Skip to content

Instantly share code, notes, and snippets.

@dvidsilva
Last active December 17, 2015 14:29
Show Gist options
  • Save dvidsilva/5624563 to your computer and use it in GitHub Desktop.
Save dvidsilva/5624563 to your computer and use it in GitHub Desktop.
<form method="post" action="https://gateway.pagosonline.net/apps/gateway/index.html" id="pagosonline_form" name="pagosonline_form">
<input type="hidden" name="descripcion" value="{$p.gtitle|stripslashes}" />
<input type="hidden" name="valor" value="{$value[1]}" id='povalue'/>
<input type="hidden" name="usuarioId" value="{$login}" />
<input type="hidden" name="moneda" value="COP" />
<input name="lng" type="hidden" value="es">
<input name="iva" type="hidden" value="0.00">
<input name="baseDevolucionIva" type="hidden" value="0.00">
<input type="hidden" name="emailComprador" value="{$emailcomprador}" />
<input type="hidden" name="url_respuesta" value="{$baseurl}/thank_you?g={$eid}" /> <!--Url where user is returned-->
<input type="hidden" name="url_confirmacion" value="{$baseurl}/ipn_pagosonline.php" /> <!-- Url where REST answers -->
<input type="hidden" name="refVenta" value="{$timestamp}" />
<input type="hidden" name="firma" value="{$fingerprint}" />
<input type="hidden" name="extra1" value="{$control}" />
<input type="hidden" name="prueba" value="0" />
</form>
<?
if(isset($_REQUEST) ){
$plog = "PagosOnline\n";
$plog .= time()." \n";
$plog .= var_export($_REQUEST, true);
$plog .= "\n";
$log = fopen('tmp.txt','a');
fwrite($log,$plog);
fclose($log);
}
include("include/config.php");
$paypal_email = $config['paypal_email'];
$error_email = $config['notify_email'];
$site_email = $config['site_email'];
$site_name = $config['site_name'];
$em_headers = "From: ".$site_name." <".$site_email.">\n";
$em_headers .= "Reply-To: ".$site_email."\n";
$em_headers .= "Return-Path: ".$site_email."\n";
$em_headers .= "Organization: ".$site_name."\n";
$em_headers .= "X-Priority: 3\n";
$amount = $_POST['valor'];//$_POST['x_amount'];
$response = $_POST['codigo_respuesta_pol'];
//explota y saca todo lo que va en la variable extra 1 de pagosonline.com
$control = explode('#', $_POST['extra1']);
$payer_id = !empty($control[0]) ? $control[0] : null;
$payment_date = !empty($control[1]) ? $control[1] : null;
$prod_id = !empty($control[2]) ? $control[2] : null;
$IID = !empty($control[3]) ? $control[3] : null;
if ($response == 1){
$user_id = $payer_id;//$custom;
$PID = $prod_id;//$item_number;
$currency = $config['currency'];
//used to get price from post, but since we're allowing to add goodies the price of the transaction won't necesarily match
//the one in the posts table
//$query = "select price from posts where PID='".mysql_real_escape_string($PID)."'";
$query = "select totalprice from order_items where IID='".mysql_real_escape_string($IID)."'";
$executequery = $conn->execute($query);
$price = $executequery->fields['totalprice'];
if($price == ""){
$price = $config['price'];
}
$gross = $price; //$price paid to pagos online// If i use the ammount pagosonline says
//it will get messy, since pagosonline transacts in COP and we usually store everything in dollars.
//$amount; is the value returned by pagosonline
if($user_id > 0){
$query = "INSERT INTO orders SET USERID='".mysql_real_escape_string($user_id)."',
PID='".mysql_real_escape_string($PID)."',
time_added='".time()."',
status='0',
price='".mysql_real_escape_string($gross)."' ,
IID = '$IID'";
$executequery=$conn->execute($query);
$order_id = mysql_insert_id();
if($order_id > 0){
$query = "INSERT INTO payments SET USERID='".mysql_real_escape_string($user_id)."',
OID='".mysql_real_escape_string($order_id)."',
time='".time()."',
price='".mysql_real_escape_string($gross)."',
t='1', PAYPAL='1'";
$executequery=$conn->execute($query);
$query = "UPDATE posts SET rev=rev+$gross WHERE PID='".mysql_real_escape_string($PID)."'";
$executequery=$conn->execute($query);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment