protected void ProcessIpn(IPNHolder pdt, string CustomerID)
{
// 1 //check that receiver_email is your Primary PayPal email
// 2 //check the payment_status is Completed
// 3 //check that payment_amount/payment_currency are correct
// 4 //check that txn_id has not been previously processed
// 5 //process payment
//Customer IPN//
CustomerPDTDataSetTableAdapters.CustomerIPNTableAdapter CustomerIPNTPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerIPNTableAdapter();
CustomerPDTDataSet.CustomerIPNDataTable CustomerIPNTable = new CustomerPDTDataSet.CustomerIPNDataTable();
CustomerIPNTPDTAdapter.FillCustomerIPN(CustomerIPNTable);
//Successful PDT//
CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter CustomerSuccessfulPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter();
CustomerPDTDataSet.CustomerSuccessfulPDTDataTable CustomerSuccessfulPDTTable = new CustomerPDTDataSet.CustomerSuccessfulPDTDataTable();
//Suspicious IPN//
CustomerPDTDataSetTableAdapters.CustomerSuspiciousIPNTableAdapter CustomerSuspiciousIPNAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuspiciousIPNTableAdapter();
CustomerPDTDataSet.CustomerSuspiciousIPNDataTable CustomerSuspiciousIPNTable = new CustomerPDTDataSet.CustomerSuspiciousIPNDataTable();
//Transaction History//
CustomerPDTDataSetTableAdapters.QueriesTableAdapter CustomerPDT = new CustomerPDTDataSetTableAdapters.QueriesTableAdapter();
foreach (DataRow row in CustomerIPNTable.Rows)
{
//1///check that receiver_email is your Primary PayPal email
if (row["ReceiverEmail"].ToString() == "*****@*****.**")
{
//2//check the payment_status is Completed
if (row["PaymentStatus"].ToString() == "Completed")
{
//3//check that payment_amount/payment_currency are correct
CustomerSuccessfulPDTAdapter.FillCustomerSuccededPDT(CustomerSuccessfulPDTTable, Convert.ToInt32(CustomerID), Convert.ToInt32(row["ProjectID"].ToString()));
foreach (DataRow row1 in CustomerSuccessfulPDTTable.Rows)
{
if ((string.Equals(row1["CurrencyCode"].ToString(), row["CurrencyCode"].ToString())) && (string.Equals(row1["GrossTotal"].ToString(), row["GrossTotal"].ToString())))
{
//Customer had the confirmation page and the amount is right
//Successful IPN//
CustomerPDTDataSetTableAdapters.CustomerSuccesfulIPNTableAdapter CustomerSuccessfulIPNAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccesfulIPNTableAdapter();
CustomerPDTDataSet.CustomerSuccesfulIPNDataTable CustomerSuccessfulIPNTable = new CustomerPDTDataSet.CustomerSuccesfulIPNDataTable();
//4//check that txn_id has not been previously processed
CustomerSuccessfulIPNAdapter.FillByTransactionID(CustomerSuccessfulIPNTable, Convert.ToInt32(row["ProjectID"].ToString()), Convert.ToInt32(CustomerID), row["TransactionId"].ToString());
if (CustomerSuccessfulIPNTable.Rows.Count == 0)
{
//Insert a new record
CustomerSuccessfulIPNAdapter.AddTransaction(Convert.ToInt32(row["IPNID"].ToString()));
//Successful IPN
CustomerPDT.AddCustomerTransactionHistory(Convert.ToInt32(CustomerID),
Convert.ToInt32(row["ProjectID"].ToString()), 0);
//EmailBuyer
EmailBuyer(Resources.Resource.PaypalSuccessfulHeader, "Success", pdt._payerEmail.ToString(), pdt);
//EmailAdmin
EmailAdmin(("Successful Payment"), pdt);
}
else
{
//the record already exist.Don't do anything.
}
}
else
{
//Suspicicous GrossTotal , CurrencyCode or ProjectID
//Customer Close the window or Hacked
//Insert a new record to Suspicious
///Suspicious Checking IPN////
CustomerPDTDataSetTableAdapters.CustomerSuspiousVerificationTableAdapter CustomerSuspiciousCheckinIPNAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuspiousVerificationTableAdapter();
CustomerPDTDataSet.CustomerSuspiousVerificationDataTable CustomerSuspiciousCheckinIPNTable = new CustomerPDTDataSet.CustomerSuspiousVerificationDataTable();
CustomerSuspiciousCheckinIPNAdapter.FillCheck(CustomerSuspiciousCheckinIPNTable, Convert.ToInt32(row["ProjectID"].ToString()), Convert.ToInt32(CustomerID.ToString()));
//4//check that IPNID has not been previously processed
if (CustomerSuspiciousCheckinIPNTable.Rows.Count == 0)
{
CustomerSuspiciousIPNAdapter.AddTransactionByID(Convert.ToInt32(row["IPNID"].ToString()));
CustomerSuspiciousIPNAdapter.UpdatePendingReason("Suspicious Amount", (Convert.ToInt32(row["IPNID"].ToString())));
//EmailAdmin
EmailAdmin(("Suspicious Payment"), pdt);
//Suspicious IPN
CustomerPDT.AddCustomerTransactionHistory(Convert.ToInt32(CustomerID),
Convert.ToInt32(row["ProjectID"].ToString()), 1);
}
}
} //3//check that payment_amount/payment_currency are correct
}//2//
else
{
}//2//check the payment_status is Completed
}//1//
else
{
} //1//check that receiver_email is your Primary PayPal email
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
// Used parts from https://www.paypaltech.com/PDTGen/
// Visit above URL to auto-generate PDT script
authToken = WebConfigurationManager.AppSettings["PDTToken"];
//read in txn token from querystring
txToken = Request.QueryString.Get("tx");
query = string.Format("cmd=_notify-synch&tx={0}&at={1}", txToken, authToken);
// Create the request back
string url = WebConfigurationManager.AppSettings["PayPalSubmitUrl"];
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
// Set values for the request back
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
req.ContentLength = query.Length;
// Write the request back IPN strings
StreamWriter stOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
stOut.Write(query);
stOut.Close();
// Do the request to PayPal and get the response
StreamReader stIn = new StreamReader(req.GetResponse().GetResponseStream());
strResponse = stIn.ReadToEnd();
stIn.Close();
string CustomerID = GetCustomerID();
PDTHolder pdt = PDTHolder.Parse(strResponse);
CustomerPDTDataSetTableAdapters.CustomerStartingPaymentTableAdapter CustomerPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerStartingPaymentTableAdapter();
CustomerPDTDataSet.CustomerStartingPaymentDataTable CustomerPDTTable = new CustomerPDTDataSet.CustomerStartingPaymentDataTable();
CustomerPDTAdapter.FillVerifyTransaction(CustomerPDTTable, Convert.ToInt32(pdt.Custom));
// If response was SUCCESS, parse response string and output details
//The payment is succesful
if (strResponse.StartsWith("SUCCESS"))
{
//If there is no match
//The customer close the windows.
//If There is a match
//The customer return back to the confirmation page.
foreach (DataRow row in CustomerPDTTable)
{
CustomerPDTDataSetTableAdapters.QueriesTableAdapter CustomerPDT = new CustomerPDTDataSetTableAdapters.QueriesTableAdapter();
if (pdt.Custom.ToString() == row["ProjectID"].ToString() && pdt.Currency.ToString() == row["CurrencyCode"].ToString() && (row["Amount"].ToString() == pdt.GrossTotal.ToString()))
{
//Insert it only 1 time
////Sucessful PDT////
CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter CustomerSuccessfulPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter();
CustomerPDTDataSet.CustomerSuccessfulPDTDataTable CustomerSuccessfulPDTTable = new CustomerPDTDataSet.CustomerSuccessfulPDTDataTable();
CustomerSuccessfulPDTAdapter.FillCustomerSuccededPDT(CustomerSuccessfulPDTTable, Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom.ToString()));
if (CustomerSuccessfulPDTTable.Rows.Count == 0)
{
CustomerPDT.SuccessPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken
, pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom));
CustomerPDT.AddCustomerPendingTransaction(Convert.ToInt32(CustomerID),
Convert.ToInt32(pdt.Custom));
string sucessmessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
sucessmessage += Resources.Resource.PaymentOf + " ";
sucessmessage += pdt.Currency + " " + pdt.GrossTotal +
Resources.Resource.PaymentProcessed + "<br/>";
sucessmessage += Resources.Resource.Sincerely + "<br/>";
sucessmessage += Resources.Resource.YourSideJobTeam + "<br/>";
}
else
{
HiddenLabel.Text = Resources.Resource.AlreadyPaid;
}
}
else
{
//Potential Hack
CustomerPDT.HackedPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken
, pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom));
//Email The Hacker and Admin
string failuremessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
failuremessage += Resources.Resource.FailedTransaction + "<br/>";
failuremessage += Resources.Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
}
}
}
else
{
string failuremessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
failuremessage += Resources.Resource.FailedTransaction + "<br/>";
failuremessage += Resources.Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
}
}
}
protected bool PaymentMade(string CustomerID, string ProjectID)
{
bool result = false;
//// Checking if Payment for this project were already submitted by Customer ////
CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter CustomerCheckAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter();
CustomerPDTDataSet.CustomerSuccessfulPDTDataTable CustomerCheckTable = new CustomerPDTDataSet.CustomerSuccessfulPDTDataTable();
CustomerCheckAdapter.FillCheck(CustomerCheckTable, Convert.ToInt32(CustomerID.ToString()), Convert.ToInt32(ProjectID.ToString()));
//There can be only 1 row or 0 row
if (CustomerCheckTable.Rows.Count == 1)
{
if ((string.Equals(CustomerCheckTable.Rows[0]["CurrencyCode"].ToString(), CurrencyDropDownList.SelectedValue.ToString())) && (string.Equals(CustomerCheckTable.Rows[0]["GrossTotal"].ToString(), Amount.Text.ToString())))
{
string sucessmessage = CustomerCheckTable.Rows[0]["FirstName"].ToString() +
CustomerCheckTable.Rows[0]["LastName"].ToString() + ",<br/>";
sucessmessage += Resource.ThankPayment + "<br/>";
sucessmessage += Resource.PaymentOf + CustomerCheckTable.Rows[0]["CurrencyCode"].ToString() +
CustomerCheckTable.Rows[0]["GrossTotal"].ToString() + Resource.PaymentProcessed + "<br/><br/>";
sucessmessage += Resource.Sincerely + "<br/>";
sucessmessage += Resource.YourSideJobTeam + "<br/>";
HiddenLabel.Text = sucessmessage;
result = true;
}
else
{
string failuremessage = CustomerCheckTable.Rows[0]["FirstName"].ToString() +
CustomerCheckTable.Rows[0]["LastName"].ToString() + ",<br/>";
failuremessage += Resource.FailedTransaction + "<br/>";
failuremessage += Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
result = false;
}
}
else if (CustomerCheckTable.Rows.Count > 1)
{
EmailAdmin(String.Format("Multiple Payment from Customer {0} for Projet {1}", CustomerID.ToString(),
ProjectID.ToString()), "Check CustomerSuccessfulPDT Table", "*****@*****.**");
result = true;
}
return result;
}
