1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem with Paypal IPN

Discussion in 'PHP & Perl' started by qlithe, Sep 18, 2014.

  1. qlithe

    qlithe Power Member

    Joined:
    Feb 14, 2012
    Messages:
    614
    Likes Received:
    96
    So sometimes it's working and sometimes it's not, giving a 403 error according to paypal. Here is my code:
    Code:
    <?php
    
    // STEP 1: read POST data
    
    
    // Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
    // Instead, read raw POST data from the input stream. 
    $raw_post_data = file_get_contents('php://input');
    $raw_post_array = explode('&', $raw_post_data);
    $myPost = array();
    foreach ($raw_post_array as $keyval) {
      $keyval = explode ('=', $keyval);
      if (count($keyval) == 2)
         $myPost[$keyval[0]] = urldecode($keyval[1]);
    }
    // read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
    $req = 'cmd=_notify-validate';
    if(function_exists('get_magic_quotes_gpc')) {
       $get_magic_quotes_exists = true;
    } 
    foreach ($myPost as $key => $value) {        
       if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { 
            $value = urlencode(stripslashes($value)); 
       } else {
            $value = urlencode($value);
       }
       $req .= "&$key=$value";
    }
    
    
     
    // STEP 2: POST IPN data back to PayPal to validate
    
    
    $ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
    curl_setopt($ch, CURLOPT_HTTP_VERSION, CwURL_HTTP_VERSION_1_1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
    curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
    
    
    // In wamp-like environments that do not come bundled with root authority certificates,
    // please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set 
    // the directory path of the certificate as shown below:
    // curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
    if( !($res = curl_exec($ch)) ) {
        // error_log("Got " . curl_error($ch) . " when processing IPN data");
        curl_close($ch);
        exit;
    }
    curl_close($ch);
     
    
    
    // STEP 3: Inspect IPN validation result and act accordingly
    
    
    if (strcmp ($res, "VERIFIED") == 0) {
        // The IPN is verified, process it:
        // check whether the payment_status is Completed
        // check that txn_id has not been previously processed
        // check that receiver_email is your Primary PayPal email
        // check that payment_amount/payment_currency are correct
        // process the notification
    
    
        // assign posted variables to local variables
        $item_name = $_POST['item_name'];
        $item_number = $_POST['item_number'];
        $payment_status = $_POST['payment_status'];
        $payment_amount = $_POST['mc_gross'];
        $payment_currency = $_POST['mc_currency'];
        $receiver_email = $_POST['receiver_email'];
    
    
    $email = $_POST['invoice'];
    $paypalemail = $_POST['payer_email'];
    $txn_id = $_POST['txn_id'];
    $note = $_POST['custom'];
    $numitems = $_POST['num_cart_items'];
    $itemz = '';
    
    
    for($qwe = 1;$qwe <= $numitems ;$qwe++){
    
    
       $itm_nameqwe = $_POST['item_name'.$qwe];
       $itm_quantityqwe= $_POST['quantity'.$qwe];
    
    
        $itemz .= $itm_quantityqwe . 'x ' . $itm_nameqwe . ';';
    
    
    }
    
    
    mysql_connect("localhost","removed","removed") or die(mysql_error());
    mysql_select_db("removed") or die(mysql_error());
    
    
    mysql_query("INSERT INTO orders (id, paypalemail, email, paypalid, note, items) VALUES(NULL, '". mysql_escape_string($paypalemail) ."', '". mysql_escape_string($email) ."', '". mysql_escape_string($txn_id) ."', '". mysql_escape_string($note) ."', '". mysql_escape_string($itemz) ."' ) ") or die(mysql_error()); 
    
    
    require 'removed/PHPMailerAutoload.php';
    
    
    $mail = new PHPMailer();
        $mail->CharSet = 'UTF-8';
        $mail->IsSMTP();
        $mail->SMTPAuth = true;
        $mail->SMTPSecure = 'ssl';
        $mail->Username = "removed";
        $mail->Password = "removed";
        $mail->AddAddress($email);
        $mail->FromName = "removed";
        $mail->Subject = "removed";
        $mail->IsHTML(true);
    
    
        $body = '<html>';
        $body .= '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
        $body .= '<center><br><br><br><br>';
        $body .= '<table width="500" height="150">';
        $body .= '<tr>';
        $body .= '<td height="80" bgcolor="#000000" valign="center">';
        $body .= '<center>';
        $body .= '<img src="removed">';
        $body .= '</center>';
        $body .= '</td>';
        $body .= '</tr>';
        $body .= '<tr>';
        $body .= '<td valign="center" bgcolor="#DDDDDD">';
        $body .= '<center>';
        $body .= '<b>removed</b><br><br>';
    
    
    for($i = 1;$i <= $numitems ;$i++){
    
    
       $itm_name = utf8_encode($_POST['item_name'.$i]);
       $itm_quantity= $_POST['quantity'.$i];
    
    
        $body .= $itm_quantity . 'x ' . $itm_name . '<br>';
    
    
    }
        $body .= '<br>'.utf8_encode($note);
    
    
        $body .= '</center>';
        $body .= '</td>';
        $body .= '</tr>';
        $body .= '</table>';
        $body .= '</center>';
        $body .= '</html>';
    
    
        $mail->Body = $body;
    
    
        $mail->Host = "smtp.gmail.com";
        $mail->Port = 465;
        $mail->From = $mail->Username;
        $mail->Send();
    
    
    // file_put_contents('test1.txt', print_r($_POST,true));
    
    
    
    
        // IPN message values depend upon the type of notification sent.
        // To loop through the &_POST array and print the NV pairs to the screen:
        foreach($_POST as $key => $value) {
          echo $key." = ". $value."<br>";
        }
    } else if (strcmp ($res, "INVALID") == 0) {
        // IPN invalid, log for manual investigation
        echo "The response from IPN was: <b>" .$res ."</b>";
    }
    ?>
    
    
    
    
    
    
    
    
    
    Does anyone have any idea what the problem could be?
     
  2. qlithe

    qlithe Power Member

    Joined:
    Feb 14, 2012
    Messages:
    614
    Likes Received:
    96
    Anyone got a clue? Would be happy to pay someone for this fix.
     
  3. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,468
    Likes Received:
    10,143
    Fill it with debug messages, trigger the error and examine the messages. Otherwise it's a wild guessing game.