我读了一些试图解决我的问题的答案,但没有任何效果。以下代码来自https://github.com/Quixotix/PHP-PayPal-IPN
我已经做过的事情:
即使我使用ipn模拟器,这些尝试都不适合我。
<?php
// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');
// intantiate the IPN listener
include('PHP-PayPal-IPN-master/ipnlistener.php');
$listener = new IpnListener();
// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = true;
// try to process the IPN POST
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage());
exit(0);
}
if ($verified) {
$errmsg = ' <br/>'; // stores errors from fraud checks
// 1. Make sure the payment status is "Completed"
if ($_POST['payment_status'] != 'Completed') {
//simply ignore any IPN that is not completed
exit(0);
}
// 2. Make sure seller email matches your primary account email.
if ($_POST['receiver_email'] != 'seller@sandbox.com') {
$errmsg .= "'receiver_email' does not match: ";
$errmsg .= $_POST['receiver_email']."\n";
}
// 3. Make sure the amount(s) paid match
if ($_POST['mc_gross'] != '10') {
$errmsg .= "'mc_gross' does not match: ";
$errmsg .= $_POST['mc_gross']."\n";
}
// 4. Make sure the currency code matches
if ($_POST['mc_currency'] != 'USD') {
$errmsg .= "'mc_currency' does not match: ";
$errmsg .= $_POST['mc_currency']."\n";
}
// 5. Ensure the transaction is not a duplicate.
include_once("../includes/psl-config.php");
$mysqli = new mysqli(HOST, USER, PASSWORD, DATABASE);
$txn_id = mysqli_real_escape_string($mysqli, $_POST['txn_id']);
$sql = "SELECT COUNT(*) FROM paypal WHERE txn_id = '$txn_id'";
$r = mysqli_query($mysqli, $sql);
if (!$r) {
error_log(mysqli_error($mysqli));
exit(0);
}
$exists = $r;
if ($exists) {
$errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
} */
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
$body = "IPN failed fraud checks: \n$errmsg\n\n";
$body .= $listener->getTextReport();
mail('habitodigital@hotmail.com', 'IPN Fraud Warning', $body);
} else {
// add this order to a table of completed orders
if (isset($_POST['item_number'])) {
$item_number = $_POST['item_number'];
}
if($stmt = $mysqli->prepare("INSERT INTO paypal (item_number) VALUES (?)")){
$stmt->bind_param('s', $item_number);
$stmt->execute();
}else{
$errmsg .= "Error trying to insert into DB<br/>";
error_log(mysqli_error($mysqli));
}
// free user ads here
}
} else {
// manually investigate the invalid IPN
mail('habitodigital@hotmail.com', 'Invalid IPN', $listener->getTextReport());
}
?>
我一直收到欺诈邮件。有时候它会给我带来txn_id已经被处理了,但是如果没有插入数据库,怎么检查呢?
答案 0 :(得分:0)
当脚本为IPN验证返回INVALID时,您似乎收到了欺诈电子邮件,
$verified = $listener->processIpn();
IPN验证只有在发回PayPal时才会通过,与发送到您服务器的内容完全相同,除了真实的欺诈案例或恶意篡改数据外,语言编码很可能会导致差异。 PayPal与您的网站之间的IPN数据,最终导致无效结果。
最佳做法是,您可能需要检查您的PayPal帐户编码设置并将其设置为UTF-8,以确保所有类型的字符都可以正确格式化并避免验证失败。
登录PayPal帐户&gt;我的帐户&gt;个人资料&gt;语言编码&gt;更多选项