Allow a hosted button ID as a fallback for the PayPal address (with limitations)

11 years ago · 86c6d5aeaf
parent 66d2c16a3f
commit 86c6d5aeaf
3 changed files with 27 additions and 3 deletions
--- a/public_html/classes/paymentmethod.php
+++ b/public_html/classes/paymentmethod.php
@ -95,7 +95,7 @@ class PaymentMethod extends CPHPDatabaseRecordClass
 		switch($type)
 		{
 			case PaymentMethod::PAYPAL:
-				return filter_var($address, FILTER_VALIDATE_EMAIL);
+				return filter_var($address, FILTER_VALIDATE_EMAIL) || preg_match("/^[A-Z0-9]{13}$/", $address);
 			case PaymentMethod::BITCOIN:
 				return (preg_match("/^[a-zA-Z1-9]{27,35}$/", $address) == true);
 			default:
--- a/public_html/modules/donate.php
+++ b/public_html/modules/donate.php
@ -82,7 +82,19 @@ if(!empty($_POST['submit']))
 				$sQuotedName = urlencode("{$sCampaign->sName} (via ReDonate.net)");
 				$sQuotedNumber = urlencode("0");
 				$sQuotedReturnUrl = urlencode("http://redonate.net/thanks/{$sCampaign->sUrlName}");
-				redirect("https://www.paypal.com/cgi-bin/webscr?business={$sQuotedRecipient}&cmd=_donations&item_name={$sQuotedName}&item_number={$sQuotedNumber}&currency_code={$sCurrency}&amount={$sAmount}&return={$sQuotedReturnUrl}");
+				
+				if(filter_var($sPaymentMethod->sAddress, FILTER_VALIDATE_EMAIL))
+				{
+					$target = "https://www.paypal.com/cgi-bin/webscr?business={$sQuotedRecipient}&cmd=_donations&item_name={$sQuotedName}&item_number={$sQuotedNumber}&currency_code={$sCurrency}&amount={$sAmount}&return={$sQuotedReturnUrl}";
+				}
+				else
+				{
+					/* This is most likely a hosted button ID. We can only provide limited information in this case - we can really only set the item description. 
+					 * Not sure if setting the return URL will work, but we might as well try. */
+					$target = "https://www.paypal.com/cgi-bin/webscr?hosted_button_id={$sQuotedRecipient}&cmd=_s-xclick&item_name={$sQuotedName}&return={$sQuotedReturnUrl}";
+				}
+
+				redirect($target);
 				return;
 			case PaymentMethod::BITCOIN:
 				if($sPaymentRequest->sCurrency != "btc")
--- a/public_html/modules/payment/paypal.php
+++ b/public_html/modules/payment/paypal.php
@ -37,4 +37,16 @@ $sQuotedRecipient = urlencode($sPaymentMethod->sAddress);
 $sQuotedName = urlencode("{$sPaymentRequest->sCampaign->sName} (via ReDonate.net)");
 $sQuotedNumber = urlencode("{$sPaymentRequest->sId}");
 $sQuotedReturnUrl = urlencode("http://redonate.net/pay/{$sPaymentRequest->sSubscription->sEmailAddress}/{$sPaymentRequest->sId}/{$sPaymentRequest->sKey}/paypal/done");
-redirect("https://www.paypal.com/cgi-bin/webscr?business={$sQuotedRecipient}&cmd=_donations&item_name={$sQuotedName}&item_number={$sQuotedNumber}&currency_code={$sCurrency}&amount={$sAmount}&return={$sQuotedReturnUrl}");
+
+if(filter_var($sPaymentMethod->sAddress, FILTER_VALIDATE_EMAIL))
+{
+	$target = "https://www.paypal.com/cgi-bin/webscr?business={$sQuotedRecipient}&cmd=_donations&item_name={$sQuotedName}&item_number={$sQuotedNumber}&currency_code={$sCurrency}&amount={$sAmount}&return={$sQuotedReturnUrl}";
+}
+else
+{
+	/* This is most likely a hosted button ID. We can only provide limited information in this case - we can really only set the item description. 
+	 * Not sure if setting the return URL will work, but we might as well try. */
+	$target = "https://www.paypal.com/cgi-bin/webscr?hosted_button_id={$sQuotedRecipient}&cmd=_s-xclick&item_name={$sQuotedName}&return={$sQuotedReturnUrl}";
+}
+
+redirect($target);