跟进my previous newbie question about Paypal,我有一个新的问题。
我已成功获得Paypal沙盒设置,并在我的服务器上实现了一个PHP“监听器”,当我测试我的Paypal支付按钮时,一切似乎都运行正常。所以我似乎有支付系统的基本骨架。
现在我对如何根据自己的需要定制下一步感到困惑。
要设置侦听器,我刚刚复制了the code offered on Paypal's site。我的希望和假设是,我可以在Paypal告诉我付款已到来的那一点找到该代码中的一个位置。
但是,我不清楚这一点。如果我根据付费或未付费设置某种“if”声明,我看不出我会测试什么价值。
我想要做的就是如果Paypal告诉我该人已付款,那么我的MySQL数据库中的标志将被标记为“已付款”。它应该是定期付款,因此如果下一次自动付款失败,那么数据库中的标志应标记为“未付款”。
我的代码中是否有一个地方可以作为添加我自己的自定义操作的起点?或者我是否需要完全使用其他代码库?
供参考,以下是有问题的PHP代码:
<?php
error_reporting(E_ALL ^ E_NOTICE);
$email = $_GET['ipn_email'];
$header = "";
$emailtext = "";
// Read the post from PayPal and add 'cmd'
$req = 'cmd=_notify-validate';
if (function_exists('get_magic_quotes_gpc'))
{
$get_magic_quotes_exists = true;
}
foreach ($_POST as $key => $value)
// Handle escape characters, which depends on setting of magic quotes
{
if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1)
{
$value = urlencode(stripslashes($value));
}
else
{
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// Post back to PayPal to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30);
// Process validation from PayPal
// TODO: This sample does not test the HTTP response code. All
// HTTP response codes must be handles or you should use an HTTP
// library, such as cUrl
if (!$fp)
{ // HTTP ERROR
}
else
{
// NO HTTP ERROR
fputs($fp, $header . $req);
while (!feof($fp))
{
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0)
{
// TODO:
// Check the payment_status is Completed
// Check that txn_id has not been previously processed
// Check that receiver_email is your Primary PayPal email
// Check that payment_amount/payment_currency are correct
// Process payment
// If 'VERIFIED', send an email of IPN variables and values to the
// specified email address
foreach ($_POST as $key => $value)
{
$emailtext .= $key . " = " . $value . "\n\n";
}
mail($email, "Live-VERIFIED IPN", $emailtext . "\n\n" . $req);
}
else if (strcmp($res, "INVALID") == 0)
{
// If 'INVALID', send an email. TODO: Log for manual investigation.
foreach ($_POST as $key => $value)
{
$emailtext .= $key . " = " . $value . "\n\n";
}
mail($email, "Live-INVALID IPN", $emailtext . "\n\n" . $req);
}
}
fclose($fp);
}
?>
答案 0 :(得分:2)
将数据库相关代码放在:
if (strcmp($res, "VERIFIED") == 0) {
//your database query here
答案 1 :(得分:2)
您有这样的评论:
> // TODO:
> // Check the payment_status is Completed
> // Check that txn_id has not been previously processed
> // Check that receiver_email is your Primary PayPal email
> // Check that payment_amount/payment_currency are correct
> // Process payment
> // If 'VERIFIED', send an email of IPN variables and values to the
> // specified email address
将您的代码放在此处:
if (strcmp($res, "VERIFIED") == 0)
{
...
}
答案 2 :(得分:2)
您必须更进一步,实施TODO步骤。
现在,PayPal有一个名为item_number的标准传递字段。您可以使用该字段传递数据库的订单ID:
<input type="hidden" name="item_number" value="<?php echo $OrderID ?>">
由于它是传递变量,PayPal将在IPN中回显此变量的值。因此,在您验证IPN并通过TODO列表后,请更新您的数据库:
// if ($_POST["payment_status"] == "Completed"
// && $_POST["receiver_email"] == the_email_you_use_in_business_field
// && etc etc
// )
"UPDATE Orders SET paid = 1 WHERE OrderID = {$_POST[item_number]}"
在数据库查询中使用POST变量之前验证并清理它们。
我现在看到您要处理定期付款。看起来并不直接: