PHP-PayPal IPN 301永久移动

时间:2018-08-01 21:48:47

标签: php html iis paypal paypal-ipn

我曾经使用过多次用PHP编写的PayPal IPN脚本,但是现在却遇到了这个错误。

[07/31/2018 4:42 PM] - FAIL: IPN Validation Failed.
IPN POST Vars from Paypal:

    IPN Response from Paypal Server:
     HTTP/1.1 301 Moved Permanently
    Server: AkamaiGHost
    Content-Length: 0
    Location: https://www.paypal.com/smarthelp/article/how-do-i-check-and-update-my-web-browser-faq3893
    Date: Tue, 31 Jul 2018 23:42:14 GMT
    Connection: close
    Set-Cookie: akavpau_ppsd=1533081134~id=4fddfa711d2216538f54014af27277b0; Domain=www.paypal.com; Path=/; Secure; HttpOnly
    Strict-Transport-Security: max-age=63072000

我正在使用Micah Carrick制作的脚本。我的编辑看起来像这样。 paypal.php

<?php
require('../inc/db.php');

define('LOG_FILE', 'ipn_results.log');
define('SSL_P_URL', 'https://www.paypal.com/cgi-bin/webscr');
define('SSL_SAND_URL','https://www.sandbox.paypal.com/cgi-bin/webscr');

class paypal_class {

   var $last_error;                 // holds the last error encountered

   var $ipn_log;                    // bool: log IPN results to text file?

   var $ipn_log_file;               // filename of the IPN log
   var $ipn_response;               // holds the IPN response from paypal   
   var $ipn_data = array();         // array contains the POST values for IPN

   var $fields = array();           // array holds the fields to submit to paypal

   function paypal_class() {

      // initialization constructor.  Called when a class is created.

      $this->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';

      $this->last_error = '';

      $this->ipn_log_file = '/ipn_results.log';
      $this->ipn_log = true; 
      $this->ipn_response = '';

      // populate $fields array with a few default values.  See the PayPal
      // documentation for a list of fields and their data types. These default
      // values can be overwritten by the calling script.

      $this->add_field('rm','2');           // Return method = POST
      $this->add_field('cmd','_xclick'); 

   }

   function add_field($field, $value) {


      $this->fields["$field"] = $value;
   }

   function submit_paypal_post() {


     echo "<html>\n";
     echo "<head><title>Processing Payment...</title>";
     echo "<body onLoad=\"document.forms['paypal_form'].submit();\">\n";
     echo "<center><h2>Please wait, your order is being processed and you";
     echo " will be redirected to the paypal website.</h2></center>\n";
     echo "<form method=\"post\" name=\"paypal_form\" ";
     echo "action=\"".$this->paypal_url."\">\n";

     foreach ($this->fields as $name => $value) 
     {
         echo "<input type=\"hidden\" name=\"$name\" value=\"$value\"/>\n";
      }
     echo "<center><br/><br/>If you are not automatically redirected to ";
     echo "paypal within 5 seconds...<br/><br/>\n";
     echo "<input type=\"submit\" value=\"Click Here\"></center>\n";
     echo "</body></html>\n";

   }

   function validate_ipn() {
    mysqli_query($db, "UPDATE matches SET status = 3");
      // parse the paypal URL
      $url_parsed=parse_url($this->paypal_url);        

      // read post data from PayPal and add 'cmd'
    $req = 'cmd=_notify-validate';
    if(function_exists('get_magic_quotes_gpc')) {
       $get_magic_quotes_exists = true;
    } 
    foreach ($myPost as $key => $value) {        
       if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { 
            $value = urlencode(stripslashes($value)); 
       } else {
            $value = urlencode($value);
       }
       $req .= "&$key=$value";
    }

      // open the connection to paypal
      $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); 
      if(!$fp) {

         // could not open the connection.  If loggin is on, the error message
         // will be in the log.
         $this->last_error = "fsockopen error no. $errnum: $errstr";
         $this->log_ipn_results(false);       
         mysqli_query($db, "UPDATE matches SET status = 5");
         return false;

      } else { 

         // Post the data back to paypal
         fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n"); 
         fputs($fp, "Host: $url_parsed[host]\r\n"); 
         fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n"); 
         fputs($fp, "Content-length: ".strlen($post_string)."\r\n"); 
         fputs($fp, "Connection: close\r\n\r\n"); 
         fputs($fp, $post_string . "\r\n\r\n"); 

         // loop through the response from the server and append to variable
         while(!feof($fp)) { 
            $this->ipn_response .= fgets($fp, 1024); 
         } 

         fclose($fp); // close connection
        mysqli_query($db, "UPDATE matches SET status = 8");
      }

      if (eregi("VERIFIED",$this->ipn_response)) {

         // Valid IPN transaction.
         $this->log_ipn_results(true);
         mysqli_query($db, "UPDATE matches SET status = 9");
         return true;       

      } else {

         // Invalid IPN transaction.  Check the log for details.
         $this->last_error = 'IPN Validation Failed.';
         $this->log_ipn_results(false);   
         mysqli_query($db, "UPDATE matches SET status = 6");
         return false;

      }

   }

   function log_ipn_results($success) {

      if (!$this->ipn_log) return;  // is logging turned off?

      // Timestamp
      $text = '['.date('m/d/Y g:i A').'] - '; 

      // Success or failure being logged?
      if ($success) $text .= "SUCCESS!\n";
      else $text .= 'FAIL: '.$this->last_error."\n";

      // Log the POST variables
      $text .= "IPN POST Vars from Paypal:\n";
      foreach ($this->ipn_data as $key=>$value) {
         $text .= "$key=$value, ";
      }

      // Log the response from the paypal server
      $text .= "\nIPN Response from Paypal Server:\n ".$this->ipn_response;

      // Write to log
      $fp=fopen($this->ipn_log_file,'a');
      fwrite($fp, $text . "\n\n"); 

      fclose($fp);  // close file
   }

   function dump_fields() {

      echo "<h3>paypal_class->dump_fields() Output:</h3>";
      echo "<table width=\"95%\" border=\"1\" cellpadding=\"2\" cellspacing=\"0\">
            <tr>
               <td bgcolor=\"black\"><b><font color=\"white\">Field Name</font></b></td>
               <td bgcolor=\"black\"><b><font color=\"white\">Value</font></b></td>
            </tr>"; 

      ksort($this->fields);
      foreach ($this->fields as $key => $value) {
         echo "<tr><td>$key</td><td>".urldecode($value)."&nbsp;</td></tr>";
      }

      echo "</table><br>"; 
   }
}     

paypal.class.php

<?php

    include_once('../inc/db.php');
    require ('../inc/steamauth.php');

    function filter($var)
        {
            return stripslashes(htmlspecialchars($var));
        }

    require_once('paypal.class.php');  // include the class file
    $p = new paypal_class; 
    $p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';

    $this_script = 'https://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];


    if (empty($_GET['action'])) $_GET['action'] = 'process';  

    switch ($_GET['action']) {

       case 'process':

       $teamid = mysqli_real_escape_string($db, $_POST['teamid']);
       $type = mysqli_real_escape_string($db, $_POST['type']);

        switch($type) {

        case 'me':
            $cost = '0.01';
        break;

        case 'team':
            $cost = '0.01';
        break;

        }

          $p->add_field('business', 'MY EMAIL');
          $p->add_field('return', 'https://'.$_SERVER['HTTP_HOST']); //The success URL
          $p->add_field('custom', $teamid);
          $p->add_field('cancel_return', 'http://'.$_SERVER['HTTP_HOST']); // The "canceled" URL
          $p->add_field('notify_url', $this_script.'?action=ipn'); //The IPN URL, the URL pointing to THIS page.
          $p->add_field('item_number', filter($_POST['type']));
          $p->add_field('item_name', $_POST['type'] . '');
          $p->add_field('amount', $cost); // How ever much the VIP cost.

          $p->submit_paypal_post();

          break;

          case 'ipn':

          $db = mysqli_connect("localhost", "root", "*****", "***");

$problem =  mysqli_query($db, "UPDATE matches SET status = '1'");

          if ($p->validate_ipn()) {

              $complete = mysqli_query($db, "UPDATE matches SET status = '2'");

        }
          break;
     }     

    ?>

我已经尝试了在StackOverflow上找到的多个修复程序。大多数情况下是代码编辑,但我认为这可能不是问题。我尝试禁用防火墙,以查看是否最终阻止了某些PayPal IP。但这不是问题。

我也尝试了PHP 5.3.8和PHP 7.2.7,但都没有用,我在Windows 2016 VPS的IIS 10上运行了此脚本。我还在网站上使用SSL证书,但也尝试过不使用它。

我知道IPN URL是正确的,因为它完成了我想要的所有事情,除了验证IPN。但是价格是正确的,付款会通过。 如您所见,查询 $ problem 甚至可以执行,但查询 $ complete 却没有,这正是我所需要的。

有人知道这可能是由什么引起的吗?

1 个答案:

答案 0 :(得分:0)

2月份的PayPal电子邮件:

语录:” 我们还鼓励您与您的Web托管公司,电子商务软件提供商或内部Web程序员/系统管理员联系,以在需要时对实施这些更改提供进一步的帮助。 本电子邮件中以及TLS 1.2和HTTP / 1.1升级微型网站上提供的预定更改日期可能会更改。请监视我们的TLS 1.2和HTTP / 1.1升级微型网站,以获取最新信息。 以下是与安全更新有关的一些关键点,我们将在2017年6月30日之后开始实施这些安全更新,我们强烈建议您的系统兼容,以确保您的业务不受干扰: •PayPal沙盒或测试环境已升级为仅允许TLS 1.2和HTTP / 1.1连接。 •2017年6月30日之后,所有生产端点将更新为仅接受TLS 1.2和HTTP / 1.1连接。请注意,如果您尚未对系统进行必要的升级以使其合规,则您的企业将无法接受付款在完成所需的更改之前,请使用PayPal。 •提供了一个验证端点,可以在https://tlstest.paypal.com上找到该端点,并具有最新的安全标准,因此客户可以快速检查其系统是否准备在2017年6月30日之后接受交易。 “

报价:“将IPN验证回发到HTTPS –在2017年6月30日之前完成 需要更新:是”

Micah暂时没有更新他的脚本,但是这个脚本应该可以为您工作: https://github.com/xtuc/Paypal-ipn-SDK/blob/master/paypal.class.php