1 | <?php |
||
2 | // This file is part of BOINC. |
||
3 | // http://boinc.berkeley.edu |
||
4 | // Copyright (C) 2008 University of California |
||
5 | // |
||
6 | // BOINC is free software; you can redistribute it and/or modify it |
||
7 | // under the terms of the GNU Lesser General Public License |
||
8 | // as published by the Free Software Foundation, |
||
9 | // either version 3 of the License, or (at your option) any later version. |
||
10 | // |
||
11 | // BOINC is distributed in the hope that it will be useful, |
||
12 | // but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
13 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
14 | // See the GNU Lesser General Public License for more details. |
||
15 | // |
||
16 | // You should have received a copy of the GNU Lesser General Public License |
||
17 | // along with BOINC. If not, see <http://www.gnu.org/licenses/>. |
||
18 | |||
19 | require_once("../inc/util.inc"); |
||
20 | db_init(); |
||
21 | |||
22 | // read the post from PayPal system and add 'cmd' |
||
23 | $req = 'cmd=_notify-validate'; |
||
24 | |||
25 | foreach ($_POST as $key => $value) { |
||
26 | $value = urlencode(undo_magic_quotes($value)); |
||
27 | $req .= "&$key=$value"; |
||
28 | } |
||
29 | |||
30 | // post back to PayPal system to validate |
||
31 | $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; |
||
32 | $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; |
||
33 | $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; |
||
34 | $fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30); |
||
35 | |||
36 | // assign posted variables to local variables |
||
37 | $item_name = $_POST['item_name']; |
||
38 | $item_number = $_POST['item_number']; |
||
39 | $payment_status = $_POST['payment_status']; |
||
40 | $payment_amount = $_POST['mc_gross']; |
||
41 | $payment_fee = $_POST['mc_fee']; |
||
42 | $payment_currency = $_POST['mc_currency']; |
||
43 | $txn_id = $_POST['txn_id']; |
||
44 | $receiver_email = $_POST['receiver_email']; |
||
45 | $payer_email = $_POST['payer_email']; |
||
46 | $payer_name = $_POST['first_name']." ".$_POST['last_name']; |
||
47 | $ip = $_SERVER['REMOTE_ADDR']; |
||
48 | $agent = strtolower($_SERVER[HTTP_USER_AGENT]); |
||
49 | |||
50 | if (!$fp) { |
||
0 ignored issues
–
show
|
|||
51 | // HTTP ERROR, might want to do additional handling here |
||
52 | } else { |
||
53 | fputs ($fp, $header . $req); |
||
54 | while (!feof($fp)) { |
||
55 | $res = fgets ($fp, 1024); |
||
56 | if (strcmp ($res, "VERIFIED") == 0) { |
||
57 | $item_array = explode("_",$item_number); |
||
58 | $payment_id = abs($item_array[0]); |
||
59 | $order_time = abs($item_array[1]); |
||
60 | $result = _mysql_query("SELECT * FROM donation_paypal WHERE order_time = '$order_time' AND id = '$payment_id' AND processed = '0'"); |
||
61 | $num_rows = _mysql_num_rows($result); |
||
62 | if ($num_rows == 1) { |
||
63 | $row = _mysql_fetch_object($result); |
||
64 | $userid = $row->userid; |
||
65 | _mysql_query("UPDATE donation_paypal SET processed = '1', payment_time = '".time()."', item_name = '$item_name', payment_status = '$payment_status', payment_amount = '$payment_amount', payment_fee = '$payment_fee', payment_currency = '$payment_currency', txn_id = '$txn_id', receiver_email = '$receiver_email', payer_email = '$payer_email', payer_name = '$payer_name' WHERE id = '$payment_id'"); |
||
66 | if ($userid > 0) { |
||
67 | _mysql_query("UPDATE user SET donated = '1' WHERE id = '$userid'"); |
||
68 | } |
||
69 | } |
||
70 | } |
||
71 | } |
||
72 | fclose ($fp); |
||
73 | } |
||
74 | |||
75 | ?> |
||
76 |
This check looks for the bodies of
if
statements that have no statements or where all statements have been commented out. This may be the result of changes for debugging or the code may simply be obsolete.These
if
bodies can be removed. If you have an empty if but statements in theelse
branch, consider inverting the condition.could be turned into
This is much more concise to read.