I'm trying to set up a callback handler for IPN (paypal) verification. I know what curl does, but I don't know what 'cacert.pem' is (certificate...?).
this is where the callback.php file fails (exists):
curl_setopt($ch, CURLOPT_CAINFO, 'cacert.pem');
if( !($res = curl_exec($ch)) ) {
echo ("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
With the following error message:
Got error setting certificate verify locations: CAfile: cacert.pem
CApath: none when processing IPN data
So I downloaded cacert.pem and copied to the directory where the callback.php file is.
This is a comment before the code above:
// In wamp like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path
// of the certificate as shown below.
I'm using XAMPP, this would be the problem?
And finally this is the whole php file directly from developer page:
https://www.x.com/developers/PayPal/documentation-tools/code-sample/216623
<?php
// STEP 1: Read POST data
// reading posted data from directly from $_POST causes serialization
// issues with array data in POST
// reading raw POST data from input stream instead.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// STEP 2: Post IPN data back to paypal to validate
$ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path
// of the certificate as shown below.
curl_setopt($ch, CURLOPT_CAINFO, 'cacert.pem');
if( !($res = curl_exec($ch)) ) {
echo ("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
// STEP 3: Inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$string = "------------------------\r\n";
$string .= "item_name: ".$item_name."\r\n";
$string .= "item_number: ".$item_number."\r\n";
$string .= "payment_status: ".$payment_status."\r\n";
$string .= "payment_amount: ".$payment_amount."\r\n";
$string .= "payment_currency: ".$payment_currency."\r\n";
$string .= "txn_id: ".$txn_id."\r\n";
$string .= "receiver_email: ".$receiver_email."\r\n";
$string .= "payer_email: ".$payer_email."\r\n";
$fp = fopen('test.log', 'w');
fwrite($fp, $string."\r\n");
fclose($fp);
} else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
?>
As per the comment you need to set the (full) directory path, if the pem file is in the same directory as the script then this should work:
curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
For an explanation of what the cacert.pem file is, check this accepted answer.
Related
It was working fine around 6 hours ago. Now everything suddenly stopped working. I have checked the IPN History page. On IPN history, It is sent and received 200 response. Everything supposed to working fine.
I have also added extra code:
foreach($_REQUEST as $key=>$value){
$reqa .= "&$key=$value";
}
$fh = fopen('log/invalid-lol.txt','w');
fwrite($fh,$reqa);
fclose($fh);
It helps me create the file even if I reload the IPN page. I have also tried IPN Simulator, and the handshake was verified. Forget about the IPN data, it not even creating the log file which is supposed to be created even when I reload the page. There is no error in anything.
Here is the full code:
<?php
// STEP 1: Read POST data
// reading posted data from directly from $_POST causes serialization
// issues with array data in POST
// reading raw POST data from input stream instead.
foreach($_REQUEST as $key=>$value){
$reqa .= "&$key=$value";
}
$fh = fopen('log/invalid-lol.txt','w');
fwrite($fh,$reqa);
fclose($fh);
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// STEP 2: Post IPN data back to paypal to validate
$ch = curl_init('https://ipnpb.sandbox.paypal.com/cgi-bin/webscr'); // change to [...]sandbox.paypal[...] when using sandbox to test
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path
// of the certificate as shown below.
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if( !($res = curl_exec($ch)) ) {
// error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
// STEP 3: Inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_no = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
if ($_POST['mc_gross'] != NULL)
$payment_amount = $_POST['mc_gross'];
else
$payment_amount = $_POST['mc_gross1'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$txn_type = $_POST['txn_type'];
$case_type = $_POST['case_type'];
$receiver_email = urldecode($_POST['receiver_email']);
$payer_email = urldecode($_POST['payer_email']);
foreach($_POST as $key=>$value){
$req .= "&$key=$value";
}
$rand = rand(0,99);
$fh = fopen('log/valid-'.$rand.'-'.$item_no.'.txt','w');
fwrite($fh,$req);
fclose($fh);
} else if (strcmp ($res, "INVALID") == 0) {
$rand = rand(1000,99999);
$fh = fopen('log/invalid-'.$rand.'.txt','w');
fwrite($fh,$req);
fclose($fh);
}
?>
I've created a checkout system using PayPal. I'm using some code for the IPN that I got from GitHub, and I've added a piece of code to mark the item as sold in the inventory, which is stored in the website's MySQL database.
I have tested the code, and I have found that it carries out the CURL and a message is received at PayPal's end, but the code to update the database wasn't being executed. To test that the code to update the database worked, I moved it to before when the CURL is carried out. When I did this, the code ran, and the database was updated. So, there must be an issue that stops the code when the CURL is executed.
This is the entire code from the page that PayPal sends the IPN to.
<?php
// STEP 1: read POST data
// Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
// Instead, read raw POST data from the input stream.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2) {$myPost[$keyval[0]] = urldecode($keyval[1]);}
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// STEP 2: POST IPN data back to PayPal to validate
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp-like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set
// the directory path of the certificate as shown below:
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if(!($res = curl_exec($ch))) {
error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
// STEP 3: Inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// The IPN is verified, process it:
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process the notification
// assign posted variables to local variables
$item_number = $_POST['item_number'];
$item_name = $_POST['item_name'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer'];
include('sql.php');
mysqli_query($mysqli, $sql);
$sql = "UPDATE inventory SET sold='1' WHERE code='".$item_number."'";
if (mysqli_query($mysqli, $sql)) {
foreach($_POST as $key => $value) {
echo $key." = ". $value."<br>";
}
}else{
echo $mysqli->error;
}
mysqli_close($mysqli);
} else if (strcmp ($res, "INVALID") == 0) {
// IPN invalid, log for manual investigation
echo "The response from IPN was: <b>" .$res ."</b>";
}
curl_close($ch);
?>
I literally just did this two weeks ago. Such a pain in the butt. Here's what I used:
function connectAPI($data, $location){
$getData = array();
foreach($data as $key=>$value){
$getData[] = urlencode($key).'='.urlencode($value);
}
$location = $location . '?'.implode('&', $getData);
$ch = curl_init($location);
curl_setopt($ch,CURLOPT_USERAGENT,$_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$return['status'] = $status;
$return['response'] = $response;
return $return;
}
$input = $_POST;
$headers = getallheaders();
$location = 'https://ipnpb.paypal.com/cgi-bin/webscr';
$response = array('cmd'=>'_notify-validate');
$jsondata = $response + $input;
$resend = connectAPI($jsondata, $location);
if($resend['response'] === 'VERIFIED'){
// --- Do what you need to do.
}
echo $resend['response'];
So I've been sitting here for about six hours straight trying to figure out why my PHP sample code isn't working. Everything works up until the point where I have to verify over cURL with PayPal. Below you can see my code and my error. I have been trying various methods about read/write permissions, PHP 5.3.7 or greater, php.ini modifying versus modifying my php script. I am completely out of ideas, any help would be greatly appreciated.
PHP:
<?php
// STEP 1: read POST data
// Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
// Instead, read raw POST data from the input stream.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
$myfile = fopen("testfile.txt", "w");
fwrite($myfile,$req);
// Step 2: POST IPN data back to PayPal to validate
$ch = curl_init('https://sandbox.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp-like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set
// the directory path of the certificate as shown below:
curl_setopt($ch, CURLOPT_CAPATH,'C:\Users\Administrator\Desktop\ca-bundle.crt');
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
if( !($res = curl_exec($ch)) ) {
fwrite($myfile, "Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
frwite($myfile,$res);
// inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// The IPN is verified, process it
} else if (strcmp ($res, "INVALID") == 0) {
// IPN invalid, log for manual investigation
}
// inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// The IPN is verified, process it:
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process the notification
// assign posted variables to local variables
fwrite($myfile,"verified");
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
// IPN message values depend upon the type of notification sent.
// To loop through the &_POST array and print the NV pairs to the screen:
foreach($_POST as $key => $value) {
echo $key." = ". $value."<br>";
}
} else if (strcmp ($res, "INVALID") == 0) {
// IPN invalid, log for manual investigation
echo "The response from IPN was: <b>" .$res ."</b>";
}
?>
Error:
Got error setting certificate verify location: CAFile:'C:\Users\Administrator\Desktop\ca-bundle.crt' CAPath:none when processing IPN data
The error indicates it is not able to find the ca-bundle.crt file using that path for whatever reason. Have you downloaded ca-bundle.crt from http://curl.haxx.se/docs/caextract.html and is it on the Administrator's desktop?
Try putting ca-bundle.crt in the same folder as ipn.php and using the code they provide to verify that it is a path issue and not something else:
$cert = __DIR__ . "./ca-bundle.crt";
curl_setopt($ch, CURLOPT_CAINFO, $cert);
Also, Paypal's sandbox is www (for some reason) so you will need to use the following otherwise VERIFYHOST will fail:
$ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr');
You might want to grab the updated code samples Paypal is linking to now at https://github.com/paypal/ipn-code-samples
For several hours the script below worked very well and suddenly it has stopped working.
I have not changed anything.
Is there anything below that looks wrong that could prevent it from working properly?
<?php
// STEP 1: read POST data
// Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
// Instead, read raw POST data from the input stream.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// Step 2: POST IPN data back to PayPal to validate
$ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp-like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set
// the directory path of the certificate as shown below:
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if( !($res = curl_exec($ch)) ) {
// error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
if (strcmp ($res, "VERIFIED") == 0) {
// The IPN is verified, process it:
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process the notification
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
// process payment
// Added pp_trans_id which is the unique Transaction ID provided by PayPal
// Added reg_date which is in UNIX_TIME()
// Set WHERE to be equal to $id for perfect match
mysql_connect('localhost', 'wgaxzhpl_registe', '****');
mysql_select_db('wgaxzhpl_register');
$id = $_POST['custom'];
$insert = mysql_query("INSERT INTO `log` (txn_id, active) VALUES ('".$txn_id."', 1);");
}
else if (strcmp ($res, "INVALID") == 0) {
// IPN invalid, log for manual investigation
}
?>
Check the IPN History in your PayPal account to see if IPN's are actually getting sent or not and what response is coming back. If it's showing that they're getting sent and including a 200 response then that means your script is getting hit and completing successfully. In such a case you would need to check the logic of your script to see why it's not doing what you think.
If it's not sending at all you would need to double check your IPN configuration in the PayPal account or the notify URL used on payment requests.
If it is showing that it's sending but getting something other than 200 response that means your IPN script is failing. You can check your web server logs for details on exactly what the error is and get it resolved.
See http://forums.oscommerce.com/topic/395932-paypal-ipns-have-stopped-working-for-us-yesterday/
It seems it is sending extraneous data
I was logging the paypal response to the verification and it sends something around the important bit I record as
Content-Type: text/html; charset=UTF-8
-blank line-
8
VERIFIED
0
I am currently working with Paypal IPN and it is stating in the IPN history that it is sent to the below script, yet for some reason I am not getting an email. Which means either I'm not getting VERIFIED back or I am doing something wrong. So what am I doing wrong?
<?php
mysql_connect('localhost','inulled','algaportjava14');
mysql_select_db('inulled_p1');
// STEP 1: Read POST data
// reading posted data from directly from $_POST causes serialization
// issues with array data in POST
// reading raw POST data from input stream instead.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// STEP 2: Post IPN data back to paypal to validate
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path
// of the certificate as shown below.
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if( !($res = curl_exec($ch)) ) {
// error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
// STEP 3: Inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// check whether the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
mail('rapidblow#gmail.com', 'Paypal HTTP Error', 'Sorry, we have had a problem processing your request');
} else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
?>
Replace;
if (strcmp ($res, "VERIFIED") == 0) {
By;
if (strcmp (trim($res), "VERIFIED") == 0) {