I am using the PayPal IPN feature but I keep getting _POST[payment_status] = Pending when I make a test using the Sandbox. Because of that, I can't test the full purchase to make sure the whole process works properly.
Here is my code:
// Set the request paramaeter
$req = 'cmd=_notify-validate';
// Run through the posted array
foreach ($_POST as $key => $value)
{
// If magic quotes is enabled strip slashes
if (get_magic_quotes_gpc())
{
$_POST[$key] = stripslashes($value);
$value = stripslashes($value);
}
$value = urlencode($value);
// Add the value to the request parameter
$req .= "&$key=$value";
}
$ch = curl_init(); // Starts the curl handler
curl_setopt($ch, CURLOPT_URL,$paypal[$testing]); // Sets the paypal address for curl
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // Returns result to a variable instead of echoing
curl_setopt($ch, CURLOPT_TIMEOUT, 3); // Sets a time limit for curl in seconds (do not set too low)
curl_setopt($ch, CURLOPT_POST, 1); // Set curl to send data using post
curl_setopt($ch, CURLOPT_POSTFIELDS, $req); // Add the request parameters to the post
$result = curl_exec($ch); // run the curl process (and return the result to $result
curl_close($ch);
if (strcmp ($result, "VERIFIED") == 0) // It may seem strange but this function returns 0 if the result matches the string So you MUST check it is 0 and not just do strcmp ($result, "VERIFIED") (the if will fail as it will equate the result as false)
{
// It worked
// do my stuff
}else{
foreach($_POST as $key=>$value){
$post_str .="_POST[$key] = $value<br>";
}
$sub = "Paypal error";
$mes = "$post_str";
mailer($sub, $mes, $from, $to);
}
This is the error message I get in my email:
_POST[mc_gross] = 120.00
_POST[protection_eligibility] = Ineligible
_POST[address_status] = confirmed
_POST[payer_id] = QDZDYY4JWGFVG
_POST[tax] = 0.00
_POST[address_street] = 1 Maire-Victorin
_POST[payment_date] = 12:25:03 Apr 11, 2013 PDT
_POST[payment_status] = Pending
_POST[charset] = windows-1252
_POST[address_zip] = M5A 1E1
_POST[first_name] = gppl
_POST[address_country_code] = CA
_POST[address_name] = gppl Simard's Test Store
_POST[notify_version] = 3.7
_POST[custom] =
_POST[payer_status] = verified
_POST[address_country] = Canada
_POST[address_city] = Toronto
_POST[quantity] = 1
_POST[verify_sign] = An5ns1Kso7MWUdW4ErQKJJJ4qi4-AjAXF3KMNcb6G83Jslw18dw.Ti32
_POST[payer_email] = 78h23d8712h3d#x.com
_POST[txn_id] = 2KU491796R824634N
_POST[payment_type] = instant
_POST[payer_business_name] = gppl x's Test Store
_POST[last_name] = Simard
_POST[address_state] = Ontario
_POST[receiver_email] = x#x.x
_POST[pending_reason] = unilateral
_POST[txn_type] = web_accept
_POST[item_name] = 926537
_POST[mc_currency] = CAD
_POST[item_number] =
_POST[residence_country] = CA
_POST[test_ipn] = 1
_POST[handling_amount] = 0.00
_POST[transaction_subject] = 926537
_POST[payment_gross] =
_POST[shipping] = 0.00
_POST[ipn_track_id] = c7dcef0b1c333
This error is really driving me nuts.
Just so you guys know, I already have the Payment review set to off.
If you are useing sandbox, open developer.paypal.com->Dashboard->Accounts->facilitator#yourhost.com->Profile->Settings. Set 'Payment review' to 'Off'
Make sure your accounts have a confirmed email address. This typically happens when you send a payment to an account that doesn't have a confirmed email address. So check the seller account, and make sure the email address is confirmed that you sent the payment to.
I had this problem - I was sending PayPal my "live" payer_email, when I changed it to the business email in the sandbox it worked. same as my live email with ****-facilitator#yoursite.com
Login to your Sandbox account with the business, and see if you have any 'Unclaimed' payments. This could be because they are in a different currency than the one of your main account.
Related
I have successfully implement PayPal with laravel. I am able to make payment using PayPal APIs. Now I want to implement refund from PayPal using laravel. I don't want to make refund from PayPal dashboard but i want to make it done from our admin panel where admin user can see list of payments and link to refund that amount to customer. After successful payment I got Transaction id in response from PayPal. If i use that transaction id to refund then i am not able to do that successfully, and if i copy transaction id from paypal dashboard where all transactions are listed and get detail information of that transaction, then i am able to make refund success. Can anyone tell me how can i get that transaction id using which i can make refund using laravel.
I have to use below code to get actual sale id to refund amount using code not from paypal dashboard
$apiContext = new ApiContext(new OAuthTokenCredential(
"<CLIENT_ID>", "<CLIENT_SCRET_KEY>")
);
$payments = Payment::get($payment_id, $apiContext);
$payments->getTransactions();
$obj = $payments->toJSON();//I wanted to look into the object
$paypal_obj = json_decode($obj);//I wanted to look into the object
$transaction_id = $paypal_obj->transactions[0]->related_resources[0]->sale->id;
$this->getRefundPayment($transaction_id);
public function getRefundPayment($transaction_id){
$this->API_UserName = urlencode($this->API_Username);
$this->API_Password = urlencode($this->API_Password);
$this->API_Signature = urlencode($this->Signature);
$this->version = urlencode($this->version);
$transactionid = $transaction_id;
$DataInArray['currencyCode'] = 'INR';
$DataInArray['refundType'] = 'Full';
$DataInArray['transactionID'] = $transactionid;
$DataInArray['invoiceID'] = '';
$DataInArray['memo'] = 'This is refund of transaction id ='.$transactionid;
$DataInArray['amount'] = '';
if(trim(#$DataInArray['currencyCode'])=="")
return array("ERROR_MESSAGE"=>"Currency Code is Missing");
if(trim(#$DataInArray['refundType'])=="")
return array("ERROR_MESSAGE"=>"Refund Type is Missing");
if(trim(#$DataInArray['transactionID'])=="")
return array("ERROR_MESSAGE"=>"Transaction ID is Missing");
$Api_request = "&TRANSACTIONID={$DataInArray['transactionID']}&REFUNDTYPE={$DataInArray['refundType']}&CURRENCYCODE={$DataInArray['currencyCode']}";
if(trim(#$DataInArray['invoiceID'])!="")
$Api_request = "&INVOICEID={$DataInArray['invoiceID']}";
if(isset($DataInArray['memo']))
$Api_request .= "&NOTE={$DataInArray['memo']}";
if(strcasecmp($DataInArray['refundType'], 'Partial') == 0) {
if(!isset($DataInArray['amount'])) {
return array("ERROR_MESSAGE"=>"For Partial Refund - It is essential to mention Amount");
} else {
$Api_request = $Api_request."&AMT={$DataInArray['amount']}";
}
if(!isset($DataInArray['memo'])) {
return array("ERROR_MESSAGE"=>"For Partial Refund - It is essential to enter text for Memo");
}
}
$curl_var = curl_init();
curl_setopt($curl_var, CURLOPT_URL, $this->API_Endpoint);
curl_setopt($curl_var, CURLOPT_VERBOSE, 1);
curl_setopt($curl_var, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl_var, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($curl_var, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl_var, CURLOPT_POST, 1);
$Api_request_final = "METHOD=RefundTransaction&VERSION={$this->version}&PWD={$this->API_Password}&USER={$this->API_UserName}&SIGNATURE={$this->API_Signature}$Api_request";
curl_setopt($curl_var, CURLOPT_POSTFIELDS, $Api_request_final);
// Get response from the server.
$curlResponse = curl_exec($curl_var);
if(!$curlResponse)
return array("ERROR_MESSAGE"=>"RefundTransaction failed".curl_error($curl_var)."(".curl_errno($curl_var).")");
// Extract the response details.
$httpResponseAr = explode("&", $curlResponse);
$aryResponse = array();
foreach ($httpResponseAr as $i => $value) {
$tmpAr = explode("=", $value);
if(sizeof($tmpAr) > 1) {
$aryResponse[$tmpAr[0]] = urldecode($tmpAr[1]);
}
}
if((0 == sizeof($aryResponse)) || !array_key_exists('ACK', $aryResponse))
return array("ERROR_MESSAGE"=>"Invalid HTTP Response for POST request ($reqStr) to {$this->API_Endpoint}");
// var_dump($aryResponse);
return $aryResponse;
}
My PayPal IPN code receives the post data sent back from PayPal upon purchase completion but doesn't insert the data into the database. I had the code send me an email if it fails to insert the data into the database. If I take that post data and paste it into the address bar after ipn.php?, it works perfectly. What am I doing wrong? Do I have to post the data back to PayPal?
My IPN Listener
<?php
include 'includes/class.user.php';
$user = new USER();
$emailtext = "";
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
$value = urlencode($value);
$req .= "&$key=$value";
}
$paypalURL = "https://ipnpb.paypal.com/cgi-bin/webscr";
$ch = curl_init($paypalURL);
if ($ch == FALSE) {
return FALSE;
}
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSLVERSION, 6);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close', 'User-Agent: Company name removed for security, LLC.'));
$res = curl_exec($ch);
$tokens = explode("\r\n\r\n", trim($res));
$res = trim(end($tokens));
//Payment data
$txn_id = $_GET['txn_id'];
$payment_gross = $_GET['mc_gross'];
$currency_code = $_GET['mc_currency'];
$pay_status = $_GET['payment_status'];
$payer_email = $_GET['payer_email'];
$date = date("m-d-y");
$invNum = md5($date);
$orderNum = md5($txn_id);
$fullname = $_GET['address_name'];
$address = $_GET['address_street'];
$city = $_GET['address_city'];
$state = $_GET['address_state'];
$zip = $_GET['address_zip'];
if($user->verify_txnid($txn_id)){
exit();
}else{
$insertPayment = $user->insert_purchase($fullname,$address,$city,$state,$zip,"0000000000",$payer_email,$orderNum,$date,$txn_id,$invNum,$pay_status);
if($insertPayment === TRUE){
$num_cart_items = $_GET['num_cart_items'];
for ($i = 0; $i <= $num_cart_items; $i++) {
$order_item_name = $_GET['item_name' . $i];
$order_item_quantity = $_GET['quantity' . $i];
$order_item_gross_amount = $_GET['mc_gross_' . $i];
$order_item_custom = $_GET['option_selection1_' . $i];
$user->insert_order($txn_id, $order_item_name, $order_item_quantity, $order_item_gross_amount, $order_item_custom);
}
}else{
foreach ($_GET as $key => $value)
{
$emailtext .= $key . " = " .$value ."\n\n";
}
mail('myemail#gmail.com', 'Insert Payment FAILED', $emailtext."\r\n".$req."\r\n".$res);
}
}
header("HTTP/1.1 200 OK");
I have confirmed that the post from PayPal matches the post back to PayPal but I still get an INVALID response and none of the data gets inserted into the database. If I take the raw post data string from PayPal's initial POST and paste it into the address bar, it inserts into the database just fine. I can't figure out for the life of me why it's not inserting the data into the database on its own. My IPN history on PayPal show an html response of 500 and that its retrying.
If IPN message you POST back does not exactly match the one PayPal sent to you, INVALID status will be occurred. You can double check if there have mess code in the IPN message you POST back, such as non-English characters. But if you still cannot find out the root cause, you have to contact PayPal technical support via https://www.paypal-techsupport.com/app/ask/ and provide PayPal transaction ID for the further checking.
Had the exactly same problem on sandbox.
Got it working by switching off "Negative Testing" on the account profile settings and removing the date from the ipn simulator.
That simple code made it work
$ipn_post_data = $_POST;
// Choose url
if (array_key_exists('test_ipn', $ipn_post_data) && 1 === (int) $ipn_post_data['test_ipn']){
$url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
}else{
$url = 'https://www.paypal.com/cgi-bin/webscr';
}
// Set up request to PayPal
$request = curl_init();
curl_setopt_array($request, array
(
CURLOPT_URL => $url,
CURLOPT_POST => TRUE,
CURLOPT_POSTFIELDS => http_build_query(array('cmd' => '_notify-validate') + $ipn_post_data),
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_HEADER => FALSE,
));
// Execute request and get response and status code
$response = curl_exec($request);
$status = curl_getinfo($request, CURLINFO_HTTP_CODE);
// Close connection
curl_close($request);
if ($status == 200 && $response == 'VERIFIED') {
$today = date("Y_m_d");
$file = fopen("LogIPN.$today.txt", "ab");
$hour = date("H:i:s T");
fwrite($file, "Verified\r\n");
} else {
$today = date("Y_m_d");
$file = fopen("LogIPN.$today.txt", "ab");
$hour = date("H:i:s T");
fwrite($file, $response."\r\n");
fwrite($file, $status."\r\n");
}
I would never use that code in production for many reasons.
Hope this can make things easy for u.
I'm making something that uses Paypal and having a bit of trouble with my final step in the Paypal process. I have four calls to the Paypal API which work just fine, but the last one doesn't. To start, here is my curl function
function curl($PayPalMode,$nvpreq) {
$API_Endpoint = "https://api-3t.".$PayPalMode.".paypal.com/nvp";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
curl_setopt($ch, CURLOPT_VERBOSE, 1)
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
$httpResponse = curl_exec($ch);
$httpResponseAr = explode("&", $httpResponse);
$httpParsedResponseAr = array();
foreach ($httpResponseAr as $i => $value) {
$tmpAr = explode("=", $value);
if(sizeof($tmpAr) > 1) {
$httpParsedResponseAr[$tmpAr[0]] = $tmpAr[1];
}
}
if((0 == sizeof($httpParsedResponseAr)) || !array_key_exists('ACK', $httpParsedResponseAr)) {
return "Invalid HTTP Response for POST request($nvpreq) to $API_Endpoint.";
}
return $httpParsedResponseAr;
}
Then, as mentioned this is used four times for different things, for example
$data_set = array(
USER = $PayPalApiUsername,
PWD = $PayPalApiPassword,
SIGNATURE = $PayPalApiSignature,
METHOD = "SetExpressCheckout",
VERSION = urlencode(109.0),
L_BILLINGTYPE0 = "RecurringPayments",
L_BILLINGAGREEMENTDESCRIPTION0 = urlencode($paypal_obj->name)." (".urlencode($paypal_obj->price)."/Month)",
CANCELURL = $PayPalCancelURL,
RETURNURL = $PayPalReturnURL,
CURRENCYCODE = $PayPalCurrencyCode
);
$nvpreq_set = http_build_query($data_set);
$set_express_checkout_curl = curl($PayPalMode,$nvpreq_set);
These first four requests (which also includes GetExpressCheckoutDetails, CreateRecurringPaymentsProfile, and GetRecurringPaymentsProfileDetails) all work fine, using the exact same method. However, the fifth and final one does not. This is using UpdateRecurringPaymentsProfile as I sometimes want to give uses a trial month. It uses the exact same method as above
$data_update = array(
USER = $PayPalApiUsername,
PWD = $PayPalApiPassword,
SIGNATURE = $PayPalApiSignature,
METHOD = "UpdateRecurringPaymentsProfile",
VERSION = urlencode(109.0),
PROFILEID = $payer_id,
TRIALBILLINGPERIOD = "Month",
TRIALBILLINGFREQUENCY = 1,
TRIALTOTALBILLINGCYCLES = 1,
TRIALAMT = 10.00,
CURRENCYCODE = "GBP"
);
$nvpreq_update = http_build_query($data_update);
$update_profile_curl = curl($PayPalMode,$nvpreq_update);
However, this does not work, and instead returns error 11510 - Invalid trial amount, Trial amount must be >= 0. Upon sending a support message to Paypal they confirmed that the TRIALAMT was not being passed, and this was all they were receiving
Timestamp 20-Jan-2016 17:40:41 GMT (1453311641)
UpdateRecurringPaymentsProfileRequest
profileid "(profileid)"
currencycode "GBP"
trialtotalbillingcycles "1"
method "UpdateRecurringPaymentsProfile"
version "109"
user (email address)
correlation_id (correlation id)
As you can see, it is not just the TRIALAMT that isn't being passed, it is also TRIALBILLINGPERIOD and TRIALBILLINGFREQUENCY. This is the only instance in all of this that some data isn't being passed - and my question is does anyone know why this might be? I am completely lost with this, I have no idea why these bits of data wouldn't be passed, unless there is something wrong with my final request?
As far as I can see, urlencoding your params (inside curl function) may prevent lost of data, as is explained in this url: http://www.brandonchecketts.com/archives/array-versus-string-in-curlopt_postfields
...So, when sending POST requests in PHP/cURL, it is important to urlencode it as a string first.
This will generate the multipart/form-data version
$data = array('name' => 'value', 'name2' => 'value2');
curl_setopt($curl_object, CURLOPT_POSTFIELDS, $data)
And this simple change will ensure that it uses the application/x-www-form-urlencoded version:
$data = array('name' => 'value', 'name2' => 'value2');
$encoded = '';
foreach($data as $name => $value){
$encoded .= urlencode($name).'='.urlencode($value).'&';
}
// chop off the last ampersand
$encoded = substr($encoded, 0, strlen($encoded)-1);
curl_setopt($curl_object, CURLOPT_POSTFIELDS, $encoded)
FAILED REQUEST
request:cmd=_notify-validate&mc_gross=2.00&protection_eligibility=Eligible&address_status=confirmed&payer_id=LDYM496TZ5PMS&tax=0.00&address_street=7
Malcom Ave Quarrington Hill&payment_date=10:56:23 Jul 10, 2014
PDT&payment_status=Completed&charset=windows-1252&address_zip=DH6
4QT&first_name=fake&mc_fee=0.38&address_country_code=GB&address_name=fake
fake¬ify_version=3.8&custom=168&payer_status=unverified&business=fake#gmail.com&address_country=United
Kingdom&address_city=Durham&quantity=0&verify_sign=AO3SqMqkkL6g6znCfk.bTx0YGc9QAAC62A.uYD2AR27aMUKA8tjOenQg&payer_email=fake#gmail.com&txn_id=0V51470288084925M&payment_type=instant&last_name=fake&address_state=&receiver_email=fake#gmail.com&payment_fee=0.38&receiver_id=43PTLVVM58JD4&txn_type=web_accept&item_name=Hyubusa&mc_currency=USD&item_number=&residence_country=GB&transaction_subject=168&payment_gross=2.00&ipn_track_id=8f6ab718d71f2
Failed POST
mc_gross=2.00&protection_eligibility=Eligible&address_status=confirmed&payer_id=LDYM496TZ5PMS&tax=0.00&address_street=7+Malcom+Ave%0D%0AQuarrington+Hill&payment_date=10%3A56%3A23+Jul+10%2C+2014+PDT&payment_status=Completed&charset=windows-1252&address_zip=DH6+4QT&first_name=fake&mc_fee=0.38&address_country_code=GB&address_name=fake+fake¬ify_version=3.8&custom=168&payer_status=unverified&business=fake%40gmail.com&address_country=United+Kingdom&address_city=Durham&quantity=0&verify_sign=AO3SqMqkkL6g6znCfk.bTx0YGc9QAAC62A.uYD2AR27aMUKA8tjOenQg&payer_email=fake%40gmail.com&txn_id=0V51470288084925M&payment_type=instant&last_name=fake&address_state=&receiver_email=adamhyubusa%40gmail.com&payment_fee=0.38&receiver_id=43PTLVVM58JD4&txn_type=web_accept&item_name=Hyubusa&mc_currency=USD&item_number=&residence_country=GB&transaction_subject=168&payment_gross=2.00&ipn_track_id=8f6ab718d71f2
So, my PayPal IPN is returning an INVALID response SOMETIMES! ... When I test it on sandbox it works fine. When I test it with my own CC it works fine.
Occasionally when I get a donation however, the money comes through ... but the response from IPN is invalid.
I am in the US ... the particular donator it is currently failing on is from the UK ... I do not know if that has any relevance. This is my code.
$request = "cmd=_notify-validate";
foreach ($_POST as $varname => $varvalue){
$email .= "$varnamefake: $varvalue\n";
if(function_exists('get_magic_quotes_gpc') and get_magic_quotes_gpc()){
$varvalue = urlencode(stripslashes($varvalue));
}
else {
$value = urlencode($value);
}
$request .= "&$varname=$varvalue";
}
$ch = curl_init();
//curl_setopt($ch,CURLOPT_URL,"https://www.sandbox.paypal.com/cgi-bin/webscr");
curl_setopt($ch,CURLOPT_URL,"https://www.paypal.com/cgi-bin/webscr");
curl_setopt($ch,CURLOPT_POST,true);
curl_setopt($ch,CURLOPT_POSTFIELDS,$request);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
$result = curl_exec($ch);
curl_close($ch);
switch($result){
case "VERIFIED":
$message = "good: $".$_POST['mc_gross']." | ".$_POST['custom'];
$amt = str_replace("$", "", $_POST['mc_gross']);
$data = array(
'STATUS' => 1,
'AMOUNT' => $amt
);
$this->db->where('ID', $_POST['custom']);
$this->db->update('donations', $data);
case "INVALID":
$message ="bad";
mail("fakeemail#fake.com","paypal response", $message);
break;
default:
$message ="other";
mail("fakeemail#fake.com","paypal response", $message);
}
FAILED REQUEST
request:cmd=_notify-validate&mc_gross=2.00&protection_eligibility=Eligible&address_status=confirmed&payer_id=LDYM496TZ5PMS&tax=0.00&address_street=7
Malcom Ave Quarrington Hill&payment_date=10:56:23 Jul 10, 2014
PDT&payment_status=Completed&charset=windows-1252&address_zip=DH6
4QT&first_name=fake&mc_fee=0.38&address_country_code=GB&address_name=Brendan
fake¬ify_version=3.8&custom=168&payer_status=unverified&business=fake#gmail.com&address_country=United
Kingdom&address_city=Durham&quantity=0&verify_sign=AO3SqMqkkL6g6znCfk.bTx0YGc9QAAC62A.uYD2AR27aMUKA8tjOenQg&payer_email=fake#gmail.com&txn_id=0V51470288084925M&payment_type=instant&last_name=Watson&address_state=&receiver_email=fake#gmail.com&payment_fee=0.38&receiver_id=43PTLVVM58JD4&txn_type=web_accept&item_name=Hyubusa&mc_currency=USD&item_number=&residence_country=GB&transaction_subject=168&payment_gross=2.00&ipn_track_id=8f6ab718d71f2
Failed POST
mc_gross=2.00&protection_eligibility=Eligible&address_status=confirmed&payer_id=LDYM496TZ5PMS&tax=0.00&address_street=7+Malcom+Ave%0D%0AQuarrington+Hill&payment_date=10%3A56%3A23+Jul+10%2C+2014+PDT&payment_status=Completed&charset=windows-1252&address_zip=DH6+4QT&first_name=fake&mc_fee=0.38&address_country_code=GB&address_name=fake+fake¬ify_version=3.8&custom=168&payer_status=unverified&business=fake%40gmail.com&address_country=United+Kingdom&address_city=Durham&quantity=0&verify_sign=AO3SqMqkkL6g6znCfk.bTx0YGc9QAAC62A.uYD2AR27aMUKA8tjOenQg&payer_email=fake%40gmail.com&txn_id=0V51470288084925M&payment_type=instant&last_name=Watson&address_state=&receiver_email=adamhyubusa%40gmail.com&payment_fee=0.38&receiver_id=43PTLVVM58JD4&txn_type=web_accept&item_name=Hyubusa&mc_currency=USD&item_number=&residence_country=GB&transaction_subject=168&payment_gross=2.00&ipn_track_id=8f6ab718d71f2
if(function_exists('get_magic_quotes_gpc') and get_magic_quotes_gpc()){
$varvalue = urlencode(stripslashes($varvalue));
}
else {
$value = urlencode($value);
}
IPN variables are already url encoded, no point of encoding them again to send back to paypal - probably the reason why some transactions work and others don't.
I have a paypal IPN script an I'm currently testing it with the sandbox. Right now though every payment I try keeps comming up as unverified. Is it because the sandbox never verifies anything or is it an error in my code?
<?php
$ourpaypal= "dmanjr_1310054821_biz#gmail.com";
// Set the request paramaeter
$req = 'cmd=_notify-validate';
// Run through the posted array
foreach ($_POST as $key => $value)
{
// If magic quotes is enabled strip slashes
if (get_magic_quotes_gpc())
{
$_POST[$key] = stripslashes($value);
$value = stripslashes($value);
}
$value = urlencode($value);
// Add the value to the request parameter
$req .= "&$key=$value";
}
$url = "http://www.paypal.com/cgi-bin/webscr";
$ch = curl_init(); // Starts the curl handler
curl_setopt($ch, CURLOPT_URL,$url); // Sets the paypal address for curl
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // Returns result to a variable instead of echoing
curl_setopt($ch, CURLOPT_TIMEOUT, 3); // Sets a time limit for curl in seconds (do not set too low)
curl_setopt($ch, CURLOPT_POST, 1); // Set curl to send data using post
curl_setopt($ch, CURLOPT_POSTFIELDS, $req); // Add the request parameters to the post
$result = curl_exec($ch); // run the curl process (and return the result to $result
curl_close($ch);
$errors = false;
if (strcmp ($result, "VERIFIED") == 0) // It may seem strange but this function returns 0 if the result matches the string So you MUST check it is 0 and not just do strcmp ($result, "VERIFIED") (the if will fail as it will equate the result as false)
{
$errors = true;
// Do some checks to ensure that the payment has been sent to the correct person
if ($_POST['receiver_email'] == $ourpaupal){
// Check and ensure currency and amount are correct
if ($_POST['mc_currency'] == "USD"){
require_once('DonationHandler.php');
$don = new DonationHandler();
if ($don->hasDB()){
$don->RenewMembership($_POST['option_selection2'],$_POST['mc_gross'],$_POST['payer_email'],$_POST['txn_id']);
$errors = false;
}
}
}
}
else
{
// Log an invalid request to look into
$myFile = "ipn_unverified.txt";
$fh = fopen($myFile, 'w') or die("can't open file");
fwrite($fh, "======================================================\r\n");
foreach ($_POST as $stdata){
fwrite($fh, array_search($stdata, $_POST, true).": ". $stdata."\r\n");
}
fclose($fh);
}
//If there was any error with any verified payment, place it here
if ($errors){
$myFile = "ipn_errors.txt";
$fh = fopen($myFile, 'w') or die("can't open file");
fwrite($fh, "======================================================\r\n");
foreach ($_POST as $stdata){
fwrite($fh, array_search($stdata, $_POST, true).": ". $stdata."\r\n");
}
fclose($fh);
}
?>