protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
// Used parts from https://www.paypaltech.com/PDTGen/
// Visit above URL to auto-generate PDT script
authToken = WebConfigurationManager.AppSettings["PDTToken"];
//read in txn token from querystring
txToken = Request.QueryString.Get("tx");
query = string.Format("cmd=_notify-synch&tx={0}&at={1}", txToken, authToken);
// Create the request back
string url = WebConfigurationManager.AppSettings["PayPalSubmitUrl"];
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
// Set values for the request back
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
req.ContentLength = query.Length;
// Write the request back IPN strings
StreamWriter stOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
stOut.Write(query);
stOut.Close();
// Do the request to PayPal and get the response
StreamReader stIn = new StreamReader(req.GetResponse().GetResponseStream());
strResponse = stIn.ReadToEnd();
stIn.Close();
string CustomerID = GetCustomerID();
PDTHolder pdt = PDTHolder.Parse(strResponse);
CustomerPDTDataSetTableAdapters.CustomerStartingPaymentTableAdapter CustomerPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerStartingPaymentTableAdapter();
CustomerPDTDataSet.CustomerStartingPaymentDataTable CustomerPDTTable = new CustomerPDTDataSet.CustomerStartingPaymentDataTable();
CustomerPDTAdapter.FillVerifyTransaction(CustomerPDTTable, Convert.ToInt32(pdt.Custom));
// If response was SUCCESS, parse response string and output details
//The payment is succesful
if (strResponse.StartsWith("SUCCESS"))
{
//If there is no match
//The customer close the windows.
//If There is a match
//The customer return back to the confirmation page.
foreach (DataRow row in CustomerPDTTable)
{
CustomerPDTDataSetTableAdapters.QueriesTableAdapter CustomerPDT = new CustomerPDTDataSetTableAdapters.QueriesTableAdapter();
if (pdt.Custom.ToString() == row["ProjectID"].ToString() && pdt.Currency.ToString() == row["CurrencyCode"].ToString() && (row["Amount"].ToString() == pdt.GrossTotal.ToString()))
{
//Insert it only 1 time
////Sucessful PDT////
CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter CustomerSuccessfulPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter();
CustomerPDTDataSet.CustomerSuccessfulPDTDataTable CustomerSuccessfulPDTTable = new CustomerPDTDataSet.CustomerSuccessfulPDTDataTable();
CustomerSuccessfulPDTAdapter.FillCustomerSuccededPDT(CustomerSuccessfulPDTTable, Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom.ToString()));
if (CustomerSuccessfulPDTTable.Rows.Count == 0)
{
CustomerPDT.SuccessPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken
, pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom));
CustomerPDT.AddCustomerPendingTransaction(Convert.ToInt32(CustomerID),
Convert.ToInt32(pdt.Custom));
string sucessmessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
sucessmessage += Resources.Resource.PaymentOf + " ";
sucessmessage += pdt.Currency + " " + pdt.GrossTotal +
Resources.Resource.PaymentProcessed + "<br/>";
sucessmessage += Resources.Resource.Sincerely + "<br/>";
sucessmessage += Resources.Resource.YourSideJobTeam + "<br/>";
}
else
{
HiddenLabel.Text = Resources.Resource.AlreadyPaid;
}
}
else
{
//Potential Hack
CustomerPDT.HackedPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken
, pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom));
//Email The Hacker and Admin
string failuremessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
failuremessage += Resources.Resource.FailedTransaction + "<br/>";
failuremessage += Resources.Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
}
}
}
else
{
string failuremessage = pdt.PayerFirstName + " " +
pdt.PayerFirstName + "<br/>";
failuremessage += Resources.Resource.FailedTransaction + "<br/>";
failuremessage += Resources.Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
}
}
}
protected bool PaymentMade(string CustomerID, string ProjectID)
{
bool result = false;
//// Checking if Payment for this project were already submitted by Customer ////
CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter CustomerCheckAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter();
CustomerPDTDataSet.CustomerSuccessfulPDTDataTable CustomerCheckTable = new CustomerPDTDataSet.CustomerSuccessfulPDTDataTable();
CustomerCheckAdapter.FillCheck(CustomerCheckTable, Convert.ToInt32(CustomerID.ToString()), Convert.ToInt32(ProjectID.ToString()));
//There can be only 1 row or 0 row
if (CustomerCheckTable.Rows.Count == 1)
{
if ((string.Equals(CustomerCheckTable.Rows[0]["CurrencyCode"].ToString(), CurrencyDropDownList.SelectedValue.ToString())) && (string.Equals(CustomerCheckTable.Rows[0]["GrossTotal"].ToString(), Amount.Text.ToString())))
{
string sucessmessage = CustomerCheckTable.Rows[0]["FirstName"].ToString() +
CustomerCheckTable.Rows[0]["LastName"].ToString() + ",<br/>";
sucessmessage += Resource.ThankPayment + "<br/>";
sucessmessage += Resource.PaymentOf + CustomerCheckTable.Rows[0]["CurrencyCode"].ToString() +
CustomerCheckTable.Rows[0]["GrossTotal"].ToString() + Resource.PaymentProcessed + "<br/><br/>";
sucessmessage += Resource.Sincerely + "<br/>";
sucessmessage += Resource.YourSideJobTeam + "<br/>";
HiddenLabel.Text = sucessmessage;
result = true;
}
else
{
string failuremessage = CustomerCheckTable.Rows[0]["FirstName"].ToString() +
CustomerCheckTable.Rows[0]["LastName"].ToString() + ",<br/>";
failuremessage += Resource.FailedTransaction + "<br/>";
failuremessage += Resource.FailurePDT;
HiddenLabel.Text = failuremessage;
result = false;
}
}
else if (CustomerCheckTable.Rows.Count > 1)
{
EmailAdmin(String.Format("Multiple Payment from Customer {0} for Projet {1}", CustomerID.ToString(),
ProjectID.ToString()), "Check CustomerSuccessfulPDT Table", "*****@*****.**");
result = true;
}
return result;
}
