
var new_order = !check_if_order_exists(transactionID, conn);
if (new_order)
{
order.success = true;
int OrderId = insert_new_order(order, conn);
create_transaction(OrderId, order, conn);
}
else
{
order.success = false;
}
ViewBag.order = order;
}
else
{
order.success = false;
int OrderId = insert_new_order(order, conn);//Incorrect amount.. just log incident.
}
conn.Close();
}
}
else
{
//error
}
#endregion
#region Get Order-Item Detail by Transaction-Id
var OrderItemDetail = new List <OrderDetailVM>();
string BuyerName = "";
decimal TotalAmount = 0;
string OrderDate = "";
int OrderNo = 0;
int i = 0;
using (var conn = new MySqlConnection(ConnectionString.Get("EscademyDB")))
{
conn.Open();
#region Get Order-Item Detail by Transaction-Id
using (var cmdActiveOrder = conn.CreateCommand())
{
cmdActiveOrder.CommandText = "select concat(a1.FirstName,' ', a1.LastName) as BuyerName,o.Id as OrderNo,o.mc_gross,o.quantity,o.date as OrderedDate,(select pg.Title from esc_profilegames pg where /*pg.accountId=o.receiver_id and*/ pg.gameId=o.game_id limit 1) as ItemName from esc_orders o inner join esc_accounts a1 on o.payer_account_id=a1.Id where o.txn_id=@transactionId";
cmdActiveOrder.Parameters.AddWithValue("@transactionId", tx);
var reader = cmdActiveOrder.ExecuteReader();
while (reader.Read())
{
if (i == 0)
{
BuyerName = reader.GetString("BuyerName");
OrderDate = String.Format("{0:ddd, MMM d, yyyy}", @reader.GetDateTime("OrderedDate"));
OrderNo = reader.GetInt32("OrderNo");
i++;
}
TotalAmount = TotalAmount + reader.GetDecimal("mc_gross");
OrderItemDetail.Add(new OrderDetailVM()
{
ItemName = reader.GetString("ItemName"),
Quantity = reader.GetInt32("quantity"),
Price = reader.GetDecimal("mc_gross"),
});
}
ViewBag.OrderItemList = OrderItemDetail;
ViewBag.TotalAmount = TotalAmount.ToString().Replace(",", ".");
ViewBag.OrderNo = OrderNo;
ViewBag.BuyerName = BuyerName;
ViewBag.OrderDate = OrderDate;
}
#endregion
conn.Close();
}
#endregion
return(View());
}
