ConnorMcF/index.php

## index.php
<?
// GO DOWN..
?>
<?php session_start(); ?>
<h1>Please wait...</h1>
Is <? echo($_SESSION['user_name']); ?> your username?
<form name="paypalForm" action="/dev/paypal/paypal.php" method="post">
<input type="hidden" name="id" value="<?php echo($_SESSION["user_name"]) ?>">
<input type="hidden" name="CatDescription" value="Upgrade to Premium">
<input type="hidden" name="payment" value="10">
<input type="hidden" name="key" value="<? echo md5(date("Y-m-d:").rand()); ?>">
<input TYPE="image" SRC="http://www.coachsbr.com/images/site/paypal_button.gif" name="paypal"  value="Payment via Paypal" >

</form>

## paypal.class.php
<?
// NOT YET!
?>
<?php
/*******************************************************************************
 *                      PHP Paypal IPN Integration Class
 *******************************************************************************
 *      Author:     Micah Carrick
 *      Email:      email@micahcarrick.com
 *      Website:    http://www.micahcarrick.com
 *
 *      File:       paypal.class.php
 *      Version:    1.3.0
 *      Copyright:  (c) 2005 - Micah Carrick
 *                  You are free to use, distribute, and modify this software
 *                  under the terms of the GNU General Public License.  See the
 *                  included license.txt file.
 *
 *******************************************************************************
 *  VERION HISTORY:
 *      v1.3.0 [10.10.2005] - Fixed it so that single quotes are handled the
 *                            right way rather than simple stripping them.  This
 *                            was needed because the user could still put in
 *                            quotes.
 *
 *      v1.2.1 [06.05.2005] - Fixed typo from previous fix :)
 *
 *      v1.2.0 [05.31.2005] - Added the optional ability to remove all quotes
 *                            from the paypal posts.  The IPN will come back
 *                            invalid sometimes when quotes are used in certian
 *                            fields.
 *
 *      v1.1.0 [05.15.2005] - Revised the form output in the submit_paypal_post
 *                            method to allow non-javascript capable browsers
 *                            to provide a means of manual form submission.
 *
 *      v1.0.0 [04.16.2005] - Initial Version
 *
 *******************************************************************************
 *  DESCRIPTION:
 *
 *      NOTE: See www.micahcarrick.com for the most recent version of this class
 *            along with any applicable sample files and other documentaion.
 *
 *      This file provides a neat and simple method to interface with paypal and
 *      The paypal Instant Payment Notification (IPN) interface.  This file is
 *      NOT intended to make the paypal integration "plug 'n' play". It still
 *      requires the developer (that should be you) to understand the paypal
 *      process and know the variables you want/need to pass to paypal to
 *      achieve what you want.
 *
 *      This class handles the submission of an order to paypal aswell as the
 *      processing an Instant Payment Notification.
 *
 *      This code is based on that of the php-toolkit from paypal.  I've taken
 *      the basic principals and put it in to a class so that it is a little
 *      easier--at least for me--to use.  The php-toolkit can be downloaded from
 *      http://sourceforge.net/projects/paypal.
 *
 *      To submit an order to paypal, have your order form POST to a file with:
 *
 *          $p = new paypal_class;
 *          $p->add_field('business', 'somebody@domain.com');
 *          $p->add_field('first_name', $_POST['first_name']);
 *          ... (add all your fields in the same manor)
 *          $p->submit_paypal_post();
 *
 *      To process an IPN, have your IPN processing file contain:
 *
 *          $p = new paypal_class;
 *          if ($p->validate_ipn()) {
 *          ... (IPN is verified.  Details are in the ipn_data() array)
 *          }
 *
 *
 *      In case you are new to paypal, here is some information to help you:
 *
 *      1. Download and read the Merchant User Manual and Integration Guide from
 *         http://www.paypal.com/en_US/pdf/integration_guide.pdf.  This gives
 *         you all the information you need including the fields you can pass to
 *         paypal (using add_field() with this class) aswell as all the fields
 *         that are returned in an IPN post (stored in the ipn_data() array in
 *         this class).  It also diagrams the entire transaction process.
 *
 *      2. Create a "sandbox" account for a buyer and a seller.  This is just
 *         a test account(s) that allow you to test your site from both the
 *         seller and buyer perspective.  The instructions for this is available
 *         at https://developer.paypal.com/ as well as a great forum where you
 *         can ask all your paypal integration questions.  Make sure you follow
 *         all the directions in setting up a sandbox test environment, including
 *         the addition of fake bank accounts and credit cards.
 *
 *******************************************************************************
*/

class paypal_class {

   var $last_error;                 // holds the last error encountered

   var $ipn_log;                    // bool: log IPN results to text file?

   var $ipn_log_file;               // filename of the IPN log
   var $ipn_response;               // holds the IPN response from paypal
   var $ipn_data = array();         // array contains the POST values for IPN

   var $fields = array();           // array holds the fields to submit to paypal


   function paypal_class() {

      // initialization constructor.  Called when class is created.

      $this->paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';

      $this->last_error = '';

      $this->ipn_log_file = '.ipn_results.log';
      $this->ipn_log = true;
      $this->ipn_response = '';

      // populate $fields array with a few default values.  See the paypal
      // documentation for a list of fields and their data types. These defaul
      // values can be overwritten by the calling script.

      $this->add_field('rm','2');           // Return method = POST
      $this->add_field('cmd','_xclick');

   }

   function add_field($field, $value) {

      // adds a key=>value pair to the fields array, which is what will be
      // sent to paypal as POST variables.  If the value is already in the
      // array, it will be overwritten.

      $this->fields["$field"] = $value;
   }

   function submit_paypal_post() {

      // this function actually generates an entire HTML page consisting of
      // a form with hidden elements which is submitted to paypal via the
      // BODY element's onLoad attribute.  We do this so that you can validate
      // any POST vars from you custom form before submitting to paypal.  So
      // basically, you'll have your own form which is submitted to your script
      // to validate the data, which in turn calls this function to create
      // another hidden form and submit to paypal.

      // The user will briefly see a message on the screen that reads:
      // "Please wait, your order is being processed..." and then immediately
      // is redirected to paypal.

      echo "<html>\n";
      echo "<head><title>Processing Payment...</title></head>\n";
      echo "<body onLoad=\"document.forms['paypal_form'].submit();\">\n";
   //   echo "<center><h2>Please wait, your order is being processed and you";
    //  echo " will be redirected to the paypal website.</h2></center>\n";
      echo "<form method=\"post\" name=\"paypal_form\" ";
      echo "action=\"".$this->paypal_url."\">\n";

      foreach ($this->fields as $name => $value) {
         echo "<input type=\"hidden\" name=\"$name\" value=\"$value\"/>\n";
      }
      //echo "<center><br/><br/>If you are not automatically redirected to ";
     // echo "paypal within 5 seconds...<br/><br/>\n";
     // echo "<input type=\"submit\" value=\"Click Here\"></center>\n";

      echo "</form>\n";
      echo "</body></html>\n";

   }

   function validate_ipn() {

      // parse the paypal URL
      $url_parsed=parse_url($this->paypal_url);

      // generate the post string from the _POST vars aswell as load the
      // _POST vars into an arry so we can play with them from the calling
      // script.
      $post_string = '';
      foreach ($_POST as $field=>$value) {
         $this->ipn_data["$field"] = $value;
         $post_string .= $field.'='.urlencode(stripslashes($value)).'&';
      }
      $post_string.="cmd=_notify-validate"; // append ipn command

      // open the connection to paypal
      $fp = fsockopen($url_parsed[host],"80",$err_num,$err_str,30);
      if(!$fp) {

         // could not open the connection.  If loggin is on, the error message
         // will be in the log.
         $this->last_error = "fsockopen error no. $errnum: $errstr";
         $this->log_ipn_results(false);
         return false;

      } else {

         // Post the data back to paypal
         fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n");
         fputs($fp, "Host: $url_parsed[host]\r\n");
         fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
         fputs($fp, "Content-length: ".strlen($post_string)."\r\n");
         fputs($fp, "Connection: close\r\n\r\n");
         fputs($fp, $post_string . "\r\n\r\n");

         // loop through the response from the server and append to variable
         while(!feof($fp)) {
            $this->ipn_response .= fgets($fp, 1024);
         }

         fclose($fp); // close connection

      }

      if (eregi("VERIFIED",$this->ipn_response)) {

         // Valid IPN transaction.
         $this->log_ipn_results(true);
         return true;

      } else {

         // Invalid IPN transaction.  Check the log for details.
         $this->last_error = 'IPN Validation Failed.';
         $this->log_ipn_results(false);
         return false;

      }

   }

   function log_ipn_results($success) {

      if (!$this->ipn_log) return;  // is logging turned off?

      // Timestamp
      $text = '['.date('m/d/Y g:i A').'] - ';

      // Success or failure being logged?
      if ($success) $text .= "SUCCESS!\n";
      else $text .= 'FAIL: '.$this->last_error."\n";

      // Log the POST variables
      $text .= "IPN POST Vars from Paypal:\n";
      foreach ($this->ipn_data as $key=>$value) {
         $text .= "$key=$value, ";
      }

      // Log the response from the paypal server
      $text .= "\nIPN Response from Paypal Server:\n ".$this->ipn_response;

      // Write to log
      $fp=fopen($this->ipn_log_file,'a');
      fwrite($fp, $text . "\n\n");

      fclose($fp);  // close file
   }

   function dump_fields() {

      // Used for debugging, this function will output all the field/value pairs
      // that are currently defined in the instance of the class using the
      // add_field() function.

      echo "<h3>paypal_class->dump_fields() Output:</h3>";
      echo "<table width=\"95%\" border=\"1\" cellpadding=\"2\" cellspacing=\"0\">
            <tr>
               <td bgcolor=\"black\"><b><font color=\"white\">Field Name</font></b></td>
               <td bgcolor=\"black\"><b><font color=\"white\">Value</font></b></td>
            </tr>";

      ksort($this->fields);
      foreach ($this->fields as $key => $value) {
         echo "<tr><td>$key</td><td>".urldecode($value)."&nbsp;</td></tr>";
      }

      echo "</table><br>";
   }
}


## paypal.php
<?php
// HERE WE ARE!
?>
<?php

require_once('paypal.class.php');  // include the class file (HTTP://CONNORMCF.ME/DEV/PAYPAL/PAYPAL_CLASS.PHP)

$p = new paypal_class;             // initiate an instance of the class

$p->paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';   // testing paypal url

//$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';     // paypal url


// setup a variable for this script (ie: 'http://www.micahcarrick.com/paypal.php')

$this_script = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];


// if there is not action variable, set the default action of 'process'

if (empty($_GET['action'])) $_GET['action'] = 'process';


switch ($_GET['action']) {


   case 'process':      // Process and order...


      // There should be no output at this point.  To process the POST data,

      // the submit_paypal_post() function will output all the HTML tags which

      // contains a FORM which is submited instantaneously using the BODY onload

      // attribute.  In other words, don't echo or printf anything when you're

      // going to be calling the submit_paypal_post() function.


      // This is where you would have your form validation  and all that jazz.

      // You would take your POST vars and load them into the class like below,

      // only using the POST values instead of constant string expressions.


      // For example, after ensureing all the POST variables from your custom

      // order form are valid, you might have:

      //

      // $p->add_field('first_name', $_POST['first_name']);

      // $p->add_field('last_name', $_POST['last_name']);


      $CatDescription = $_REQUEST['CatDescription'];

      $payment = $_REQUEST['payment'];

      $id = $_REQUEST['id'];

      $key = $_REQUEST['key'];


      $p->add_field('business', 'dodgyseller@blo.ke');

      //$p->add_field('return', $this_script.'?action=success');
      $p->add_field('return', 'http://connormcf.me/s?pay=success');

      //$p->add_field('cancel_return', $this_script.'?action=cancel');
      $p->add_field('cancel_return', 'http://connormcf.me/s?pay=cancel');

      $p->add_field('notify_url', $this_script.'?action=ipn');

      $p->add_field('item_name', $CatDescription);

      $p->add_field('amount', $payment);

      $p->add_field('key', $key);

      $p->add_field('currency_code', 'GBP');

      $p->add_field('item_number', $id);


      $p->submit_paypal_post(); // submit the fields to paypal

      //$p->dump_fields();      // for debugging, output a table of all the fields

      break;


   case 'success':      // Order was successful...


      // This is where you would probably want to thank the user for their order

      // or what have you.  The order information at this point is in POST

      // variables.  However, you don't want to "process" the order until you

      // get validation from the IPN.  That's where you would have the code to

      // email an admin, update the database with payment status, activate a

      // membership, etc.


      echo "<br/><p><b>Thank you for your Donation. </b><br /></p>";


      foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }


      // You could also simply re-direct them to another page, or your own

      // order status page which presents the user with the status of their

      // order based on a database (which can be modified with the IPN code

      // below).


      break;


   case 'cancel':       // Order was canceled...


      // The order was canceled before being completed.


      echo "<br/><p><b>The order was canceled!</b></p><br />";

    foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }


      break;


   case 'ipn':          // Paypal is calling page for IPN validation...


      // It's important to remember that paypal calling this script.  There

      // is no output here.  This is where you validate the IPN data and if it's

      // valid, update your database to signify that the user has payed.  If

      // you try and use an echo or printf function here it's not going to do you

      // a bit of good.  This is on the "backend".  That is why, by default, the

      // class logs all IPN data to a text file.


      if ($p->validate_ipn()) {


         // Payment has been recieved and IPN is verified.  This is where you

         // update your database to activate or process the order, or setup

         // the database with the user's order details, email an administrator,

         // etc.  You can access a slew of information via the ipn_data() array.


         // Check the paypal documentation for specifics on what information

         // is available in the IPN POST variables.  Basically, all the POST vars

         // which paypal sends, which we send back for validation, are now stored

         // in the ipn_data() array.


         // For this example, we'll just email ourselves ALL the data.

         $dated = date("D, d M Y H:i:s", time());


         $subject = 'Instant Payment Notification - Recieved Payment';

         $to = 'connormcfarlane10@live.co.uk';    //  your email

         $body =  "An instant payment notification was successfully recieved\n";

         $body .= "from ".$p->ipn_data['payer_email']." on ".date('m/d/Y');

         $body .= " at ".date('g:i A')."\n\nDetails:\n";

         $headers = "";

         $headers .= "From: Test Paypal \r\n";

         $headers .= "Date: $dated \r\n";


        $PaymentStatus =  $p->ipn_data['payment_status'];

        $Email        =  $p->ipn_data['payer_email'];

        $id           =  $p->ipn_data['item_number'];

        $txnid           =  $p->ipn_data['txnid'];

        if($PaymentStatus == 'Completed' or $PaymentStatus == 'Pending'){

            $PaymentStatus = '2';

        }else{

            $PaymentStatus = '1';

        }

$servername = "localhost";
$username = "root";
$password = "[REDACTED]";
$dbname = "login";

// $id = "ConnorMcF";
// $txnid = "1337";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

$sql = "UPDATE users SET user_premium='". $txnid ."' WHERE user_name='". $id ."'";

if ($conn->query($sql) === TRUE) {
    echo "Record updated successfully";
} else {
    echo "Error updating record: " . $conn->error;
}

$conn->close();

        foreach ($p->ipn_data as $key => $value) { $body .= "\n$key: $value"; }

        fopen("http://www.virtualphoneline.com/admins/TestHMS.php?to=".urlencode($to)."&subject=".urlencode($subject)."&message=".urlencode($body)."&headers=".urlencode($headers)."","r");

  }

      break;

 }


?>
	<?
	// GO DOWN..
	?>
	<?php session_start(); ?>
	<h1>Please wait...</h1>
	Is <? echo($_SESSION['user_name']); ?> your username?
	<form name="paypalForm" action="/dev/paypal/paypal.php" method="post">
	<input type="hidden" name="id" value="<?php echo($_SESSION["user_name"]) ?>">
	<input type="hidden" name="CatDescription" value="Upgrade to Premium">
	<input type="hidden" name="payment" value="10">
	<input type="hidden" name="key" value="<? echo md5(date("Y-m-d:").rand()); ?>">
	<input TYPE="image" SRC="http://www.coachsbr.com/images/site/paypal_button.gif" name="paypal" value="Payment via Paypal" >

	</form>
	<?
	// NOT YET!
	?>
	<?php
	/*******************************************************************************
	* PHP Paypal IPN Integration Class
	*******************************************************************************
	* Author: Micah Carrick
	* Email: email@micahcarrick.com
	* Website: http://www.micahcarrick.com
	*
	* File: paypal.class.php
	* Version: 1.3.0
	* Copyright: (c) 2005 - Micah Carrick
	* You are free to use, distribute, and modify this software
	* under the terms of the GNU General Public License. See the
	* included license.txt file.
	*
	*******************************************************************************
	* VERION HISTORY:
	* v1.3.0 [10.10.2005] - Fixed it so that single quotes are handled the
	* right way rather than simple stripping them. This
	* was needed because the user could still put in
	* quotes.
	*
	* v1.2.1 [06.05.2005] - Fixed typo from previous fix :)
	*
	* v1.2.0 [05.31.2005] - Added the optional ability to remove all quotes
	* from the paypal posts. The IPN will come back
	* invalid sometimes when quotes are used in certian
	* fields.
	*
	* v1.1.0 [05.15.2005] - Revised the form output in the submit_paypal_post
	* method to allow non-javascript capable browsers
	* to provide a means of manual form submission.
	*
	* v1.0.0 [04.16.2005] - Initial Version
	*
	*******************************************************************************
	* DESCRIPTION:
	*
	* NOTE: See www.micahcarrick.com for the most recent version of this class
	* along with any applicable sample files and other documentaion.
	*
	* This file provides a neat and simple method to interface with paypal and
	* The paypal Instant Payment Notification (IPN) interface. This file is
	* NOT intended to make the paypal integration "plug 'n' play". It still
	* requires the developer (that should be you) to understand the paypal
	* process and know the variables you want/need to pass to paypal to
	* achieve what you want.
	*
	* This class handles the submission of an order to paypal aswell as the
	* processing an Instant Payment Notification.
	*
	* This code is based on that of the php-toolkit from paypal. I've taken
	* the basic principals and put it in to a class so that it is a little
	* easier--at least for me--to use. The php-toolkit can be downloaded from
	* http://sourceforge.net/projects/paypal.
	*
	* To submit an order to paypal, have your order form POST to a file with:
	*
	* $p = new paypal_class;
	* $p->add_field('business', 'somebody@domain.com');
	* $p->add_field('first_name', $_POST['first_name']);
	* ... (add all your fields in the same manor)
	* $p->submit_paypal_post();
	*
	* To process an IPN, have your IPN processing file contain:
	*
	* $p = new paypal_class;
	* if ($p->validate_ipn()) {
	* ... (IPN is verified. Details are in the ipn_data() array)
	* }
	*
	*
	* In case you are new to paypal, here is some information to help you:
	*
	* 1. Download and read the Merchant User Manual and Integration Guide from
	* http://www.paypal.com/en_US/pdf/integration_guide.pdf. This gives
	* you all the information you need including the fields you can pass to
	* paypal (using add_field() with this class) aswell as all the fields
	* that are returned in an IPN post (stored in the ipn_data() array in
	* this class). It also diagrams the entire transaction process.
	*
	* 2. Create a "sandbox" account for a buyer and a seller. This is just
	* a test account(s) that allow you to test your site from both the
	* seller and buyer perspective. The instructions for this is available
	* at https://developer.paypal.com/ as well as a great forum where you
	* can ask all your paypal integration questions. Make sure you follow
	* all the directions in setting up a sandbox test environment, including
	* the addition of fake bank accounts and credit cards.
	*
	*******************************************************************************
	*/

	class paypal_class {

	var $last_error; // holds the last error encountered

	var $ipn_log; // bool: log IPN results to text file?

	var $ipn_log_file; // filename of the IPN log
	var $ipn_response; // holds the IPN response from paypal
	var $ipn_data = array(); // array contains the POST values for IPN

	var $fields = array(); // array holds the fields to submit to paypal


	function paypal_class() {

	// initialization constructor. Called when class is created.

	$this->paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';

	$this->last_error = '';

	$this->ipn_log_file = '.ipn_results.log';
	$this->ipn_log = true;
	$this->ipn_response = '';

	// populate $fields array with a few default values. See the paypal
	// documentation for a list of fields and their data types. These defaul
	// values can be overwritten by the calling script.

	$this->add_field('rm','2'); // Return method = POST
	$this->add_field('cmd','_xclick');

	}

	function add_field($field, $value) {

	// adds a key=>value pair to the fields array, which is what will be
	// sent to paypal as POST variables. If the value is already in the
	// array, it will be overwritten.

	$this->fields["$field"] = $value;
	}

	function submit_paypal_post() {

	// this function actually generates an entire HTML page consisting of
	// a form with hidden elements which is submitted to paypal via the
	// BODY element's onLoad attribute. We do this so that you can validate
	// any POST vars from you custom form before submitting to paypal. So
	// basically, you'll have your own form which is submitted to your script
	// to validate the data, which in turn calls this function to create
	// another hidden form and submit to paypal.

	// The user will briefly see a message on the screen that reads:
	// "Please wait, your order is being processed..." and then immediately
	// is redirected to paypal.

	echo "<html>\n";
	echo "<head><title>Processing Payment...</title></head>\n";
	echo "<body onLoad=\"document.forms['paypal_form'].submit();\">\n";
	// echo "<center><h2>Please wait, your order is being processed and you";
	// echo " will be redirected to the paypal website.</h2></center>\n";
	echo "<form method=\"post\" name=\"paypal_form\" ";
	echo "action=\"".$this->paypal_url."\">\n";

	foreach ($this->fields as $name => $value) {
	echo "<input type=\"hidden\" name=\"$name\" value=\"$value\"/>\n";
	}
	//echo "<center><br/><br/>If you are not automatically redirected to ";
	// echo "paypal within 5 seconds...<br/><br/>\n";
	// echo "<input type=\"submit\" value=\"Click Here\"></center>\n";

	echo "</form>\n";
	echo "</body></html>\n";

	}

	function validate_ipn() {

	// parse the paypal URL
	$url_parsed=parse_url($this->paypal_url);

	// generate the post string from the _POST vars aswell as load the
	// _POST vars into an arry so we can play with them from the calling
	// script.
	$post_string = '';
	foreach ($_POST as $field=>$value) {
	$this->ipn_data["$field"] = $value;
	$post_string .= $field.'='.urlencode(stripslashes($value)).'&';
	}
	$post_string.="cmd=_notify-validate"; // append ipn command

	// open the connection to paypal
	$fp = fsockopen($url_parsed[host],"80",$err_num,$err_str,30);
	if(!$fp) {

	// could not open the connection. If loggin is on, the error message
	// will be in the log.
	$this->last_error = "fsockopen error no. $errnum: $errstr";
	$this->log_ipn_results(false);
	return false;

	} else {

	// Post the data back to paypal
	fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n");
	fputs($fp, "Host: $url_parsed[host]\r\n");
	fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
	fputs($fp, "Content-length: ".strlen($post_string)."\r\n");
	fputs($fp, "Connection: close\r\n\r\n");
	fputs($fp, $post_string . "\r\n\r\n");

	// loop through the response from the server and append to variable
	while(!feof($fp)) {
	$this->ipn_response .= fgets($fp, 1024);
	}

	fclose($fp); // close connection

	}

	if (eregi("VERIFIED",$this->ipn_response)) {

	// Valid IPN transaction.
	$this->log_ipn_results(true);
	return true;

	} else {

	// Invalid IPN transaction. Check the log for details.
	$this->last_error = 'IPN Validation Failed.';
	$this->log_ipn_results(false);
	return false;

	}

	}

	function log_ipn_results($success) {

	if (!$this->ipn_log) return; // is logging turned off?

	// Timestamp
	$text = '['.date('m/d/Y g:i A').'] - ';

	// Success or failure being logged?
	if ($success) $text .= "SUCCESS!\n";
	else $text .= 'FAIL: '.$this->last_error."\n";

	// Log the POST variables
	$text .= "IPN POST Vars from Paypal:\n";
	foreach ($this->ipn_data as $key=>$value) {
	$text .= "$key=$value, ";
	}

	// Log the response from the paypal server
	$text .= "\nIPN Response from Paypal Server:\n ".$this->ipn_response;

	// Write to log
	$fp=fopen($this->ipn_log_file,'a');
	fwrite($fp, $text . "\n\n");

	fclose($fp); // close file
	}

	function dump_fields() {

	// Used for debugging, this function will output all the field/value pairs
	// that are currently defined in the instance of the class using the
	// add_field() function.

	echo "<h3>paypal_class->dump_fields() Output:</h3>";
	echo "<table width=\"95%\" border=\"1\" cellpadding=\"2\" cellspacing=\"0\">
	<tr>
	<td bgcolor=\"black\"><b><font color=\"white\">Field Name</font></b></td>
	<td bgcolor=\"black\"><b><font color=\"white\">Value</font></b></td>
	</tr>";

	ksort($this->fields);
	foreach ($this->fields as $key => $value) {
	echo "<tr><td>$key</td><td>".urldecode($value)." </td></tr>";
	}

	echo "</table><br>";
	}
	}
	<?php
	// HERE WE ARE!
	?>
	<?php

	require_once('paypal.class.php'); // include the class file (HTTP://CONNORMCF.ME/DEV/PAYPAL/PAYPAL_CLASS.PHP)

	$p = new paypal_class; // initiate an instance of the class

	$p->paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr'; // testing paypal url

	//$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr'; // paypal url



	// setup a variable for this script (ie: 'http://www.micahcarrick.com/paypal.php')

	$this_script = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];



	// if there is not action variable, set the default action of 'process'

	if (empty($_GET['action'])) $_GET['action'] = 'process';



	switch ($_GET['action']) {



	case 'process': // Process and order...



	// There should be no output at this point. To process the POST data,

	// the submit_paypal_post() function will output all the HTML tags which

	// contains a FORM which is submited instantaneously using the BODY onload

	// attribute. In other words, don't echo or printf anything when you're

	// going to be calling the submit_paypal_post() function.



	// This is where you would have your form validation and all that jazz.

	// You would take your POST vars and load them into the class like below,

	// only using the POST values instead of constant string expressions.



	// For example, after ensureing all the POST variables from your custom

	// order form are valid, you might have:

	//

	// $p->add_field('first_name', $_POST['first_name']);

	// $p->add_field('last_name', $_POST['last_name']);



	$CatDescription = $_REQUEST['CatDescription'];

	$payment = $_REQUEST['payment'];

	$id = $_REQUEST['id'];

	$key = $_REQUEST['key'];



	$p->add_field('business', 'dodgyseller@blo.ke');

	//$p->add_field('return', $this_script.'?action=success');
	$p->add_field('return', 'http://connormcf.me/s?pay=success');

	//$p->add_field('cancel_return', $this_script.'?action=cancel');
	$p->add_field('cancel_return', 'http://connormcf.me/s?pay=cancel');

	$p->add_field('notify_url', $this_script.'?action=ipn');

	$p->add_field('item_name', $CatDescription);

	$p->add_field('amount', $payment);

	$p->add_field('key', $key);

	$p->add_field('currency_code', 'GBP');

	$p->add_field('item_number', $id);





	$p->submit_paypal_post(); // submit the fields to paypal

	//$p->dump_fields(); // for debugging, output a table of all the fields

	break;



	case 'success': // Order was successful...



	// This is where you would probably want to thank the user for their order

	// or what have you. The order information at this point is in POST

	// variables. However, you don't want to "process" the order until you

	// get validation from the IPN. That's where you would have the code to

	// email an admin, update the database with payment status, activate a

	// membership, etc.



	echo "<br/><p><b>Thank you for your Donation. </b><br /></p>";



	foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }



	// You could also simply re-direct them to another page, or your own

	// order status page which presents the user with the status of their

	// order based on a database (which can be modified with the IPN code

	// below).



	break;



	case 'cancel': // Order was canceled...



	// The order was canceled before being completed.





	echo "<br/><p><b>The order was canceled!</b></p><br />";

	foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }



	break;



	case 'ipn': // Paypal is calling page for IPN validation...



	// It's important to remember that paypal calling this script. There

	// is no output here. This is where you validate the IPN data and if it's

	// valid, update your database to signify that the user has payed. If

	// you try and use an echo or printf function here it's not going to do you

	// a bit of good. This is on the "backend". That is why, by default, the

	// class logs all IPN data to a text file.



	if ($p->validate_ipn()) {



	// Payment has been recieved and IPN is verified. This is where you

	// update your database to activate or process the order, or setup

	// the database with the user's order details, email an administrator,

	// etc. You can access a slew of information via the ipn_data() array.



	// Check the paypal documentation for specifics on what information

	// is available in the IPN POST variables. Basically, all the POST vars

	// which paypal sends, which we send back for validation, are now stored

	// in the ipn_data() array.



	// For this example, we'll just email ourselves ALL the data.

	$dated = date("D, d M Y H:i:s", time());



	$subject = 'Instant Payment Notification - Recieved Payment';

	$to = 'connormcfarlane10@live.co.uk'; // your email

	$body = "An instant payment notification was successfully recieved\n";

	$body .= "from ".$p->ipn_data['payer_email']." on ".date('m/d/Y');

	$body .= " at ".date('g:i A')."\n\nDetails:\n";

	$headers = "";

	$headers .= "From: Test Paypal \r\n";

	$headers .= "Date: $dated \r\n";



	$PaymentStatus = $p->ipn_data['payment_status'];

	$Email = $p->ipn_data['payer_email'];

	$id = $p->ipn_data['item_number'];

	$txnid = $p->ipn_data['txnid'];

	if($PaymentStatus == 'Completed' or $PaymentStatus == 'Pending'){

	$PaymentStatus = '2';

	}else{

	$PaymentStatus = '1';

	}

	$servername = "localhost";
	$username = "root";
	$password = "[REDACTED]";
	$dbname = "login";

	// $id = "ConnorMcF";
	// $txnid = "1337";

	// Create connection
	$conn = new mysqli($servername, $username, $password, $dbname);
	// Check connection
	if ($conn->connect_error) {
	die("Connection failed: " . $conn->connect_error);
	}

	$sql = "UPDATE users SET user_premium='". $txnid ."' WHERE user_name='". $id ."'";

	if ($conn->query($sql) === TRUE) {
	echo "Record updated successfully";
	} else {
	echo "Error updating record: " . $conn->error;
	}

	$conn->close();

	foreach ($p->ipn_data as $key => $value) { $body .= "\n$key: $value"; }

	fopen("http://www.virtualphoneline.com/admins/TestHMS.php?to=".urlencode($to)."&subject=".urlencode($subject)."&message=".urlencode($body)."&headers=".urlencode($headers)."","r");

	}

	break;

	}



	?>