Solved

Paypal IPN: INVALID

Posted on 2006-06-19
5
1,710 Views
Last Modified: 2013-12-12
Hi experts, I'm trying to use the IPN Paypal system.
I've tryed different code... but always the same answer: INVALID.

The strange thing is that the PayPal manual say that Paypal pass the parameters in POST... but I get anything in POST, I get data only in GET.

Here is my code:

<?php

// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_GET as $key => $value) {
      $value = urlencode(stripslashes($value));
      $req .= "&$key=$value";
}

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Host: www.sandbox.paypal.com\r\n"; //<<<<<<<<<<<< ADD THIS LINE
$header .= "Referer: ".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].@$_SERVER['QUERY_STRING']."\r\n";
$header .= "Server: ".$_SERVER['SERVER_SOFTWARE']."\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n";
$header .= "Accept: */*\r\n\r\n";

$fp = fsockopen ('www.sandbox.paypal.com', 80, $errno, $errstr, 30);

if (!$fp) {
      echo "PHP fsockopen() error: " . $errstr;
}
else {
      fputs ($fp, $header . $req);
      while (!feof($fp)) {
            $res = fgets ($fp, 1024);
            echo "RECEIVED: ".$res."<BR>"; // for debug
            if (strcmp ($res, "VERIFIED") == 0) {
                  echo "VERIFIED";
            }
            else if (strcmp ($res, "INVALID") == 0) {
                  echo "INVALID";
            }
      }
}

?>


Here the answer:

cmd=_notify-validate&tx=9BL62873GK243402G&st=Completed&amt=100.00&cc=EUR&cm=&sig=rD%2fvVjLNDwD3dAm9sv9GPPiTyAvtYm4fcqJBqXhwWoV0Y1nyEkWDRsuJg2102NpBwPjDp0sARhPOF446Z6hfW8xzv3S%2f1ILdF1v964dm0M%2fCXItrhJI2RsD7d63EgMeVPRn8TZ4ndlrmEtCBvtLT8QOlViCPOoPCwgGhXd9I%2bM8%3dRECEIVED: HTTP/1.0 200 OK
RECEIVED: Date: Mon, 19 Jun 2006 16:53:49 GMT
RECEIVED: Server: Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7a PHP/4.3.2
RECEIVED: Set-Cookie: cookie_check=yes; expires=Thu, 16-Jun-2016 16:53:49 GMT; path=/; domain=.paypal.com
RECEIVED: Set-Cookie: Apache=64.202.165.201.153601150736029465; path=/; expires=Wed, 11-Jun-36 16:53:49 GMT
RECEIVED: Content-Type: text/html; charset=UTF-8
RECEIVED: X-Cache: MISS from wc04.inet.mesa1.secureserver.net
RECEIVED: Connection: close
RECEIVED:
RECEIVED: INVALID


Thanks
0
Comment
Question by:marcodalzotto
  • 3
  • 2
5 Comments
 
LVL 2

Expert Comment

by:DataSmarts
Comment Utility
I've worked with Paypal before, and I understand mostly what you are trying to do, but can you provide a short two sentence narrative of what you are wanting to do?

Are you wanting to get the confirmation id from Paypal and add that to your own database?
0
 
LVL 5

Author Comment

by:marcodalzotto
Comment Utility
The answer I've posted is a paramateter passed by Paypal to my ok.php when the payment transaction is completed.
The code I've posted connects to Paypal and repeat the parameters as received, adding 'cmd=_notify-validate'.
As a result I shoud get VERIFIED.

Yes I want to get a confirmation by paypal that the transaction really occured so I can permit the downalod of my product.
0
 
LVL 2

Accepted Solution

by:
DataSmarts earned 500 total points
Comment Utility
<?php
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-synch';

$tx_token = $_GET['tx'];
$auth_token = "Enter yourToken";
$req .= "&tx=$tx_token&at=$auth_token";

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
// If possible, securely post back to paypal using HTTPS
// Your PHP server will need to be SSL enabled
// $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
// read the body data
$res = '';
$headerdone = false;
while (!feof($fp)) {
$line = fgets ($fp, 1024);
if (strcmp($line, "\r\n") == 0) {
// read the header
$headerdone = true;
}
else if ($headerdone)
{
// header has been read. now read the contents
$res .= $line;
}
}

// parse the data
$lines = explode("\n", $res);
$keyarray = array();
if (strcmp ($lines[0], "SUCCESS") == 0) {
for ($i=1; $i<count($lines);$i++){
list($key,$val) = explode("=", $lines[$i]);
$keyarray[urldecode($key)] = urldecode($val);
}
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment

$firstname = $keyarray['first_name'];
$lastname = $keyarray['last_name'];
$itemname = $keyarray['item_name'];
$amount = $keyarray['payment_gross'];
$shipping = $keyarray['shipping'];
$payment_status = $keyarray['payment_status'];
$txn_id = $keyarray['txn_id'];
$custom = $keyarray['custom'];


$DB_Server = "localhost"; //your MySQL Server
$DB_Username = ""; //your MySQL User Name
$DB_Password = ""; //your MySQL Password
$DB_DBName = ""; //your MySQL Database Name
$DB_TBLName = ""; //your MySQL Table Name


//create MySQL connection
$Connect = @mysql_connect($DB_Server, $DB_Username, $DB_Password)
or die("Couldn't connect to MySQL:<br>" . mysql_error() . "<br>" . mysql_errno());
//select database
$Db = @mysql_select_db($DB_DBName, $Connect)
or die("Couldn't select database:<br>" . mysql_error(). "<br>" . mysql_errno());

$fecha = date("m")."/".date("d")."/".date("Y");

$result = @mysql_query("UPDATE tblname SET paymentstatus='$payment_status', Transaction_Code='$txn_id' WHERE order_id='$custom'");

$i = 1;

if ($payment_status == 'Varified') {
Write access to Downloadable file
}
if ($payment_status != 'Varified') {
Write some Error message here
|


mail("poneal@paypal.com", "VERIFIED PDT", "$res\n $req");
}
else if (strcmp ($lines[0], "FAIL") == 0) {
// log for manual investigation
}
}
fclose ($fp);
?>
0
 
LVL 5

Author Comment

by:marcodalzotto
Comment Utility
Well done, DataSmarts.

I'm going to accept your answer, and I'm going to give you a grade of 'A' if you tel me the difference between:

     $req = 'cmd=_notify-validate';

and

     $req = 'cmd=_notify-synch';

And why I couldn't use 'cmd=_notify-validate' that is present in a lot of example about how to receive IPN notification from Paypal?

Thanks
0
 
LVL 2

Expert Comment

by:DataSmarts
Comment Utility
Well to be technical, I used the PDT instead of IPN as IPN has routinely had problems with the way they are sending the transaction confirmations.

As you may be aware, IPN provides a means where the user could, feasibly, close the browser and still receive the confirmation required to download your product.  PDT requires the user to got hrough the process of completing their transaction and then auto_return would direct them back to your site.  You also need a Cancel_return to be set so they are directed to your site where they can determine IF they want to continue or not...

0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Responsive Design Tools 6 36
get radio button vale in array 7 35
Page showing diff display 4 19
Paging Using PHP 7 31
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
This article discusses how to create an extensible mechanism for linked drop downs.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now