嘿,我创建了这个脚本:
// Check to see there are posted variables coming into the script
if ($_SERVER['REQUEST_METHOD'] != "POST") die ("No Post Variables");
// Initialize the $req variable and add CMD key value pair
$req = 'cmd=_notify-validate';
// Read the post from PayPal
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// Now Post all of that back to PayPal's server using curl, and validate everything with PayPal
// Use CURL instead of PHP for this for a more universally operable script (not fsockopen)
//$url = "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_notify-validate;
$url = "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_notify-validate";
$curl_result=$curl_err='';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", "Content-Length: " . strlen($req)));
curl_setopt($ch, CURLOPT_HEADER , 0);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$curl_result = @curl_exec($ch);
$curl_err = curl_error($ch);
curl_close($ch);
$req = str_replace("&", "\n", $req); // Make it a nice list => Possibility to email it to yourselve for reporting
// Check that the result verifies
if (strpos($curl_result, "VERIFIED") !== false) {
$req .= "\n\nPaypal Verified OK";
} else {
$req .= "\n\nData NOT verified from Paypal!";
mail("me@myemail.de", "IPN interaction not verified", "$req", "From: me@myemail.de" );
exit();
}
/* CHECK THESE 4 THINGS BEFORE PROCESSING THE TRANSACTION, HANDLE THEM AS YOU WISH
1. Make sure that business email returned is your business email
2. Make sure that the transaction’s payment status is “completed”
3. Make sure there are no duplicate txn_id
4. Make sure the payment amount matches what you charge for items. (Defeat Price-Jacking) */
// Connect to database -------------------------------------------------------------------------------------------------------
define('SECURE', true);
require_once 'connect_to_mysql.php';
$errors = array();
// PAYMENT VALID
// Check payment status
if ($_POST['payment_status'] != 'Completed') {
$errors[] .= "Payment not completed";
}
// Check seller e-mail
if ($_POST['receiver_email'] != 'email@gmx.de') {
$errors[] .= "Incorrect seller e-mail";
}
// Compare the amount received on PayPal with the price you charged for the product or service
if ($_POST['mc_gross'] != '100.00') {
$errors[] .= "Incorrect product price";
}
// Check the currency code
if ($_POST['mc_currency'] != 'USD') {
$errors[] .= "Incorrect currency code";
}
// Check transaction id
$txn_id = mysqli_real_escape_string($_POST['txn_id']);
$sql = "SELECT COUNT(*) AS count FROM `transactions` WHERE `txn_id` = $txn_id";
$q = mysqli_query($mysqli, $sql);
$f = mysqli_fetch_array($q);
if($f['count'] > 0) {
$errors[] .= “Transaction already processed”;
} else {
// Transaction not processed, store it in the database
$payer_email = mysqli_real_escape_string($_POST['payer_email']);
$mc_gross = mysqli_real_escape_string($_POST['mc_gross']);
$insert = mysqli_query($mysqli, “INSERT INTO transactions (`txn_id`, `payer_email`,`mc_gross`)
VALUES ($txn_id,$payer_email,$mc_gross)”);
}
if (count($errors) > 0) {
$ftp_pfad = "http://www.example.eu.pn";
$folder = "transactions";
$subfolder = "Ordner";
$pathBase1 = $ftp_pfad.'/'.$folder;
$pathBase2 = $ftp_pfad.'/'.$folder.'/'.$subfolder;
mkdir("/srv/disk8/1391019/www/example.eu.pn/$folder", 0755);
} else {
$ftp_pfad = "http://www.example.eu.pn";
$folder = "transactions";
$subfolder = "Ordner";
$pathBase1 = $ftp_pfad.'/'.$folder;
$pathBase2 = $ftp_pfad.'/'.$folder.'/'.$subfolder;
mkdir("/srv/disk8/1391019/www/example.eu.pn/$folder", 0755);
// PayPal payment is valid
// Process order here
}
mysqli_close($mysqli);
当我查看我的沙盒帐户时,会发送资金,但我必须接受它,为什么?而且,功能“mkdir”不起作用,有人可以帮帮我吗?我在沙箱帐户中进行了所有设置,但我仍然必须接受收款