Ok i think i got that part solved. I did:
function setSecurityCodeVariable()
{
GLOBAL $_POST;
$ap_SecurityCode = $_POST['ap_securitycode'];
GLOBAL $ap_SecurityCode;
}
But for some reason my database is not updated after a transaction is sucessful ... this is my current code:
<?php
//===============================================================================
// AlertPay Instant Payment Notification (IPN)
//===============================================================================
// THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY
// OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT
// LIMITED TO THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE.
//===============================================================================
// Verssion: Advanced IPN - PHPEcono 1.0
// Script: AlertURL.php
// Platform: PHP
// This is a modified version of the normal AlertPay IPN system.
// Modifications
// 1. Added DB connection protocol script
// 2. All AlertPay info are loaded into a string
// 3. All the retrieved info is correctly sanitized before it's used
// 4. All The data can be retrieved using $alertpay_data[0]
// 5. Globals at the bottom are now compatible with PHP4+
// Modification by PHPEcono (Patrick Simard)
// Purpose:
// --------
// The purpose of this code is to help you to understand how to process the Instant Payment Notification
// variables for Subscription Button and integrate it in your PHP site.
// How to Use:
// -----------
// Put this code into the page which you have specified as Alert URL.
// The variables being read from the _POST object in the below code are inserted into a string and can be
// retrieved by using $alertpay_data[0]. Replace 0 by the number beside $_POST below that you would like to use.
// $alertpay_data is secured and ready for SQL manipulation.
// Developer Feedback:
// --------------
// If you have any questions about this script or any suggestions, please use:
// http://dev.alertpay.com/forums/p/1653/3502.aspx#3502
// DB Connection
$dbh2=mysql_connect("", "", "") or die ('1 Erreur: '.mysql_error());
mysql_select_db("");
$end_date=date("m/d/Y H:i:s");
$end_stamp=date("YdmHis");
//Status
//0 = Unclear
//1 = Pending
//2 = Completed
//3 = Frozen
// All the data is inserted into a string seperated by $$$
// It will then be sanitized and exploded
// To retreive the coresponded var use $alertpay_data[0]
// Replace 0 by the number beside the $_POST
// Security code variable
$alertpay=$_POST['ap_SecurityCode']; //0
// Customer info variables
$alertpay.=$_POST['ap_CustFirstName']."$$$"; //1
$alertpay.=$_POST['ap_CustLastName']."$$$"; //2
$alertpay.=$_POST['ap_CustAddress']."$$$"; //3
$alertpay.=$_POST['ap_CustCity']."$$$"; //4
$alertpay.=$_POST['ap_CustCountry']."$$$"; //5
$alertpay.=$_POST['ap_CustZip']."$$$"; //6
$alertpay.=$_POST['ap_CustEmailAddress']."$$$"; //7
// Common transaction variables
$alertpay.=$_POST['ap_ReferenceNumber']."$$$"; //8
$alertpay.=$_POST['ap_Status']."$$$"; //9
$alertpay.=$_POST['ap_PurchaseType']."$$$"; //10
$alertpay.=$_POST['ap_Merchant']."$$$"; //11
$alertpay.=$_POST['ap_ItemName']."$$$"; //12
$alertpay.=$_POST['ap_ItemCode']."$$$"; //13
$alertpay.=$_POST['ap_Description']."$$$"; //14
$alertpay.=$_POST['ap_Quantity']."$$$"; //15
$alertpay.=$_POST['ap_Amount']."$$$"; //16
$alertpay.=$_POST['ap_AdditionalCharges']."$$$"; //17
$alertpay.=$_POST['ap_ShippingCharges']."$$$"; //18
$alertpay.=$_POST['ap_TaxAmount']."$$$"; //19
$alertpay.=$_POST['ap_DiscountAmount']."$$$"; //20
$alertpay.=$_POST['ap_TotalAmount']."$$$"; //21
$alertpay.=$_POST['ap_Currency']."$$$"; //22
$ap_Test=$_POST['ap_Test']."$$$"; //23
// Custom fields
$alertpay.=$_POST['ap_Apc_1']."$$$"; //24
$alertpay.=$_POST['ap_Apc_2']."$$$"; //25
$alertpay.=$_POST['ap_Apc_3']."$$$"; //26
$alertpay.=$_POST['ap_Apc_4']."$$$"; //27
$alertpay.=$_POST['ap_Apc_5']."$$$"; //28
$alertpay.=$_POST['ap_Apc_6']."$$$"; //29
// Subscription variables
$alertpay.=$_POST['ap_SubscriptionReferenceNumber']."$$$"; //30
$alertpay.=$_POST['ap_TimeUnit']."$$$"; //31
$alertpay.=$_POST['ap_PeriodLength']."$$$"; //32
$alertpay.=$_POST['ap_PeriodCount']."$$$"; //33
$alertpay.=$_POST['ap_NextRunDate']."$$$"; //34
$alertpay.=$_POST['ap_TrialTimeUnit']."$$$"; //35
$alertpay.=$_POST['ap_TrialPeriodLength']."$$$"; //36
$alertpay.=$_POST['ap_TrialAmount']; //37
// SQL Sanitizer
function sanitize_sql ( $mValue )
{
$mValue = (MAGIC_QUOTES) ? $mValue : addslashes($mValue);
$rPattern = "/;/";
return preg_replace($rPattern, '', $mValue);
}
// Sanitizing the string
sanitize_sql ( $alertpay );
// Exploding the $alertpay var (Use the number next to the var Ex: $alertpay_data[0] for the customer first name)
$alertpay_data=explode('$$$', $alertpay);
$transaction_data=explode('-', $alertpay_data[13]);
// Initialize variable
setSecurityCodeVariable();
// Inser your alert pay security code you set in your IPN setup page
if ($ap_SecurityCode != "");
{
// The Data is NOT sent by AlertPay.
// Take appropriate action
echo "Unauthorised Access";
}
else
{
if ($ap_Test == "1")
{
// Your site is currently being integrated with AlertPay IPN for TESTING PURPOSES
// ONLY. Don't store any information in your Production database and don't process
// this transaction as a real order.
$UPDATE = mysql_query("UPDATE atransaction SET end_date='$end_date', amt_paid='$alertpay_data[16]', end_stamp='$end_stamp', status='2', alertpay='$alertpay' where id_membre = '$explode[1]' and id='$explode[2]'") or die(mysql_error());
}
else
{
// Initialize variables
setCustomerInfoVariables();
setCommonTransactionVariables();
// Initialize the custom field variables.
setCustomFields();
// If the transaction is subscription-based (recurring payment), initialize the
// Subscription variables too.
if ($ap_PurchaseType == "Subscription")
{
setSubscriptionVariables();
}
if (strlen($ap_ReferenceNumber) == 0 && $ap_TrialAmount != "0")
{
// Invalid reference number. The reference number is invalid because the ap_ReferenceNumber doesn't
// contain a value and the ap_TrialAmount is not equal to 0.
}
else
{
if ($ap_Status == "Success")
{
// Transaction is complete. It means that the amount was paid successfully.
// Process the order here.
// You can use the $alertpay_data[ to retreive the needed info
$UPDATE = mysql_query("UPDATE atransaction SET end_date='$end_date', amt_paid='$alertpay_data[16]', end_stamp='$end_stamp', status='2', alertpay='$alertpay' where id_membre = '$explode[1]' and id='$explode[2]'") or die(mysql_error());
// Process non-subscription order.
if ($ap_PurchaseType != "Subscription")
{
// NOTE: The subscription variables are not applicable here. Don't use them.
}
// Process the subscription order. Use ap_SubscriptionReferenceNumber to uniquely identify
// this particular subscription transaction.
else
{
// Check whether the trial is free or not
if ($ap_TrialAmount == "0")
{
// Process the free trial here.
// NOTE: The ap_ReferenceNumber is always empty for trial periods and therefore you
// should not use it.
}
else
{
// The is not a free trial and ap_TrialAmount contains some amount and the
// ap_ReferenceNumber contains a valid transaction reference number.
}
}
}
else
{
// Transaction cancelled means seller explicitely cancelled the subscription or AlertPay
// cancelled or it was cancelled since buyer didnt have enough money after resheduling after two times.
// Take Action appropriately
}
}
}
}
// Security code variable
function setSecurityCodeVariable()
{
GLOBAL $_POST;
$ap_SecurityCode = $_POST['ap_securitycode'];
GLOBAL $ap_SecurityCode;
}
// Customer info variables
function setCustomerInfoVariables()
{
GLOBAL $_POST;
$ap_CustFirstName =$_POST['ap_custfirstname'];
$ap_CustLastName = $_POST['ap_custlastname'];
$ap_CustAddress = $_POST['ap_custaddress'];
$ap_CustCity = $_POST['ap_custcity'];
$ap_CustCountry = $_POST['ap_custcountry'];
$ap_CustZip = $_POST['ap_custzip'];
$ap_CustEmailAddress = $_POST['ap_custemailaddress'];
$ap_PurchaseType = $_POST['ap_purchasetype'];
$ap_Merchant = $_POST['ap_merchant'];
GLOBAL $ap_CustFirstName, $ap_CustLastName, $ap_CustAddress, $ap_CustCity, $ap_CustCountry, $ap_CustZip, $ap_CustEmailAddress, $ap_PurchaseType, $ap_Merchant;
}
// Common transaction variables
function setCommonTransactionVariables()
{
GLOBAL $_POST;
$ap_ItemName = $_POST['ap_itemname'];
$ap_Description = $_POST['ap_description'];
$ap_Quantity = $_POST['ap_quantity'];
$ap_Amount = $_POST['ap_amount'];
$ap_AdditionalCharges=$_POST['ap_additionalcharges'];
$ap_ShippingCharges=$_POST['ap_shippingcharges'];
$ap_TaxAmount=$_POST['ap_taxamount'];
$ap_DiscountAmount=$_POST['ap_discountamount'];
$ap_TotalAmount = $_POST['ap_totalamount'];
$ap_Currency = $_POST['ap_currency'];
$ap_ReferenceNumber = $_POST['ap_referencenumber'];
$ap_Status = $_POST['ap_status'];
$ap_ItemCode = $_POST['ap_itemcode'];
$ap_Test = $_POST['ap_test'];
GLOBAL $ap_ItemName, $ap_Description, $ap_Quantity, $ap_Amount, $ap_AdditionalCharges, $ap_ShippingCharges, $ap_TaxAmount, $ap_DiscountAmount, $ap_TotalAmount, $ap_Currency, $ap_ReferenceNumber, $ap_Status, $ap_ItemCode, $ap_Test;
}
// Subscription variables
function setSubscriptionVariables()
{
GLOBAL $_POST;
$ap_SubscriptionReferenceNumber = $_POST['ap_subscriptionreferencenumber'];
$ap_TimeUnit = $_POST['ap_timeunit'];
$ap_PeriodLength=$_POST['ap_periodlength'];
$ap_PeriodCount=$_POST['ap_periodcount'];
$ap_NextRunDate=$_POST['ap_nextrundate'];
$ap_TrialTimeUnit=$_POST['ap_trialtimeunit'];
$ap_TrialPeriodLength=$_POST['ap_trialperiodlength'];
$ap_TrialAmount=$_POST['ap_trialamount'];
GLOBAL $ap_SubscriptionReferenceNumber, $ap_TimeUnit, $ap_PeriodLength, $ap_PeriodCount, $ap_NextRunDate, $ap_TrialTimeUnit, $ap_TrialPeriodLength, $ap_TrialAmount;
}
// Custom fields
function setCustomFields()
{
GLOBAL $_POST;
$ap_Apc_1 = $_POST['apc_1'];
$ap_Apc_2 = $_POST['apc_2'];
$ap_Apc_3 = $_POST['apc_3'];
$ap_Apc_4 = $_POST['apc_4'];
$ap_Apc_5 = $_POST['apc_5'];
$ap_Apc_6 = $_POST['apc_6'];
GLOBAL $ap_Apc_1, $ap_Apc_2, $ap_Apc_3, $ap_Apc_4, $ap_Apc_5, $ap_Apc_6;
}
?>
ap_ItemCode is uses an id like this: 98854573384539543341-21-6
$transaction_data=explode('-', $alertpay_data[13]);
that id has 3 parts. Pat 1 is the actuel item id. Part 2 is the members id and part 3 is the transaction id.
Life is to short to wait.