Page 1 of 1

paypal ipn problems

Posted: Sat Nov 13, 2004 9:16 pm
by ecaandrew
im having so much trouble with this, ive search everywhere, im trying to make it when they buy a single item, when they go to the return page, so it shows all the variables like TXN_ID, etc... so i can store in a mysql database, but the script they provide me isnt working or something, please help thanks.

Posted: Sat Nov 13, 2004 10:26 pm
by rehfeld
how do you want us to help you?

Posted: Sun Nov 14, 2004 5:51 am
by m3mn0n
Maybe instead of using what they provide, maybe make your own?

It's fairly simple, just basic variable parsing and then db insertion.

You might also want to use the security measures they provide to make sure the IPN variables are coming from PayPal and not someone else.

Posted: Sun Nov 14, 2004 8:41 am
by ecaandrew
whats happening is that the post variables arent being sent to the return page.

Posted: Sun Nov 14, 2004 8:56 am
by John Cartwright
show us the current code you have, and maybe the code they have provided if you want us to see what could be the problme.

Posted: Sun Nov 14, 2004 11:19 am
by rehfeld
ecaandrew wrote:whats happening is that the post variables arent being sent to the return page.

you need to log into your paypal account and goto the ipn settings. you need to specify the page you want paypal to POST details to, and this is not neccesarily the same page that users will(optionally) get redirected to.

which ipn code package are you using?

php_paypal? im familiar w/ that one.

i would highly recomend reading paypals documentation of the process. its a bit unorganized imo, but the info is there.

http://sandbox.paypal.com

Posted: Sun Nov 14, 2004 3:27 pm
by ecaandrew
ok heres how it goes, basically i have my order page


index.php
----------------------------------------------------------------------------------
if( ( $_POST['act'] == 'selected' ) && ( $_POST['agree'] == '1' ) )
{
print "<form action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">";
print "<input type=\"hidden\" name=\"cmd\" value=\"_xclick\">";
print "<input type=\"hidden\" name=\"business\" value=\"webmaster@splitnetworks.com\">";
print "<input type=\"hidden\" name=\"no_note\" value=\"1\">";
print "<input type=\"hidden\" name=\"currency_code\" value=\"USD\">";
print "<input type=\"hidden\" name=\"return\" value=\"http://www.templatenuke.com/order/order.php\">";
print "<input type=\"hidden\" name=\"rm\" value=\"2\">";
print "<input type=\"hidden\" name=\"cancel_return\" value=\"http://www.templatenuke.com/\">";
print "<input type=\"hidden\" name=\"item_name\" value=\"" . $row->templatename . " | Template Nuke\">";
print "<input type=\"hidden\" name=\"item_number\" value=\"" . $row->id . "\">";
print "<input type=\"hidden\" name=\"amount\" value=\"" . $row->price . "\">";
print "<input type=\"submit\" value=\" Purchase &raquo; \" style=\"font-weight: bold;\">";
print "</form>\n";
}
-------------------------------------------------------------------------------------

from here on everything is sent to paypal fine, i get the payment, and once he goes to the return page ORDER.php

order.php
--------------------------------------------------------------------------------
<?php
@mysql_connect("localhost", "1111", "1111") or die(mysql_error());
@mysql_select_db("111111") or die(mysql_error());


// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

if (!$fp) {
echo "ERROR";
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {


echo "Your order is complete! Check your email.";




}
else if (strcmp ($res, "INVALID") == 0) {
echo "ERROR";
}
}
fclose ($fp);
}
?>
--------------------------------------------------------------------------------------


no variables are sent to the order page, when they get to the order page, i get the darn error, any help is appreciated, and thankyou :)

Posted: Sun Nov 14, 2004 3:27 pm
by ecaandrew
or even the page is blank sometimes.

Posted: Sun Nov 14, 2004 10:36 pm
by rehfeld
try adding a scheme to the fsockopen call

eg 'https://www.paypal.com'

im not sure if http://www.paypal.com will work....

if that doesnt do it, you could also try logging the data from paypal, and whats sent to them. then just look at the files and see if anything is amis.

ok i got farther

Posted: Mon Nov 15, 2004 1:01 am
by ecaandrew
ok i tried that and i got this error


Warning: fsockopen(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/tnuke/public_html/order/done.php on line 21

Warning: fsockopen(): unable to connect to https://www.paypal.com:80 in /home/tnuke/public_html/order/done.php on line 21

Warning: fclose(): supplied argument is not a valid stream resource in /home/tnuke/public_html/order/done.php on line 97
------------------------------------------------------------
so i tried a different attempt, i tried payment data transfer code, and it worked! but when i tried to see if TXN_ID exist i get the error that it exist, and theres nothing in the database!!!


done.php
-------------------------------------------------------------------------
<?php
$db_hostname = "localhost";
$db_username = "user";
$db_password = "pass";
$db_database = "tnuke_templatenuke";

$mysql_connect = mysql_connect("$db_hostname","$db_username","$db_password") or die("Connection Failed!");
$db_select = mysql_select_db($db_database) or die("Database Failed!");

// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-synch';

$tx_token = $_GET['tx'];
$auth_token = "my token key is here";
$req .= "&tx=$tx_token&at=$auth_token";

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
// If possible, securely post back to paypal using HTTPS
// Your PHP server will need to be SSL enabled
// $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
// read the body data
$res = '';
$headerdone = false;
while (!feof($fp)) {
$line = fgets ($fp, 1024);
if (strcmp($line, "\r\n") == 0) {
// read the header
$headerdone = true;
}
else if ($headerdone)
{
// header has been read. now read the contents
$res .= $line;
}
}

// parse the data
$lines = explode("\n", $res);
$keyarray = array();
if (strcmp ($lines[0], "SUCCESS") == 0) {
for ($i=1; $i<count($lines);$i++){
list($key,$val) = explode("=", $lines[$i]);
$keyarray[urldecode($key)] = urldecode($val);
}

// process payment
$firstname = $keyarray['first_name'];
$lastname = $keyarray['last_name'];
$itemname = $keyarray['item_name'];
$amount = $keyarray['payment_gross'];
$txn_id = $keyarray['txn_id'];
$payment_status = $keyarray['payment_status'];
$receiver_email = $keyarray['receiver_email'];
$payment_currency = $keyarray['mc_currency'];

if ($payment_status != "Completed") {
print "payment not completed, <a href=http://templatenuke.com/order/buy.php?id=14>try agian</a>";exit;
}
if ($receiver_email != "webmaster@splitnetworks.com") {
print "emails dont match, <a href=http://templatenuke.com/order/buy.php?id=14>try agian</a>";exit;
}

$sql = mysql_query("SELECT txn_id FROM orders WHERE txn_id ='".$txn_id."'");
$row = mysql_fetch_array($sql);
if ($row['txn_id'] == "$txn_id") {
print "txn exist, <a href=http://templatenuke.com/order/buy.php?id=14>try agian</a>";
die;
}



include("/home/tnuke/public_html/inc/top.php");
echo ("<p><h3>Thank you for your purchase!</h3></p>");
echo ("<b>Payment Details</b><br>\n");
echo ("<li>Name: $firstname $lastname</li>\n");
echo ("<li>Item: $itemname</li>\n");
echo ("<li>Amount: $amount</li>\n");
echo ("<li>Order ID: $txn_id </li>\n");
echo ("");
include("/home/tnuke/public_html/inc/bottom.php");
}
else if (strcmp ($lines[0], "FAIL") == 0) {
// log for manual investigation
}

}

fclose ($fp);

?>
----------------------------------------------------------------------------------


it worked fine without the
$sql = mysql_query("SELECT txn_id FROM orders WHERE txn_id ='".$txn_id."'");
$row = mysql_fetch_array($sql);
if ($row['txn_id'] == "$txn_id") {
print "txn exist, <a href=http://templatenuke.com/order/buy.php?id=14>try agian</a>";
die;
}


but that doesnt make any sense!

Posted: Mon Nov 15, 2004 5:24 pm
by ecaandrew
anyone?