<?php
/**	
*	Instant Payment Notification
*	@author: Peter Mihailov - AIP Solutions Ltd.
*	Uses Sockets
*	PHP 5
*/


/** Usage */
/**
$payPalConfig = array(	'gatewayUrl'=>'', 											// for real server - 'www.paypal.com/cgi-bin/webscr', for sandbox - 'www.sandbox.paypal.com/us/cgi-bin/webscr'
						'gatewayPort'=>'443', 										// 443 for SSL
						'receiverEmail'=>'test@tes.com', 	// the email of the receiver of the payment - merchant account in {ayPal
						);

$ipn = new IpnHandler();
$ipn->setConfiguration($payPalConfig);
$result = $ipn->handle();

*/
class IpnHandler {

	var $gatewayUrl;
	var $gatewayPort;
	var $receiverEmail;
	
	public function __construct() {
	}

	public function setConfiguration($payPalConfig) {
		$this->gatewayUrl = $payPalConfig['gatewayUrl'];
		$this->gatewayPort = $payPalConfig['gatewayPort'];
		$this->receiverEmail = $payPalConfig['receiverEmail'];
	}

	public function handle() {
		$req = $this->processIncomingParameters();
		$this->verifyNotification($req);
	}

	private function processIncomingParameters() {
		// read the post from PayPal system and add 'cmd'
		$req = 'cmd=_notify-validate';
		foreach($_POST as $key => $value) {
			$value = urlencode(stripslashes($value));
			$req .= "&$key=$value";
		}
		return $req;
	}

	private function verifyNotification($req) {
		// post back to PayPal system to validate
		$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
		$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
		$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
		$fp = fsockopen($this->gatewayUrl, $this->gatewayPort, $errno, $errstr, 30);
		if(!$fp) {
			// HTTP ERROR
		} else {
			fputs($fp, $header . $req);
			while(!feof($fp)) {
				$res = fgets ($fp, 1024);
				if(strcmp($res, "VERIFIED") == 0) {
					// check the payment_status is Completed
					if(strcmp($_POST['payment_status'], "Completed") != 0)
						return false;
					// check that receiver_email is your Primary PayPal email
					if(strcmp($_POST['receiver_email'], $this->receiverEmail) != 0)
						return false;
					// check that txn_id has not been previously processed
					
					// check that payment_amount/payment_currency are correct
					
					// process payment
					return array('data'=>$_POST, 'txn_id'=>$_POST['txn_id'], 'payment_status'=>$_POST['payment_status'], 'payment_amount'=>$_POST['mc_gross'], 'payment_currency'=>$_POST['mc_currency']);
				}
				else if(strcmp($res, "INVALID") == 0) {
					// do something 
				}
			}
			fclose($fp);
		}
	
	}

}


?>