cURL from a Secure Server?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

nyfael
Forum Commoner
Posts: 32
Joined: Thu Sep 21, 2006 2:28 am

Post by nyfael »

Lol, I know they don't know, I meant why would they block whatever situation this is.

If you can get this working: https://www.paypal.com/IntegrationCente ... amples.zip

That's the whole package, and I'm trying to do DoDirectPayment. The constants file might be enough data for you to do it:

Code: Select all

<?php
/****************************************************
constants.php

This is the configuration file for the samples.This file
defines the parameters needed to make an API call.

PayPal includes the following API Signature for making API
calls to the PayPal sandbox:

API Username 	sdk-three_api1.sdk.com
API Password 	QFZCWN5HZM8VBG7Q
API Signature 	A-IzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzmOU

Called by CallerService.php.
****************************************************/

/**
# API user: The user that is identified as making the call. you can
# also use your own API username that you created on PayPal’s sandbox
# or the PayPal live site
*/

define('API_USERNAME', 'sdk-three_api1.sdk.com');

/**
# API_password: The password associated with the API user
# If you are using your own API username, enter the API password that
# was generated by PayPal below
# IMPORTANT - HAVING YOUR API PASSWORD INCLUDED IN THE MANNER IS NOT
# SECURE, AND ITS ONLY BEING SHOWN THIS WAY FOR TESTING PURPOSES
*/

define('API_PASSWORD', 'QFZCWN5HZM8VBG7Q');

/**
# API_Signature:The Signature associated with the API user. which is generated by paypal.
*/

define('API_SIGNATURE', 'A.d9eRKfd1yVkRrtmMfCFLTqa6M9AyodL0SJkhYztxUi8W9pCXF6.4NI');

/**
# Endpoint: this is the server URL which you have to connect for submitting your API request.
*/

define('API_ENDPOINT', 'https://api-3t.sandbox.paypal.com/nvp');
/**
USE_PROXY: Set this variable to TRUE to route all the API requests through proxy.
like define('USE_PROXY',TRUE);
*/
define('USE_PROXY',FALSE);
/**
PROXY_HOST: Set the host name or the IP address of proxy server.
PROXY_PORT: Set proxy port.

PROXY_HOST and PROXY_PORT will be read only if USE_PROXY is set to TRUE
*/
define('PROXY_HOST', '127.0.0.1');
define('PROXY_PORT', '808');

/* Define the PayPal URL. This is the URL that the buyer is
   first sent to to authorize payment with their paypal account
   change the URL depending if you are testing on the sandbox
   or going to the live PayPal site
   For the sandbox, the URL is
   https://www.sandbox.paypal.com/webscr&c ... out&token=
   For the live site, the URL is
   https://www.paypal.com/webscr&cmd=_expr ... out&token=
   */
define('PAYPAL_URL', 'https://www.sandbox.paypal.com/webscr&cmd=_express-checkout&token=');

/**
# Version: this is the API version in the request.
# It is a mandatory parameter for each API request.
# The only supported value at this time is 2.3
*/

define('VERSION', '3.0');

?>
Thanks,
Kerry
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

nyfael wrote:I meant why would they block whatever situation this is.
There's nothing blocked. curl just disagrees on the amount of data sent. Since the other server with a more recent version of libcurl does not complain I think it's a problem that has been fixed between the versions 7.10.3 and 7.15.1. Might have been an error in libcurl or a common error in some server implementations libcurl now just ignores.
I only have a 7.16 build of libcurl and can't test it with older versions right now.
You have ssh access to the server ... can you give the name and/or a link to the product you've purchased from 1&1? e.g. "Managed Server Business I"
nyfael
Forum Commoner
Posts: 32
Joined: Thu Sep 21, 2006 2:28 am

Post by nyfael »

Hmm - Should I ignore that error then? And have it continue? It makes me kind of weary when putting on life transactions on a site that's receiving errors.

I'm using the Linux Business Package.

I could setup something like WAMP and try to find that version cURL and test, see if that is infact the problem. I'm going to submit a request for 1&1 to upgrade its servers... which I can't exactly expect them to follow.

Any other ways I could upgrade the libcurl?

-Kerry
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

nyfael wrote:Any other ways I could upgrade the libcurl?
May be, but that depends on the server access.
nyfael wrote:I'm using the Linux Business Package.
They come in two flavours, managed and root. While I'm not sure what kind of access you have on a managed server a root server should be completely under your control, i.e. you can install what ever you like ...more or less ;)

btw: the feature pages for both types state that you have php4 and php5 available. Maybe you can switch to php5 using the control panel or writing a short mail to the support team.
nyfael
Forum Commoner
Posts: 32
Joined: Thu Sep 21, 2006 2:28 am

Post by nyfael »

I think its managed server - but the SSL server is different from the main hosting server, unfortunately. I don't think they give you access to that at all.

I don't think its a Root Server - it's the $9.99/mo deal.

Do you know if it would be a security leak to keep going with that error? (I could have it ignore that specific error)

Also going to ask Paypal support what they think of it.

-Kerry
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

If that's the only symptome I wouldn't call it "security risk", that's like crying wolf. On the other hand it's more than just an annoyance.
Anyway I wouldn't leave it as it is.
nyfael wrote:Also going to ask Paypal support what they think of it.
good idea. It might be a common problem.
nyfael
Forum Commoner
Posts: 32
Joined: Thu Sep 21, 2006 2:28 am

Post by nyfael »

Heh, just realized the easiest way to switch to PHP 5 is to use the .php5 tag. I tried using htaccess before but I can't upload it to the server - doesn't allow me to.

I remember trying it a while ago but I really didn't want to change the end of my tag... it worked. Holy crap. I've had this problem for 3 weeks, thanks to you I've pretty much solved it within 24 hours! You rock!

-Kerry

P.S. I'm still waiting from Paypal and 1&1 to see if there is another way, I still don't like using the .php5 tag, but I also might just use a mod_rewrite on this particular file.
Post Reply