[英]Clickbank IPN version 6 PHP / Laravel
我正在尝试为Clickbank创建IPN侦听器,但到目前为止我还没有成功。
我使用了clickbank网站上列出的代码示例: https : //support.clickbank.com/entries/22803622-Instant-Notification-Service
<?php
// NOTE: the mcrypt libraries need to be installed and listed as an available extension in
// your phpinfo() to be able to use this method of decryption.
$secretKey = "YOUR SECRET KEY"; // secret key from your ClickBank account
// get JSON from raw body...
$message = json_decode(file_get_contents('php://input'));
// Pull out the encrypted notification and the initialization vector for
// AES/CBC/PKCS5Padding decryption
$encrypted = $message->{'notification'};
$iv = $message->{'iv'};
error_log("IV: $iv");
// decrypt the body...
$decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
substr(sha1($secretKey), 0, 32),
base64_decode($encrypted),
MCRYPT_MODE_CBC,
base64_decode($iv)), "\0..\32");
error_log("Decrypted: $decrypted");
// convert the decrypted string to a JSON object...
$order = json_decode($decrypted);
// Ready to rock and roll - If the decoding of the JSON string wasn't successful,
// then you can assume the notification wasn't encrypted with your secret key.
?>
对于ipn v4,我设法获得了ipn测试仪的经过验证的确认,并将输出保存在我的日志中。 但是对于v6,我什至无法将输出保存到日志文件中。 看来Clickbank甚至都没有发送任何东西。 他们的文档含糊不清,我想知道这段代码是否应该首先起作用。
有人对此有经验吗? 除响应200外,我还应该返回其他内容吗?
提前致谢。
您可以做几件与我的代码配合得很好的事情。 (1)PHP版本-如果您使用的是PHP 7+,则尝试将其更改为PHP 5.6(2)使用$ HTTP_RAW_POST_DATA而不是file_get_contents(我知道file_get_contents更好,但是在无法使用时使用替代方法)
这是尝试的代码,$ secretKey =“您的秘密钥匙”;
// get JSON from raw body...
//$message = json_decode(file_get_contents('php://input'));
$message = $HTTP_RAW_POST_DATA;
$message = json_decode($message, true);
$messageString = http_build_query($message); //converts associative array in to string
error_log("message string: $messageString");
$encrypted = $message['notification'];
$iv = $message['iv'];
error_log("IV: $iv");
// decrypt the body...
$decrypted = trim(openssl_decrypt(base64_decode($encrypted),'AES-256-CBC',substr(sha1($secretKey), 0, 32),OPENSSL_RAW_DATA, base64_decode($iv)), "\0..\32");
error_log("Decrypted: $decrypted");
////UTF8 Encoding, remove escape back slashes, and convert the decrypted string to a JSON object...
$sanitizedData = utf8_encode(stripslashes($decrypted));
$jsonDecodeData = json_decode($decrypted, true);
$jsonDecodeDataString = http_build_query($jsonDecodeData);
<?php
function ipnVerification() {
$secretKey="YOUR SECRET KEY";
$pop = "";
$ipnFields = array();
foreach ($_POST as $key => $value) {
if ($key == "cverify") {
continue;
}
$ipnFields[] = $key;
}
sort($ipnFields);
foreach ($ipnFields as $field) {
// if Magic Quotes are enabled $_POST[$field] will need to be
// un-escaped before being appended to $pop
$pop = $pop . $_POST[$field] . "|";
}
$pop = $pop . $secretKey;
$calcedVerify = sha1(mb_convert_encoding($pop, "UTF-8"));
$calcedVerify = strtoupper(substr($calcedVerify,0,8));
return $calcedVerify == $_POST["cverify"];
}
?>
您可以使用它来验证您的IPN。 效果很好
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.