真的在 Paypal IPN 上苦苦挣扎
Really struggling with Paypal IPN
更新 - 我删除了验证,并添加了一个 $item_id = $_POST['option_selection1'];到我的领域,突然间它起作用了!
我有一个摄影师的网站,她全天都在出售时段。我正在尝试设置她,以便有人选择一个时间段,通过 paypal 购买,然后当通过 IPN 返回数据时,我捕获用于购买的电子邮件地址,以及我关联的 ID与时隙。使用该 ID,我在数据库中设置了一个开关,导致该时间段不再填充在表单上,因此其他人无法购买相同的时间段。每次做测试交易,数据库都不更新,不知道为什么。当我手动设置变量 $payer_email 和 $item_number 的值时,数据库执行我期望的操作。由此,我的印象是 PayPal 没有验证数据,或者它没有以我期望的方式发送数据。
这是我通过 PayPal 运行 表单的代码:
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT id,hour,minute,toggle FROM mini ORDER BY id ASC";
$result = $conn->query($sql);
echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">';
echo '<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="B6XDLRPVAUBQJ">
<input type="hidden" name="on0" value="item_number">
<select name="os0">';
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
if ($row["toggle"] == 0){
echo '<option value="'.$row["id"].'">'.$row["hour"].':'.$row["minute"].' '; //id is what I'm trying to extract from paypal via IPN
if ($row["id"] < 13){echo 'AM';}else{echo 'PM';}; //if-then statement determines if it is AM or PM based on id
echo '</option>';
};
}
} else {
echo "Sorry, I'm fully booked!";
}
?>
</select>
<input type="submit" name="submit" value="Book Your Session">
</form>
这是我的 IPN 代码
<?php
// STEP 1: read POST data
// Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
// Instead, read raw POST data from the input stream.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// STEP 2: POST IPN data back to PayPal to validate
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp-like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set
// the directory path of the certificate as shown below:
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if( !($res = curl_exec($ch)) ) {
// error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
// STEP 3: Inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// The IPN is verified, process it:
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process the notification
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
// IPN message values depend upon the type of notification sent.
// To loop thffrough the &_POST array and print the NV pairs to the screen:
foreach($_POST as $key => $value) {
echo $key." = ". $value."<br>";
}
} else if (strcmp ($res, "INVALID") == 0) {
// IPN invalid, log for manual investigation
echo "The response from IPN was: <b>" .$res ."</b>";
}
//database credentials intentionally omitted :)
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE mini SET toggle='1',email='".$payer_email."' WHERE id=('".$item_number."')";
if ($conn->query($sql) === TRUE) {
echo "<br/> - Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
?>
我建议您尝试使用 PaymentDetails API 来调试您正在测试的付款状态。
https://developer.paypal.com/docs/classic/api/adaptive-payments/PaymentDetails_API_Operation/
此外,PayPal 沙箱也有点不同,速度较慢且错误较多 - 因此您应该使用一些日志记录。记录发布的所有内容和验证响应。完成之后,您可以专注于应用程序的逻辑。
更新 - 我删除了验证,并添加了一个 $item_id = $_POST['option_selection1'];到我的领域,突然间它起作用了!
我有一个摄影师的网站,她全天都在出售时段。我正在尝试设置她,以便有人选择一个时间段,通过 paypal 购买,然后当通过 IPN 返回数据时,我捕获用于购买的电子邮件地址,以及我关联的 ID与时隙。使用该 ID,我在数据库中设置了一个开关,导致该时间段不再填充在表单上,因此其他人无法购买相同的时间段。每次做测试交易,数据库都不更新,不知道为什么。当我手动设置变量 $payer_email 和 $item_number 的值时,数据库执行我期望的操作。由此,我的印象是 PayPal 没有验证数据,或者它没有以我期望的方式发送数据。
这是我通过 PayPal 运行 表单的代码:
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT id,hour,minute,toggle FROM mini ORDER BY id ASC";
$result = $conn->query($sql);
echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">';
echo '<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="B6XDLRPVAUBQJ">
<input type="hidden" name="on0" value="item_number">
<select name="os0">';
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
if ($row["toggle"] == 0){
echo '<option value="'.$row["id"].'">'.$row["hour"].':'.$row["minute"].' '; //id is what I'm trying to extract from paypal via IPN
if ($row["id"] < 13){echo 'AM';}else{echo 'PM';}; //if-then statement determines if it is AM or PM based on id
echo '</option>';
};
}
} else {
echo "Sorry, I'm fully booked!";
}
?>
</select>
<input type="submit" name="submit" value="Book Your Session">
</form>
这是我的 IPN 代码
<?php
// STEP 1: read POST data
// Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
// Instead, read raw POST data from the input stream.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// STEP 2: POST IPN data back to PayPal to validate
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp-like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set
// the directory path of the certificate as shown below:
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if( !($res = curl_exec($ch)) ) {
// error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
// STEP 3: Inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// The IPN is verified, process it:
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process the notification
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
// IPN message values depend upon the type of notification sent.
// To loop thffrough the &_POST array and print the NV pairs to the screen:
foreach($_POST as $key => $value) {
echo $key." = ". $value."<br>";
}
} else if (strcmp ($res, "INVALID") == 0) {
// IPN invalid, log for manual investigation
echo "The response from IPN was: <b>" .$res ."</b>";
}
//database credentials intentionally omitted :)
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE mini SET toggle='1',email='".$payer_email."' WHERE id=('".$item_number."')";
if ($conn->query($sql) === TRUE) {
echo "<br/> - Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
?>
我建议您尝试使用 PaymentDetails API 来调试您正在测试的付款状态。
https://developer.paypal.com/docs/classic/api/adaptive-payments/PaymentDetails_API_Operation/
此外,PayPal 沙箱也有点不同,速度较慢且错误较多 - 因此您应该使用一些日志记录。记录发布的所有内容和验证响应。完成之后,您可以专注于应用程序的逻辑。