paypal_encrypt.phps

<?php

function encrypt_paypal_button($bdata, $type = "cart", $class = false, $extra = false) {

 $forbidden_path = dirname(__FILE__);

 $profile = array(
  "cert_id" => "YOUR CERTIFICATE ID WITH PAYPAL",
  "cert_file" => "file://$forbidden_path/cert.pem",
  "cert_key" => "file://$forbidden_path/private.pem",
  "cert_pass" => "PRIVATE KEY PASSWORD",
  "ppal_cert" => "file://$forbidden_path/paypal_cert.pem",
 );

 $tmppaths = array(
  "in" => tempnam("$forbidden_path/tmpfiles", "ppal_in_"),
  "out" => tempnam("$forbidden_path/tmpfiles", "ppal_out_"),
  "final" => tempnam("$forbidden_path/tmpfiles", "ppal_final_"),
 );

 $buttondata = array();
 $buttondata["cert_id"] = $profile['cert_id'];
 foreach ($bdata as $n => $v) {
  $buttondata[$n] = $v;
 }

 $raw = array();
 foreach ($buttondata as $n => $v) {
  $raw[] = "$n=$v";
 }
 $rawdata = implode("\n", $raw);

 if (!file_put_contents($tmppaths['in'], $rawdata))
  return array(false, "raw button data could not be written to {$tmppaths['in']}");
 if (!@openssl_pkcs7_sign(
      $tmppaths['in'],
      $tmppaths['out'],
      $profile['cert_file'],
      array($profile["cert_key"], $profile["cert_pass"]),
      array(),
      PKCS7_BINARY
 )) {
  foreach ($tmppaths as $n => $v) {
   @unlink($v);
  }
  return array(false, "raw button data could not be signed: ".openssl_error_string());
 }
 
 $signeddata = file_get_contents($tmppaths['out']);
 $signeddata = explode("\n\n", $signeddata);
 $signeddata = $signeddata[1];
 $signeddata = base64_decode($signeddata);
 if (!file_put_contents($tmppaths['out'], $signeddata)) {
  foreach ($tmppaths as $n => $v) {
   @unlink($v);
  }
  return array(false, "signed button data could not be written to {$tmppaths['out']}");
 }
 if (!@openssl_pkcs7_encrypt(
      $tmppaths['out'],
      $tmppaths['final'],
      $profile['ppal_cert'],
      array(),
      PKCS7_BINARY
 )) {
  foreach ($tmppaths as $n => $v) {
   @unlink($v);
  }
  return array(false, "signed button data could not be encrypted: ".openssl_error_string());
 }

 $encdata = file_get_contents($tmppaths['final']);
 $encdata = explode("\n\n", $encdata);
 $encdata = trim(str_replace("\n", '', $encdata[1]));
 $encdata = "-----BEGIN PKCS7-----$encdata-----END PKCS7-----";

 foreach ($tmppaths as $n => $v) {
  @unlink($v);
 }

 if ($class !== false)
  $class_string = " class=\"$class\"";
 else
  $class_string = "";
 if ($extra !== false)
  $extra_string = "\n $extra";
 else
  $extra_string = "";

 if ($type == "cart") {
  $image = "https://www.paypal.com/en_US/i/btn/x-click-but22.gif";
  $text = "Add to Cart";
 }
 elseif ($type == "buy") {
  $image = "https://www.paypal.com/en_US/i/btn/x-click-but23.gif";
  $text = "Buy Now";
 }
 elseif ($type == "donate") {
  $image = "https://www.paypal.com/en_US/i/btn/x-click-but21.gif";
  $text = "Donate";
 }
 elseif ($type == "subscribe") {
  $image = "https://www.paypal.com/en_US/i/btn/x-click-but24.gif";
  $text = "Subscribe";
 }
 else {
  $image = "https://www.paypal.com/en_US/i/btn/x-click-but23.gif";
  $text = "Add to Cart";
 }

 $form = <<<EOF
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"$class_string>$extra_string
 <input type="hidden" name="cmd" value="_s-xclick" />
 <input type="hidden" name="encrypted" value="$encdata" />
 <input type="image" src="$image" style="border-style: none; vertical-align: middle;" name="submit" alt="$text" />
 <!--input type="submit" name="submit" value="$text" /-->
</form>
EOF;

 return array(true, $form);
}

?>