Re: PHP paypal integration
am 14.07.2006 01:23:31 von Norman Peelman
Not to ask a stupid question but you are sure that paypal is talking to your
server via the IPN callback? Insert some logging info in your processing
script to see what is happening along the way. I know that actually finding
the place to set this all up on paypal is a nightmare, but that's another
story... I wrote a very simple logging function that you might want to try:
define('LOGFILE',true); // set to false to turn off logging.
function logfile($txt)
{
if (LOGFILE)
{
$txt = date("G:i:s - ").$txt.chr(13); // insert return to end of line
$lf = 'drive:\\path\\to\\your\\logfile_'.date('D M j - Y').'.lft'; //
set logfile
$fp = fopen($lf,'a'); // open in append mode - create if needed
fwrite($fp,$txt,1024); // write the text
fclose($fp); // close file
}
}
insert somewhere (top) in your process script (set the exstension .lft to
something that will show the output correctly, I use WORDPAD since i'm on
windows) or just modify to suit your needs.
and use it to output variables, messages, etc. Like:
logfile('Start of PayPal IPN Process');
logfile(print_r($_POST)); // show the variable received from paypal
..
..
..
logfile('Payment VERIFIED');
etc.
or you could post the code with top secret info removed...
Norm
--
FREE Avatar hosting at www.easyavatar.com
wrote in message
news:1152785644.226744.187530@75g2000cwc.googlegroups.com...
> Hi Mike
> thanks - I am looking at those forums but the problem does seem to be
> in the way the PHP script is handling what paypal sends it.
>
> If anyone else can help I would appreciate it.
> thanks
> Tim
>
>
> Mike wrote:
> > Hi,
> >
> > You could try..
> >
> > http://www.paypaldev.org
> >
> > This is a specialist site for all things paypay.
> >
> > Or...
> >
> > http://paypaltech.com
> >
> > I found both these site VERY useful. Much more useful that paypals own
> > help!
> >
> > Mike
> >
> > timhammo@gmail.com wrote:
> > > We have a 3rd party php website running on a Linux server. Customers
> > > subscribe to the site via Paypal but we are unable to receive the
> > > paypal notification back to our server to process it. Our Linux
server
> > > has register_globals set on. The website software provider suggests
> > > the problem is related to having globals on but we are unable to
change
> > > this as we are on a shared hosting platform. Please can anyone
suggest
> > > a work around for the paypal notification so our payment process works
> > > smoothly.
>
Re: PHP paypal integration
am 14.07.2006 11:09:30 von timhammo
Thanks,
We do have some logging in place which is recording empty post
variables so it does seem that the data is not actually reaching our
server.
thanks
Tim
Norman Peelman wrote:
> Not to ask a stupid question but you are sure that paypal is talking to your
> server via the IPN callback? Insert some logging info in your processing
> script to see what is happening along the way. I know that actually finding
> the place to set this all up on paypal is a nightmare, but that's another
> story... I wrote a very simple logging function that you might want to try:
>
> define('LOGFILE',true); // set to false to turn off logging.
> function logfile($txt)
> {
> if (LOGFILE)
> {
> $txt = date("G:i:s - ").$txt.chr(13); // insert return to end of line
> $lf = 'drive:\\path\\to\\your\\logfile_'.date('D M j - Y').'.lft'; //
> set logfile
> $fp = fopen($lf,'a'); // open in append mode - create if needed
> fwrite($fp,$txt,1024); // write the text
> fclose($fp); // close file
> }
> }
>
> insert somewhere (top) in your process script (set the exstension .lft to
> something that will show the output correctly, I use WORDPAD since i'm on
> windows) or just modify to suit your needs.
>
> and use it to output variables, messages, etc. Like:
>
> logfile('Start of PayPal IPN Process');
> logfile(print_r($_POST)); // show the variable received from paypal
> .
> .
> .
> logfile('Payment VERIFIED');
>
> etc.
>
> or you could post the code with top secret info removed...
>
> Norm
> --
> FREE Avatar hosting at www.easyavatar.com
> wrote in message
> news:1152785644.226744.187530@75g2000cwc.googlegroups.com...
> > Hi Mike
> > thanks - I am looking at those forums but the problem does seem to be
> > in the way the PHP script is handling what paypal sends it.
> >
> > If anyone else can help I would appreciate it.
> > thanks
> > Tim
> >
> >
> > Mike wrote:
> > > Hi,
> > >
> > > You could try..
> > >
> > > http://www.paypaldev.org
> > >
> > > This is a specialist site for all things paypay.
> > >
> > > Or...
> > >
> > > http://paypaltech.com
> > >
> > > I found both these site VERY useful. Much more useful that paypals own
> > > help!
> > >
> > > Mike
> > >
> > > timhammo@gmail.com wrote:
> > > > We have a 3rd party php website running on a Linux server. Customers
> > > > subscribe to the site via Paypal but we are unable to receive the
> > > > paypal notification back to our server to process it. Our Linux
> server
> > > > has register_globals set on. The website software provider suggests
> > > > the problem is related to having globals on but we are unable to
> change
> > > > this as we are on a shared hosting platform. Please can anyone
> suggest
> > > > a work around for the paypal notification so our payment process works
> > > > smoothly.
> >
Re: PHP paypal integration
am 17.07.2006 11:31:44 von lucyhamm
Here is the receiving IPN code, the error email is being sent but not
including any data.
Any pointers greatly appreciated.
regards
Tim
/* $Id: module-paypal.php,v 1.1 2006-05-17 09:58:13-07 brian Exp brian
$ */
// vim: expandtab sw=3D4 ts=3D4 sts=3D4:
############################################################ ############
## Built2Go PHP Realestate v1.0
##
## ------------------------------------------------------------ ----
##
## Copyright =A9 Big Resources, Inc. All Rights Reserved.
##
## This software must be used in accordance with its licensing
##
## terms and conditions at: http://www.built2go.com/faq.php
##
##
##
## This file may not be redistributed in whole or significant part.
##
## ---------------- BUILT2GO IS NOT FREE SOFTWARE -----------------
##
############################################################ ############
require_once("../config.php");
function PErroremail($subject,$message){
global $_PAYPAL,$name_of_site,$SystemInfo->_systemstatus;
$message .=3D "\r\n\r\n";
$message .=3D "_PAYPAL Variables\r\n\r\n";
while (list ($key, $value) =3D each ($_PAYPAL)){
$message .=3D "[$key] =3D> $value\r\n";
}
$message .=3D "\r\n----Variables sent from Paypal IPN
script----\r\n\r\n";
$header =3D "From: $name_of_site Paypal Debug <".FROM.">\r\n";
if ($SystemInfo->_systemstatus['Debug']){
mail (FROM,$subject,$message, $header);
}
}
if (!$_POST['txn_type']){
header("Status: 404 Not Found"); exit;
} else {
header("Status: 200 OK");
}
$postvars =3D array();
foreach ($_POST as $ipnkey =3D> $ipnvalue){
$GLOBALS[$ipnkey] =3D $ipnvalue; // Posted variable Localization
$postvars[] =3D $ipnkey;
$_PAYPAL[$ipnkey] =3D $ipnvalue; // Posted variable Localization
}
$postipn =3D 'cmd=3D_notify-validate';
$noteipn =3D "IPN post variables in order of appearance:\r\n\r\n";
for ($x=3D0; $x < count($postvars); $x++){
$y=3D$x+1;
$postkey =3D $postvars[$x];
$postval =3D $$postvars[$x];
$postipn.=3D "&" . $postkey . "=3D" .
urlencode(stripslashes($postval));
$noteipn.=3D "#" . $y . " [$postkey] =3D> $postval \r\n";
}
unset($_POST);
if ($SysmteInfo->_systemstatus['Membership'] == 'A') {
$domain =3D "www.paypal.com";
$header =3D "POST /cgi-bin/webscr HTTP/1.0\r\n"; // paypal
} elseif ($SysmteInfo->_systemstatus['Membership'] == 'P') {
// IPN validation mode 2: Test Via belahost
$domain =3D "www.belahost.com";
$header =3D "POST /pp/ HTTP/1.0\r\n"; // belahost.com
}else{
// IPN validation mode was not set to 1 or 2
$error=3D1;
$bmode=3D1;
SendUserEmail(FROM,"Postmode Error");
}
$socket =3D fsockopen($domain,80,$errno,$errstr,30);
$header.=3D "Host: ".$domain."\r\n";
$header.=3D "Content-Type: application/x-www-form-urlencoded\r\n";
$header.=3D "Content-Length: ".strlen($postipn)."\r\n";
$header.=3D "Accept: */*\r\n\r\n";
// Note: "Connection: Close" is Not required Using HTTP/1.0
// Problem: Now is this your Firewall or your Ports?
// Maybe Setup a little email Notification here. . .
if (!$socket && !$error){
echo "Problem: Error Number: " . $errno . " Error
String: " . $errstr;
exit;
}
// If No Problems have Occured then We proceed With the Processing
else{
fputs ($socket, $header . $postipn);
while (!feof($socket)){
$reply =3D fgets ($socket, 1024);
$reply =3D trim ($reply); // Required on some
Environments
}
// Prepare debug Report for Browser display
$report =3D $noteipn . "\r\n" . "IPN Reply: " . $reply
.. "";
// IPN was Confirmed as both Genuine and VERIFIED
// for testing purposes
$message =3D "\r\nPosted variables\r\n";
$message .=3D $report."\r\n";
PErroremail("IPN Posted Variables!!",$message);
if (!strcmp ($reply, "VERIFIED")){
$member_price =3D ($_PAYPAL['payment_gross'] ==
"")?$_PAYPAL['amount3']:$_PAYPAL['mc_gross'];
$_PAYPAL['name2'] =3DEscapeString($_PAYPAL['first_name'])." ".
EscapeString($_PAYPAL['last_name']);
$email_ok =3D ($_PAYPAL['receiver_email'] ==
FROM_PAYPAL)?TRUE:FALSE;
$option_selection =3D
($_PAYPAL['option_selection1_1'])?$_PAYPAL['option_selection 1_1']:$_PAYPAL[=
'option_selection1'];
$option_selection2 =3D
($_PAYPAL['option_selection2_1'])?$_PAYPAL['option_selection 2_1']:$_PAYPAL[=
'option_selection2'];
if ($_PAYPAL['custom'] == "ce11c816"){
$User=3Dnew owner();
$User->owner_id=3D$_PAYPAL['item_number'];
$Price =3D $SystemInfo->_systemstatus['Owner Price'];
} elseif ($_PAYPAL['custom'] == "7523f185") {
$User=3Dnew Buyer();
$User->buyer_id=3D$_PAYPAL['item_number'];
$Price =3D $SystemInfo->_systemstatus['Buyer Price'];
}
$User->Load();
$User->GetPaymentHistory();
if ($email_ok == FALSE){
$message =3D "\r\nPossbile email fraud\r\n\r\n";
$message .=3D "Somebody used a different email than
what's on the account for ".$name_of_site."\r\n";
$message .=3D "here are the user's variables that where
sent.\r\n";
$message .=3D "[Resolution] =3D> $reply \r\n\r\n";
SendUserEmail(FROM,"paypal IPN email
Error!!",$message);
fclose ($socket);
exit;
} elseif ($_PAYPAL['txn_type'] == "send_money" OR
$_PAYPAL['txn_type'] == ""){
fclose ($socket);
exit;
} elseif ($_PAYPAL['txn_type'] == "reversal"){
// if reversal was submitted then we just update the
database.
// think about sending email to admin
fclose ($socket);
exit;
} elseif ($_PAYPAL['payment_status'] == "Pending" OR
$_PAYPAL['payment_status'] == "Refunded"){
// catch pending and refunded here but don't do
anything.
// might think about adding a emil to the user
//telling them it was pending
} elseif (($_PAYPAL['payment_status'] == "Completed") AND
(isset($option_selection2) AND $option_selection2 !=3D "" ) AND
(($_PAYPAL['txn_type'] == "subscr_payment"))){
// renewals only
if ($member_price < $Price){
$User->transId =3D $_PAYPAL['txn_type'];
$User->amount =3D $member_price;
$User->invoice =3D $_PAYPAL['invoice'];
$User->Rectype =3D "paypal";
$User->payer_email =3D $_PAYPAL['payer_email'];
$User->subscr_id=3D$_PAYPAL['subscr_id'];
$User->_type=3D$_PAYPAL['txn_type'];
$User->name2 =3D $_PAYPAL['name2'];
$User->txn_id =3D $_PAYPAL['txn_id'];
$User->UpdateFailedPrice();
$_PAYPAL['price_rrenew_fail'] =3D TRUE;
$message =3D "Somebody tried to change the price on
the purchase for ".$name_of_site."\r\n";
$message .=3D "here are the user's variables that
where sent.\r\n\r\n";
$message .=3D "[Resolution] =3D> $reply\r\n\r\n";
$message .=3D "[Expected Price] =3D> ".$Price."\r\n";
$message .=3D "[Price Sent from paypal] =3D>
$member_price\r\n";
$message .=3D "$report\r\n";
SendUserEmail(FROM, "IPN Error Renew
(price)!!",$message);
} else {
$fullname =3D $User->fname." ".$User->lname;
// Update your DB and Process this Payment
accordingly
// process payment
$User->Membership =3D
$SystemInfo->_systemstatus['Membership'];
$User->UpdateRenewPaypalPaid();
$_PAYPAL['renewal_set'] =3D TRUE;
$SignupEmail =3D str_replace("{PRICEPAID}",
$member_price,$SignupRenewConfirmEmail);
$SignupEmail =3D str_replace("{NAME}",
$fullname,$SignupEmail);
$SignupEmail =3D str_replace("{MONTHLY}",
$SystemInfo->_systemstatus['Membership'],$SignupEmail);
// setup the thank you email
SendUserEmail($_PAYPAL['payer_email'],
$SignupRenewConfirmEmailSubject, $SignupEmail);
PErroremail("IPN Success!!",$message);
}
} elseif (($_PAYPAL['payment_status'] == "Completed") AND
isset($_PAYPAL['invoice'])){
if ($member_price < $Price){
$User->transId =3D $_PAYPAL['txn_type'];
$User->amount =3D $member_price;
$User->invoice =3D $_PAYPAL['invoice'];
$User->Rectype =3D "paypal";
$User->payer_email =3D $_PAYPAL['payer_email'];
$User->subscr_id=3D$_PAYPAL['subscr_id'];
$User->_type=3D$_PAYPAL['txn_type'];
$User->name2 =3D $_PAYPAL['name2'];
$User->txn_id =3D $_PAYPAL['txn_id'];
$User->UpdateFailedPrice();
$_PAYPAL['pricefail'] =3D TRUE;
$message =3D "Somebody tried to change the price on
the purchase for ".$name_of_site."\r\n";
$message .=3D "here are the user's variables that
where sent.\r\n\r\n";
$message .=3D "[Resolution] =3D> $reply\r\n\r\n";
$message .=3D "[Expected Price] =3D> ".$Price."\r\n";
$message .=3D "[Price Sent from paypal] =3D>
$member_price\r\n";
$message .=3D "$report\r\n";
SendUserEmail(FROM,"IPN Error (price)!!",$message);
} else {
$fullname =3D $User->fname." ".$User->lname;
// Update your DB and Process this Payment
accordingly
// process payment
//if (!$User->pid){
$User->Membership =3D
$SystemInfo->_systemstatus['Membership'];
$User->UpdatePaypalPaid();
$_PAYPAL['signup_set'] =3D TRUE;
$SignupEmail =3D str_replace("{PRICEPAID}",
$member_price,$SignupConfirmEmail);
$SignupEmail =3D str_replace("{NAME}",
$fullname,$SignupEmail);
$SignupEmail =3D str_replace("{MONTHLY}",
$SystemInfo->_systemstatus['Membership'],$SignupEmail);
// setup the thank you email
SendUserEmail($_PAYPAL['payer_email'],
$SignupConfirmEmailSubject, $SignupEmail);
PErroremail("IPN Success!!",$message);
//}
}
} elseif ($_PAYPAL['payment_status'] !=3D "Pending"){
$message =3D "\r\nPossbile fraud\r\n\r\n";
$message .=3D "Somebody sent a txn_type that is not
regonized by this script.\r\n";
$message .=3D "Check the user id and the method of
payment, either txn_type or payment_status \r\n";
$message .=3D "as these are what was picked by the user.
Counld be nothing but double check.\r\n\r\n";
$message .=3D "$report\n\r";
PErroremail("IPN Error!!",$message);
} else {
$message =3D "\r\nPossbile fraud\r\n\r\n";
$message .=3D "Somebody sent a txn_type that is not
regonized by this script.\r\n";
$message .=3D "Somebody just accessed this scrpt by some
other means. Possible trying to force a payment\r\n";
$message .=3D "as these are what was picked by the user.
Counld be nothing but double check.\r\n\r\n";
$message .=3D "[IP of visitor] =3D>
"$_SERVER['REMOTE_ADDR']."\n\r";
$message .=3D "[Referer] =3D>
"$_SERVER['HTTP_REFERER']."\n\r";
$message .=3D "$report\n\r";
PErroremail("IPN Error nothing set??!!",$message);
}
} elseif (!strcmp ($reply, "INVALID")){// IPN was Not Validated as
Genuine and is INVALID
// Check your code for any Post back Validation problems
// Investigate the Fact that this Could be a spoofed IPN
// If updating your DB, Ensure this "txn_id" is Not a Duplicate
#echo "Result: $res"; // Remove: # for Testing
// store invalid code here
mysql_query("UPDATE ".TABLE_PREFIX."pay_history SET
rectype=3D'paypal', txn_id=3D'{$_PAYPAL['txn_id']}',
subscr_id=3D'{$_PAYPAL['subscr_id']}',payment_status=3D'$rep ly',
_type=3D'{$_PAYPAL['txn_type']}',status=3D'5',price=3D'$memb er_price',
invoice=3D'{$_PAYPAL['invoice']}' WHERE siteid =3D
'{$_PAYPAL['item_number1']}'") OR die(mysql_error());
$message =3D "\r\nPossible credit fraud!!\r\n\r\n";
$message .=3D "here are the user's variables that where
sent.\r\n";
$message .=3D "check payment_status as it should be
INVALID\r\n\r\n";
$message .=3D "$report\r\n\r\n";
PErroremail("IPN Invalid info",$message);
} else {
// Just incase Something serious Should ever Happen!
$message =3D "
variables\r\n\r\n";
$message .=3D "here are the user's variables that where
sent.\r\n";
$message .=3D "check payment_status as it should be
INVALID\r\n\r\n";
$message .=3D "$report\r\n\r\n";
PErroremail("IPN Invalid info",$message);
}
}
// Terminate the Socket connection and Exit
fclose ($socket);
exit;
?>
Norman Peelman wrote:
> wrote in message
> news:1152868170.266831.151950@m73g2000cwd.googlegroups.com.. .
> > Thanks,
> >
> > We do have some logging in place which is recording empty post
> > variables so it does seem that the data is not actually reaching our
> > server.
> >
> > thanks
> > Tim
>=20
> Can you post the code...
>=20
> Norm