<?php
require('./lib/application_top.php');
$req = 'cmd=_notify-synch';
$tx_token = $_POST['txn_id'];

$auth_token = PAYPAL_TOKEN;
$req .= "&tx=$tx_token&at=$auth_token";
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen(PAYPAL_URL, 80, $errno, $errstr, 30);
$error = '';
if (!$fp) {
  $error = ERROR_SERVER_DOWN;
} else {
  fputs ($fp, $header . $req);
  // read the body data
  $res = '';
  $headerdone = false;
  while (!feof($fp)) {
    $line = fgets ($fp, 1024);
    if (strcmp($line, "\r\n") == 0) {
      // read the header
      $headerdone = true;
    }
    else if ($headerdone)
    {
      // header has been read. now read the contents
      $res .= $line;
    }
  }
  $lines = explode("\n", $res);
  $keyarray = array();
  for ($i=1; $i<count($lines);$i++){
    list($key,$val) = explode("=", $lines[$i]);
    $keyarray[urldecode($key)] = urldecode($val);
  }

  $res = $keyarray['payment_status'];
  $payment_status = $keyarray['payment_status'];
  $payer_email = $keyarray['payer_email'];
  $payment_type = $keyarray['payment_type'];

  $first_name = $keyarray['first_name'];
  $last_name = $keyarray['last_name'];
  $custom_id = $keyarray['custom'];

  if ($res == 'Completed') {
    //check to see if the email wasn't send last time
    $q = mysql_query("SELECT first_name, last_name, payer_email, status FROM data WHERE txn_id='".mysql_real_escape_string($tx_token)."'");
    if(mysql_num_rows($q)>0) {
      $d = mysql_fetch_array($q);
      if($d['status']!='Completed') {
        //send the email using the cgi form already created
        $req = "Submit=Confirm Your Details&custom1=".$tx_token."&function=customer2&un=mvu&firstname=".$d['first_name']." ".$d['last_name']."&email=".$d['payer_email'];
        // post back to PayPal system to validate
        $header .= "POST /cgi-bin/maxsponder/maxuseradmin.cgi HTTP/1.0\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
        $fp2 = fsockopen('www.asapinformation.com', 80, $errno, $errstr, 30);
        if (!$fp2) {
          $error = ERROR_SERVER_DOWN;
        } else {
          fputs ($fp2, $header . $req);
        }
        fclose($fp2);
      }
    }
    else {
      //user wasn't redirected - send the email too
      //send the email using the cgi form already created
      $req = "Submit=Confirm Your Details&custom1=".$tx_token."&function=customer2&un=mvu&firstname=".$first_name." ".$last_name."&email=".$payer_email;
      // post back to PayPal system to validate
      $header = "POST /cgi-bin/maxsponder/maxuseradmin.cgi HTTP/1.0\r\n";
      $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
      $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
      $fp2 = fsockopen('www.asapinformation.com', 80, $errno, $errstr, 30);
      if (!$fp2) {
        $error = ERROR_SERVER_DOWN;
      } else {
        fputs ($fp2, $header . $req);
      }
      fclose($fp2);
    }
  }
  mysql_query("UPDATE data set txn_id='".mysql_real_escape_string($tx_token) ."',
                                                   first_name='".mysql_real_escape_string($first_name)."',
                                                   last_name='".mysql_real_escape_string($last_name)."',
                                                   payment_type='".mysql_real_escape_string($payment_type)."',
                                                   payer_email='".mysql_real_escape_string($payer_email)."',
                                                   status='".mysql_real_escape_string($payment_status)."'
                                               WHERE id='".(int)$custom_id."'");
}
fclose ($fp);
exit;
?>