5

2 days of non stop searching and I'm coming up blank on an important issue with IAP. We need our server to validate the receipt and the response is always 21002.

On the client I send

NSURL *receiptURL = [[NSBundle mainBundle] appStoreReceiptURL];
NSData *receipt = [NSData dataWithContentsOfURL:receiptURL];
NSDictionary* post = @{@"receipt":[receipt base64EncodedStringWithOptions:0]};
[ServerRequest requestWithUrl:url Callback:nil SendToIM:NO PostData:post];//does standard _POST to our php server

Here is a sandbox receipt as a base64 string before it hits the server

MIIU2gYJKoZIhvcNAQcCoIIUyzCCFMcCAQExCzAJBgUrDgMCGgUAMIIEiwYJKoZIhvcNAQcBoIIEfASCBHgxggR0MAoCAQgCAQEEAhYAMAoCARICAQEEAhYAMAoCARMCAQEEAgwAMAoCARQCAQEEAgwAMAsCAQECAQEEAwIBADALAgELAgEBBAMCAQAwCwIBDgIBAQQDAgFTMAsCAQ8CAQEEAwIBADALAgEQAgEBBAMCAQAwCwIBGQIBAQQDAgEDMAwCAQoCAQEEBBYCNCswDQIBAwIBAQQFDAMwLjYwDQIBDQIBAQQFAgMBEdQwDgIBCQIBAQQGAgRQMjI4MBgCAQQCAQIEEM7oReI9bPs0X/hqFDngWuUwGwIBAAIBAQQTDBFQcm9kdWN0aW9uU2FuZGJveDAcAgEFAgEBBBQ8LF7D7deEfXmQd9NITmWuDFXXkDAeAgEMAgEBBBYWFDIwMTQtMDMtMjFUMTk6NDU6MDhaMCwCAQICAQEEJAwiY29tLmNsaXB3aXJlZ2FtZXMuQ3JpdHRlci1Db25xdWVzdDA4AgEHAgEBBDBrGHw8H08L2bC6tSu08pjZKzOeXY8iNjZxZFrJSPr1QnpwMtHhPd44Lky0BciZY0wwOwIBBgIBAQQz4eLimps057PHKFJAyTiNF4fTO5uWOQQkM1dk2ivH6xnWf3/e8qD+9GzS2HH2qzIzZvonMIIBTAIBEQIBAQSCAUIxggE+MAsCAgasAgEBBAIWADALAgIGrQIBAQQCDAAwCwICBrACAQEEAhYAMAsCAgayAgEBBAIMADALAgIGswIBAQQCDAAwCwICBrQCAQEEAgwAMAsCAga1AgEBBAIMADALAgIGtgIBAQQCDAAwDAICBqUCAQEEAwIBATAMAgIGqwIBAQQDAgEBMAwCAgauAgEBBAMCAQAwDAICBq8CAQEEAwIBADAMAgIGsQIBAQQDAgEAMBICAgamAgEBBAkMB0dlbXM1MDAwGwICBqcCAQEEEgwQMTAwMDAwMDEwNTI3MTk4ODAbAgIGqQIBAQQSDBAxMDAwMDAwMTA1MjcxOTg4MB8CAgaoAgEBBBYWFDIwMTQtMDMtMjFUMTk6NDU6MDhaMB8CAgaqAgEBBBYWFDIwMTQtMDMtMjFUMTU6MTM6NDdaMIIBTAIBEQIBAQSCAUIxggE+MAsCAgasAgEBBAIWADALAgIGrQIBAQQCDAAwCwICBrACAQEEAhYAMAsCAgayAgEBBAIMADALAgIGswIBAQQCDAAwCwICBrQCAQEEAgwAMAsCAga1AgEBBAIMADALAgIGtgIBAQQCDAAwDAICBqUCAQEEAwIBATAMAgIGqwIBAQQDAgEBMAwCAgauAgEBBAMCAQAwDAICBq8CAQEEAwIBADAMAgIGsQIBAQQDAgEAMBICAgamAgEBBAkMB0dlbXM1MDAwGwICBqcCAQEEEgwQMTAwMDAwMDEwNTI5NTk3NDAbAgIGqQIBAQQSDBAxMDAwMDAwMTA1Mjk1OTc0MB8CAgaoAgEBBBYWFDIwMTQtMDMtMjFUMTk6NDU6MDhaMB8CAgaqAgEBBBYWFDIwMTQtMDMtMjFUMTk6NDU6MDhaoIIOVTCCBWswggRToAMCAQICCBhZQyFydJz8MA0GCSqGSIb3DQEBBQUAMIGWMQswCQYDVQQGEwJVUzETMBEGA1UECgwKQXBwbGUgSW5jLjEsMCoGA1UECwwjQXBwbGUgV29ybGR3aWRlIERldmVsb3BlciBSZWxhdGlvbnMxRDBCBgNVBAMMO0FwcGxlIFdvcmxkd2lkZSBEZXZlbG9wZXIgUmVsYXRpb25zIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEwMTExMTIxNTgwMVoXDTE1MTExMTIxNTgwMVoweDEmMCQGA1UEAwwdTWFjIEFwcCBTdG9yZSBSZWNlaXB0IFNpZ25pbmcxLDAqBgNVBAsMI0FwcGxlIFdvcmxkd2lkZSBEZXZlbG9wZXIgUmVsYXRpb25zMRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALaTwrcPJF7t0jRI6IUF4zOUZlvoJze/e0NJ6/nJF5czczJJSshvaCkUuJSm9GVLO0fX0SxmS7iY2bz1ElHL5i+p9LOfHOgo/FLAgaLLVmKAWqKRrk5Aw30oLtfT7U3ZrYr78mdI7Ot5vQJtBFkY/4w3n4o38WL/u6IDUIcK1ZLghhFeI0b14SVjK6JqjLIQt5EjTZo/g0DyZAla942uVlzU9bRuAxsEXSwbrwCZF9el+0mRzuKhETFeGQHA2s5Qg17I60k7SRoq6uCfv9JGSZzYq6GDYWwPwfyzrZl1Kvwjm+8iCOt7WRQRn3M0Lea5OaY79+Y+7Mqm+6uvJt+PiIECAwEAAaOCAdgwggHUMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUiCcXCam2GGCL7Ou69kdZxVJUo7cwTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2RldmVsb3Blci5hcHBsZS5jb20vY2VydGlmaWNhdGlvbmF1dGhvcml0eS93d2RyY2EuY3JsMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQUdXYkomtiDJc0ofpOXggMIr9z774wggERBgNVHSAEggEIMIIBBDCCAQAGCiqGSIb3Y2QFBgEwgfEwgcMGCCsGAQUFBwICMIG2DIGzUmVsaWFuY2Ugb24gdGhpcyBjZXJ0aWZpY2F0ZSBieSBhbnkgcGFydHkgYXNzdW1lcyBhY2NlcHRhbmNlIG9mIHRoZSB0aGVuIGFwcGxpY2FibGUgc3RhbmRhcmQgdGVybXMgYW5kIGNvbmRpdGlvbnMgb2YgdXNlLCBjZXJ0aWZpY2F0ZSBwb2xpY3kgYW5kIGNlcnRpZmljYXRpb24gcHJhY3RpY2Ugc3RhdGVtZW50cy4wKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cuYXBwbGUuY29tL2FwcGxlY2EvMBAGCiqGSIb3Y2QGCwEEAgUAMA0GCSqGSIb3DQEBBQUAA4IBAQCgO/GHvGm0t4N8GfSfxAJk3wLJjjFzyxw+3CYHi/2e8+2+Q9aNYS3k8NwWcwHWNKNpGXcUv7lYx1LJhgB/bGyAl6mZheh485oSp344OGTzBMtf8vZB+wclywIhcfNEP9Die2H3QuOrv3ds3SxQnICExaVvWFl6RjFBaLsTNUVCpIz6EdVLFvIyNd4fvNKZXcjmAjJZkOiNyznfIdrDdvt6NhoWGphMhRvmK0UtL1kaLcaa1maSo9I2UlCAIE0zyLKa1lNisWBS8PX3fRBQ5BK/vXG+tIDHbcRvWzk10ee33oEgJ444XIKHOnNgxNbxHKCpZkR+zgwomyN/rOzmoDvdMIIEIzCCAwugAwIBAgIBGTANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFjAUBgNVBAMTDUFwcGxlIFJvb3QgQ0EwHhcNMDgwMjE0MTg1NjM1WhcNMTYwMjE0MTg1NjM1WjCBljELMAkGA1UEBhMCVVMxEzARBgNVBAoMCkFwcGxlIEluYy4xLDAqBgNVBAsMI0FwcGxlIFdvcmxkd2lkZSBEZXZlbG9wZXIgUmVsYXRpb25zMUQwQgYDVQQDDDtBcHBsZSBXb3JsZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9ucyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMo4VKbLVqrIJDlI6Yzu7F+4fyaRvDRTes58Y4Bhd2RepQcjtjn+UC0VVlhwLX7EbsFKhT4v8N6EGqFXya97GP9q+hUSSRUIGayq2yoy7ZZjaFIVPYyK7L9rGJXgA6wBfZcFZ84OhZU3au0Jtq5nzVFkn8Zc0bxXbmc1gHY2pIeBbjiP2CsVTnsl2Fq/ToPBjdKT1RpxtWCcnTNOVfkSWAyGuBYNweV3RY1QSLorLeSUheHoxJ3GaKWwo/xnfnC6AllLd0KRObn1zeFM78A7SIym5SFd/Wpqu6cWNWDS5q3zRinJ6MOL6XnAamFnFbLw/eVovGJfbs+Z3e8bY/6SZasCAwEAAaOBrjCBqzAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUiCcXCam2GGCL7Ou69kdZxVJUo7cwHwYDVR0jBBgwFoAUK9BpR5R2Cf70a40uQKb3R01/CF4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL3d3dy5hcHBsZS5jb20vYXBwbGVjYS9yb290LmNybDAQBgoqhkiG92NkBgIBBAIFADANBgkqhkiG9w0BAQUFAAOCAQEA2jIAlsVUlNM7gjdmfS5o1cPGuMsmjEiQzxMkakaOY9Tw0BMG3djEwTcV8jMTOSYtzi5VQOMLA6/6EsLnDSG41YDPrCgvzi2zTq+GGQTG6VDdTClHECP8bLsbmGtIieFbnd5G2zWFNe8+0OJYSzj07XVaH1xwHVY5EuXhDRHkiSUGvdW0FY5e0FmXkOlLgeLfGK9EdB4ZoDpHzJEdOusjWv6lLZf3e7vWh0ZChetSPSayY6i0scqP9Mzis8hH4L+aWYP62phTKoL1fGUuldkzXfXtZcwxN8VaBOhr4eeIA0p1npsoy0pAiGVDdd3LOiUjxZ5X+C7O0qmSXnMuLyV1FTCCBLswggOjoAMCAQICAQIwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkFwcGxlIEluYy4xJjAkBgNVBAsTHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDEw1BcHBsZSBSb290IENBMB4XDTA2MDQyNTIxNDAzNloXDTM1MDIwOTIxNDAzNlowYjELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkFwcGxlIEluYy4xJjAkBgNVBAsTHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDEw1BcHBsZSBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JGpCR+R2x5HUOsF7V55hC3rNqJXTFXsixmJ3vlLbPUHqyIwAugYPvhQCdN/QaiY+dHKZpwkaxHQo7vkGyrDH5WeegykR4tb1BY3M8vED03OFGnRyRly9V0O1X9fm/IlA7pVj01dDfFkNSMVSxVZHbOU9/acns9QusFYUGePCLQg98usLCBvcLY/ATCMt0PPD5098ytJKBrI/s61uQ7ZXhzWyz21Oq30Dw4AkguxIRYudNU8DdtiFqujcZJHU1XBry9Bs/j743DN5qNMRX4fTGtQlkGJxHRiCxCDQYczioGxMFjsWgQyjGizjx3eZXP/Z15lvEnYdp8zFGWhd5TJLQIDAQABo4IBejCCAXYwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFCvQaUeUdgn+9GuNLkCm90dNfwheMB8GA1UdIwQYMBaAFCvQaUeUdgn+9GuNLkCm90dNfwheMIIBEQYDVR0gBIIBCDCCAQQwggEABgkqhkiG92NkBQEwgfIwKgYIKwYBBQUHAgEWHmh0dHBzOi8vd3d3LmFwcGxlLmNvbS9hcHBsZWNhLzCBwwYIKwYBBQUHAgIwgbYagbNSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBwcmFjdGljZSBzdGF0ZW1lbnRzLjANBgkqhkiG9w0BAQUFAAOCAQEAXDaZTC14t+2Mm9zzd5vydtJ3ME/BH4WDhRuZPUc38qmbQI4s1LGQEti+9HOb7tJkD8t5TzTYoj75eP9ryAfsfTmDi1Mg0zjEsb+aTwpr/yv8WacFCXwXQFYRHnTTt4sjO0ej1W8k4uvRt3DfD0XhJ8rxbXjt57UXF6jcfiI1yiXV2Q/Wa9SiJCMR96Gsj3OBYMYbWwkvkrL4REjwYDieFfU9JmcgijNq9w2Cz97roy/5U2pbZMBjM3f3OgcsVuvaDyEO2rpzGU+12TZ/wYdV2aeZuTJC+9jVcZ5+oVK3G72TQiQSKscPHbZNnF5jyEuAF1CqitXa5PzQCQc3sHV1ITGCAcswggHHAgEBMIGjMIGWMQswCQYDVQQGEwJVUzETMBEGA1UECgwKQXBwbGUgSW5jLjEsMCoGA1UECwwjQXBwbGUgV29ybGR3aWRlIERldmVsb3BlciBSZWxhdGlvbnMxRDBCBgNVBAMMO0FwcGxlIFdvcmxkd2lkZSBEZXZlbG9wZXIgUmVsYXRpb25zIENlcnRpZmljYXRpb24gQXV0aG9yaXR5AggYWUMhcnSc/DAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIIBAGDp7QPCFzo+Q6jqSoqrEnYd+2JKJ+FHsHjG/JHUS4P7PQISJ7ckRTsA+DGqf87KXF0c6+GMBnpJkpGFQoV6WLEgpM019B1ch+BBtol/WJr2JdZAlXbmzX6+tSx9Uc0lpGR232yx1mM2lgpkZZSNjAFNDeKsjFU9cTiB0dVxLX3teFFU50Nm4DuEqXYqUs4nQ8z9693kgdWKSUBuADB7lbEOqeODs9nS0rxEoQW4HCgto6Uy226AeLZns3NOMsAoR5cXf5hLhyg+mBo+leuNoMWzRFRMDbUQiwe0dsucS4IpdbSJmhAgv4ETCNupB4OzvIdRBNf3ySR+GZ5FDbM9T9Y=

On the server

$postData = json_encode(
            array('receipt-data' => $receipt));

//standard cURL post and get from Apple Sandbox Server

I've read every example and forum post on this and can't seem to get this working.

My best guess was that I was encoding my receipt wrong but I've tried every format option and I always get 21002 back (on my server).

Is there something I'm missing here? Basically I'm trying to: 1. Send the NSData receipt as a string to the server 2. Have my server ping Apple server 3. Process valid or invalid receipt issues

It seems my step 1 is wrong but Im not sure. Am I wrong using base64encode to send the receipt data?

Is there something on my server I need to do to preserve the format?

Any and all advice greatly appreciated.

Update:

Here is the code I used to send it to the server (which is currently clipping the + in the hash code once it hits the server)

for (NSString* k in _post)       
{            
    postDataStr = [NSString stringWithFormat:@"%@&%@=%@", postDataStr,k,_post[k]];      
}

_req = [NSMutableURLRequest requestWithURL:_url cachePolicy:nil timeoutInterval:15.0f];    
[_req setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];    
[_req setHTTPMethod:@"POST"];    
[_req setHTTPBody:[postDataStr dataUsingEncoding:NSUTF8StringEncoding]];

ANSWER:

The + was getting removed from my string when being sent to server. I was not doing proper URL encoding. I replaced + with %2B and it works now

Bijington
  • 3,661
  • 5
  • 35
  • 52
Aggressor
  • 13,323
  • 24
  • 103
  • 182
  • Are you getting NULL values on the Server 2 ? – Navneet Singh Mar 21 '14 at 20:01
  • The base64 string does make it 'sucessfully' to the server and its the same as what was sent. – Aggressor Mar 21 '14 at 20:04
  • Convert it to the Hex on both sides then Check , I'm sure encoding added some NULL bytes. Check php bin2hex function – Navneet Singh Mar 21 '14 at 20:05
  • Are you encoding the Image data in to Base64 ? – Navneet Singh Mar 21 '14 at 20:08
  • Yes. I feel there might be extra characters being added! Between what you've suggested and the below post Ill double check no extra chars are some how sneaking in! – Aggressor Mar 24 '14 at 14:15
  • Try this $jsonData = trim($jsonData, "\x0"); – Navneet Singh Mar 25 '14 at 07:59
  • 1
    May I ask, From your answer: where did you replace + with %2B and how, Thanks – majorl3oat May 14 '14 at 03:13
  • 2
    @majorl3oat, you need to replace the + with %2B before sending the request to your server. I also had to remove '\n' and \r' to get it to work. `receiptDataString=[receiptDataString stringByReplacingOccurrencesOfString:@"+" withString:@"%2B"]; receiptDataString=[receiptDataString stringByReplacingOccurrencesOfString:@"\n" withString:@""]; receiptDataString=[receiptDataString stringByReplacingOccurrencesOfString:@"\r" withString:@""];` – null Jul 07 '14 at 01:47
  • 1
    Perfect! Turned out I had the same problem, when I sent the Base64 string to my server the +:es were replaced by spaces. – Jonny Jul 01 '15 at 08:27

3 Answers3

0

It seems clear that something is going wrong on your server side. I plugged your receipt data into my server API and get the following validated receipt. Try this example PHP server side code iOS7 - receipts not validating at sandbox - error 21002 (java.lang.IllegalArgumentException).

{
   "status":0,
   "environment":"Sandbox",
   "receipt":{
      "receipt_type":"ProductionSandbox",
      "adam_id":0,
      "bundle_id":"<<snip>>",
      "application_version":"0.6",
      "download_id":0,
      "request_date":"2014-03-23 17:38:03 Etc\/GMT",
      "request_date_ms":"1395596283823",
      "request_date_pst":"2014-03-23 10:38:03 America\/Los_Angeles",
      "in_app":[
         {
            "quantity":"1",
            "product_id":"Gems500",
            "transaction_id":"1000000105271988",
            "original_transaction_id":"1000000105271988",
            "purchase_date":"2014-03-21 19:45:08 Etc\/GMT",
            "purchase_date_ms":"1395431108000",
            "purchase_date_pst":"2014-03-21 12:45:08 America\/Los_Angeles",
            "original_purchase_date":"2014-03-21 15:13:47 Etc\/GMT",
            "original_purchase_date_ms":"1395414827000",
            "original_purchase_date_pst":"2014-03-21 08:13:47 America\/Los_Angeles",
            "is_trial_period":"false"
         },
         {
            "quantity":"1",
            "product_id":"Gems500",
            "transaction_id":"1000000105295974",
            "original_transaction_id":"1000000105295974",
            "purchase_date":"2014-03-21 19:45:08 Etc\/GMT",
            "purchase_date_ms":"1395431108000",
            "purchase_date_pst":"2014-03-21 12:45:08 America\/Los_Angeles",
            "original_purchase_date":"2014-03-21 19:45:08 Etc\/GMT",
            "original_purchase_date_ms":"1395431108000",
            "original_purchase_date_pst":"2014-03-21 12:45:08 America\/Los_Angeles",
            "is_trial_period":"false"
         }
      ]
   }
}
Community
  • 1
  • 1
Chris Prince
  • 7,288
  • 2
  • 48
  • 66
  • Thanks Ill take another double look! – Aggressor Mar 24 '14 at 14:14
  • Here is the code I am using to send data. Is there any issue you can see or is there an example of how you are sending your raw base64 string I could see? `for (NSString* k in _post) { postDataStr = [NSString stringWithFormat:@"%@&%@=%@", postDataStr,k,_post[k]]; } _req = [NSMutableURLRequest requestWithURL:_url cachePolicy:nil timeoutInterval:15.0f]; [_req setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"]; [_req setHTTPMethod:@"POST"]; [_req setHTTPBody:[postDataStr dataUsingEncoding:NSUTF8StringEncoding]]; ` – Aggressor Mar 24 '14 at 15:15
  • My is code not saving the + marks between spaces. I did a string compare and for whatever reason my code is removing + marks! Hm.. – Aggressor Mar 24 '14 at 15:33
  • Please put your code in your question. It's hard to read there. – Chris Prince Mar 25 '14 at 03:53
  • try $jsonData = trim($jsonData, "\x0"); – Navneet Singh Mar 25 '14 at 07:58
0

Here is the code I use to send the receipt directly to the Apple servers. 

NSURL *receiptURL = [[NSBundle mainBundle] appStoreReceiptURL];
NSData *receiptData = [NSData dataWithContentsOfURL:receiptURL];
[self checkTransactionWithAppleUseProduction:productionWebsite andData:receiptData];
NSString *string64=[receiptData base64EncodedStringWithOptions:kNilOptions];
NSString *payload = [NSString stringWithFormat:@"{\"receipt-data\" : \"%@\"}",string64];
NSData *payloadData = [payload dataUsingEncoding:NSUTF8StringEncoding];
NSString *serverURL;
if(productionWebsite)serverURL= @"https://buy.itunes.apple.com/verifyReceipt"; 
if(!productionWebsite)serverURL=@"https://sandbox.itunes.apple.com/verifyReceipt";
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:serverURL]];
[request setHTTPMethod:@"POST"];
[request setHTTPBody:payloadData];
NSURLConnection *conn = [[NSURLConnection alloc] initWithRequest:request delegate:self];
[conn start];
Peter B. Kramer
  • 16,385
  • 1
  • 16
  • 20
  • Interesting, you send the receipt data as a whole object (I sent just the base64 string and made the json on the server). – Aggressor Apr 01 '14 at 14:07
  • I am sending/receiving directly to/from https://buy.itunes.apple.com/verifyReceipt not to a server intermediary. – Peter B. Kramer Apr 08 '14 at 19:56
  • How can you do that Peter, apple strictly says "It is not possible to build a trusted connection between a user’s device and the App Store directly because you don’t control either end of that connection." – Ranjit Mar 30 '15 at 11:04
-3

I don't know much about the iOS code.

I do however know a lot of about PHP. I'm assuming your server side code is more than the snippet provided here? I'm not sure on the usage of json_encode? Also what is $receipt and what uses $postData?

craigjbass
  • 15
  • 3