Solved

Perl: PayPal IPN Response is Invalid -- returns HTTP::Response=HASH(....

Posted on 2011-02-14
9
2,058 Views
Last Modified: 2013-12-25

I'm integrating PayPal into our web store.
We send people to PayPal where they pay.
Then PayPal Sends us an IPN (Instant Payment Notification), that contains data about the payment.
We have a 'Listerner' program that receives the IPN.
When we receive the IPN, we are supposed to POST the data back to PayPal for validation.

PayPal Provided some code in Perl for this.
I used the code provided by PayPal, and integrated it into my page.
 
Here is some of the code in the 'Listener' program:
--------------------------------------------------------------------------
use LWP::Protocol::http;
use LWP::UserAgent;

$payPalTestMode = 1;

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
$query = $buffer;

&writePayPalIpnLog("IPN RECEIVED: ".$query);
     
$query .= '&cmd=_notify-validate';

# post back to PayPal system to validate
$ua = new LWP::UserAgent;
if ($payPalTestMode){
$req = new HTTP::Request 'POST','https://www.sandbox.paypal.com/cgi-bin/webscr';
}else{
  $req = new HTTP::Request 'POST','https://www.paypal.com/cgi-bin/webscr';
}
$req->content_type('application/x-www-form-urlencoded');
$req->content($query);
$res = $ua->request($req);
 
&writePayPalIpnLog("Validation Response ".$res);

-------------------------------------------------------------------------------

From my log file, I can see that I received the IPN from PayPal.
And I also log the response I get back from the POST that is sent.
The response I get back is like: HTTP::Response=HASH(0x9251de4)
(It should be VERIFIED or INVALID.)

I used PayPal's IPN simulator to send an IPN to my Listener program.
If I Post the response back to PayPal, then the following message is displayed by the IPN simulator:
"IPN delivery failed. HTTP error code 502: Bad Gateway"

If I do not POST back to PayPal, then the IPN simulator displays:
"IPN successfully sent."

So it appears that something about the POST is not working right. But I don't know what it could be.

I'll appreciate any help in this.
0
Comment
Question by:George
  • 4
  • 4
9 Comments
 
LVL 16

Accepted Solution

by:
sjklein42 earned 250 total points
ID: 34893763
Try making the validate request with HTTP, not HTTPS.
0
 

Author Comment

by:George
ID: 34894662
Thanks for that idea. It seems logical.  I changed it to http and tried testing it. But PayPal's Sandbox seems to be down now. ( probably down for maintenance at midnight.)  I'll test it tomorrow. PayPal's docs say to use https, but i've found several other mistakes in their docs. :)
0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34902991
Did it work using HTTP?
0
 

Author Comment

by:George
ID: 34930326
It did not work using HTTP.  I get the same response.  Darn.

 ( Sorry for delay - had to complete an important deadline.)

 Could it be an SSL issue or a Firewall issue?  
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 16

Expert Comment

by:sjklein42
ID: 34930603
To help debug, you are welcome to change the destination URL of the POSTfrom PayPal site to http://www.sjklein.com/dumpParms.pl to see what you are really sending.

If you'd like the sources to dumpParms.pl see:

http://www.experts-exchange.com/Programming/Languages/Scripting/Perl/Q_26823069.html
0
 
LVL 25

Assisted Solution

by:clockwatcher
clockwatcher earned 250 total points
ID: 34934300
The reason that you're getting "HTTP::Response=HASH(0x9251de4)" with this:

  &writePayPalIpnLog("Validation Response ".$res);

Is that you're outputting the response object.  You should be using $res->content (or $res->as_string if you want to include the headers in the output) to show what was actually in the response.

  &writePayPalIpnLog("Validation Response ".$res->content);

That doesn't explain the bad gateway problem that you're seeing in your IPN but the actual response content may help explain what is going wrong with your request.


0
 
LVL 16

Expert Comment

by:sjklein42
ID: 34934313
clockwatcher,

I think you got it.
0
 

Author Closing Comment

by:George
ID: 34957329
I appreciate your help!
0
 

Author Comment

by:George
ID: 34957360
First, I tried changing the post-back method from https to http.  I still got a response of HASH(...).
So I changed the method back to https.
Then I changed:
       &writePayPalIpnLog("Validation Response ".$res);
TO:  &writePayPalIpnLog("Validation Response ".$res->content);
Now I could see the response, which was that https was not supported.
So I changed to http, and received a 'VERIFIED' response. (Yea!)

However, PayPal is still sending me IPN messages.  I looked at their IPN History page, and they state that they received a 502 bad gateway response from my original IPN -- even though they verified the post-back.  It appears that the program that receives the post-back does not update their database that the IPN was received.  So now I need to solve that problem.  I'll try working with PayPal first, and if cannot get it resolved, I'll open another ticket.

Thanks for your help!


0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

In the distant past (last year) I hacked together a little toy that would allow a couple of Manager types to query, preview, and extract data from a number of MongoDB instances, to their tool of choice: Excel (http://dilbert.com/strips/comic/2007-08…
This article will show, step by step, how to integrate R code into a R Sweave document
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now