我曾经使用过多次用PHP编写的PayPal IPN脚本,但是现在却遇到了这个错误。
[07/31/2018 4:42 PM] - FAIL: IPN Validation Failed.
IPN POST Vars from Paypal:
IPN Response from Paypal Server:
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.paypal.com/smarthelp/article/how-do-i-check-and-update-my-web-browser-faq3893
Date: Tue, 31 Jul 2018 23:42:14 GMT
Connection: close
Set-Cookie: akavpau_ppsd=1533081134~id=4fddfa711d2216538f54014af27277b0; Domain=www.paypal.com; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000
我正在使用Micah Carrick制作的脚本。我的编辑看起来像这样。 paypal.php
<?php
require('../inc/db.php');
define('LOG_FILE', 'ipn_results.log');
define('SSL_P_URL', 'https://www.paypal.com/cgi-bin/webscr');
define('SSL_SAND_URL','https://www.sandbox.paypal.com/cgi-bin/webscr');
class paypal_class {
var $last_error; // holds the last error encountered
var $ipn_log; // bool: log IPN results to text file?
var $ipn_log_file; // filename of the IPN log
var $ipn_response; // holds the IPN response from paypal
var $ipn_data = array(); // array contains the POST values for IPN
var $fields = array(); // array holds the fields to submit to paypal
function paypal_class() {
// initialization constructor. Called when a class is created.
$this->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';
$this->last_error = '';
$this->ipn_log_file = '/ipn_results.log';
$this->ipn_log = true;
$this->ipn_response = '';
// populate $fields array with a few default values. See the PayPal
// documentation for a list of fields and their data types. These default
// values can be overwritten by the calling script.
$this->add_field('rm','2'); // Return method = POST
$this->add_field('cmd','_xclick');
}
function add_field($field, $value) {
$this->fields["$field"] = $value;
}
function submit_paypal_post() {
echo "<html>\n";
echo "<head><title>Processing Payment...</title>";
echo "<body onLoad=\"document.forms['paypal_form'].submit();\">\n";
echo "<center><h2>Please wait, your order is being processed and you";
echo " will be redirected to the paypal website.</h2></center>\n";
echo "<form method=\"post\" name=\"paypal_form\" ";
echo "action=\"".$this->paypal_url."\">\n";
foreach ($this->fields as $name => $value)
{
echo "<input type=\"hidden\" name=\"$name\" value=\"$value\"/>\n";
}
echo "<center><br/><br/>If you are not automatically redirected to ";
echo "paypal within 5 seconds...<br/><br/>\n";
echo "<input type=\"submit\" value=\"Click Here\"></center>\n";
echo "</body></html>\n";
}
function validate_ipn() {
mysqli_query($db, "UPDATE matches SET status = 3");
// parse the paypal URL
$url_parsed=parse_url($this->paypal_url);
// read post data from PayPal and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// open the connection to paypal
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
if(!$fp) {
// could not open the connection. If loggin is on, the error message
// will be in the log.
$this->last_error = "fsockopen error no. $errnum: $errstr";
$this->log_ipn_results(false);
mysqli_query($db, "UPDATE matches SET status = 5");
return false;
} else {
// Post the data back to paypal
fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n");
fputs($fp, "Host: $url_parsed[host]\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: ".strlen($post_string)."\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $post_string . "\r\n\r\n");
// loop through the response from the server and append to variable
while(!feof($fp)) {
$this->ipn_response .= fgets($fp, 1024);
}
fclose($fp); // close connection
mysqli_query($db, "UPDATE matches SET status = 8");
}
if (eregi("VERIFIED",$this->ipn_response)) {
// Valid IPN transaction.
$this->log_ipn_results(true);
mysqli_query($db, "UPDATE matches SET status = 9");
return true;
} else {
// Invalid IPN transaction. Check the log for details.
$this->last_error = 'IPN Validation Failed.';
$this->log_ipn_results(false);
mysqli_query($db, "UPDATE matches SET status = 6");
return false;
}
}
function log_ipn_results($success) {
if (!$this->ipn_log) return; // is logging turned off?
// Timestamp
$text = '['.date('m/d/Y g:i A').'] - ';
// Success or failure being logged?
if ($success) $text .= "SUCCESS!\n";
else $text .= 'FAIL: '.$this->last_error."\n";
// Log the POST variables
$text .= "IPN POST Vars from Paypal:\n";
foreach ($this->ipn_data as $key=>$value) {
$text .= "$key=$value, ";
}
// Log the response from the paypal server
$text .= "\nIPN Response from Paypal Server:\n ".$this->ipn_response;
// Write to log
$fp=fopen($this->ipn_log_file,'a');
fwrite($fp, $text . "\n\n");
fclose($fp); // close file
}
function dump_fields() {
echo "<h3>paypal_class->dump_fields() Output:</h3>";
echo "<table width=\"95%\" border=\"1\" cellpadding=\"2\" cellspacing=\"0\">
<tr>
<td bgcolor=\"black\"><b><font color=\"white\">Field Name</font></b></td>
<td bgcolor=\"black\"><b><font color=\"white\">Value</font></b></td>
</tr>";
ksort($this->fields);
foreach ($this->fields as $key => $value) {
echo "<tr><td>$key</td><td>".urldecode($value)." </td></tr>";
}
echo "</table><br>";
}
}
paypal.class.php
<?php
include_once('../inc/db.php');
require ('../inc/steamauth.php');
function filter($var)
{
return stripslashes(htmlspecialchars($var));
}
require_once('paypal.class.php'); // include the class file
$p = new paypal_class;
$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';
$this_script = 'https://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
if (empty($_GET['action'])) $_GET['action'] = 'process';
switch ($_GET['action']) {
case 'process':
$teamid = mysqli_real_escape_string($db, $_POST['teamid']);
$type = mysqli_real_escape_string($db, $_POST['type']);
switch($type) {
case 'me':
$cost = '0.01';
break;
case 'team':
$cost = '0.01';
break;
}
$p->add_field('business', 'MY EMAIL');
$p->add_field('return', 'https://'.$_SERVER['HTTP_HOST']); //The success URL
$p->add_field('custom', $teamid);
$p->add_field('cancel_return', 'http://'.$_SERVER['HTTP_HOST']); // The "canceled" URL
$p->add_field('notify_url', $this_script.'?action=ipn'); //The IPN URL, the URL pointing to THIS page.
$p->add_field('item_number', filter($_POST['type']));
$p->add_field('item_name', $_POST['type'] . '');
$p->add_field('amount', $cost); // How ever much the VIP cost.
$p->submit_paypal_post();
break;
case 'ipn':
$db = mysqli_connect("localhost", "root", "*****", "***");
$problem = mysqli_query($db, "UPDATE matches SET status = '1'");
if ($p->validate_ipn()) {
$complete = mysqli_query($db, "UPDATE matches SET status = '2'");
}
break;
}
?>
我已经尝试了在StackOverflow上找到的多个修复程序。大多数情况下是代码编辑,但我认为这可能不是问题。我尝试禁用防火墙,以查看是否最终阻止了某些PayPal IP。但这不是问题。
我也尝试了PHP 5.3.8和PHP 7.2.7,但都没有用,我在Windows 2016 VPS的IIS 10上运行了此脚本。我还在网站上使用SSL证书,但也尝试过不使用它。
我知道IPN URL是正确的,因为它完成了我想要的所有事情,除了验证IPN。但是价格是正确的,付款会通过。 如您所见,查询 $ problem 甚至可以执行,但查询 $ complete 却没有,这正是我所需要的。
有人知道这可能是由什么引起的吗?
答案 0 :(得分:0)
2月份的PayPal电子邮件:
语录:” 我们还鼓励您与您的Web托管公司,电子商务软件提供商或内部Web程序员/系统管理员联系,以在需要时对实施这些更改提供进一步的帮助。 本电子邮件中以及TLS 1.2和HTTP / 1.1升级微型网站上提供的预定更改日期可能会更改。请监视我们的TLS 1.2和HTTP / 1.1升级微型网站,以获取最新信息。 以下是与安全更新有关的一些关键点,我们将在2017年6月30日之后开始实施这些安全更新,我们强烈建议您的系统兼容,以确保您的业务不受干扰: •PayPal沙盒或测试环境已升级为仅允许TLS 1.2和HTTP / 1.1连接。 •2017年6月30日之后,所有生产端点将更新为仅接受TLS 1.2和HTTP / 1.1连接。请注意,如果您尚未对系统进行必要的升级以使其合规,则您的企业将无法接受付款在完成所需的更改之前,请使用PayPal。 •提供了一个验证端点,可以在https://tlstest.paypal.com上找到该端点,并具有最新的安全标准,因此客户可以快速检查其系统是否准备在2017年6月30日之后接受交易。 “
报价:“将IPN验证回发到HTTPS –在2017年6月30日之前完成 需要更新:是”
Micah暂时没有更新他的脚本,但是这个脚本应该可以为您工作: https://github.com/xtuc/Paypal-ipn-SDK/blob/master/paypal.class.php