?
Solved

Unable to parse Variables with PayPal IPN script

Posted on 2007-11-22
8
Medium Priority
?
1,207 Views
Last Modified: 2008-02-01
Hello everyone

I'm currently trying to modify a simple PayPal IPN script to send me more details about customers transactions, the problem I'm having is when I try to assign variables to local variables the script fails if I attempt to use the variable $address_street.  There are no errors the script just doesn't send an email, if I remove the $address_street then it all works fine.  Now from what I can gather it has something to do with some of the characters within the address_street variable. for example:

address_street=39+Jackson+Avenue%0D%0ATristam+Downs

Does anyone have any thoughts on how to resolve this.

Cheers
#!/usr/bin/perl
 
# read post from PayPal system and add 'cmd'
read (STDIN, $query, $ENV{'CONTENT_LENGTH'});
$query .= '&cmd=_notify-validate';
 
# post back to PayPal system to validate
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$req = new HTTP::Request 'POST','https://www.sandbox.paypal.com/cgi-bin/webscr';
$req->content_type('application/x-www-form-urlencoded');
$req->content($query);
$res = $ua->request($req);
 
# split posted variables into pairs
@pairs = split(/&/, $query);
$count = 0;
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$variable{$name} = $value;
$count++;
}
 
# assign posted variables to local variables
$name_first = $variable('first_name');
$name_last = $variable('last_name');
$address_street = $variable('address_street');
$address_city = $variable('address_city');
$payment_status = $variable{'payment_status'};
$payment_amount = $variable{'mc_gross'};
$payment_currency = $variable{'mc_currency'};
$txn_id = $variable{'txn_id'};
$receiver_email = $variable{'receiver_email'};
$payer_email = $variable{'payer_email'};
 
#assign variables for email 
$status = $res->content;
 
if ($res->is_error) {
# HTTP error
}
elsif ($res->content eq 'VERIFIED') {
# check the $payment_status=Completed
# check that $txn_id has not been previously processed
# check that $receiver_email is your Primary PayPal email
# check that $payment_amount/$payment_currency are correct
# process payment
 
open (MAIL, "|/usr/sbin/sendmail -t -oeq") || die("Could not send
email.\n");
    print MAIL "To: payment\@mydomain.co.nz \n";
    print MAIL "From: paypal\@mydomain.co.nz \n";
    print MAIL "Subject: Payment Verification\n\n";
    print MAIL "$name_first \n";
    print MAIL "$name_last \n";
    print MAIL "$address_street \n";
    print MAIL "$address_city \n";
    print MAIL "$payment_status \n";
    print MAIL "$payment_amount \n";
    print MAIL "$payment_currency \n";
    print MAIL "$txn_id \n";
    print MAIL "$receiver_email \n";
    print MAIL "$payer_email \n";
 
close (MAIL);
 
}
elsif ($res->content eq 'INVALID') {
# log for manual investigation
 
open (MAIL, "|/usr/sbin/sendmail -t -oeq") || die("Could not send
email.\n");
    print MAIL "To: payment\@mydomain.co.nz \n";
    print MAIL "From: paypal\@mydomain.co.nz \n";
    print MAIL "Subject: INVALID IPN Notification\n\n";
    print MAIL "IPN returned: $status\n\n";
    print MAIL "Here is the raw IPN string:\n";
    print MAIL "$query\n";
 
close (MAIL);
 
}
else {
# error
}
print "content-type: text/plain\n\n";

Open in new window

0
Comment
Question by:matrixnz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 9

Expert Comment

by:Suhas .
ID: 20334734

# split posted variables into pairs
@pairs = split(/&/, $query);
$count = 0;
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
######## add the below line and try ######################
$value =~ tr/%//; #translate the % symbol to blank space in address
#############################
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$variable{$name} = $value;
$count++;
}

0
 
LVL 28

Accepted Solution

by:
FishMonger earned 1000 total points
ID: 20335578
You should be using the CGI module to read and parse the post submission.  You also should be using the warnings and strict pragma and declare your vars with the my keyword.

On the following hash vars, you're using ( ) parens when you should be using { } braces

$name_first = $variable('first_name');
$name_last = $variable('last_name');
$address_street = $variable('address_street');
$address_city = $variable('address_city');

#!/usr/bin/perl
 
use CGI; 
use strict;
use warnings;
 
# read post from PayPal system and add 'cmd'
my $cgi = CGI->new;
my %variable = $cgi->Vars;
 
# assign posted variables to local variables
my $name_first = $variable{'first_name'};
my $name_last = $variable{'last_name'};
my $address_street = $variable{'address_street'};
my $address_city = $variable{'address_city'};
my $payment_status = $variable{'payment_status'};
my $payment_amount = $variable{'mc_gross'};
my $payment_currency = $variable{'mc_currency'};
my $txn_id = $variable{'txn_id'};
my $receiver_email = $variable{'receiver_email'};
my $payer_email = $variable{'payer_email'};

Open in new window

0
 
LVL 48

Expert Comment

by:Tintin
ID: 20336685
Classic example of a roll your own CGI parsing code that doesn't work properly.

FishMonger's code should work perfectly.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 29

Author Comment

by:matrixnz
ID: 20337006
Hi everyone

Thanks for your input.

suhasbharadwaj I tried changing the code but it still didn't work unfortunately.

FishMonger, Tintin this code is actually directly from PayPal, the only change is the To and From email addresses.  At a glance the script won't verify the transaction from PayPal is that correct?  From my limited understanding of PayPals IPN, on completion the customer is returned to a predefined URL in this case paypal.pl (this script) then it appends cmd=_notify-validate to the returned variables and sends this to PayPal, PayPal then returns a Verified or Invalid back to the script depending on the customers transaction.  If the transaction is Verified then it processes the Verified Email otherwise the Invalid Email.  So to enable the return to PayPal would I just need the following?

Cheers
#!/usr/bin/perl
 
use CGI; 
use strict;
use warnings;
 
# read post from PayPal system and add 'cmd'
read (STDIN, $query, $ENV{'CONTENT_LENGTH'});
my $query .= '&cmd=_notify-validate';
 
# post back to PayPal system to validate
use LWP::UserAgent;
my $ua = new LWP::UserAgent;
my $req = new HTTP::Request 'POST','https://www.sandbox.paypal.com/cgi-bin/webscr';
my $req->content_type('application/x-www-form-urlencoded');
my $req->content($query);
my $res = $ua->request($req);
 
my $cgi = CGI->new;
my %variable = $cgi->Vars;
 
# assign posted variables to local variables
my $name_first = $variable{'first_name'};
my $name_last = $variable{'last_name'};
my $address_street = $variable{'address_street'};
my $address_city = $variable{'address_city'};
my $payment_status = $variable{'payment_status'};
my $payment_amount = $variable{'mc_gross'};
my $payment_currency = $variable{'mc_currency'};
my $txn_id = $variable{'txn_id'};
my $receiver_email = $variable{'receiver_email'};
my $payer_email = $variable{'payer_email'};

Open in new window

0
 
LVL 48

Expert Comment

by:Tintin
ID: 20337129
You need to get rid of lines 8 and 9 and after line 19 add:

my $url = $cgi->url(-path_info=>1,-query=>1) . '+cmd=_notify-validate';
0
 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 1000 total points
ID: 20337136
Just noticed the order of things.  Here's the corrected code:

#!/usr/bin/perl
 
use CGI;
use strict;
use warnings;
 
my $cgi = CGI->new;
my %variable = $cgi->Vars;
 
my $query = $cgi->url(-path_info=>1,-query=>1) . '+cmd=_notify-validate';
 
# post back to PayPal system to validate
use LWP::UserAgent;
my $ua = new LWP::UserAgent;
my $req = new HTTP::Request 'POST','https://www.sandbox.paypal.com/cgi-bin/webscr';
my $req->content_type('application/x-www-form-urlencoded');
my $req->content($query);
my $res = $ua->request($req);
 
 
# assign posted variables to local variables
my $name_first = $variable{'first_name'};
my $name_last = $variable{'last_name'};
my $address_street = $variable{'address_street'};
my $address_city = $variable{'address_city'};
my $payment_status = $variable{'payment_status'};
my $payment_amount = $variable{'mc_gross'};
my $payment_currency = $variable{'mc_currency'};

Open in new window

0
 
LVL 48

Expert Comment

by:Tintin
ID: 20337181
Note that you may need to change

my $query = $cgi->url(-path_info=>1,-query=>1) . '+cmd=_notify-validate';


to

my $query = $cgi->url(-path_info=>1,-query=>1) . '&cmd=_notify-validate';

If Paypal are using the same buggy, broken CGI parsing code they supply in their examples.
0
 
LVL 29

Author Comment

by:matrixnz
ID: 20338682
Hi everyone

Tintin, I tried your code, but wasn't able to retrieve any informaton from PayPal, tried a few changes but still nothing, however while looking over the posts again to get more insight, I noticed FishMongers post
"On the following hash vars, you're using ( ) parens when you should be using { } braces"
So made those changes to the old code and it started working, because of time constraints I'm unable to spend any further time on this, so I'm going to close the question.  I'm going to split the points between you both, thanks so much for your input, it was much appreciated.

Cheers
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Microsoft Windows, if  when you click or type the name of a .pl file, you get an error "is not recognized as an internal or external command, operable program or batch file", then this means you do not have the .pl file extension associated with …
There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question