php + mysql + paypal

d2u77

Hey I am trying to get this paypal script to work and it sort of does. When I run the test it gives me the variables and updates the database. But when I run it through paypal it only gives me half of the variables and doesn't touch my database. Any ideas? I have included the script. Sorry it is so long.

<?php

/ email address used in the To: and From: fields of the debug email messages. /
$site_email = "mealbert3@attbi.com";

$paypal_receiver_email = "Holla@HipHopG.com";

$accept_unverified = 'yes';

$accept_unconfirmed = 'yes';

$error = 0;
$post_string = '';
$output = '';
$valid_post = '';

$workString = 'cmd=_notify-validate';
/ Get PayPal Payment Notification variables including the encrypted code /
reset($HTTP_POST_VARS);
while(list($key, $val) = each($HTTP_POST_VARS)) {
$post_string .= $key.'='.$val.'&';
$val = stripslashes($val);
$val = urlencode($val);
$workString .= '&' .$key .'=' .$val;
}

if($notify_debug){
$str = $post_string;
$str = str_replace('&', "\n", $str );
$debugmess = "post_string sent from PayPal\n===============================\n$str\n\n";
$str = $workString;
$str = str_replace('&', "\n", $str );
$debugmess .= "workString posted back to PayPal\n==========================\n$str\n\n";

/ mail it to the owner of this script/
mail($site_email, "PayPal Notify Debug Results", $debugmess, $debug_headers);

}

$payment_date = $HTTP_POST_VARS['payment_date'];
$invoice = $HTTP_POST_VARS['invoice'];
$txn_id = $HTTP_POST_VARS['txn_id'];
$item_name = $HTTP_POST_VARS['item_name'];
$quantity = $HTTP_POST_VARS['quantity'];
$payment_status = $HTTP_POST_VARS['payment_status'];
$pending_reason = $HTTP_POST_VARS['pending_reason'];
$payment_gross = $HTTP_POST_VARS['payment_method'];
$first_name = $HTTP_POST_VARS['first_name'];
$last_name = $HTTP_POST_VARS['last_name'];
$address_street = $HTTP_POST_VARS['address_street'];
$address_city = $HTTP_POST_VARS['address_city'];
$address_state = $HTTP_POST_VARS['address_state'];
$address_zip = $HTTP_POST_VARS['address_zip'];
$address_country = $HTTP_POST_VARS['address_country'];
$payer_email = $HTTP_POST_VARS['payer_email'];
$address_status = $HTTP_POST_VARS['address_status'];
$payer_status = $HTTP_POST_VARS['payer_status'];
$subscr_cancel = $HTTP_POST_VARS['subscr_cancel'];
$notify_version = trim(stripslashes($POST['notify_version']));
$verify_sign = trim(stripslashes($POST['verify_sign']));
$business = trim(stripslashes($POST['business']));
$custom = trim(stripslashes($POST['custom']));
$txn_type = trim(stripslashes($_POST['txn_type']));

$settle_amount = trim(stripslashes($POST['settle_amount']));
$settle_currency = trim(stripslashes($POST['settle_currency']));
$exchange_rate = trim(stripslashes($POST['exchange_rate']));
$payment_fee = trim(stripslashes($POST['payment_fee']));
$mc_gross = trim(stripslashes($POST['mc_gross']));
$mc_fee = trim(stripslashes($POST['mc_fee']));
$mc_currency = trim(stripslashes($POST['mc_currency']));
$tax = trim(stripslashes($POST['tax']));
$for_auction = trim(stripslashes($POST['for_auction']));
$memo = trim(stripslashes($POST['memo']));
$option_name1 = trim(stripslashes($POST['option_name1']));
$option_selection1 = trim(stripslashes($POST['option_selection1']));
$option_name2 = trim(stripslashes($POST['option_name2']));
$option_selection2 = trim(stripslashes($POST['option_selection2']));
$num_cart_items = trim(stripslashes($_POST['num_cart_items']));

// subscription variables
$username = trim(stripslashes($POST['username']));
$password = trim(stripslashes($POST['password']));
$subscr_id = trim(stripslashes($POST['subscr_id']));
$subscr_date = trim(stripslashes($POST['subscr_date']));
$subscr_effective = trim(stripslashes($POST['subscr_effective']));
$period3 = trim(stripslashes($POST['period3']));
$amount3 = trim(stripslashes($POST['amount3']));
$mc_amount3 = trim(stripslashes($POST['mc_amount3']));
$recurring = trim(stripslashes($POST['recurring']));
$recur_times = trim(stripslashes($POST['recur_times']));
$subscr_eot = trim(stripslashes($_POST['subscr_eot']));

// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen ($workString) . "\r\n\r\n";
$fp = fsockopen ("www.paypal.com", 80, $errno, $errstr, 30);

if (!$fp) {
// HTTP ERROR
echo "$errstr ($errno)";
} else {
fputs ($fp, $header . $workString);
while (!feof($fp)) {
$output .= fgets ($fp, 1024);
}
fclose ($fp);
}

// remove post headers if present.
$output = preg_replace("'Content-type: text/plain'si","",$output);

$error_lines = split("\n", $error_message);
$i=0;
while($i <= sizeof($error_lines)) {
$error_message_html .= "<p>" .$error_lines[$i];
$i++;
}

// logic for handling the INVALID or VERIFIED responses.
/ valid response from PayPal, update paypal table with response message/

if (ereg('VERIFIED',$output)) {
$valid_post = 'VERIFIED POST';
if (eregi('failed',$payment_status)){
/ invalid - update paypal table with 'invalid' response message/

$debug_status = "updated paypal table with VERIFIED-failed response";
echo "<pre>Your payment failed. Please investigate this with paypal. If you believe this message
is in error please contact the webmaster @ webadmin@hiphopg.com.</pre>";
update_paypal_ipn_table();

} 
else if (eregi('denied',$payment_status)){ 
/* invalid - update paypal table with 'invalid' response message*/  
  $debug_status = "updated paypal table with VERIFIED-denied";
  echo "<pre>Your payment was denied</pre>";
  update_paypal_ipn_table();

} 

 else if (eregi('pending',$payment_status)){ 
/* invalid - update paypal table with 'invalid' response message*/  
  $debug_status = "updated paypal table with VERIFIED-pending";
  echo "<pre>Your payment is pending</pre>";
   update_paypal_ipn_table();

}     

else if ((eregi('Completed',$payment_status)) && ($error == 0)){ 

  if (eregi('unverified',$payer_status)){ 
  /* update paypal table with 'VERIFIED-unverified' response message*/ 
    if($accept_unverified == 'yes'){          
        // set paid = 'yes'
         $debug_status = "updated paypal table with VERIFIED-completed response with unverified payer status";
		 echo "<pre>Your account is unverified but your payment was accepted.</pre>";
          update_paypal_ipn_table();
       }
    else{
        $debug_status = "updated paypal table with VERIFIED-unverified response";
         update_paypal_ipn_table();
    }  
 } 
 else if (eregi('unconfirmed',$address_status)) {  
  /* valid - update paypal table with 'unconfirmed' response message*/ 
  if($accept_unconfirmed == 'yes'){
         // set paid = 'yes'
		 echo "<pre>verified and completed processing request. Thank You. Unconfirmed.</pre>";
        $debug_status = "updated paypal table with VERIFIED-completed response with unconfirmed address status";
        update_paypal_ipn_table();
      }
   else{
        $debug_status = "updated paypal table with VERIFIED-unconfirmed response";
		echo "<pre>Your paypal account is unconfirmed.  Please confirm your account and try again. To confirm your account visit [url]www.paypal.com[/url]</pre>";
         update_paypal_ipn_table();

    }  
  }
  else{

      /* valid-verified , update paypal table with verified response */ 
      $debug_status = "updated paypal table with VERIFIED-completed response, Order Complete";
	  echo "<pre>verified and completed processing request. IMPORTANT: .</pre>";
      update_paypal_ipn_table();

    }
}   // end payment status complete

} // end VERIFIED response from paypal

else if (ereg('INVALID',$output)) {
$valid_post = 'INVALID POST';
/ invalid - update paypal table with 'invalid' response message/
echo "<pre>Your recieved an invalid response</pre>";
$debug_status = "updated paypal table with INVALID response. PayPal returned an INVALID response";
update_paypal_ipn_table();

}

function update_paypal_ipn_table(){
$db = mysql_connect('localhost','user','pass');
mysql_select_db('hiphopgcom');
$insert = "INSERT INTO paypal(receiver_email,item_name,item_number,quantity,invoice,custom,payment_status,pending_reason,payment_date,payment_gross,payment_fee,txn_id,txn_type,first_name,last_name,address_street,address_city,address_state,address_zip,address_country,address_status,payer_email,payer_status,payment_type,verify_sign,subscr_date,period1,period2,period3,amount1,amount2,amount3,recurring,reattempt,retry_at,recur_times,username,password,subscr_id)
VALUES ('$invoice', '$receiver_email', '$item_name', '$item_number', '$quantity', '$payment_status', '$pending_reason', '$payment_date', '$payment_gross', '$payment_fee', '$txn_id', '$txn_type', '$first_name', '$last_name', '$address_street', '$address_city', '$address_state', '$address_zip', '$address_country', '$address_status', '$payer_email', '$payer_status', '$payment_type', '$custom', '$verify_sign', '$subscr_date','$period1', '$period2','$period3','$amount1','$amount2','$amount3','$recurring','$reattempt','$retry_at','$recure_times','$username','$password','$subscr_id')";
$result = mysql_query($insert) or die('insert failed: ' . mysql_error() );
}
?>