3

I am editing a web site of an Ultimate Frisbee organisation I'm part of that needs to validate a membership payment when the user tries to sign in.

To do so, I am using a PHP Paypal API (the NVP version, not the SOAP one) that sends a request (called TransactionSearch) to Paypal asking for transactions from a start date with a specific email address. The problem here is that Paypal returns me that the request was successful but had no result. If I sign in on the paypal web site and I try to execute the same search, it gives me back the transactions I want.

Here is the code that creates the parameters string to send to paypal and the analysis of the response.

$nvpStr; //The parameters string to send to paypal (will contain the start date and the email address)

if (date('m') < 9)
    $startDateStr= '08/01/' . (date('y') - 1); //the 1st of april of last year
else
    $startDateStr= '08/01/' . date('y');       //the 1st of april this year
if(isset($startDateStr)) {
    $start_time = strtotime($startDateStr);
    $iso_start = date('Y-m-d\T00:00:00\Z',  $start_time);
    $nvpStr="&STARTDATE=$iso_start";           //we apply the format paypal requires
}

$nvpStr .= "&EMAIL=" . $_SESSION['Email']; //the user's email address

/* Make the API call to PayPal, using API signature.
   The API response is stored in an associative array called $resArray */

$resArray = PPHttpPost("TransactionSearch", $nvpStr);

/* After that we check the values returned by paypal to verify if there is a
   transaction related to this email address after the 1st of April*/

And here is the paypal request execution (code taken directly from paypal web site).

session_start();

$environment = 'live';  //"live" or 'beta-sandbox' or 'sandbox'

/**
 * Send HTTP POST Request
 *
 * @param   string  The API method name
 * @param   string  The POST Message fields in &name=value pair format
 * @return  array   Parsed HTTP Response body
 */
function PPHttpPost($methodName_, $nvpStr_) {
    global $environment, $API_UserName, $API_Password, $API_Signature;
    // Set up your API credentials, PayPal end point, and API version.
    $API_UserName = urlencode($API_UserName);
    $API_Password = urlencode($API_Password);
    $API_Signature = urlencode($API_Signature);

    $API_Endpoint = "https://api-3t.paypal.com/nvp";
    if("sandbox" === $environment || "beta-sandbox" === $environment) {
        $API_Endpoint = "https://api-3t.$environment.paypal.com/nvp";
    }
    $version = urlencode('51.0');

    // Set the curl parameters.
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
    curl_setopt($ch, CURLOPT_VERBOSE, 1);

    // Turn off the server and peer verification (TrustManager Concept).
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1);

    // Set the API operation, version, and API signature in the request.
    $nvpreq = "METHOD=$methodName_&VERSION=$version&PWD=$API_Password&USER=$API_UserName&SIGNATURE=$API_Signature$nvpStr_";

    // Set the request as a POST FIELD for curl.
    curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);

    // Get response from the server.
    $httpResponse = curl_exec($ch);

    if(!$httpResponse) {
        exit("$methodName_ failed: ".curl_error($ch).'('.curl_errno($ch).')');
    }

    // Extract the response details.
    $httpResponseAr = explode("&", $httpResponse);

    $httpParsedResponseAr = array();
    foreach ($httpResponseAr as $i => $value) {
        $tmpAr = explode("=", $value);
        if(sizeof($tmpAr) > 1) {
            $httpParsedResponseAr[$tmpAr[0]] = $tmpAr[1];
        }
    }

    if((0 == sizeof($httpParsedResponseAr)) || !array_key_exists('ACK', $httpParsedResponseAr)) {
        exit("Invalid HTTP Response for POST request($nvpreq) to $API_Endpoint.");
    }

    return $httpParsedResponseAr;
}

And then I var_dump some of the variables for you :

//$nvpStr we use as the second parameter for the PPHttpPost (I hid the email address)
string(60) "&STARTDATE=2011-08-01T00:00:00Z&EMAIL=account@domain.com"

//$nvpreq we use to create the message to send to paypal (I hid the password, user and signature)
string(222) "METHOD=TransactionSearch&VERSION=51.0&PWD=XXX&USER=YYY&SIGNATURE=ZZZ&STARTDATE=2011-08-01T00:00:00Z&EMAIL=diableraph@hotmail.com"

//$resArray the response from paypal
array(5) {
    ["TIMESTAMP"]=>
    string(28) "2011%2d12%2d07T17%3a55%3a13Z"
    ["CORRELATIONID"]=>
    string(13) "8f1c9593e26c0"
    ["ACK"]=>
    string(7) "Success"
    ["VERSION"]=>
    string(6) "51%2e0"
    ["BUILD"]=>
    string(7) "2230381"
}

//$resArray the response from paypal that works when I use the sandbox (I hid the email address)
array(16) {
    ["L_TIMESTAMP0"]=>
    string(28) "2011%2d12%2d07T00%3a26%3a12Z"
    ["L_TIMEZONE0"]=>
    string(3) "GMT"
    ["L_TYPE0"]=>
    string(7) "Payment"
    ["L_EMAIL0"]=>
    string(26) "account%40domain%2ecom"
    ["L_NAME0"]=>
    string(24) "Raphael%20Royer%2dRivard"
    ["L_TRANSACTIONID0"]=>
    string(17) "25V35432PY2041246"
    ["L_STATUS0"]=>
    string(9) "Completed"
    ["L_AMT0"]=>
    string(7) "20%2e00"
    ["L_CURRENCYCODE0"]=>
    string(3) "CAD"
    ["L_FEEAMT0"]=>
    string(9) "%2d0%2e88"
    ["L_NETAMT0"]=>
    string(7) "19%2e12"
    ["TIMESTAMP"]=>
    string(28) "2011%2d12%2d07T18%3a19%3a40Z"
    ["CORRELATIONID"]=>
    string(13) "53733eef8b4e2"
    ["ACK"]=>
    string(7) "Success"
    ["VERSION"]=>
    string(6) "51%2e0"
    ["BUILD"]=>
    string(7) "2230381"
}

For my testing I was using PayPal sandbox and it was woking great (we can see that we have a transaction)... I have no idea why it isn't working with the real one. As we can see, my creedentials are good because it does not give me an authentification error.

durron597
  • 31,968
  • 17
  • 99
  • 158
Raphael Royer-Rivard
  • 2,252
  • 1
  • 30
  • 53
  • 1
    You're going to hafta give us a code sample or we won't be able to help ... in an unrelated note, ultimate = amazeballs. –  Dec 07 '11 at 04:02
  • I added the main parts of the code I am using. I hope it can help! – Raphael Royer-Rivard Dec 07 '11 at 18:06
  • What are you expecting you should see in the *var_dump($resArray)* that you aren't seeing? My first thought is that Paypal sees no need to return any other transaction data because you *ALREADY* know everything else about the transaction (because you submitted it). –  Dec 07 '11 at 18:13
  • I added the expected array in the var_dump section. – Raphael Royer-Rivard Dec 07 '11 at 18:24
  • Are you the sender or recipient of funds? TransactionSearch is really meant for recipients of funds. Also, try to remove `EMAIL` and see if that works. – Robert Dec 07 '11 at 22:43
  • 1
    I am the recipient of the funds. I tried to remove the EMAIL filter and it gives me the 100 last transactions (it's the maximum). So I guess it's the email filter that isn't working, but I cannot see if the error is on my side or on paypal's side... I tried to send the email with the url encoding (account%40domain.com), without it (account@domain.com) and even the same as it is written in the response when I remove the email filter (account%40domain%2ecom) but none of them is working. – Raphael Royer-Rivard Dec 08 '11 at 15:04
  • Why don't you use the PayPal REST Api? https://github.com/paypal/PayPal-PHP-SDK – Gerd K Dec 08 '14 at 10:02
  • It was created on Mar 3, 2013 and my problem was in 2011 – Raphael Royer-Rivard Dec 23 '14 at 17:01

0 Answers0