1

Hi I know that there are many questions already in SO related to my problem but I have not got solution from any of them. I have implemented paypal. It is working well. Now I want to implement ipn in my paypal implementation. I have searched through and found some code. I have implemented that but I am getting invalid ipn. I can get all details from paypal transaction but for ipn it is always invalid. I have used following code in DoExpressCheckoutPayment.php file

$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
    $value = urlencode(stripslashes($value));
    $req .= "&$key=$value";
}

// post back to PayPal system to validate

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";

// If testing on Sandbox use: 
$header .= "Host: www.sandbox.paypal.com:443\r\n";
//$header .= "Host: www.paypal.com:443\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

// If testing on Sandbox use:
//$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
$fp =fsockopen('ssl://www.sandbox.paypal.com',443,$err_num,$err_str,30);
echo('<br>'.$req);
// assign posted variables to local variables
/*$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];*/

if (!$fp)
{
    echo(' HTTP ERROR');
}
else
{
    fputs ($fp, $header . $req);
    while (!feof($fp))
    {
        $res = fgets ($fp, 1024);
        echo('<br> res is '.$res);
    if (strcmp ($res, "VERIFIED") == 0)
    {
        // check the payment_status is Completed
        // check that txn_id has not been previously processed
        // check that receiver_email is your Primary PayPal email
        // check that payment_amount/payment_currency are correct
        // process payment

        $mail_From = "From: me@mybiz.com";
        $mail_To = "xxxx@gmail.com";
        $mail_Subject = "VERIFIED IPN";
        $mail_Body = $req;
        foreach ($_SESSION as $key => $value)
        {
            $emailtext .= $key . " = " .$value ."\n\n";
        }
        if(mail($mail_To, $mail_Subject, $emailtext . "\n\n" . $mail_Body, $mail_From))
        echo('<br>mail 1 sent');
        else
        echo('<br>mail1 not sent');
    }
    else if (strcmp ($res, "INVALID") == 0)
    {
        // log for manual investigation
        $mail_From = "From: me@mybiz.com";
        $mail_To = "xxx@gmail.com";
        $mail_Subject = "INVALID IPN";
        $mail_Body = $req;
        foreach ($_SESSION as $key => $value)
        {
            $emailtext .= $key . " = " .$value ."\n\n";
        }
        if(mail($mail_To, $mail_Subject, $emailtext . "\n\n" . $mail_Body, $mail_From))
        echo('<br>mail sent');
        else
        echo('<br>not sent');
    }
}
fclose ($fp);
}

I am setting notify_url in other file which is directing to this file like this

&lt;input type="hidden" name="notify_url" value="http://www.mysite.com/paypal/DoExpressCheckoutPayment.php"/>

I am getting the following email:

**notify_url = http://www.mysite.com/paypal/DoExpressCheckoutPayment.php
cmd=_notify-validate&notify_url=http%3A%2F%2Fwww.mysite.com%2Fpaypal%2FDoExpressCheckoutPayment.php**

One thing that I have notice that I am not getting any thing from $_POST. My $_POST is empty. Please tell me where I am wrong. Thanks

hakre
  • 193,403
  • 52
  • 435
  • 836
Awais Qarni
  • 17,492
  • 24
  • 75
  • 137
  • What is not working? Stuff like this can rarely be sorted by looking at the code, but by debugging in the live environment. – Pekka Mar 19 '11 at 09:09
  • have you been to your paypay profile and set the ipn to on? https://www.paypal.com/cgi-bin/customerprofileweb?cmd=_profile-ipn-notify – Lawrence Cherone Mar 19 '11 at 09:11
  • @Awais - Try putting the email function outside of the Valid/Invalid statements and send yourself the `$req` string received from PP. Then you can check out why it is not being processed correctly. – Kit Mar 19 '11 at 09:34
  • @pekka. I am getting the email of invalid ipn – Awais Qarni Mar 19 '11 at 09:34
  • @Lawrence Cherone I have Enabled it but still it is invalid – Awais Qarni Mar 19 '11 at 09:37
  • @Awais - Right. Are there any missing variables that should be there? You could paste the contents here: http://pastebin.com/ Also, you are sending the IPN from the sandbox IPN tester right? – Kit Mar 19 '11 at 09:38
  • @Christopher. Yup I am sending from sandbox. One thing I want to know that If I get invalid IPN, then What does it means? – Awais Qarni Mar 19 '11 at 09:45
  • 1
    @Awais - Your script sends back a sting of data containing all of the IPN variables sent by PP. PP then sends back either a Valid or Invalid response to say whether of not the data you received was a legitimate payment. Could you paste the contents of your Invalid email in pastebin.com? – Kit Mar 19 '11 at 10:10
  • @Christopher. I have Pasted at http://pastebin.com/iH5WJS9c. – Awais Qarni Mar 19 '11 at 10:17
  • @Christopher One thing that I have now noticed that I am not getting any thing from POST. My post is empty..... – Awais Qarni Mar 19 '11 at 10:18

2 Answers2

1

Try this code here. It is slightly different to the one you used above. It works for me.

    <?php
    $req = 'cmd=_notify-validate';

    foreach ($_POST as $key => $value) {
           $value = urlencode(stripslashes($value));
           $req .= "&$key=$value";
        }

    // post back to PayPal system to validate
    $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
    $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
    $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
    $fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);

    // assign posted variables to local variables
    $item_name          = $_POST['item_name'];
    $item_number        = $_POST['item_number'];
    $payment_status     = $_POST['payment_status'];
    $payment_amount     = $_POST['mc_gross'];
    $payment_currency   = $_POST['mc_currency'];
    $txn_id             = $_POST['txn_id'];
    $receiver_email     = $_POST['receiver_email'];
    $payer_email        = $_POST['payer_email'];

    if (!$fp) {

        // HTTP ERROR

    } else {
        fputs ($fp, $header . $req);
            while (!feof($fp)) {
            $res = fgets ($fp, 1024);
            if (strcmp ($res, "VERIFIED") == 0) {
                //Process Order
            }else if (strcmp ($res, "INVALID") == 0) {
                //Send Email To You 
            }
        }

        fclose ($fp);
    }
    ?>
Kit
  • 4,095
  • 7
  • 39
  • 62
  • @Christopher. But dude there is nothing in post.... $_POST is empty. Ok tell me one thing that the values in $_POST is set by the PP or by me? If it is set by PP then I am not getting any thing. IF it is set by me then please tell me where to set these? – Awais Qarni Mar 19 '11 at 10:22
  • Does the invalid email you receive contain the contents of the `$req` string? – Kit Mar 19 '11 at 10:23
  • yup it is having and that is **cmd=_notify-validate&notify_url=http%3A%2F%2Fwww.mysite.com/paypal%2FDoExpressCheckoutPayment.php** – Awais Qarni Mar 19 '11 at 10:25
  • Afraid I'm not too sure.. Last things I can think of is to make sure you are sending the correct IPN from the IPN tester. Also, are you trying to send it to your localhost? – Kit Mar 19 '11 at 10:33
  • @Christopher. Tried your code but it is not having any post data. and having the same response – Awais Qarni Mar 19 '11 at 10:33
  • @Christopher not from localhost. It is online. What do you mean by Correct IPN from IPN Tester??? – Awais Qarni Mar 19 '11 at 10:35
  • @Awais - Sorry ignore my comment about the 'correct IPN'. I'm afraid I cannot duplicate the error you are having. I have just tested the above code with the simulator, which included an email to me with the $req string. It worked fine. Could be caused by a firewall on your server blocking HTTP posts from PP. – Kit Mar 19 '11 at 10:44
  • @Christopher dude how to implement recurring payments through paypal. I have posted question here. can you please help me? http://stackoverflow.com/questions/5403438/recurring-donation-with-paypal – Awais Qarni Mar 23 '11 at 10:33
1

URL provided as return link is called 2 times! First time it is coming from PayPal and sending POST data, second time user is redirected. You will see some GET variables, but they are quite useless (at least for requesting transaction).

The only way to see if POST data are coming (in first request) is using error_log or something like that.

Ēriks Daliba
  • 708
  • 4
  • 4