Paypal IPN已验证,但未更新数据库
[英]Paypal IPN verified but not updating database
问题描述
I'm using paypal IPN Sandbox to update the tables in my database when payment received. 
收到付款后,我正在使用Paypal IPN沙盒更新数据库中的表。 Based in my ipn log its shows OK and Verified. 根据我的ipn日志,它显示“确定”并已验证。 Here is my ipn. 这是我的IPN。 Also I cant receive email from my IPN. 另外,我也无法收到来自IPN的电子邮件。
include ('conn.php');
// CONFIG: Enable debug mode. This means we'll log requests into 'ipn.log' in the same directory.
// Especially useful if you encounter network errors or other intermittent problems with IPN (validation).
// Set this to 0 once you go live or don't require logging.
define("DEBUG", 1);
// Set to 0 once you're ready to go live
define("USE_SANDBOX", 1);
define("LOG_FILE", "./ipn.log");
// Read POST data
// reading posted data directly from $_POST causes serialization
// issues with array data in POST. Reading raw POST data from input stream instead.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// Post IPN data back to PayPal to validate the IPN data is genuine
// Without this step anyone can fake IPN data
if(USE_SANDBOX == true) {
$paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
}
$ch = curl_init($paypal_url);
if ($ch == FALSE) {
return FALSE;
}
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
if(DEBUG == true) {
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
}
// CONFIG: Optional proxy configuration
//curl_setopt($ch, CURLOPT_PROXY, $proxy);
//curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
// Set TCP timeout to 30 seconds
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// CONFIG: Please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path
// of the certificate as shown below. Ensure the file is readable by the webserver.
// This is mandatory for some environments.
//$cert = __DIR__ . "./cacert.pem";
//curl_setopt($ch, CURLOPT_CAINFO, $cert);
$res = curl_exec($ch);
if (curl_errno($ch) != 0) // cURL error
{
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "Can't connect to PayPal to validate IPN message: " . curl_error($ch) . PHP_EOL, 3, LOG_FILE);
}
curl_close($ch);
exit;
} else {
// Log the entire HTTP response if debug is switched on.
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "HTTP request of validation request:". curl_getinfo($ch, CURLINFO_HEADER_OUT) ." for IPN payload: $req" . PHP_EOL, 3, LOG_FILE);
error_log(date('[Y-m-d H:i e] '). "HTTP response of validation request: $res" . PHP_EOL, 3, LOG_FILE);
}
curl_close($ch);
}
// Inspect IPN validation result and act accordingly
// Split response headers and payload, a better way for strcmp
$tokens = explode("\r\n\r\n", trim($res));
$res = trim(end($tokens));
if (strcmp(trim($res), "VERIFIED") == 0) {
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$fee = $_POST['mc_fee'];
$citems = $_POST['num_cart_items'];
$orderID = $_POST['custom'];
$status = "Complete";
$orderstatus = "Processing";
if($payment_status == "Completed"){
$getinfo_sql = " SELECT * FROM orders a, users b
where
a.userID = b.userID
a.orderID = '$orderID'";
$getinfo = mysqli_query ($conn, $getinfo_sql);
while ($getinfo = mysqli_fetch_assoc($getinfo))
{
$custemail = $getinfo['email'];
$paymode = $getinfo['paymentmode'];
}
if($paymode == "Full Payment")
{
// date_default_timezone_set('Asia/Manila');
//
//$currentdate = date("y-m-d");
//$currentTime = date("g:i:s a");
//$audit = "INSERT INTO tbl_audittrail( username , action, `date`, `time` ) VALUES( '$sname' , '$action', '$currentdate', '$currentTime') ";
//mysql_query($audit) or die(mysql_error());
//
$checkn = mysqli_query($conn, "SELECT * FROM notifications where orderID ='$orderID'");
while($notifs= mysql_fetch_assoc($checkn))
{
$notifIDs = $notifs["notificationID"];
}
$seen = 0;
$stat= "Processing: Full Payment";
$updatenotif = mysqli_query($conn,"Update notifications set seen=0, details = '$stat' where notificationID ='$notifIDs'");
$message = " We have received the payment for your order OrderID: $orderID \n \n ";
$message .= "You can download the receipt at your Order History";
$message .= "For more info about your Order Call us at 611-1111 / 622-2222 / 633-3333";
$message .="\n \n Thanks, \n MVRAM ";
mail($custemail, 'Payment Received', $message, 'From:noreply@dbtk.megabuslines.biz');
mysql_query($conn,"UPDATE orders SET `paymentstatus` = '".$status."', `orderstatus` = '".$status."' WHERE `orderID` = '".$orderID."'") or die(mysql_error());
}
}else{
}
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "Verified IPN: $req ". PHP_EOL, 3, LOG_FILE);
}
} else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
// Add business logic here which deals with invalid IPN messages
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "Invalid IPN: $req" . PHP_EOL, 3, LOG_FILE);
}
}
2 个解决方案
解决方案1
2 已采纳 2015-02-03 01:58:48
I suggest you break the code into parts that can be debugged and fixed more easily. 我建议您将代码分成可以更轻松地调试和修复的部分。
Since you're working with PayPal IPN, you should first test that the IPN response is correctly recieved and verified. 由于您正在使用PayPal IPN,因此应首先测试是否正确接收和验证了IPN响应。
If your logger works, then first debug that part using the log file. 如果您的记录器正常工作,则首先使用日志文件调试该部分。
If you find troubles fix the part of getting IPN data and verifying. 如果发现问题,请修复获取IPN数据和验证的部分。
Once you're sure that the first part of IPN works you continue debugging the rest of the code faster by using this technique: 一旦确定IPN的第一部分可以工作,就可以使用以下技术继续更快地调试其余代码:
1) Test the IPN again and write the contents of $_POST into your log file using the returns of var_export($_POST, true) 1)再次测试IPN,并使用var_export($_POST, true)的返回值将$ _POST的内容写入日志文件
2) Open your log file and check that you'll have there the full array of $_POST that IPN sent you 2)打开您的日志文件,并检查是否有IPN发送给您的$ _POST的完整数组
3) Copy that array and fake your original $_POST data into your script: $_POST = array(..fields from the log..); 3)复制该数组并将伪造的$ _POST原始数据复制到脚本中:$ _POST = array(.. fields from log ..);
4) Now comment out all the first part of the script that does the IPN verification, and only leave there the faked $_POST 4)现在,注释掉执行IPN验证的脚本的所有第一部分,只保留伪造的$ _POST
5) Now you can manually access your script as if you were the PayPal's IPN robot by opening example.com/paypal_ipn_script.php 5)现在,您可以打开example.com/paypal_ipn_script.php来手动访问脚本,就好像您是PayPal的IPN机器人一样
Now you can continue debugging the rest of your script's sql queries and see which is failing, by hitting F5 and using print_r(), var_dump(), die(), etc. All this without having to make a new paypal payment for every test and so speed up the debugging process :) 现在,您可以继续调试脚本的其余SQL查询,并通过按F5并使用print_r(),var_dump(),die()等查看失败的原因,而无需为每次测试都支付新的Paypal费用因此加快了调试过程:)
解决方案2
0 2016-05-12 06:04:04
I'm using paypal IPN Sandbox to update the tables in my database when payment received.Try this code full start to end . 收到付款后,我正在使用Paypal IPN沙盒更新数据库中的表。请尝试将此代码从头到尾全部进行。
$data = $_POST;
$url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
$data['cmd'] = '_notify-validate';
$curl = curl_init();
curl_setopt_array(
$curl,
array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_POST => 1,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_URL => $url,
CURLOPT_POSTFIELDS => $data
)
);
if(!($result = curl_exec($curl))){
die('Error: "' . curl_error($curl) . '" - Code: ' . curl_errno($curl));
}
curl_close($curl);
if ($result != 'VERIFIED') {
die('Fraud IPN on Varification.');
}
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$ctIdcustom = $_POST['custom'];
//your action here
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.