Solved

Unable to parse Variables with PayPal IPN script

Posted on 2007-11-22
8
1,204 Views
Last Modified: 2008-02-01
Hello everyone

I'm currently trying to modify a simple PayPal IPN script to send me more details about customers transactions, the problem I'm having is when I try to assign variables to local variables the script fails if I attempt to use the variable $address_street.  There are no errors the script just doesn't send an email, if I remove the $address_street then it all works fine.  Now from what I can gather it has something to do with some of the characters within the address_street variable. for example:

address_street=39+Jackson+Avenue%0D%0ATristam+Downs

Does anyone have any thoughts on how to resolve this.

Cheers
#!/usr/bin/perl
 
# read post from PayPal system and add 'cmd'
read (STDIN, $query, $ENV{'CONTENT_LENGTH'});
$query .= '&cmd=_notify-validate';
 
# post back to PayPal system to validate
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$req = new HTTP::Request 'POST','https://www.sandbox.paypal.com/cgi-bin/webscr';
$req->content_type('application/x-www-form-urlencoded');
$req->content($query);
$res = $ua->request($req);
 
# split posted variables into pairs
@pairs = split(/&/, $query);
$count = 0;
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$variable{$name} = $value;
$count++;
}
 
# assign posted variables to local variables
$name_first = $variable('first_name');
$name_last = $variable('last_name');
$address_street = $variable('address_street');
$address_city = $variable('address_city');
$payment_status = $variable{'payment_status'};
$payment_amount = $variable{'mc_gross'};
$payment_currency = $variable{'mc_currency'};
$txn_id = $variable{'txn_id'};
$receiver_email = $variable{'receiver_email'};
$payer_email = $variable{'payer_email'};
 
#assign variables for email 
$status = $res->content;
 
if ($res->is_error) {
# HTTP error
}
elsif ($res->content eq 'VERIFIED') {
# check the $payment_status=Completed
# check that $txn_id has not been previously processed
# check that $receiver_email is your Primary PayPal email
# check that $payment_amount/$payment_currency are correct
# process payment
 
open (MAIL, "|/usr/sbin/sendmail -t -oeq") || die("Could not send
email.\n");
    print MAIL "To: payment\@mydomain.co.nz \n";
    print MAIL "From: paypal\@mydomain.co.nz \n";
    print MAIL "Subject: Payment Verification\n\n";
    print MAIL "$name_first \n";
    print MAIL "$name_last \n";
    print MAIL "$address_street \n";
    print MAIL "$address_city \n";
    print MAIL "$payment_status \n";
    print MAIL "$payment_amount \n";
    print MAIL "$payment_currency \n";
    print MAIL "$txn_id \n";
    print MAIL "$receiver_email \n";
    print MAIL "$payer_email \n";
 
close (MAIL);
 
}
elsif ($res->content eq 'INVALID') {
# log for manual investigation
 
open (MAIL, "|/usr/sbin/sendmail -t -oeq") || die("Could not send
email.\n");
    print MAIL "To: payment\@mydomain.co.nz \n";
    print MAIL "From: paypal\@mydomain.co.nz \n";
    print MAIL "Subject: INVALID IPN Notification\n\n";
    print MAIL "IPN returned: $status\n\n";
    print MAIL "Here is the raw IPN string:\n";
    print MAIL "$query\n";
 
close (MAIL);
 
}
else {
# error
}
print "content-type: text/plain\n\n";

Open in new window

0
Comment
Question by:matrixnz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 9

Expert Comment

by:Suhas .
ID: 20334734

# split posted variables into pairs
@pairs = split(/&/, $query);
$count = 0;
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
######## add the below line and try ######################
$value =~ tr/%//; #translate the % symbol to blank space in address
#############################
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$variable{$name} = $value;
$count++;
}

0
 
LVL 28

Accepted Solution

by:
FishMonger earned 250 total points
ID: 20335578
You should be using the CGI module to read and parse the post submission.  You also should be using the warnings and strict pragma and declare your vars with the my keyword.

On the following hash vars, you're using ( ) parens when you should be using { } braces

$name_first = $variable('first_name');
$name_last = $variable('last_name');
$address_street = $variable('address_street');
$address_city = $variable('address_city');

#!/usr/bin/perl
 
use CGI; 
use strict;
use warnings;
 
# read post from PayPal system and add 'cmd'
my $cgi = CGI->new;
my %variable = $cgi->Vars;
 
# assign posted variables to local variables
my $name_first = $variable{'first_name'};
my $name_last = $variable{'last_name'};
my $address_street = $variable{'address_street'};
my $address_city = $variable{'address_city'};
my $payment_status = $variable{'payment_status'};
my $payment_amount = $variable{'mc_gross'};
my $payment_currency = $variable{'mc_currency'};
my $txn_id = $variable{'txn_id'};
my $receiver_email = $variable{'receiver_email'};
my $payer_email = $variable{'payer_email'};

Open in new window

0
 
LVL 48

Expert Comment

by:Tintin
ID: 20336685
Classic example of a roll your own CGI parsing code that doesn't work properly.

FishMonger's code should work perfectly.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 29

Author Comment

by:matrixnz
ID: 20337006
Hi everyone

Thanks for your input.

suhasbharadwaj I tried changing the code but it still didn't work unfortunately.

FishMonger, Tintin this code is actually directly from PayPal, the only change is the To and From email addresses.  At a glance the script won't verify the transaction from PayPal is that correct?  From my limited understanding of PayPals IPN, on completion the customer is returned to a predefined URL in this case paypal.pl (this script) then it appends cmd=_notify-validate to the returned variables and sends this to PayPal, PayPal then returns a Verified or Invalid back to the script depending on the customers transaction.  If the transaction is Verified then it processes the Verified Email otherwise the Invalid Email.  So to enable the return to PayPal would I just need the following?

Cheers
#!/usr/bin/perl
 
use CGI; 
use strict;
use warnings;
 
# read post from PayPal system and add 'cmd'
read (STDIN, $query, $ENV{'CONTENT_LENGTH'});
my $query .= '&cmd=_notify-validate';
 
# post back to PayPal system to validate
use LWP::UserAgent;
my $ua = new LWP::UserAgent;
my $req = new HTTP::Request 'POST','https://www.sandbox.paypal.com/cgi-bin/webscr';
my $req->content_type('application/x-www-form-urlencoded');
my $req->content($query);
my $res = $ua->request($req);
 
my $cgi = CGI->new;
my %variable = $cgi->Vars;
 
# assign posted variables to local variables
my $name_first = $variable{'first_name'};
my $name_last = $variable{'last_name'};
my $address_street = $variable{'address_street'};
my $address_city = $variable{'address_city'};
my $payment_status = $variable{'payment_status'};
my $payment_amount = $variable{'mc_gross'};
my $payment_currency = $variable{'mc_currency'};
my $txn_id = $variable{'txn_id'};
my $receiver_email = $variable{'receiver_email'};
my $payer_email = $variable{'payer_email'};

Open in new window

0
 
LVL 48

Expert Comment

by:Tintin
ID: 20337129
You need to get rid of lines 8 and 9 and after line 19 add:

my $url = $cgi->url(-path_info=>1,-query=>1) . '+cmd=_notify-validate';
0
 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 250 total points
ID: 20337136
Just noticed the order of things.  Here's the corrected code:

#!/usr/bin/perl
 
use CGI;
use strict;
use warnings;
 
my $cgi = CGI->new;
my %variable = $cgi->Vars;
 
my $query = $cgi->url(-path_info=>1,-query=>1) . '+cmd=_notify-validate';
 
# post back to PayPal system to validate
use LWP::UserAgent;
my $ua = new LWP::UserAgent;
my $req = new HTTP::Request 'POST','https://www.sandbox.paypal.com/cgi-bin/webscr';
my $req->content_type('application/x-www-form-urlencoded');
my $req->content($query);
my $res = $ua->request($req);
 
 
# assign posted variables to local variables
my $name_first = $variable{'first_name'};
my $name_last = $variable{'last_name'};
my $address_street = $variable{'address_street'};
my $address_city = $variable{'address_city'};
my $payment_status = $variable{'payment_status'};
my $payment_amount = $variable{'mc_gross'};
my $payment_currency = $variable{'mc_currency'};

Open in new window

0
 
LVL 48

Expert Comment

by:Tintin
ID: 20337181
Note that you may need to change

my $query = $cgi->url(-path_info=>1,-query=>1) . '+cmd=_notify-validate';


to

my $query = $cgi->url(-path_info=>1,-query=>1) . '&cmd=_notify-validate';

If Paypal are using the same buggy, broken CGI parsing code they supply in their examples.
0
 
LVL 29

Author Comment

by:matrixnz
ID: 20338682
Hi everyone

Tintin, I tried your code, but wasn't able to retrieve any informaton from PayPal, tried a few changes but still nothing, however while looking over the posts again to get more insight, I noticed FishMongers post
"On the following hash vars, you're using ( ) parens when you should be using { } braces"
So made those changes to the old code and it started working, because of time constraints I'm unable to spend any further time on this, so I'm going to close the question.  I'm going to split the points between you both, thanks so much for your input, it was much appreciated.

Cheers
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been pestered over the years to produce and distribute regular data extracts, and often the request have explicitly requested the data be emailed as an Excel attachement; specifically Excel, as it appears: CSV files confuse (no Red or Green h…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question