Upon trying to integrate a PayWithAmazon button to a web site, I am told that this return URL script file "should parse the return parameters, here is an example(provided by amazon support):
Array
(
[resultCode] => Success
[signature] => iuhsci7987987^&uygYG87875878.........
[sellerId] => AAAAAAAAAAAAAAA
[AWSAccessKeyId] => AAAAAAAAAAAAAAAAA
[SignatureMethod] => HbacAHS777
[SignatureVersion] => 2
[orderReferenceId] => S01-47887779-99776
[amount] => 0.10
[currencyCode] => USD
[paymentAction] => AuthorizeAndCapture
)
So, my question is, does this file (below) parse the return parameters?
<?php
header('Location: ../index.php');
/// - Database Information
$dbhost = 'localhost';
$dbuser = 'XXXXXXXXXXXX';
$dbpass = 'AAAAAAAAAAAA';
$dbname = 'BBBBBBBBBBBB';
/// - Do Not Edit Below This Line
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
/////////////////////////////////////////////////////////////////////////////////////////
function getUsername($id) {
$sql1 = "SELECT * FROM member_profile WHERE user_id = $id";
$query1 = mysql_query($sql1) or DIE(mysql_error());
$result = mysql_fetch_array($query1);
return $result['user_name'];
}
header('Location: ../index.php');
include_once ('../classes/config.php');
include ('../classes/functions.php');
include_once ('../classes/sessions.php'); //gives us access to the user's cookies for validation
$date = date();
$user = $user_id;
$credits = $_GET['description'];
$price = $_GET['amount'];
$username = getUsername($user_id);
$backp = $price;
$sql2 = "INSERT INTO purchases (id, type, user_id, vid_id, date, name, uploader, uploaderID, title, amount, videoid, descr, promo) VALUES ('', 'purchase', '$user', '0', '$date', '$username', 'none', 'none', 'none', '$backp', 'none', 'none', 'none')";
$query2 = mysql_query($sql2);
$sql1 = "SELECT * FROM credits WHERE user_id = $user";
$query1 = @mysql_query($sql1);
// =========================================================
// Error reporting for the above query is turned off, so we
// don't know if the credits record was even found.
// The following line fixes that issue by inserting a blank
// record if the row count is zero.
// =========================================================
if (mysql_num_rows($query1) == 0)
{
$sql1_I = "INSERT INTO credits (user_id) VALUES ($user)";
$query1_I = mysql_query($sql1_I) or die(mysql_error());
}
// =========================================================
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
// That is useless code and wasted space considering an entry is made upon initial user registration.
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
$old = @mysql_fetch_array($query1);
$balance = $old['total_credits'] + $credits;
$purchases = $old['total_purchases'] + 1;
$sql = "UPDATE credits SET user_id=$user, total_credits=$balance, pending_credits=0, last_purchase=$date, total_purchases=$purchases WHERE user_id=$user";
$query = mysql_query($sql);
$template = "../themes/$user_theme/templates/main_1.htm";
$inner_template1 = "../themes/$user_theme/templates/amazon1_success.htm"; //middle of page
$TBS = new clsTinyButStrong;
$TBS->NoErr = true; // no more error message displayed.
$TBS->LoadTemplate("$template");
$TBS->MergeBlock('mp', $members_full);
$TBS->Render = TBS_OUTPUT;
$TBS->Show();
?>