protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { // Used parts from https://www.paypaltech.com/PDTGen/ // Visit above URL to auto-generate PDT script authToken = WebConfigurationManager.AppSettings["PROPDTToken"]; //read in txn token from querystring txToken = Request.QueryString.Get("tx"); query = string.Format("cmd=_notify-synch&tx={0}&at={1}", txToken, authToken); // Create the request back string url = WebConfigurationManager.AppSettings["PayPalSubmitUrl"]; HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url); // Set values for the request back req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; req.ContentLength = query.Length; // Write the request back IPN strings StreamWriter stOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII); stOut.Write(query); stOut.Close(); // Do the request to PayPal and get the response StreamReader stIn = new StreamReader(req.GetResponse().GetResponseStream()); strResponse = stIn.ReadToEnd(); stIn.Close(); string ProID = GetProfessionalID(); PDTHolder pdt = PDTHolder.Parse(strResponse); ProfessionalPDTDataSetTableAdapters.ProfessionalStartingPaymentTableAdapter ProfessionalPDTAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalStartingPaymentTableAdapter(); ProfessionalPDTDataSet.ProfessionalStartingPaymentDataTable ProfessionalPDTTable = new ProfessionalPDTDataSet.ProfessionalStartingPaymentDataTable(); ProfessionalPDTAdapter.FillVerifyTransaction(ProfessionalPDTTable, Convert.ToInt32(pdt.Custom)); // If response was SUCCESS, parse response string and output details //The payment is succesful if (strResponse.StartsWith("SUCCESS")) { //If there is no match //The Professional close the windows. //If There is a match //The Professional return back to the confirmation page. foreach (DataRow row in ProfessionalPDTTable) { ProfessionalPDTDataSetTableAdapters.QueriesTableAdapter ProfessionalPDT = new ProfessionalPDTDataSetTableAdapters.QueriesTableAdapter(); if (pdt.Custom.ToString() == row["ProjectID"].ToString() && pdt.Currency.ToString() == row["CurrencyCode"].ToString() && (row["Amount"].ToString() == pdt.GrossTotal.ToString())) { //Insert it only 1 time ////Sucessful PDT//// ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter ProfessionalSuccessfulPDTAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter(); ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable ProfessionalSuccessfulPDTTable = new ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable(); ProfessionalSuccessfulPDTAdapter.FillProfessionalSuccededPDT(ProfessionalSuccessfulPDTTable, Convert.ToInt32(ProID), Convert.ToInt32(pdt.Custom.ToString())); if (ProfessionalSuccessfulPDTTable.Rows.Count == 0) { ProfessionalPDT.SuccessPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken , pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(ProID), Convert.ToInt32(pdt.Custom)); ProfessionalPDT.AddProfessionalPendingTransaction(Convert.ToInt32(ProID), Convert.ToInt32(pdt.Custom)); string sucessmessage = pdt.PayerFirstName + " " + pdt.PayerFirstName + "<br/>"; sucessmessage += Resources.Resource.PaymentOf + " "; sucessmessage += pdt.Currency + " " + pdt.GrossTotal + Resources.Resource.PaymentProcessed + "<br/>"; sucessmessage += Resources.Resource.Sincerely + "<br/>"; sucessmessage += Resources.Resource.YourSideJobTeam + "<br/>"; } else { HiddenLabel.Text = Resources.Resource.AlreadyPaid; } } else { //Potential Hack ProfessionalPDT.HackedPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken , pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(ProID), Convert.ToInt32(pdt.Custom)); //Email The Hacker and Admin string failuremessage = pdt.PayerFirstName + " " + pdt.PayerFirstName + "<br/>"; failuremessage += Resources.Resource.FailedTransaction + "<br/>"; failuremessage += Resources.Resource.FailurePDT; HiddenLabel.Text = failuremessage; } } } else { string failuremessage = pdt.PayerFirstName + " " + pdt.PayerFirstName + "<br/>"; failuremessage += Resources.Resource.FailedTransaction + "<br/>"; failuremessage += Resources.Resource.FailurePDT; HiddenLabel.Text = failuremessage; } } }
protected bool PaymentMade(string ProfessionalID, string ProjectID) { bool result = false; //// Checking if Payment for this project were already submitted by Professional //// ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter ProfessionalCheckAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter(); ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable ProfessionalCheckTable = new ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable(); ProfessionalCheckAdapter.FillCheck(ProfessionalCheckTable, Convert.ToInt32(ProfessionalID.ToString()), Convert.ToInt32(ProjectID.ToString())); //There can be only 1 row or 0 row if (ProfessionalCheckTable.Rows.Count == 1) { if ((string.Equals(ProfessionalCheckTable.Rows[0]["CurrencyCode"].ToString(), CurrencyDropDownList.SelectedValue.ToString())) && (string.Equals(ProfessionalCheckTable.Rows[0]["GrossTotal"].ToString(), Amount.Text.ToString()))) { string sucessmessage = ProfessionalCheckTable.Rows[0]["FirstName"].ToString() + ProfessionalCheckTable.Rows[0]["LastName"].ToString() + ",<br/>"; sucessmessage += Resource.ThankPayment + "<br/>"; sucessmessage += Resource.PaymentOf + ProfessionalCheckTable.Rows[0]["CurrencyCode"].ToString() + ProfessionalCheckTable.Rows[0]["GrossTotal"].ToString() + Resource.PaymentProcessed + "<br/><br/>"; sucessmessage += Resource.Sincerely + "<br/>"; sucessmessage += Resource.YourSideJobTeam + "<br/>"; HiddenLabel.Text = sucessmessage; result = true; } else { string failuremessage = ProfessionalCheckTable.Rows[0]["FirstName"].ToString() + ProfessionalCheckTable.Rows[0]["LastName"].ToString() + ",<br/>"; failuremessage += Resource.FailedTransaction + "<br/>"; failuremessage += Resource.FailurePDT; HiddenLabel.Text = failuremessage; result = false; } } else if (ProfessionalCheckTable.Rows.Count > 1) { EmailAdmin(String.Format("Multiple Payment from Professional {0} for Projet {1}", ProfessionalID.ToString(), ProjectID.ToString()), "Check ProfessionalSuccessfulPDT Table", "*****@*****.**"); result = true; } return result; }
protected void ProcessIpn(IPNHolder pdt, string ProfessionalID) { // 1 //check that receiver_email is your Primary PayPal email // 2 //check the payment_status is Completed // 3 //check that payment_amount/payment_currency are correct // 4 //check that txn_id has not been previously processed // 5 //process payment //Professional IPN// ProfessionalPDTDataSetTableAdapters.ProfessionalIPNTableAdapter ProfessionalIPNTPDTAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalIPNTableAdapter(); ProfessionalPDTDataSet.ProfessionalIPNDataTable ProfessionalIPNTable = new ProfessionalPDTDataSet.ProfessionalIPNDataTable(); ProfessionalIPNTPDTAdapter.FillProfessionalIPN(ProfessionalIPNTable); //Successful PDT// ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter ProfessionalSuccessfulPDTAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuccessfulPDTTableAdapter(); ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable ProfessionalSuccessfulPDTTable = new ProfessionalPDTDataSet.ProfessionalSuccessfulPDTDataTable(); //Suspicious IPN// ProfessionalPDTDataSetTableAdapters.ProfessionalSuspiciousIPNTableAdapter ProfessionalSuspiciousIPNAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuspiciousIPNTableAdapter(); ProfessionalPDTDataSet.ProfessionalSuspiciousIPNDataTable ProfessionalSuspiciousIPNTable = new ProfessionalPDTDataSet.ProfessionalSuspiciousIPNDataTable(); //Transaction History// ProfessionalPDTDataSetTableAdapters.QueriesTableAdapter ProfessionalPDT = new ProfessionalPDTDataSetTableAdapters.QueriesTableAdapter(); foreach (DataRow row in ProfessionalIPNTable.Rows) { //1///check that receiver_email is your Primary PayPal email if (row["ReceiverEmail"].ToString() == "*****@*****.**") { //2//check the payment_status is Completed if (row["PaymentStatus"].ToString() == "Completed") { //3//check that payment_amount/payment_currency are correct ProfessionalSuccessfulPDTAdapter.FillProfessionalSuccededPDT(ProfessionalSuccessfulPDTTable, Convert.ToInt32(ProfessionalID), Convert.ToInt32(row["ProjectID"].ToString())); foreach (DataRow row1 in ProfessionalSuccessfulPDTTable.Rows) { if ((string.Equals(row1["CurrencyCode"].ToString(), row["CurrencyCode"].ToString())) && (string.Equals(row1["GrossTotal"].ToString(), row["GrossTotal"].ToString()))) { //Professional had the confirmation page and the amount is right //Successful IPN// ProfessionalPDTDataSetTableAdapters.ProfessionalSuccesfulIPNTableAdapter ProfessionalSuccessfulIPNAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuccesfulIPNTableAdapter(); ProfessionalPDTDataSet.ProfessionalSuccesfulIPNDataTable ProfessionalSuccessfulIPNTable = new ProfessionalPDTDataSet.ProfessionalSuccesfulIPNDataTable(); //4//check that txn_id has not been previously processed ProfessionalSuccessfulIPNAdapter.FillByTransactionID(ProfessionalSuccessfulIPNTable, Convert.ToInt32(row["ProjectID"].ToString()), Convert.ToInt32(ProfessionalID), row["TransactionId"].ToString()); if (ProfessionalSuccessfulIPNTable.Rows.Count == 0) { //Insert a new record ProfessionalSuccessfulIPNAdapter.AddTransaction(Convert.ToInt32(row["IPNID"].ToString())); //Successful IPN ProfessionalPDT.AddProfessionalTransactionHistory(Convert.ToInt32(ProfessionalID), Convert.ToInt32(row["ProjectID"].ToString()), 0); //EmailBuyer EmailBuyer(Resources.Resource.PaypalSuccessfulHeader, "Success", pdt._payerEmail.ToString(), pdt); //EmailAdmin EmailAdmin(("Successful Payment"), pdt); } else { //the record already exist.Don't do anything. } } else { //Suspicicous GrossTotal , CurrencyCode or ProjectID //Professional Close the window or Hacked //Insert a new record to Suspicious ///Suspicious Checking IPN//// ProfessionalPDTDataSetTableAdapters.ProfessionalSuspiciousVerificationTableAdapter ProfessionalSuspiciousCheckinIPNAdapter = new ProfessionalPDTDataSetTableAdapters.ProfessionalSuspiciousVerificationTableAdapter(); ProfessionalPDTDataSet.ProfessionalSuspiciousVerificationDataTable ProfessionalSuspiciousCheckinIPNTable = new ProfessionalPDTDataSet.ProfessionalSuspiciousVerificationDataTable(); ProfessionalSuspiciousCheckinIPNAdapter.FillCheck(ProfessionalSuspiciousCheckinIPNTable, Convert.ToInt32(row["ProjectID"].ToString()), Convert.ToInt32(ProfessionalID.ToString())); //4//check that IPNID has not been previously processed if (ProfessionalSuspiciousCheckinIPNTable.Rows.Count == 0) { ProfessionalSuspiciousIPNAdapter.AddTransactionByID(Convert.ToInt32(row["IPNID"].ToString())); ProfessionalSuspiciousIPNAdapter.UpdatePendingReason("Suspicious Amount", (Convert.ToInt32(row["IPNID"].ToString()))); //EmailAdmin EmailAdmin(("Suspicious Payment"), pdt); //Suspicious IPN ProfessionalPDT.AddProfessionalTransactionHistory(Convert.ToInt32(ProfessionalID), Convert.ToInt32(row["ProjectID"].ToString()), 1); } } } //3//check that payment_amount/payment_currency are correct }//2// else { }//2//check the payment_status is Completed }//1// else { } //1//check that receiver_email is your Primary PayPal email } }