过去几个月我一直在使用Sandbox测试我的网站,直到昨天一切都很顺利。现在,当我尝试付款时,我得到了上述错误。我甚至设置了额外的假用户帐户,但我得到了相同的结果。我没有触及IPN监听器PHP文件,所以我被卡住了。任何人都可以了解可能的原因吗?另一个奇怪的事情 - 监听器确实接收数据并正确更新数据库,但Paypal显示错误。
这是监听器文件(但请记住,我已经很长时间没有触及它了):
include_once 'functions.php';
$paypal = new PAYPAL_IPN('sandbox'); // change to 'live' for real paypal
$paypal->run();
class Paypal_IPN
{
/** @var string $_url The paypal url to go to through cURL*/
private $_url;
/**
* @param string $mode 'live' or 'sandbox'
*/
public function __construct($mode = 'live')
{
if ($mode == 'live')
$this->_url = 'https://www.paypal.com/cgi-bin/webscr';
else
$this->_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
}
public function run()
{
$postFields = 'cmd=_notify-validate';
$product_price1 = 7.50;
$product_price2 = 13.50;
$product_price3 = 19.00;
$currency_code = 'USD';
foreach($_POST as $key => $value)
{
$postFields .= "&$key=".urlencode($value);
}
$ch = curl_init();
curl_setopt_array($ch, array(
CURLOPT_URL => $this->_url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $postFields
));
$result = curl_exec($ch);
curl_close($ch);
$fh = fopen('result.txt', 'w');
fwrite($fh, $result .' ... '. $postFields);
fclose($fh);
if (strcmp ($result, "VERIFIED") == 0) { // PAYMENT VALID
$errors = array();
// Check payment status
if ($_POST['payment_status'] != 'Completed') {
$errors[] .= "Payment not completed";
}
// Check seller e-mail
if ($_POST['receiver_email'] != 'salesfmp@fixmypixels.net') {
$errors[] .= "Incorrect seller e-mail";
}
// Check the currency code
if ($_POST['mc_currency'] != $currency_code) {
$errors[] .= "Incorrect currency code";
}
// Check transaction id
$txn_id = ($_POST['txn_id']);
$sql = "SELECT COUNT(*) AS count FROM repairs WHERE txn_id = '$txn_id'";
$q = mysql_query($sql);
$f = mysql_fetch_array($q);
} // end of if (strcmp ($result, "VERIFIED") == 0)
if($f['count'] > 0) {
$errors[] .= "Transaction already processed";
}
else
{
if (count($errors) > 0) {
// IPN data is incorrect - possible fraud
// It is a good practice to send the transaction details to your e-mail and investigate manually
// Email Headers
$headers = "From: salesfmp@email.net \r\n";
$headers .= "Reply-To: . salesfmp@email.net \r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
$message = "Transaction number = ".$txn_id." ..... IPN failed fraud checks " . print_r( $errors, true );
mail('joe@email.net', 'IPN Fraud Warning', $message, $headers);
}
else { // PayPal payment is valid and NO other errors
$verified = 1; // IPN transaction data is valid 1 = Verified, 0 = Invalid
$last_name = sanitizeString($_POST['last_name']); // buyer's last name
$first_name = sanitizeString($_POST['first_name']); // buyer's first name
$file_name = sanitizeString($_POST['file_name']); // submitted photo's file name
$payer_email = sanitizeString($_POST['payer_email']); // buyer's email address
$txn_type = sanitizeString($_POST['txn_type']); // should be = "web_accept"
$txn_id = sanitizeString($_POST['txn_id']); // transaction ID number - unique # from Paypal
$payment_date = sanitizeString($_POST['payment_date']); // Paypal's date of transaction
$payment_amount = sanitizeString($_POST['mc_gross']);
$_SESSION['payment_amount'] = $payment_amount; // used in paypal_success.php
if($payment_amount == $product_price1) {
$quantity = 1; // quantity purchased = 1
} elseif($payment_amount == $product_price2) {
$quantity = 2;
} elseif($payment_amount == $product_price3) {
$quantity = 3;
}
$payment_currency = sanitizeString($_POST['mc_currency']);
$addr_street = sanitizeString($_POST['address_street']);
$addr_city = sanitizeString($_POST['address_city']);
$addr_state = sanitizeString($_POST['address_state']);
$addr_zip = sanitizeString($_POST['address_zip']);
$addr_country_code = sanitizeString($_POST['address_country_code']);
$query = "INSERT INTO repairs (verified, last_name, first_name, file_name, payer_email, txn_type, txn_id, payment_date, qty, mc_gross, mc_currency, address_street, address_city, address_state, address_zip, address_country_code) VALUES ('$verified','$last_name', '$first_name', '$file_name', '$payer_email', '$txn_type', '$txn_id', '$payment_date', '$quantity', '$payment_amount', '$payment_currency', '$addr_street', '$addr_city', '$addr_state', '$addr_zip', '$addr_country_code')";
$res = mysql_query($query) or die();
} // end else () of if(count($errors) > 0)
} // end of else if($f['count'] > 0)
} // end of run()
} // end of Paypal_IPN class
?>