protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { // Used parts from https://www.paypaltech.com/PDTGen/ // Visit above URL to auto-generate PDT script authToken = WebConfigurationManager.AppSettings["PDTToken"]; //read in txn token from querystring txToken = Request.QueryString.Get("tx"); query = string.Format("cmd=_notify-synch&tx={0}&at={1}", txToken, authToken); // Create the request back string url = WebConfigurationManager.AppSettings["PayPalSubmitUrl"]; HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url); // Set values for the request back req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; req.ContentLength = query.Length; // Write the request back IPN strings StreamWriter stOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII); stOut.Write(query); stOut.Close(); // Do the request to PayPal and get the response StreamReader stIn = new StreamReader(req.GetResponse().GetResponseStream()); strResponse = stIn.ReadToEnd(); stIn.Close(); string CustomerID = GetCustomerID(); PDTHolder pdt = PDTHolder.Parse(strResponse); CustomerPDTDataSetTableAdapters.CustomerStartingPaymentTableAdapter CustomerPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerStartingPaymentTableAdapter(); CustomerPDTDataSet.CustomerStartingPaymentDataTable CustomerPDTTable = new CustomerPDTDataSet.CustomerStartingPaymentDataTable(); CustomerPDTAdapter.FillVerifyTransaction(CustomerPDTTable, Convert.ToInt32(pdt.Custom)); // If response was SUCCESS, parse response string and output details //The payment is succesful if (strResponse.StartsWith("SUCCESS")) { //If there is no match //The customer close the windows. //If There is a match //The customer return back to the confirmation page. foreach (DataRow row in CustomerPDTTable) { CustomerPDTDataSetTableAdapters.QueriesTableAdapter CustomerPDT = new CustomerPDTDataSetTableAdapters.QueriesTableAdapter(); if (pdt.Custom.ToString() == row["ProjectID"].ToString() && pdt.Currency.ToString() == row["CurrencyCode"].ToString() && (row["Amount"].ToString() == pdt.GrossTotal.ToString())) { //Insert it only 1 time ////Sucessful PDT//// CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter CustomerSuccessfulPDTAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter(); CustomerPDTDataSet.CustomerSuccessfulPDTDataTable CustomerSuccessfulPDTTable = new CustomerPDTDataSet.CustomerSuccessfulPDTDataTable(); CustomerSuccessfulPDTAdapter.FillCustomerSuccededPDT(CustomerSuccessfulPDTTable, Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom.ToString())); if (CustomerSuccessfulPDTTable.Rows.Count == 0) { CustomerPDT.SuccessPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken , pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom)); CustomerPDT.AddCustomerPendingTransaction(Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom)); string sucessmessage = pdt.PayerFirstName + " " + pdt.PayerFirstName + "<br/>"; sucessmessage += Resources.Resource.PaymentOf + " "; sucessmessage += pdt.Currency + " " + pdt.GrossTotal + Resources.Resource.PaymentProcessed + "<br/>"; sucessmessage += Resources.Resource.Sincerely + "<br/>"; sucessmessage += Resources.Resource.YourSideJobTeam + "<br/>"; } else { HiddenLabel.Text = Resources.Resource.AlreadyPaid; } } else { //Potential Hack CustomerPDT.HackedPDT(pdt.GrossTotal, pdt.InvoiceNumber, pdt.PaymentStatus, pdt.PayerFirstName, pdt.PayerLastName, pdt.PaymentFee, pdt.BusinessEmail, txToken , pdt.ReceiverEmail, pdt.ItemName, pdt.Currency, pdt.TransactionId, pdt.Custom, "no subscriber", Convert.ToInt32(CustomerID), Convert.ToInt32(pdt.Custom)); //Email The Hacker and Admin string failuremessage = pdt.PayerFirstName + " " + pdt.PayerFirstName + "<br/>"; failuremessage += Resources.Resource.FailedTransaction + "<br/>"; failuremessage += Resources.Resource.FailurePDT; HiddenLabel.Text = failuremessage; } } } else { string failuremessage = pdt.PayerFirstName + " " + pdt.PayerFirstName + "<br/>"; failuremessage += Resources.Resource.FailedTransaction + "<br/>"; failuremessage += Resources.Resource.FailurePDT; HiddenLabel.Text = failuremessage; } } }
protected bool PaymentMade(string CustomerID, string ProjectID) { bool result = false; //// Checking if Payment for this project were already submitted by Customer //// CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter CustomerCheckAdapter = new CustomerPDTDataSetTableAdapters.CustomerSuccessfulPDTTableAdapter(); CustomerPDTDataSet.CustomerSuccessfulPDTDataTable CustomerCheckTable = new CustomerPDTDataSet.CustomerSuccessfulPDTDataTable(); CustomerCheckAdapter.FillCheck(CustomerCheckTable, Convert.ToInt32(CustomerID.ToString()), Convert.ToInt32(ProjectID.ToString())); //There can be only 1 row or 0 row if (CustomerCheckTable.Rows.Count == 1) { if ((string.Equals(CustomerCheckTable.Rows[0]["CurrencyCode"].ToString(), CurrencyDropDownList.SelectedValue.ToString())) && (string.Equals(CustomerCheckTable.Rows[0]["GrossTotal"].ToString(), Amount.Text.ToString()))) { string sucessmessage = CustomerCheckTable.Rows[0]["FirstName"].ToString() + CustomerCheckTable.Rows[0]["LastName"].ToString() + ",<br/>"; sucessmessage += Resource.ThankPayment + "<br/>"; sucessmessage += Resource.PaymentOf + CustomerCheckTable.Rows[0]["CurrencyCode"].ToString() + CustomerCheckTable.Rows[0]["GrossTotal"].ToString() + Resource.PaymentProcessed + "<br/><br/>"; sucessmessage += Resource.Sincerely + "<br/>"; sucessmessage += Resource.YourSideJobTeam + "<br/>"; HiddenLabel.Text = sucessmessage; result = true; } else { string failuremessage = CustomerCheckTable.Rows[0]["FirstName"].ToString() + CustomerCheckTable.Rows[0]["LastName"].ToString() + ",<br/>"; failuremessage += Resource.FailedTransaction + "<br/>"; failuremessage += Resource.FailurePDT; HiddenLabel.Text = failuremessage; result = false; } } else if (CustomerCheckTable.Rows.Count > 1) { EmailAdmin(String.Format("Multiple Payment from Customer {0} for Projet {1}", CustomerID.ToString(), ProjectID.ToString()), "Check CustomerSuccessfulPDT Table", "*****@*****.**"); result = true; } return result; }