当我想在实时应用程序上执行Express Checkout方法时,我收到“错误:安全标头无效”。我已经使用有效的实时API凭据设置了API凭据,这是我从Business / Merchant帐户获得的.Api端点也处于正确的状态:https://api-3t.paypal.com/nvp。
我已经在沙箱中使用沙箱API凭证进行了测试。 api端点(https://api-3t.sandbox.paypal.com/nvp),它的工作正常。
我真的不知道出了什么问题。
我是否需要创建Paypal应用程序来进行实时API调用?
下面是我使用PHP curl进行API调用的代码。
class CakePalComponent extends Component {
/*
* Create your onetime paypal api config,
*/
/*
*set your paypal api mode sandbox/live
*/
private $PayPalMode = 'live';
/*
*set your paypal api username
*/
private $PayPalApiUsername = 'intllabresearchXXX@XXX.com';
/*
*set your paypal api password
*/
private $PayPalApiPassword = 'XXXXLIVEAPIPASSWORD';
/*
*set your paypal api signature
*/
private $PayPalApiSignature = 'XXXXLIVEAPISIGNATURE';
/*
*set your paypal currency code
*/
private $PayPalCurrencyCode = 'USD';
/*
*set your paypal return URL
*/
private $PayPalReturnURL = 'http://intllab.com/apps/posts/ppReturn/';
/*
*set your paypal cancel URL
*/
private $PayPalCancelURL = 'http://intllab.com/apps/posts/ppCancel/';
public function beforeFilter() {
//$this->Auth->allow('setExpressCheckout');
}
public function setExpressCheckout($ppdata) {
$paypalmode = ($this->PayPalMode == 'sandbox')?'.sandbox':'';
if (is_array($ppdata)) {
CakeSession::delete('SessionData');
foreach ($ppdata['items'] as $n => $item) {
//remove any array comes with
unset($ppdata['x']);
unset($ppdata['y']);
foreach ($item as $items) {
#if tax enable
if (isset($ppdata['tax'])) {
$tax = $ppdata['tax'];
} else {
$tax = null;
}
#if shipping enable
if (isset($ppdata['shipcost'])) {
$shipcost = $ppdata['shipcost'];
} else {
$shipcost = null;
}
#if ship discount enable
if (isset($ppdata['shipdiscount'])) {
$shipdiscount = $ppdata['shipdiscount'];
} else {
$shipdiscount = null;
}
#if handling cost enable
if (isset($ppdata['handlingcost'])) {
$handlingcost = $ppdata['handlingcost'];
} else {
$handlingcost = null;
}
#if insurance cost enable
if (isset($ppdata['insurancecost'])) {
$insurancecost = $ppdata['insurancecost'];
} else {
$insurancecost = null;
}
$tier = 'Tier'.' '.$items['tierid'].':-'.$items['tierdesc'];
#if items quantity is more than 1
$totalprice = $items['price']*$items['quantity'];
$grandtotal = $items['price']+$tax+$shipcost+$shipdiscount+$handlingcost+$insurancecost;
$ppdata = "&METHOD=SetExpressCheckout".
"&RETURNURL=".urlencode($this->PayPalReturnURL).
"&CANCELURL=".urlencode($this->PayPalCancelURL).
"&PAYMENTREQUEST_0_PAYMENTACTION=".urlencode("SALE").
"&L_PAYMENTREQUEST_0_NAME0=".urlencode($items['name']).
"&L_PAYMENTREQUEST_0_NUMBER0=".urlencode($items['id']).
"&L_PAYMENTREQUEST_0_DESC0=".urlencode($tier).
"&L_PAYMENTREQUEST_0_AMT0=".urlencode($items['price']).
"&L_PAYMENTREQUEST_0_QTY0=".urlencode($items['quantity']).
"&NOSHIPPING=0".
"&PAYMENTREQUEST_0_ITEMAMT=".urlencode($totalprice).
"&PAYMENTREQUEST_0_TAXAMT=".urlencode($tax).
"&PAYMENTREQUEST_0_SHIPPINGAMT=".urlencode($shipcost).
"&PAYMENTREQUEST_0_SHIPDISCAMT=".urlencode($shipdiscount).
"&PAYMENTREQUEST_0_HANDLINGAMT=".urlencode($handlingcost).
"&PAYMENTREQUEST_0_INSURANCEAMT=".urlencode($insurancecost).
"&PAYMENTREQUEST_0_AMT=".urlencode($grandtotal).
"&PAYMENTREQUEST_0_CURRENCYCODE=".urlencode($this->PayPalCurrencyCode).
"&PAYMENTREQUEST_0_PAYMENTREQUESTID=".urlencode($items['tier_id']).
"&LOCALECODE=GB".
"&LOGOIMG=http://intllab.com/apps/theme/V6/img/images/logov2longB.png".
#site logo
"&CARTBORDERCOLOR=FFFFFF".
#border color of cart
"&ALLOWNOTE=1";
#write session
CakeSession::write('SessionData', array(
'tier_id' => $items['tier_id'],
'item_name' => $items['name'],
'item_number' => $items['id'],
'item_description' => $tier,
'item_price' => $items['price'],
'item_quantity' => $items['quantity'],
'totalprice' => $totalprice,
'tax' => $tax,
'shipcost' => $shipcost,
'shipdiscount' => $shipdiscount,
'handlingcost' => $handlingcost,
'insurancecost' => $insurancecost,
'grandtotal' => $grandtotal,
));
#begin api contact,execute setExpressCheckout
$httpParsedResponseAr = $this->httpPost('SetExpressCheckout', $ppdata, $this->PayPalApiUsername, $this->PayPalApiPassword, $this->PayPalApiSignature, $this->PayPalMode);
if ("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) {
$paypalurl = 'https://www'.$paypalmode.'.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token='.$httpParsedResponseAr["TOKEN"].'';
header('Location:'.$paypalurl);
exit;
} else {
echo 'From CakePal: Error! '.urldecode($httpParsedResponseAr["L_LONGMESSAGE0"]).'</div>';
}
}
}
} else {
return false;
}
}
public function doExpressCheckoutPayment($token, $payerID) {
$sessionData = CakeSession::read('SessionData');
$ppdata = '&TOKEN='.urlencode($token).
'&PAYERID='.urlencode($payerID).
'&PAYMENTREQUEST_0_PAYMENTACTION='.urlencode("SALE").
'&L_PAYMENTREQUEST_0_NAME0='.urlencode($sessionData['item_name']).
'&L_PAYMENTREQUEST_0_NUMBER0='.urlencode($sessionData['item_number']).
'&L_PAYMENTREQUEST_0_DESC0='.urlencode($sessionData['item_description']).
'&L_PAYMENTREQUEST_0_AMT0='.urlencode($sessionData['item_price']).
'&L_PAYMENTREQUEST_0_QTY0='.urlencode($sessionData['item_quantity']).
'&PAYMENTREQUEST_0_ITEMAMT='.urlencode($sessionData['totalprice']).
'&PAYMENTREQUEST_0_TAXAMT='.urlencode($sessionData['tax']).
'&PAYMENTREQUEST_0_SHIPPINGAMT='.urlencode($sessionData['shipcost']).
'&PAYMENTREQUEST_0_HANDLINGAMT='.urlencode($sessionData['handlingcost']).
'&PAYMENTREQUEST_0_SHIPDISCAMT='.urlencode($sessionData['shipdiscount']).
'&PAYMENTREQUEST_0_INSURANCEAMT='.urlencode($sessionData['insurancecost']).
'&PAYMENTREQUEST_0_PAYMENTREQUESTID='.urlencode($sessionData['tier_id']).
'&PAYMENTREQUEST_0_AMT='.urlencode($sessionData['grandtotal']).
'&PAYMENTREQUEST_0_CURRENCYCODE='.urlencode($this->PayPalCurrencyCode);
#begin api contact,execute doExpressCheckoutPayment
$httpParsedResponseAr = $this->httpPost('DoExpressCheckoutPayment', $ppdata, $this->PayPalApiUsername, $this->PayPalApiPassword, $this->PayPalApiSignature, $this->PayPalMode);
if ("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) {
return true;
} else {
return $httpParsedResponseAr["L_LONGMESSAGE0"];
}
}
public function getExpressCheckoutDetails($token, $payerID) {
$ppdata = '&TOKEN='.urlencode($token);
#begin api contact,execute setExpressCheckoutDetails
$httpParsedResponseAr = $this->httpPost('GetExpressCheckoutDetails', $ppdata, $this->PayPalApiUsername, $this->PayPalApiPassword, $this->PayPalApiSignature, $this->PayPalMode);
if (strtoupper($httpParsedResponseAr["ACK"]) == "SUCCESS" || strtoupper($httpParsedResponseAr["ACK"]) == "SUCCESSWITHWARNING") {
return $httpParsedResponseAr;
} else {
return false;
}
CakeSession::destroy('SessionData');
}
function httpPost($methodName_, $nvpStr_, $PayPalApiUsername, $PayPalApiPassword, $PayPalApiSignature, $PayPalMode) {
$API_UserName = urlencode($this->PayPalApiUsername);
$API_Password = urlencode($this->PayPalApiPassword);
$API_Signature = urlencode($this->PayPalApiSignature);
$paypalmode = ($this->PayPalMode == 'sandbox')?'.sandbox':'';
$API_Endpoint = "https://api-3t".$paypalmode.".paypal.com/nvp";
$version = urlencode('119');
// Set the curl parameters.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
// Turn off the server and peer verification (TrustManager Concept).
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
$nvpreq = "METHOD=$methodName_&VERSION=$version&PWD=$API_Password&USER=$API_UserName&SIGNATURE=$API_Signature$nvpStr_";
curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
$httpResponse = curl_exec($ch);
if (!$httpResponse) {
exit("$methodName_ failed: " .curl_error($ch).'('.curl_errno($ch).')');
}
$httpResponseAr = explode("&", $httpResponse);
$httpParsedResponseAr = array();
foreach ($httpResponseAr as $i => $value) {
$tmpAr = explode("=", $value);
if (sizeof($tmpAr) > 1) {
$httpParsedResponseAr[$tmpAr[0]] = $tmpAr[1];
}
}
if ((0 == sizeof($httpParsedResponseAr)) || !array_key_exists('ACK', $httpParsedResponseAr)) {
exit("Invalid HTTP Response for POST request($nvpreq) to $API_Endpoint.");
}
return $httpParsedResponseAr;
}
}
非常感谢你的时间。
答案 0 :(得分:1)
此错误表示您未使用正确的API凭据。
如果凭据正确,请查看您的终端。
沙盒凭据在生产环境中无效,而实时凭据将在沙箱中生成此错误