<?php
/**** Settings ***********/
$myAuthValue = ''; // The verification value you entered in PostalMethod's control panel (Control Panel -> User Settings -> Feedback)
/*************************/
if(! ctype_digit($_REQUEST['ID'])){
$pmId = 'Suspect value; not a positive integer';
} else {
$pmId = $_REQUEST['ID'];
}
if(! ctype_digit($_REQUEST['ItemID'])){
$pmItemId = 'Suspect value; not a positive integer';
} else {
$pmItemId = $_REQUEST['ItemID'];
}
if($_REQUEST['Auth'] != $myAuthValue){
$pmAuth = 'Suspected forgery; authorization value doesn\'t match';
} else {
$pmAuth = $_REQUEST['Auth'];
}
if($_REQUEST['Status'] != strval(floatval($_REQUEST['Status']))){
$pmStatus = 'Suspect value; not a positive or negative integer';
} else {
$pmStatus = $_REQUEST['Status'];
}
$arrStatusTime = date_parse($_REQUEST['StatusTime']);
if($arrStatusTime['error_count'] > 0 || $arrStatusTime['warning_count'] > 0){
$pmStatusTime = 'Suspect value; not a valid date-time';
} else {
$pmStatusTime = $_REQUEST['StatusTime'];
}
//
// Put your business logic here
// In this case, we're just writing the returned values to a file,
// but you will probably want to do something more intelligent
//
$fh = fopen('pm_feedback.txt', 'a+') or die("can't open pm_feedback.txt: $php_errormsg");
fwrite($fh, date('r', time()) . "\r\n");
fwrite($fh, "==============================\r\n");
fwrite($fh, "ID: $pmId \r\n");
fwrite($fh, "ItemID: $pmItemId \r\n");
fwrite($fh, "Auth: $pmAuth \r\n");
fwrite($fh, "Status: $pmStatus \r\n");
fwrite($fh, "StatusTime: $pmStatusTime \r\n");
fwrite($fh, "\r\n");
fclose($fh);
//
// End business logic here
//
echo "0"; // Tells PostalMethods that the callback has succeeded
?>
