|
Rank: Starting Member
Groups: Registered
Joined: 6/16/2011
Posts: 2
Location: United Kingdom
|
Hi Hope I can get help on this here. I understand the principle of the IPN listener and have a file that correctly receives an IPN, but I'm struggling to get it to verify. Using a sandbox account, I can dump all incoming $ipn_post_data into a text file log and see that I'm receiving. code so far.... Code:
<?php
require_once('Connections/skinnerandhyde.php');
//GET IPN DATA----------------------------------------------------------------------------------------------------------
//wait for post
$ipn_post_data = $_POST;
//VERIFICATION----------------------------------------------------------------------------------------------------------
// Choose url
if(array_key_exists('test_ipn', $ipn_post_data) && 1 === (int) $ipn_post_data['test_ipn'])//if test_ipn is 1 it is a sandbox request.
$url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
else
$url = 'https://www.paypal.com/cgi-bin/webscr';
// Set up request to PayPal
$request = curl_init();
curl_setopt_array($request, array
(
CURLOPT_URL => $url,
CURLOPT_POST => TRUE,
CURLOPT_POSTFIELDS => http_build_query(array('cmd' => '_notify-validate') + $ipn_post_data),
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_HEADER => FALSE,
CURLOPT_SSL_VERIFYPEER => TRUE,
CURLOPT_CAINFO => 'cacert.pem',
));
// Execute request and get response and status code
$response = curl_exec($request);
$status = curl_getinfo($request, CURLINFO_HTTP_CODE);
// Close connection
curl_close($request);
//dump content to text file (testing)
file_put_contents('ipn_log.txt', json_encode($ipn_post_data).PHP_EOL, FILE_APPEND);
if($status == 200 && $response == 'VERIFIED')
{
// All good! Proceed...
file_put_contents('ipn_log.txt', 'response is verified'.PHP_EOL, FILE_APPEND);
//Confirm that the payment status is Completed.
//PayPal sends IPN messages for pending and denied payments as well,
//so don’t ship stuff or anything until the payment has cleared.
if($ipn_post_data[payment_status]=="Completed"){
$ipn_payment_date = $ipn_post_data[payment_date];
$ipn_trans_id = $ipn_post_data[txn_id];
$ipn_trans_data = $ipn_post_data[payer_email];
mysql_select_db($database_skinnerandhyde, $skinnerandhyde);
$log_sql = "INSERT INTO ipn_log (trans_time, trans_id, trans_data), VALUES ($ipn_payment_date, $ipn_trans_id, $ipn_trans_data)";
$log_result = mysql_query($log_sql, $skinnerandhyde) or die(mysql_error());
//Use the transaction ID to verify that the transaction has not already been processed.
//This prevents you from processing the same transaction twice.
//You can for example store the transaction id in a database and check against those before you do anything with incoming IPNs.
//If you’re smart you could also store the time the IPN came in and the raw IPN data.
//This way you have a log of all incoming messages you can use if you need to reprocess something or for debugging if something weird is going on.
}
//Use the transaction ID to verify that the transaction has not already been processed.
//This prevents you from processing the same transaction twice.
//You can for example store the transaction id in a database and check against those before you do anything with incoming IPNs.
//If you’re smart you could also store the time the IPN came in and the raw IPN data.
//This way you have a log of all incoming messages you can use if you need to reprocess something or for debugging if something weird is going on.
//Make sure the receiver’s email address is the one you expected.
//Make sure the price, item description, et cetera, match what it should be.
}
else
{
// Not good. Ignore, or log for investigation...
file_put_contents('ipn_log.txt', 'response is not verified'.PHP_EOL, FILE_APPEND);
mysql_select_db($database_skinnerandhyde, $skinnerandhyde);
$log_sql = "INSERT INTO ipn_log (trans_data), VALUES ('not verified')";
$log_result = mysql_query($log_sql, $skinnerandhyde) or die(mysql_error());
}
//FIX CHARACTER SET-----------------------------------------------------------------------------------------------------
if(array_key_exists('charset', $ipn_data) && ($charset = $ipn_data['charset']))
{
// Ignore if same as our default
if($charset == 'utf-8')
return;
// Otherwise convert all the values
foreach($ipn_data as $key => &$value)
{
$value = mb_convert_encoding($value, 'utf-8', $charset);
}
// And store the charset values for future reference
$ipn_data['charset'] = 'utf-8';
$ipn_data['charset_original'] = $charset;
}
?>
I am an intermediate php programmer, so go easy on me. As you can see, I'm purely trying to use the if($status == 200 && $response == 'VERIFIED') - but the response is obviously not good and I'm getting 'response not verified' in my log. I also think my fix charatcer set is in the wrong place? Shouldn't it be when the response is verified?? Any pointers as to where I'm going wrong?? Rich
|
|
Rank: Starting Member
Groups: Registered
Joined: 6/16/2011
Posts: 2
Location: United Kingdom
|
Well - what a useful forum!
|
