Problema jsp y ipn de paypal

cronosmen · #1 (**permalink**) 03/09/2012, 09:54

Hola chicos, estoy como loco buscando solución a este problema... vereis el ipn que he programado inserta demasiado en base de datos, solo debería insertar un registro con completado, pendiente... etc en bd,, pero no es asi por algun motivo inserta todos:

Código ASP:

Ver original<%@ page import="java.util.*"%>
<%@ page import="java.net.*"%>
<%@ page import="java.io.*"%>
<%@page import="java.sql.DriverManager"%>
<%@page import="java.sql.SQLException"%>
<%@page import="java.sql.Connection"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="mk.webapps.xxx.server.DBAccess"%>
<%@page import="java.util.Date"%>
<%@ page import="java.text.SimpleDateFormat"%>
<%
    // read post from PayPal system and add 'cmd'
    Enumeration en = request.getParameterNames();
    String str = "cmd=_notify-validate";
    while (en.hasMoreElements()) {
        String paramName = (String) en.nextElement();
        String paramValue = request.getParameter(paramName);
        str = str + "&" + paramName + "=" + URLEncoder.encode(paramValue);
    }
 
    // post back to PayPal system to validate
    // NOTE: change http: to https: in the following URL to verify using SSL (for increased security).
    // using HTTPS requires either Java 1.4 or greater, or Java Secure Socket Extension (JSSE)
    // and configured for older versions.
    //URL u = new URL("https://www.paypal.com/cgi-bin/webscr");
    URL u = new URL("https://www.sandbox.paypal.com/cgi-bin/webscr");
    URLConnection uc = u.openConnection();
    uc.setDoOutput(true);
    uc.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
    uc.setRequestProperty("Host", "www.sandbox.paypal.com");
    PrintWriter pw = new PrintWriter(uc.getOutputStream());
    pw.println(str);
    pw.close();
 
    BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
    String res = in.readLine();
    in.close();
 
    // assign posted variables to local variables
    String itemName = request.getParameter("item_name");
    String itemNumber = request.getParameter("item_number");
    String paymentStatus = request.getParameter("payment_status");
    String paymentAmount = request.getParameter("mc_gross");
    String paymentCurrency = request.getParameter("mc_currency");
    String txnId = request.getParameter("txn_id");
    String txnType = request.getParameter("txn_type");
    String receiverEmail = request.getParameter("receiver_email");
    String payerEmail = request.getParameter("payer_email");
    String custom = request.getParameter("custom");
 
//  String dbprefix = session.getAttribute("db_prefix").toString();     // For production systems
    String dbprefix = "dev_";   // For paypal testing
                Connection conn = null;
                Statement select = null;
                ResultSet result = null;
    try
{
                        DBAccess dba = new DBAccess(request);
                        conn = dba.getDBConn();
//                        String sql = "";
                        select = conn.createStatement();
  
}
catch(Exception e)
{
}
    select.executeUpdate("insert into dev_xxx.garbage values ('" + res + "');");
    //check notification validation
    if (res.equals("VERIFIED")) {
//      Connection conn = null;
//      Statement select = null;
//      ResultSet result = null;
        try {
//          DBAccess dba = new DBAccess(request);
//          conn = dba.getDBConn();
            String sql = "";
//          select = conn.createStatement();
            Date dDate = new Date();
            SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
            String sDate = sdf.format(dDate);
            dDate.setMonth(dDate.getMonth() + 1);
            String sDateMes = sdf.format(dDate);
            select.executeUpdate("insert into dev_xxx.garbage values ('" + paymentStatus + "');");
            select.executeUpdate("insert into dev_xxx.garbage values ('" + txnType + "');");
            if (paymentStatus.equals("Completed") && txnType.equals("subscr_payment")) {//pago completado y periódico
                if (paymentAmount.equals("9.90")) {
                    sql = "insert into "+ dbprefix + "xxx.UserPremium (IdUser, MailPaypal, IdPromo, IdUserType, IdPremium, FirstDate, EndDate) values("+ custom + ",'" + payerEmail + "', null, 2, 2, '"+ sDate + "', '" + sDateMes + "')";
                    select.executeUpdate(sql);
                } else if (paymentAmount.equals("99.00")) {
                    dDate.setMonth(dDate.getMonth() - 1);
                    dDate.setYear(dDate.getYear() + 1);
                    String sDateYear = sdf.format(dDate);
                    sql = "insert into "+ dbprefix + "xxx.UserPremium (IdUser, MailPaypal, IdPromo, IdUserType, IdPremium, FirstDate, EndDate) values("+ custom + ",'" + payerEmail + "', null, 2, 2, '"+ sDate + "', '" + sDateYear + "')";
                    select.executeUpdate(sql);
                }
                else{
                    select.executeUpdate("insert into dev_xxx.garbage values ('" + paymentAmount + "');");
                }
            }
            else if (txnType.equals("subscr_eot") || txnType.equals("subscr_cancel")){//suscripcion cancelada
                String [] datos = custom.split(";");
                sql = "insert into "+ dbprefix + "xxx.UserPremium (IdUser, MailPaypal, IdPromo, IdUserType, IdPremium, FirstDate, EndDate) values("+ datos[0] + ",'" + payerEmail + "', null, 2, 3, '"+ sDate + "', '" + sDateMes + "')";
                select.executeUpdate(sql);
                if (datos[1].equals("avanzado")){
                    sql = "insert into "+ dbprefix + "xxx.UserPremium (IdUser, MailPaypal, IdPromo, IdUserType, IdPremium, FirstDate, EndDate) values("+ datos[0] + ",'" + payerEmail + "', null, 1, 3, '"+ sDate + "', '" + sDateMes + "')";
                    select.executeUpdate(sql);
                    sql = "update "+ dbprefix +"xxx.Users set Valid=-1 WHERE Id=" + datos[0] ;
                    select.executeUpdate(sql);
                }
                // check that paymentStatus=Completed
                // check that txnId has not been previously processed
                // check that receiverEmail is your Primary PayPal email
                // check that paymentAmount/paymentCurrency are correct
                // process payment
            } 
        } catch (Exception e) {
            conn.rollback();
        }
        finally{
            select.close();
            result.close();
            conn.close();
        }
 
    }
    else if (res.equals("INVALID"))
    {
        select.executeUpdate("insert into dev_xxx.garbage values ('##INVALID##');");
        // log for investigation
    } else {
        // error
        select.executeUpdate("insert into dev_xxx.garbage values ('#"+res+"#');");
    }
%>