IPN + mysql for paypal无法验证

时间:2012-02-18 04:35:06

标签: php mysql html paypal paypal-ipn

我一直在研究这个文件一段时间,我真的很困惑。我不知道为了不更新用户的硬币并将交易插入mySQL而付款我做错了。

我已经在沙盒paypal上使用了测试工具来测试IPN并且它返回成功。如果我遗漏任何其他信息 - 请告诉我。

我的config.php(只连接到mysql数据库)

<?php
session_start();
  include("database.php");
  if(!(@mysql_connect("$host","$user","$pass") && @mysql_select_db("$tablename"))) {
?>

这是我的IPN.php 

<?php
require("config.php");

// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$custom = $_POST['custom'];

if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
$pack = mysql_fetch_object(mysql_query("SELECT * FROM `c_pack` WHERE `name`='{$item_name}' AND `coins`='{$item_number}'"));
$user = mysql_fetch_object(mysql_query("SELECT * FROM `users` WHERE `id`='{$custom}'"));
if (
    ($receiver_email == $site->paypal) &&
    ($payment_amount == $pack->price) &&
    ($payment_status == 'Completed')
    ) {
mysql_query("UPDATE `users` SET `coins`=`coins`+'{$pack->coins}' WHERE `id`='{$custom}'");          
mysql_query("INSERT INTO `transactions` (user, points, pack, money, date) VALUES('{$user->login}', '{$pack->coins}', '{$item_name}', '{$payment_amount}', NOW())");
}
}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
?>

1 个答案:

答案 0 :(得分:1)

HAHA愚蠢我,需要把ssl://sandbox.paypal.com - 这是为了其他人的未来参考..记得设置你的按钮和fp到沙箱。我花了5个小时来搞清楚这一点。

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
相关问题
最新问题