0

I have a big trouble. I've done an e-commerce site many month ago, now i wanna do that after an user has bought, paypal redirect the user in a website that confirm the bought with an e-mail.

Obviously, the return page has a control of refererpage, because it can't send a confirmation mail to all that write the page address, but the command:

Request.ServerVariables["HTTP_REFERER"]

Doesn't work, because paypal is an https webpage. So, how i can solve it?

Thank you before!

ProtoTyPus
  • 1,272
  • 3
  • 19
  • 40
  • look at this MSDN Site [HttpWebRequest.Referer Property](http://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.referer.aspx) – MethodMan Jul 01 '14 at 18:05
  • It doesn't talk about my problem. There are things that I know already, but it doesn't talk about https! – ProtoTyPus Jul 01 '14 at 18:08
  • this one does right here http://support.microsoft.com/kb/178066 – MethodMan Jul 01 '14 at 18:09
  • don't know much about this, but a quick google revealed the following: http://stackoverflow.com/questions/47089/best-way-in-asp-net-to-force-https-for-an-entire-site – user1666620 Jul 01 '14 at 18:09
  • here is another site to look at.. https://blog.httpwatch.com/2009/02/20/how-secure-are-query-strings-over-https/ remember this site can be your best friend [Click here for your best Friend!!](http://www.google.com) – MethodMan Jul 01 '14 at 18:11

1 Answers1

1

hi you can try below code for this:

First set the "notify_url" in your website 

 <input type="hidden" name="notify_url" value="http://www.your-website-url.com/notifypaypal.aspx" />

after that create notifypaypal.aspx Page.

notifypaypal.aspx : here not required any code ..

notifypaypal.aspx.cs :

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.IO;
using System.Text;
using System.Threading;
using System.Net;
using BLL;

public partial class notifypaypal : System.Web.UI.Page
{

    protected void Page_Load(object sender, EventArgs e)
    {


        //Post back to either sandbox or live
       // string strSandbox = "https://www.sandbox.paypal.com/cgi-bin/webscr";//For localhost
        string strLive = "https://www.paypal.com/cgi-bin/webscr";//For live server
        HttpWebRequest req = (HttpWebRequest)WebRequest.Create(strLive);

        //Set values for the request back
        req.Method = "POST";
        req.ContentType = "application/x-www-form-urlencoded";
        byte[] param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
        string strRequest = Encoding.ASCII.GetString(param);
        string ipnPost = strRequest;
        strRequest += "&cmd=_notify-validate";
        req.ContentLength = strRequest.Length;

        //for proxy
        //WebProxy proxy = new WebProxy(new Uri("http://url:port#"));
        //req.Proxy = proxy;

        //Send the request to PayPal and get the response
        StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
        streamOut.Write(strRequest);
        streamOut.Close();
        StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
        string strResponse = streamIn.ReadToEnd();
        streamIn.Close();

        // logging ipn messages... be sure that you give write permission to process executing this code
        string logPathDir = ResolveUrl("Messages");
        string logPath = string.Format("{0}\\{1}.txt",Server.MapPath(logPathDir), DateTime.Now.Ticks);
        File.WriteAllText(logPath, ipnPost);


        if (strResponse == "VERIFIED")
        {

            #region [Update Order Status]
            string txn_id = HttpContext.Current.Request["txn_id"]; //txn_id=    Unique transaction number.
            string payment_status = HttpContext.Current.Request["payment_status"];   //payment_status=Payment state(Completed,Pending,Failed,Denied,Refunded)
            string pending_reason = HttpContext.Current.Request["pending_reason"];   //pending_reason=Reason of payment delay(echeck,multi_currency,intl,verify,...)
            string item_number = HttpContext.Current.Request["item_number"];  //item_number=order number


            if (HttpContext.Current.Request["payment_status"].ToString() == "Completed")
            {
                try
                {
//update in database that particular "item_number"(Order number) is successfully  Completed

                }
                catch
                {
                }
            }
            else
            {
                if (HttpContext.Current.Request["payment_status"].ToString() == "Pending")
                {
                    try
                    {
                        //update in database that particular "item_number"(Order number) is Pending
                    }
                    catch
                    {
                    }
                }
                else
                {

                }
            }
            #endregion


        }
        else if (strResponse == "INVALID")
        {

        }
        else
        {


        }
    }     

}
user3786581
  • 401
  • 5
  • 13