I have some code here that is not functioning.
The critical issue here is the SSL encryption through the exec command in PHP.
The part << EOF \\n$data\\n_EOF_\\n is causing an issue as it causes the encryption to fail. I have tried the rest of the command without << EOF \\n$data\\n_EOF_\\n and it worked fine.
Notes:
I am running on Windows 10, XAMPP Control Panel v3.2.2, PHP, and Apache.
This is a personal computer.
It has the full installation of XAMPP.
OpenSSL is enabled.
PHP safe_mode is disabled.
The paths of OpenSSL and the certificate files are correct.
I have done much research into this issue and could not quite find a reliable solution. I would greatly appreciate some help! Thanks!
$types = array('bronze','silver','gold','platinum','diamond');
if(!in_array($_GET['type'],$types)) {
die('<error />');
}
$type = $_GET['type'];
if($type == 'bronze') {
$amount = '15.00';
} elseif ($type == 'silver') {
$amount = '25.00';
} elseif ($type == 'gold') {
$amount = '50.00';
} elseif ($type == 'platinum') {
$amount = '75.00';
} elseif ($type == 'diamond') {
$amount = '100.00';
}
#Discount Rate
$discount_rate = '0';
$IPN_URL = 'https://www.example.net/paypal/ipn';
$PAYPAL_CERT_FILE = 'C:\\xampp\\example.net\\paypal\\paypal_cert.pem';
$MY_KEY_FILE = 'C:\\xampp\\example.net\\paypal\\prvkey.pem';
$MY_CERT_FILE = 'C:\\xampp\\example.net\\paypal\\pubcert.pem';
$OPENSSL = 'C:\\xampp\\apache\\bin\\openssl.exe';
$form = array(
'cmd' => '_xclick',
'amount' => $amount,
'item_number' => explode('"',$userinfo['external_auth'])[3],
'discount_rate' => $discount_rate,
'item_name' => ucfirst($type).' EXAMPLE :: TEST',
'notify_url' => $IPN_URL,
'business' => 'example@live.ca',
'cert_id' => 'SOME_ID_HERE',
'currency_code' => 'USD',
'no_shipping' => '1'
);
function paypal_encrypt($hash) {
global $MY_KEY_FILE;
global $MY_CERT_FILE;
global $PAYPAL_CERT_FILE;
global $OPENSSL;
if (!file_exists($MY_KEY_FILE)) {
echo "ERROR: MY_KEY_FILE $MY_KEY_FILE not found\n";
}
if (!file_exists($MY_CERT_FILE)) {
echo "ERROR: MY_CERT_FILE $MY_CERT_FILE not found\n";
}
if (!file_exists($PAYPAL_CERT_FILE)) {
echo "ERROR: PAYPAL_CERT_FILE $PAYPAL_CERT_FILE not found\n";
}
//Assign Build Notation for PayPal Support
$hash['bn']= 'domain.PHP_EWP2';
$data = "";
foreach ($hash as $key => $value) {
if ($value != "") {
$data .= "$key=".escapeshellcmd($value)."\n";
}
}
$openssl_cmd = "($OPENSSL smime -sign -signer $MY_CERT_FILE -inkey $MY_KEY_FILE " .
"-outform der -nodetach -binary <<_EOF_\n$data\n_EOF_\n) | " .
"$OPENSSL smime -encrypt -des3 -binary -outform pem $PAYPAL_CERT_FILE";
exec($openssl_cmd, $output, $error);
if (!$error) {
return implode("\n",$output);
} else {
return "ERROR: encryption failed";
}
};
$encrypted = paypal_encrypt($form);
die('<success />'.$encrypted);
EDIT:
I am using https://www.stellarwebsolutions.com/en/articles/paypal_button_encryption_php.php as a guide.
If you are using xampp and your notify url has "localhost" in it, you are on another level. If you have a domain masking your xampp server, u can't use that url. Your notify url has to be ip address. ;) Just know I came back to tell you that. Just figured it out myself. If it helped, donate to foziazzubaidi@gmail.com through paypal haha. If it didn't, I've been making websites for a decade now. Send me an email, I'd be happy to help.
PEACE!!!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.