I am using Michas ipn script and I am receiving VERIFIED from PayPal and OK 200 but this part of the script is where it seems to stop. I added //notations
if ($this->use_curl) $this->curlPost($encoded_data);
else $this->fsockPost($encoded_data);
if (strpos($this->response_status, '200') === false) {
throw new Exception("Invalid response status: ".$this->response_status);
}
throw new Exception("status ".$this->response_status);//returns status 200
throw new Exception("status ".$this->response);//see below
if (strpos($this->response, "VERIFIED") !== false) {
return true; throw new Exception("Verified");//nothing returned
} elseif (strpos($this->response, "INVALID") !== false) {
return false; throw new Exception("Invalid");//nothing returned
} else {
throw new Exception("Unexpected response from PayPal.");
}
below here is what is returned by paypal by using throw new Exception("status ".$this->response);
[19-Oct-2015 14:59:53 UTC] HTTP/1.1 200 OK
Server: Apache
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Paypal-Debug-Id: fdea911830b4f
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
DC: slc-b-origin-www-2.paypal.com
Date: Mon, 19 Oct 2015 14:59:47 GMT
Content-Length: 8
Connection: close
Set-Cookie: cwrClyrK4LoCV1fydGbAxiNL6iG=xW6oYJfS6eHsqsgzQsbhMbE7-VbWj_1d-cNcQrxwKKa-56EbhXpjNMeHUi8wgEe_5J_Dtv9ksoVEE-fvmRQgjZzNrt6UX4Vc-vnhF4q-ymaA7GTWHgypoE-4nnN4eGGmxT8ekVletsOzZuSkcpr2uCuZ_o_2qe4gZnucegLPdnP1H6wLCQSh9vAeMUUlKG_TO92-4NA_LvcAtk83p7uwjzB7L8U1c2vvLivfiS-g3j6oKowAWAhOYtwLlLEVvnpXoWAOyGtPZJNbLDF_hub-VCdh9PA_4UhvMQYJyHv3nSzqvDwqhklL1fk87t3lLzyizpPkZweG6mi-iQyBk4PgS_merjRIESmqD0uNeJL_EIqAkBEZilxWwHmMKskh07SYx146nytFFfAKk8kFQ58_uZ6mxeX9EyBPsUg6z2xMC8OrTyPDqaWH8038mUW;
domain=.paypal.com;
path=/; Secure; HttpOnly
Set-Cookie: cookie_check=yes; expires=Thu, 16-Oct-2025 14:59:47 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navlns=0.0; expires=Wed, 18-Oct-2017 14:59:47 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: Apache=10.74.8.134.1445266787217963; path=/; expires=Wed, 11-Oct-45 14:59:47 GMT
Set-Cookie: X-PP-SILOVER=name%3DLIVE6.WEB.1%26silo_version%3D880%26app%3Dappdispatcher%26TIME%3D1661281622; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: Apache=10.74.8.69.1445266787199279; path=/; expires=Wed, 11-Oct-45 14:59:47 GMT
Set-Cookie: AKDC=slc-b-origin-www-2.paypal.com; expires=Mon, 19-Oct-2015 15:29:47 GMT; path=/; secure
Strict-Transport-Security: max-age=63072000
VERIFIED
I am not sure where to go from here?
The problem was PayPal's adherence to SHA-256. I found this script by Wade Schuler that is forked from the original Micah Carrick IPN, here is the link https://github.com/WadeShuler/PHP-PayPal-IPN To get it to work add this G5 crt located https://knowledge.symantec.com/support/ua-support/index?page=content&actp=CROSSLINK&id=SO5624 The one included will throw a handshake error. I hope this helps you too!
Related
i have an example http header response :
HTTP/2 200
content-type: application/json; charset=utf-8
vary: Cookie, Accept-Language, Accept-Encoding
content-language: en
date: Wed, 08 Jul 2020 21:20:44 GMT
content-encoding: gzip
set-cookie: ds_user=usadaida521; Domain=.instagram.com; expires=Tue, 06-Oct-2020 21:20:44 GMT; HttpOnly; Max-Age=7776000; Path=/; Secure
set-cookie: csrftoken=ev0sLTzbC4WIIk2FKvGcLLyVqgiFXD3A; Domain=.instagram.com; expires=Wed, 07-Jul-2021 21:20:44 GMT; Max-Age=31449600; Path=/; Secure
set-cookie: rur=FTW; Domain=.instagram.com; HttpOnly; Path=/; Secure
set-cookie: ds_user_id=35321243349; Domain=.instagram.com; expires=Tue, 06-Oct-2020 21:20:44 GMT; Max-Age=7776000; Path=/; Secure
set-cookie: sessionid=35321243349%3AP3jlNxxuIVGoJx%3A24; Domain=.instagram.com; expires=Thu, 08-Jul-2021 21:20:44 GMT; HttpOnly; Max-Age=31536000; Path=/; Secure
content-length: 685
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
All I need to get is :
ds_user=usadaida521; Domain=.instagram.com; expires=Tue, 06-Oct-2020 21:20:44 GMT; HttpOnly; Max-Age=7776000; Path=/; Secure;csrftoken=ev0sLTzbC4WIIk2FKvGcLLyVqgiFXD3A; Domain=.instagram.com; expires=Wed, 07-Jul-2021 21:20:44 GMT; Max-Age=31449600; Path=/; Secure;rur=FTW; Domain=.instagram.com; HttpOnly; Path=/; Secure;ds_user_id=35321243349; Domain=.instagram.com; expires=Tue, 06-Oct-2020 21:20:44 GMT; Max-Age=7776000; Path=/; Secure;sessionid=35321243349%3AP3jlNxxuIVGoJx%3A24; Domain=.instagram.com; expires=Thu, 08-Jul-2021 21:20:44 GMT; HttpOnly; Max-Age=31536000; Path=/; Secure
I use this REGEX :
/^set-cookie:\s*([^;]*)/mi
But I get :
ds_user=usadaida521;csrftoken=zL2U5EvMG61MNnPaQUGjpK2qklE5uBQ2;rur=FTW;ds_user_id=35321243349;sessionid=35321243349%3ALFbjFj8eRIkr2u%3A21
Can you help me with it? Thank you
Best Regards, Erwin
In JavaScript I would do this:
response
.replaceAll(/^(?!set-cookie).*|^set-cookie: /gmi,"")
.trim()
.replaceAll(/[\r\n]+/g, ';')
Sample:
cleanCoockie = response => {
return response
.replaceAll(/^(?!set-cookie).*|^set-cookie: /gmi,"")
.trim()
.replaceAll(/[\r\n]+/g, ';')
};
$("#result").html(
cleanCoockie("HTTP/2 200 \ncontent-type: application/json; charset=utf-8\nvary: Cookie, Accept-Language, Accept-Encoding\ncontent-language: en\ndate: Wed, 08 Jul 2020 21:20:44 GMT\ncontent-encoding: gzip\nset-cookie: ds_user=usadaida521; Domain=.instagram.com; expires=Tue, 06-Oct-2020 21:20:44 GMT; HttpOnly; Max-Age=7776000; Path=/; Secure\nset-cookie: csrftoken=ev0sLTzbC4WIIk2FKvGcLLyVqgiFXD3A; Domain=.instagram.com; expires=Wed, 07-Jul-2021 21:20:44 GMT; Max-Age=31449600; Path=/; Secure\nset-cookie: rur=FTW; Domain=.instagram.com; HttpOnly; Path=/; Secure\nset-cookie: ds_user_id=35321243349; Domain=.instagram.com; expires=Tue, 06-Oct-2020 21:20:44 GMT; Max-Age=7776000; Path=/; Secure\nset-cookie: sessionid=35321243349%3AP3jlNxxuIVGoJx%3A24; Domain=.instagram.com; expires=Thu, 08-Jul-2021 21:20:44 GMT; HttpOnly; Max-Age=31536000; Path=/; Secure\ncontent-length: 685\nalt-svc: h3-29=\":443\"; ma=3600,h3-27=\":443\"; ma=3600")
);
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<textarea id="result" rows="9" cols="80"></textarea>
I call an API and the response is like this:
HTTP/1.1 201 Created
Date: Tue, 12 Jun 2018 13:13:34 GMT
Server: Apache/2.4.x (Ubuntu)
Set-Cookie: PHPSESSID=id; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 114
Connection: close
Content-Type: application/json
{"id":"id_code|id_code|id_code","error":{"code":0,"message":"message"}}
What I want to do is take only the json part from final:
{"id":"id_code|id_code|id_code","error":{"code":0,"message":"message"}}
Can I do this using PHP?
Thank you!
You can get the contents of the response with $response->getBody()->getContent(), or you can cast the body to a string. From there if it is in JSON format you can decode it as normal:
// this works
$jsonResults = json_decode($response->getBody()->getContent(), true);
// so does this
$jsonResults = json_decode((string) $response->getBody(), true);
I am handling a post request, setting a cookie and then redirecting the user like so:
// (handle post request)
// all fine so set cookie
$ciphertext = Crypto::encrypt($_POST['soulmates_member_id'], Key::loadFromAsciiSafeString($this->encryption_key));
$expires = 60 * 60 * 24 * 30;
setcookie('soulmates_member_id', $ciphertext, $expires, '/', $_SERVER['HTTP_HOST']);
// redirect
header("Location: ".$_POST['soulmates_redirect']);
The following response is returned:
HTTP/1.1 302 Found
Date: Tue, 28 Jun 2016 10:53:21 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.21
X-Powered-By: PHP/5.6.21
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Access-Control-Allow-Origin: http://local.wordpress.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Set-Cookie: soulmates_member_id=def5020032ce3903334d3564b22303993dc3bd5923256632200d94785aa9cd09a44091a124848bd4476768eb5027082b01ec4036c4fa366ba41613157d548285d8cbee1b1115b0fc3ec454127e62732db13fb72b4ff385eceeae1b7af7c1; expires=Sat, 31-Jan-1970 00:00:00 GMT; Max-Age=-1464519202; path=/; domain=local.wordpress.com
Location: http://local.wordpress.com/another-page/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
But the cookie doesn't get set. I've tried this in Chrome and Firefox and the cookie just doesn't get set for some reason.
I solved it! It's because the expires time needs to be relative to now so that the expiry date and time is in the future like so:
$expires = time() + 60 * 60 * 24 * 30;
I am uploading image on my signup page which is submitted by ajax and is send to ajaxcall.php where i add some headers to the request and send it to the register api which register the user
issue : i am receiving the $_POST and $_FILE in ajaxcall.php but on sending the curl request with the same parameters and few headers are added i do not recieve the post params on the server side
Below is the code for creating content deposition
function genereatePostFileVars($file,$rem=array(),$boundary)
{
$postvar="";
foreach($_POST as $key=>$val)
{
if($key!='endpoint')
{
if(!in_array($key,$rem))
{
if($key != 'uname')
{
$postvar.="\r\n$boundary\r\nContent-Disposition: form-data; name=\"$key\"\r\n\r\n$val";
}
else
{
$postvar.="\r\n$boundary\r\nContent-Disposition: form-data; name=\"name\"\r\n\r\n$val";
}
}
}
}
if(!empty($_FILES))
{
$filedata=array();
if(count($_FILES[$file]['name'])>1)
{
for($i=0;$i<count($_FILES[$file]['name']);$i++)
{
$fst='file'.($i+1);
$filedata[$fst]['name']=$_FILES[$file]['name'][$i];
$filedata[$fst]['error']=$_FILES[$file]['error'][$i];
$filedata[$fst]['tmp_name']=$_FILES[$file]['tmp_name'][$i];
$filedata[$fst]['size']=$_FILES[$file]['size'][$i];
}
}
else{
$filedata['file']=$_FILES[$file];
;
}
foreach($filedata as $name=>$value){
$postvar.="\r\n".$boundary."\r\nContent-Disposition: form-data; name=\"$name\"; filename=\"".$value['name']."\"\r\nContent-Type:".$value['type']."\r\n";
}
}
$postvar.="\r\n$boundary--";
return $postvar;
}
Output for above code:
-----1465984203238231624
Content-Disposition: form-data; name="name"
himanshi
-----1465984203238231624
Content-Disposition: form-data; name="username"
wvhxc
-----1465984203238231624
Content-Disposition: form-data; name="email"
wvhxc#gmail.com
-----1465984203238231624
Content-Disposition: form-data; name="password"
vdschh
-----1465984203238231624
Content-Disposition: form-data; name="file"; filename="10940545_822721561108202_6765172210735079451_n.jpg"
Content-Type:image/jpeg
-----1465984203238231624--
Headers that are send:
Array
(
[0] => Accept:application/json,image/*
[1] => Expect:
[2] => authToken: 72b5a44d3e9c50fc81dd196d75a1b375
[3] => timestamp: 2016-06-15 09:50:03
[4] => content-type: multipart/form-data; boundary=-----1465984203238231624
[5] => deviceType:Web
[6] => apiVersion:v0.1
)
Response i get:
HTTP/1.1 400 Bad Request
Date: Wed, 15 Jun 2016 09:50:03 GMT
Server: Apache/2.2.29 (Unix) mod_wsgi/3.5 Python/2.7.10 PHP/5.6.10 mod_ssl/2.2.29 OpenSSL/0.9.8zh DAV/2 mod_fastcgi/2.4.6 mod_perl/2.0.9 Perl/v5.22.0
X-Powered-By: PHP/5.6.10
Set-Cookie: PHPSESSID=5f784328aa7571352c1ba2e127a96ef6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages
Access-Control-Allow-Headers: Authorization
Allow: POST
Content-Length: 80
Connection: close
Content-Type: application/json; charset=UTF-8
{"status":false,"message":"Username or email is required for signup.","data":[]}
Please let me know what i am doing wrong,Thanks in advance
I am trying to communicate to an API using cURL. One of the methods require that I pass the value of the ININ-ICWS-CSRF-Token header (ie. WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA=) and the Set-Cookie (ie. icws_904586002=bf7c7783-6766-4c4f-862b-48f25a9a3741) so I need to extract them so I can pass them later in my code.
Here is what I did to extract the header and the body from the cURL/API respond:
$respond = curl_exec($ch);
//throw cURL exception
if($respond === false){
$errorNo = curl_errno($ch);
$errorMessage = curl_error($ch);
throw new ApiException($errorMessage, $errorNo);
}
list($header, $body) = explode("\r\n\r\n", $respond, 2);
echo '<pre>';
print_r($header);
echo '</pre>';
This is the content of the $header value:
HTTP/1.1 201 Created
ININ-ICWS-CSRF-Token: WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA=
ININ-ICWS-Session-ID: 904586002
Set-Cookie: icws_904586002=bf7c7783-6766-4c4f-862b-48f25a9a3741; Path=/icws/904586002
Location: /icws/904586002/connection
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: application/vnd.inin.icws+JSON; charset=utf-8
Date: Wed, 06 May 2015 17:13:44 GMT
Server: HttpPluginHost
Content-Length: 237
I would like to get in return results like this
the value of "ININ-ICWS-CSRF-Token" is "WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA="
the value of the "cookie" is "ININ-ICWS-CSRF-Token: WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA="
You can use the http_parse_headers function to parse the headers.
$hdr_array = http_parse_headers($header);
foreach ($hdr_array as $name => $value) {
echo "The value of '$name' is '$value'<br>";
}
If you don't have http_parse_headers, you can use the code in Pedro Lobito's answer.
<?php
$myHeader = <<< LOL
HTTP/1.1 201 Created
ININ-ICWS-CSRF-Token: WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA=
ININ-ICWS-Session-ID: 904586002
Set-Cookie: icws_904586002=bf7c7783-6766-4c4f-862b-48f25a9a3741; Path=/icws/904586002
Location: /icws/904586002/connection
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: application/vnd.inin.icws+JSON; charset=utf-8
Date: Wed, 06 May 2015 17:13:44 GMT
Server: HttpPluginHost
Content-Length: 237
LOL;
preg_match_all('/(.*?Token): (.*?)\s+/', $myHeader, $matches, PREG_PATTERN_ORDER);
$tokenName = $matches[1][0];
$token = $matches[2][0];
echo <<< LOL
the value of "$tokenName" is "$token"
the value of the "cookie" is "$tokenName: $token"
LOL;
?>