first of all, i'm kinda new to paypal adaptive payments, until now I only used the REST api.
I have problems understanding the complete flow of the applications when implementing adaptive payments.
In the REST api I navigate the user to the paypal page where he pays and get's redirected to my page where I can react on the result.
Using the adaptive Payments the user does not get redirected directly after the payment. Therefore I cannot guarantee he will open the given redirect page.
It seems like ipn is the solution for this, however I'm not sure on how to implement this correctly.
I used an example i found and logged the result which iresults in the following log entry. I have problmens to interpret the result. It is generated using the ipn simulator.
[2016-05-02 20:17 UTC] HTTP request of validation request:POST /cgi-bin/webscr HTTP/1.1
Host: www.sandbox.paypal.com
Accept: */*
Connection: Close
Content-Length: 943
Content-Type: application/x-www-form-urlencoded
for IPN payload: cmd=_notify-validate&payment_type=instant&payment_date=Mon+May+02+2016+22%3A17%3A33+GMT%2B0200+%28Mitteleurop%C3%A4ische+Sommerzeit%29&payment_status=Completed&address_status=confirmed&payer_status=verified&first_name=John&last_name=Smith&payer_email=buyer%40paypalsandbox.com&payer_id=TESTBUYERID01&address_name=John+Smith&address_country=United+States&address_country_code=US&address_zip=95131&address_state=CA&address_city=San+Jose&address_street=123+any+street&business=seller%40paypalsandbox.com&receiver_email=seller%40paypalsandbox.com&receiver_id=seller%40paypalsandbox.com&residence_country=US&item_name1=something&item_number1=AK-1234&tax=2.02&mc_currency=USD&mc_fee=0.44&mc_gross=12.34&mc_gross_1=12.34&mc_handling=2.06&mc_handling1=1.67&mc_shipping=3.02&mc_shipping1=1.02&txn_type=cart&txn_id=250343399¬ify_version=2.1&custom=xyz123&invoice=abc1234&test_ipn=1&verify_sign=AFcWxV21C7fd0v3bYYYRCpSSRl31AIR-7FrBuOZZqJMDr8d5DxEI9rpG
[2016-05-02 20:17 UTC] HTTP response of validation request: HTTP/1.1 200 OK
Date: Mon, 02 May 2016 20:17:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Set-Cookie: c9MWDuvPtT9GIMyPc3jwol1VSlO=vKsQ6Wsa8-CKaGYKLQkEziH8epLey-sigvcn6CGIx_BbN7f2lkSe4OGhXkrOoD98VscO4s-IeGzIJCQSjGbkN5Zy8ggokZMUzKgmU3DXPZQ12IS1gqWwws-ZbEZwuGYp75eS0cS94sdZ7NduMDdd-wj9neb47z6x3sZOBs76MeZAu3aVS0hQFhfLWtTs5kGfVtFWpDMlA-h6xzEk1jTOteInNMwwvIKfcctwTP0lq7HdBsSpBOxgGkj5aGqanty9RiMlioT_7_3I93WK2S1pTJuN5HIIuS4Ci3HuXUkgin6ian6oEhLnCPodUjWa_VIVmAUkxmVcrb1AOxLDa0lBYfV5b7vnHTHWkxtct-r7YQKX6un7_RyfeOrlSODOK-1FPcaQl6R5W7bQEuvm98K4kECj_EkvIFeUcjZWQ7wUx5Lc-Sja3yZDfFrWSvS; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: cookie_check=yes; expires=Thu, 30-Apr-2026 20:17:42 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navlns=0.0; expires=Wed, 02-May-2018 20:17:42 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: Apache=10.72.108.11.1462220262202022; path=/; expires=Wed, 25-Apr-46 20:17:42 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
HTTP_X_PP_AZ_LOCATOR: sandbox.slc
Paypal-Debug-Id: ed99d0b22cb7d
Set-Cookie: X-PP-SILOVER=name%3DSANDBOX3.WEB.1%26silo_version%3D1880%26app%3Dappdispatcher%26TIME%3D3870631767%26HTTP_X_PP_AZ_LOCATOR%3Dsandbox.slc; Expires=Mon, 02 May 2016 20:47:42 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT
Strict-Transport-Security: max-age=14400
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
INVALID
[2016-05-02 20:17 UTC] Invalid IPN: cmd=_notify-validate&payment_type=instant&payment_date=Mon+May+02+2016+22%3A17%3A33+GMT%2B0200+%28Mitteleurop%C3%A4ische+Sommerzeit%29&payment_status=Completed&address_status=confirmed&payer_status=verified&first_name=John&last_name=Smith&payer_email=buyer%40paypalsandbox.com&payer_id=TESTBUYERID01&address_name=John+Smith&address_country=United+States&address_country_code=US&address_zip=95131&address_state=CA&address_city=San+Jose&address_street=123+any+street&business=seller%40paypalsandbox.com&receiver_email=seller%40paypalsandbox.com&receiver_id=seller%40paypalsandbox.com&residence_country=US&item_name1=something&item_number1=AK-1234&tax=2.02&mc_currency=USD&mc_fee=0.44&mc_gross=12.34&mc_gross_1=12.34&mc_handling=2.06&mc_handling1=1.67&mc_shipping=3.02&mc_shipping1=1.02&txn_type=cart&txn_id=250343399¬ify_version=2.1&custom=xyz123&invoice=abc1234&test_ipn=1&verify_sign=AFcWxV21C7fd0v3bYYYRCpSSRl31AIR-7FrBuOZZqJMDr8d5DxEI9rpG
Yes, the answer you are looking for is IPN. There are steps to implement the flow.
First, in your sandbox settings - you should enable the Instant Payment Notification and provide url for it. Now, you can just enter a dummy link, cause you can overwrite it with the actual call for the payment. Have in mind, that you should provide a real url, because PayPal is unable to see your localhost.
Next, you should implement an IPN listener in your code. I think this should help you with it. I did it in C#, so cannot provide you with the exact code. It is important for you to include some information for the payment in the payment call to paypal, so you can receive it in the IPN and detect for which payment you are receiving a notification.
Btw, you can specify ReturnURL and CancelURL in the payment call to paypal, so the user is automatically redirected to where you want, after he has completed his payment.
Related
I wrote a program that set a cookie. it work well in http mode, but when I use https protocol, header of cookie add automatically add secure flag to it.
set-cookie: val=is; expires=Sun, 16-Feb-2025 07:26:50 GMT; Max-Age=90000; path=/; secure
my code is:
<?php
header('Set-Cookie: val=is; expires=Sun, 16-Feb-2025 07:26:50 GMT; Max-Age=90000; path=/');
What makes this happen?
I have a server with more site , after install varnish I tested if cache works, but for one web site not work varnish (have response of max-age=0). If I try to insert a simple php page (not correlated to main website) in same folder of this website, the response works.
This is a header when try :
HTTP/1.1 200 OK
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips
X-Powered-By: PHP/5.2.17
Set-Cookie: PHPSESSID=ragejao4sm1kckjn1trvap3ft0; path=/
Vary: User-Agent,Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cache-Control: max_age=8600
magicmarker: 1
Content-Length: 11863
Accept-Ranges: bytes
Date: Fri, 12 Jun 2015 12:28:15 GMT
X-Varnish: 1250916100
Age: 0
Via: 1.1 varnish
Connection: keep-alive
Varnish by default doesn't cache responses where cookies are set.
If you want to change this behaviour you need to consider how the cookie is being used (it looks like a session cookie) and either use the session id as part of the cache hash (ie so other users don't get a cached response from someone else's session) or use something like ESI to allow the "common" parts of the page to be cached while the session specific parts are fetched independently.
http://www.varnish-cache.org/trac/wiki/VCLExampleCacheCookies
https://www.varnish-cache.org/trac/wiki/ESIfeatures
I am creating a soap server in codeigniter using php native soap server class.
The soap server is working great but I have a problem with the codeiginter session cookie. The session cookie is being sent with every response from the soap server. I need the session cookie for other parts of the application excluding the soap server.
Is there a way I can disable the session cookie just for the soap server which is a controller in the application?
I have searched stackoverflow and other website for information but have not found anything useful.
It may be I am missing something obvious.
Please point me in the right direction.
Edit:
this is the http response for the soap request:
HTTP/1.1 200 OK
Date: Fri, 10 Jan 2014 07:05:56 GMT
Server: Apache/2.2.3 (CentOS) DAV/2 PHP/5.3.3
X-Powered-By: PHP/5.3.3
Set-Cookie: fgdstagecookie=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22076ceb992c6dff61e46d04d0c3d73d03%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22116.90.236.34%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A34%3A%22Apache-HttpClient%2F4.1.1+%28java+1.5%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1389337556%3B%7D7e8bb59c2753934d5a6265ab7964064c; path=/
Content-Length: 382
Cache-Control: no-store, no-cache, must-revalidate, private, max-age=0
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Connection: close
Content-Type: text/xml; charset=utf-8
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><ns2:responseType xmlns:ns2="http://tempuri.org/response"><code>4</code><message>transaction does not exist or is not available</message><responseBody><responseStr>4</responseStr></responseBody></ns2:responseType></SOAP-ENV:Body></SOAP-ENV:Envelope>
The part I want to remove is the Set-Cookie part.
Before returning the response or request use the header_remove(); function
Reference
http://www.php.net/manual/en/function.header-remove.php
<?php
header("X-Foo: Bar");
header("X-Bar: Baz");
//remove specific header
header_remove("X-Foo");
//remove all headers
header_remove();
?>
Okay, so say we heres an example:
<?php
$hello = "no";
if ($hello == "yes"){
setcookie("hello", '1', time() + 14400, '/', false, false, false);
echo "hey";
}else{
echo "no";
}
?>
So the code above should echo "no" on the page and NOT set the cookie.
It is echoing no and setting the cookie.
How can the cookie possibly be setting without echoing hey?
Yes, we are deleting the cookie from our browser before running the page again, and its setting it each time.
Has anyone else had something like this before? It is driving me crazy. There is nothing wrong with if statements. The cookie should NOT be setting, but it is?
Unset the cookie before testing and make sure you've set a reasonable expiry.
The cookie is not set by this code. However, it may have been set previously and been stored in your browser. Use your browser's privacy mode to request the site without cookies, or cookie/developer settings to delete all existing cookies.
Another alternative to find out what is really going on is curl:
$ curl -i http://phihag.de/2011/so/cookie.php
HTTP/1.1 200 OK
Date: Fri, 14 Oct 2011 16:13:32 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: de
no
$ curl -i http://phihag.de/2011/so/cookie.php?givemecookie=true
HTTP/1.1 200 OK
Date: Fri, 14 Oct 2011 16:13:41 GMT
Server: Apache
Set-Cookie: hello=1; expires=Fri, 14-Oct-2011 20:13:41 GMT; path=/
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: de
hey
Make sure you're editing the right code (for example by adding echo "world"; to it and observing the result). If that doesn't help, you should really give us a URL that demoes this mysterious behavior.
I have this issue. When I pay with paypal account, everything is fine, paid successfully and IPN hit back and update my database. But when i pay with credit card option, it's paid successfully at paypal end. But when i check my logs file, i got following errors and my database is not updated because of that error. Here is the log file.
cmd=_notify-validate&mc_gross=20.00&protection_eligibility=Partially+Eligible+-+INR+Only&address_status=unconfirmed&payer_id=2MXXFD6AQ43BA&tax=0.00&address_street=test%0Atest&payment_date=18%3A48%3A29+May+27%2C+2011+PDT&payment_status=Pending&charset=windows-1252&address_zip=640533&first_name=test&address_country_code=SG&address_name=test+test¬ify_version=3.1&custom=111%2C&payer_status=unverified&business=test_1303236553_biz%40gmail.com&address_country=Singapore&address_city=Singapore&quantity=1&verify_sign=An5ns1Kso7MWUdW4ErQKJJJ4qi4-AaEK7w348WQzfOfzLl3lrSKWYDOG&payer_email=knightrider%40gmail.com&txn_id=8H5315386S139944F&payment_type=instant&last_name=test&address_state=&receiver_email=test_1303236553_biz%40gmail.com&receiver_id=53B6G7SG6JKME&pending_reason=multi_currency&txn_type=web_accept&item_name=Item&mc_currency=SGD&item_number=&residence_country=SG&test_ipn=1&receipt_id=3969-1532-6232-5707&handling_amount=0.00&transaction_subject=111%2C&payment_gross=&shipping=0.00&ipn_track_id=smYslnsttVEUV7COBCKq5Q
ERROR - 2011-05-28 09:48:37 --> verify fail: HTTP/1.1 200 OK
Date: Sat, 28 May 2011 01:48:36 GMT
Server: Apache
Set-Cookie: c9MWDuvPtT9GIMyPc3jwol1VSlO=Ye21176JM0INrH_mgX028q_y72FW1Bz126j4BoxaJRY2L6TRQAfy8NN4REbQ0zbB6qwT_dJNA1mK0kU0T0ygtxZITXeG-RFGQ7KTXslYfcnreEukYMJRfdlkHlya7vHr6rdvwW%7cteseN7TyBXzvckcwMjQeg4r6VElLIpc6dvi-MuvLWzZ05kb5xoQG-hlpVvhaqCWIjx_h00%7cyuYEQ40G78uE-mVRJmAymkg8-jr88yZUZqEtmBrsVuNlXmmsaX2r8Yn-xoUPDMvW5Y3qwW%7c1306547317; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: cookie_check=yes; expires=Tue, 25-May-2021 01:48:37 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navlns=0.0; expires=Fri, 23-May-2031 01:48:37 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: Apache=10.191.196.11.209281306547316396; path=/; expires=Thu, 13-Apr-05 19:20:20 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Type: text/html; charset=UTF-8
INVALID
This needs some troubleshooting . here is what I found upon googling the issue
https://www.x.com/thread/40485
https://www.x.com/docs/DOC-1551
please post back what you found for others to help them.
from paypals site:
The payment is pending because it was made via credit card and you must upgrade your account to Business or Premier status in order to receive the funds. upgrade can also mean that you have reached the monthly limit for transactions on your account.
so if youve set up your ipn to only look from "completed" transactions
youll never get a hit
so you should do two things
1) chage your paypal account type
2) implement a "pending" routine in your listener