def test_mismatch_raises_exception(self):
ipn = PayPalIPN(business='*****@*****.**')
with self.assertRaises(paypalutil.SpoofedIPNException):
paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**')
ipn = PayPalIPN(receiver_email='*****@*****.**')
with self.assertRaises(paypalutil.SpoofedIPNException):
paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**')
def ipn(request, item_check_callable=None):
"""
PayPal IPN endpoint (notify_url).
Used by both PayPal Payments Pro and Payments Standard to confirm transactions.
http://tinyurl.com/d9vu9d
PayPal IPN Simulator:
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session
"""
logging.info(request)
form = PayPalIPNForm(request.POST)
logging.info(form)
logging.info(form.is_valid())
if form.is_valid():
try:
ipn_obj = form.save(commit=False)
logging.info(ipn_obj)
except Exception, e:
logging.error(e)
ipn_obj = PayPalIPN()
ipn_obj.set_flag("Exception while processing. (%s)" % form.errors)
logging.info(ipn_obj)
def create_ipn(request):
flag = None
ipnObj = None
form = PayPalIPNForm(request.POST)
if form.is_valid():
try:
ipnObj = form.save(commit=False)
except Exception as e:
flag = 'Exception while processing. (%s)' % e
else:
flag = 'Invalid form. (%s)' % form.errors
if ipnObj is None:
ipnObj = PayPalIPN()
ipnObj.initialize(request)
if flag is not None:
ipnObj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipnObj.verify_secret(form, request.GET['secret'])
else:
donation = get_ipn_donation(ipnObj)
if not donation:
raise Exception('No donation associated with this IPN')
verify_ipn_recipient_email(ipnObj, donation.event.paypalemail)
ipnObj.verify()
ipnObj.save()
return ipnObj
def create_subscription(user, data, ipaddress):
subscr_date = dateutil.parser.parse(data.get('subscr_date'))
subscr_effective = subscr_date + timedelta(days=30)
_dict = dict(
subscr_id=data.get('subscr_id'),
business=settings.PAYPAL_ITEM_NAME,
first_name=data.get('first_name', user.first_name),
last_name=data.get('last_name', user.last_name),
payer_email=data.get('payer_email'),
payer_id=data.get('payer_id'),
amount1=data.get('amount1', 0.0),
amount2=data.get('amount2', 0.0),
amount3=data.get('amount3', 0.0),
mc_amount1=data.get('mc_amount1', 0.0),
mc_amount2=data.get('mc_amount2', 0.0),
mc_amount3=data.get('mc_amount3', 0.0),
subscr_date=subscr_date,
username=user.username,
notify_version=data.get('notify_version'),
receiver_email='*****@*****.**',
txn_type=data.get('txn_type'),
mc_currency=data.get('mc_currency'),
recurring=data.get('recurring'),
test_ipn=data.get('test_ipn', False),
subscr_effective=None,
next_payment_date=subscr_effective,
time_created=datetime.now(),
ipaddress=ipaddress,
)
log.warn("saving subscription information for %s from IPN" % user.username)
ipn = PayPalIPN(**_dict)
ipn.save()
def create_ipn(request):
flag = None
ipnObj = None
form = PayPalIPNForm(request.POST)
if form.is_valid():
try:
ipnObj = form.save(commit=False)
except Exception as e:
flag = "Exception while processing. (%s)" % e
else:
flag = "Invalid form. (%s)" % form.errors
if ipnObj is None:
ipnObj = PayPalIPN()
ipnObj.initialize(request)
if flag is not None:
ipnObj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipnObj.verify_secret(form, request.GET['secret'])
else:
donation = get_ipn_donation(ipnObj)
if not donation:
raise Exception('No donation associated with this IPN: Custom field value {!r}'.format(ipnObj.custom))
ipnObj.verify()
# Check if receiver email matches event here. This removes the need for a custom fork of django-paypal.
business = donation.event.paypalemail
if (ipnObj.business and ipnObj.business.lower() != business.lower()) or (
not ipnObj.business and ipnObj.receiver_email.lower() != business.lower()):
ipnObj.set_flag("Business email mismatch. (%s)" % ipnObj.business)
ipnObj.save()
return ipnObj
def make_ipn(custom, grand_total):
from django.conf import settings
return PayPalIPN(receiver_email=settings.PAYPAL_BUSINESS_EMAIL,
receiver_id=settings.PAYPAL_BUSINESS_ID,
mc_currency='EUR',
payment_status='Completed',
custom=str(custom),
mc_gross=Decimal(grand_total))
def ipn_object():
"""Returns a valid IPN object."""
return PayPalIPN(business=settings.PAYPAL_RECEIVER_EMAIL,
payment_status='Completed',
mc_gross=Decimal(
settings.CS_EXTRA_CARD_PACK_PRICE),
mc_currency=settings.CS_EXTRA_CARD_PACK_CURRENCY,
custom='{"player_id":%d}' % user.id)
def ipn(request, item_check_callable=None):
"""
PayPal IPN endpoint (notify_url).
Used by both PayPal Payments Pro and Payments Standard to confirm transactions.
http://tinyurl.com/d9vu9d
PayPal IPN Simulator:
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session
"""
#TODO: Clean up code so that we don't need to set None here and have a lot
# of if checks just to determine if flag is set.
flag = None
ipn_obj = None
# Clean up the data as PayPal sends some weird values such as "N/A"
data = request.POST.copy()
date_fields = ('time_created', 'payment_date', 'next_payment_date',
'subscr_date', 'subscr_effective')
for date_field in date_fields:
if data.get(date_field) == 'N/A':
del data[date_field]
form = PayPalIPNForm(data)
if form.is_valid():
try:
#When commit = False, object is returned without saving to DB.
ipn_obj = form.save(commit=False)
except Exception as e:
flag = "Exception while processing. (%s)" % e
else:
flag = "Invalid form. (%s)" % form.errors
if ipn_obj is None:
ipn_obj = PayPalIPN()
#Set query params and sender's IP address
ipn_obj.initialize(request)
if flag is not None:
#We save errors in the flag field
ipn_obj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipn_obj.verify_secret(form, request.GET['secret'])
else:
ipn_obj.verify(item_check_callable)
ipn_obj.save()
return HttpResponse("OKAY")
def ipn(request, item_check_callable=None):
"""
PayPal IPN endpoint (notify_url).
Used by both PayPal Payments Pro and Payments Standard to confirm transactions.
http://tinyurl.com/d9vu9d
PayPal IPN Simulator:
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session
"""
# TODO: Clean up code so that we don't need to set None here and have a lot
# of if checks just to determine if flag is set.
flag = None
ipn_obj = None
# Clean up the data as PayPal sends some weird values such as "N/A"
# Also, need to cope with custom encoding, which is stored in the body (!).
# Assuming the tolerant parsing of QueryDict and an ASCII-like encoding,
# such as windows-1252, latin1 or UTF8, the following will work:
encoding = request.POST.get('charset', None)
encoding_missing = encoding is None
if encoding_missing:
encoding = DEFAULT_ENCODING
try:
data = QueryDict(request.body, encoding=encoding).copy()
except LookupError:
data = None
flag = "Invalid form - invalid charset"
if data is not None:
if hasattr(PayPalIPN._meta, 'get_fields'):
date_fields = [
f.attname for f in PayPalIPN._meta.get_fields()
if f.__class__.__name__ == 'DateTimeField'
]
else:
date_fields = [
f.attname for f, m in PayPalIPN._meta.get_fields_with_model()
if f.__class__.__name__ == 'DateTimeField'
]
for date_field in date_fields:
if data.get(date_field) == 'N/A':
del data[date_field]
form = PayPalIPNForm(data)
if form.is_valid():
try:
# When commit = False, object is returned without saving to DB.
ipn_obj = form.save(commit=False)
except Exception as e:
flag = "Exception while processing. (%s)" % e
else:
flag = "Invalid form. ({0})".format(", ".join([
"{0}: {1}".format(k, ", ".join(v))
for k, v in form.errors.items()
]))
if ipn_obj is None:
ipn_obj = PayPalIPN()
# Set query params and sender's IP address
ipn_obj.initialize(request)
if flag is not None:
# We save errors in the flag field
ipn_obj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipn_obj.verify_secret(form, request.GET['secret'])
else:
ipn_obj.verify(item_check_callable)
ipn_obj.save()
ipn_obj.send_signals()
if encoding_missing:
# Wait until we have an ID to log warning
log.warning("No charset passed with PayPalIPN: %s. Guessing %s",
ipn_obj.id, encoding)
return HttpResponse("OKAY")
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session
"""
flag = None
ipn_obj = None
form = PayPalIPNForm(request.POST)
if form.is_valid():
try:
ipn_obj = form.save(commit=False)
except Exception, e:
flag = "Exception while processing. (%s)" % e
else:
flag = "Invalid form. (%s)" % form.errors
if ipn_obj is None:
ipn_obj = PayPalIPN()
ipn_obj.initialize(request)
if flag is not None:
ipn_obj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipn_obj.verify_secret(form, request.GET['secret'])
else:
ipn_obj.verify(item_check_callable)
ipn_obj.save()
return HttpResponse("OKAY")
def get_ipn(request): ipnObj = PayPalIPN() ipnObj.initialize(request) return ipnObj
from decimal import *
import pytz
def create_ipn(request):
flag = None
ipnObj = None
form = PayPalIPNForm(request.POST)
if form.is_valid():
try:
ipnObj = form.save(commit=False)
except Exception, e:
flag = "Exception while processing. (%s)" % e
else:
flag = "Invalid form. (%s)" % form.errors
if ipnObj is None:
ipnObj = PayPalIPN()
ipnObj.initialize(request)
if flag is not None:
ipnObj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipnObj.verify_secret(form, request.GET['secret'])
else:
donation = get_ipn_donation(ipnObj)
if not donation:
raise Exception('No donation associated with this IPN')
ipnObj.verify(None, donation.event.paypalemail)
ipnObj.save()
return ipnObj
def ipn(request, item_check_callable=None):
"""
PayPal IPN endpoint (notify_url).
Used by both PayPal Payments Pro and Payments Standard to confirm transactions.
http://tinyurl.com/d9vu9d
PayPal IPN Simulator:
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session
"""
#TODO: Clean up code so that we don't need to set None here and have a lot
# of if checks just to determine if flag is set.
flag = None
ipn_obj = None
# Clean up the data as PayPal sends some weird values such as "N/A"
# Also, need to cope with custom encoding, which is stored in the body (!).
# Assuming the tolerate parsing of QueryDict and an ASCII-like encoding,
# such as windows-1252, latin1 or UTF8, the following will work:
encoding = request.POST.get('charset', None)
if encoding is None:
flag = "Invalid form - no charset passed, can't decode"
data = None
else:
try:
data = QueryDict(request.body, encoding=encoding).copy()
except LookupError:
data = None
flag = "Invalid form - invalid charset"
if data is not None:
date_fields = ('time_created', 'payment_date', 'next_payment_date',
'subscr_date', 'subscr_effective')
for date_field in date_fields:
if data.get(date_field) == 'N/A':
del data[date_field]
form = PayPalIPNForm(data)
if form.is_valid():
try:
#When commit = False, object is returned without saving to DB.
ipn_obj = form.save(commit=False)
except Exception as e:
flag = "Exception while processing. (%s)" % e
else:
flag = "Invalid form. (%s)" % form.errors
if ipn_obj is None:
ipn_obj = PayPalIPN()
#Set query params and sender's IP address
ipn_obj.initialize(request)
if flag is not None:
#We save errors in the flag field
ipn_obj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipn_obj.verify_secret(form, request.GET['secret'])
else:
ipn_obj.verify(item_check_callable)
ipn_obj.save()
return HttpResponse("OKAY")
def ipn(request, item_check_callable=None, host_id=None, trans_id=None):
"""
PayPal IPN endpoint (notify_url).
Used by both PayPal Payments Pro and Payments Standard to confirm transactions.
http://tinyurl.com/d9vu9d
PayPal IPN Simulator:
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session
#what triggers this view?
"""
#TODO: Clean up code so that we don't need to set None here and have a lot
# of if checks just to determine if flag is set.
flag = None
ipn_obj = None
# Clean up the data as PayPal sends some weird values such as "N/A"
# Also, need to cope with custom encoding, which is stored in the body (!).
# Assuming the tolerant parsing of QueryDict and an ASCII-like encoding,
# such as windows-1252, latin1 or UTF8, the following will work:
encoding = request.POST.get('charset', None)
if encoding is None:
flag = "Invalid form - no charset passed, can't decode"
data = None
else:
try:
data = QueryDict(request.body, encoding=encoding).copy()
except LookupError:
data = None
flag = "Invalid form - invalid charset"
if data is not None:
date_fields = ('time_created', 'payment_date', 'next_payment_date',
'subscr_date', 'subscr_effective')
for date_field in date_fields:
if data.get(date_field) == 'N/A':
del data[date_field]
form = PayPalIPNForm(
data) #from paypal.standard.ipn.forms import PayPalIPNForm
if form.is_valid():
try:
#When commit = False, object is returned without saving to DB.
ipn_obj = form.save(commit=False)
except Exception as e:
flag = "Exception while processing. (%s)" % e
else:
flag = "Invalid form. (%s)" % form.errors
if ipn_obj is None:
ipn_obj = PayPalIPN(
) #from paypal.standard.ipn.models import PayPalIPN
#Set query params and sender's IP address
ipn_obj.initialize(request)
#Store the invoice value so i can use it to update the transactions model
invoice_sent = ipn_obj.invoice
#Add other host characteristicsto the model
#Eventually add transaction_id to the ipn_obj model
if host_id:
host = get_object_or_404(UserInfo, pk=host_id)
ipn_obj.host_email = host.email
ipn_obj.host_fname = host.first_name
ipn_obj.host_lname = host.last_name
ipn_obj.host_st_address1 = host.st_address1
ipn_obj.host_st_address2 = host.st_address2
if trans_id:
trans = Transaction.objects.get(pk=trans_id)
ipn_obj.trans_table_id = trans.id
#the following set_flag is defined in paypal.standard.modle.spy, flat var is passed as the "info" parameter
if flag is not None:
#We save errors in the flag field
ipn_obj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
ipn_obj.verify_secret(form, request.GET['secret'])
else:
ipn_obj.verify(item_check_callable)
ipn_obj.save()
ipn_obj.send_signals()
#JMY ADDED: Update the Transaction Table to confirm we need to transation ID but only have invoice on the paypal IPN
if trans_id:
trans.payment_processed = True
trans_table_id = trans.id
trans.payment_method = "Paypal"
trans.save()
#update the userinfo table to add an account balance
new_balance = trans.balance_created_packages
userinfo = UserInfo.objects.get(pk=trans.enduser.id)
if new_balance:
userinfo.account_balance_packages = new_balance
userinfo.save()
#send emails
notify_host_shipment_paid(request, trans_table_id)
notify_enduser_shipment_paid(request, trans_table_id)
return HttpResponse("OKAY")
def payment_ipn_view(request, id, organisation_name):
"""
PayPal IPN endpoint (notify_url).
Used by both PayPal Payments Pro and Payments Standard to confirm transactions.
http://tinyurl.com/d9vu9d
PayPal IPN Simulator:
https://developer.paypal.com/cgi-bin/devscr?cmd=_ipn-link-session
"""
# TODO: Clean up code so that we don't need to set None here and have a lot
# of if checks just to determine if flag is set.
flag = None
ipn_obj = None
# Avoid the RawPostDataException. See original issue for details:
# https://github.com/spookylukey/django-paypal/issues/79
if not request.META.get('CONTENT_TYPE', '').startswith(
'application/x-www-form-urlencoded'):
raise AssertionError(CONTENT_TYPE_ERROR)
# Clean up the data as PayPal sends some weird values such as "N/A"
# Also, need to cope with custom encoding, which is stored in the body (!).
# Assuming the tolerant parsing of QueryDict and an ASCII-like encoding,
# such as windows-1252, latin1 or UTF8, the following will work:
encoding = request.POST.get('charset', None)
encoding_missing = encoding is None
if encoding_missing:
encoding = DEFAULT_ENCODING
try:
data = QueryDict(request.body, encoding=encoding).copy()
except LookupError:
warn_untested()
data = None
flag = "Invalid form - invalid charset"
if data is not None:
if hasattr(PayPalIPN._meta, 'get_fields'):
date_fields = [f.attname for f in PayPalIPN._meta.get_fields() if f.__class__.__name__ == 'DateTimeField']
else:
date_fields = [f.attname for f, m in PayPalIPN._meta.get_fields_with_model()
if f.__class__.__name__ == 'DateTimeField']
for date_field in date_fields:
if data.get(date_field) == 'N/A':
del data[date_field]
form = PayPalIPNForm(data)
if form.is_valid():
try:
# When commit = False, object is returned without saving to DB.
ipn_obj = form.save(commit=False)
except Exception as e:
flag = "Exception while processing. (%s)" % e
else:
formatted_form_errors = ["{0}: {1}".format(k, ", ".join(v)) for k, v in form.errors.items()]
flag = "Invalid form. ({0})".format(", ".join(formatted_form_errors))
if ipn_obj is None:
ipn_obj = PayPalIPN()
# Set query params and sender's IP address
ipn_obj.initialize(request)
if flag is not None:
# We save errors in the flag field
ipn_obj.set_flag(flag)
else:
# Secrets should only be used over SSL.
if request.is_secure() and 'secret' in request.GET:
warn_untested()
ipn_obj.verify_secret(form, request.GET['secret'])
else:
ipn_obj.verify()
if(ipn_obj.payment_status == 'Completed'):
o_Orders = Order.objects.filter(invoiceUID = ipn_obj.invoice)
for o_Order in o_Orders:
o_Order.isPayed = True
o_Order.save()
sendDankesEmail(ipn_obj)
ipn_obj.save()
ipn_obj.send_signals()
if encoding_missing:
# Wait until we have an ID to log warning
logger.warning("No charset passed with PayPalIPN: %s. Guessing %s", ipn_obj.id, encoding)
return HttpResponse("OKAY")
def test_match_is_okay(self):
ipn = PayPalIPN(business='*****@*****.**')
paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**')
ipn = PayPalIPN(receiver_email='*****@*****.**')
paypalutil.verify_ipn_recipient_email(ipn, '*****@*****.**')
