I hate posting GOBS of code for other people to wade through, but I am just SO green
I am simply trying to figure out why this PayPal IPN script I got from someone does not work. The page just dies without giving any output!
I have added the variables at the top for testing purposes. I am not asking that someone debug this code, I would not be so brazen as to ask for others to do my work. I simply put the whole thing here so you can see what I have and perhaps help me figure out why the debugger is not working
Code: Select all
<?php
error_reporting(E_ALL);
ini_set('display_errors',1);
$invoice="00465";
$receiver_email="alex@asdf.net";
$item_name="item name";
$item_number="0003";
$quantity="5";
$payment_status="COMPLETED";
$pending_reason="PEND_RSN";
$payment_date="11/22/2007";
$payment_gross="54.00";
$payment_fee="1.25";
$txn_id="txn_id";
$txn_type="txn_type";
$first_name="FIRSTNAME";
$last_name="LASTNAME"
$address_street="123 MAIN STREET";
$address_city="NEYYORK";
$address_state="MAIN";
$address_zip="12345";
$address_country="US";
$address_status="GOOD";
$payer_email="alex@asdf.net";
$payer_status="GOOD";
$payment_type=" ";
$notify_version="1.5";
$verify_sign="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
//------------------------------------------------------------------
// Open log file (in append mode) and write the current time into it.
// Open the DB Connection. Open the actual database.
//-------------------------------------------------------------------
$log = fopen("log.txt", "a");
fwrite($log, "\n\nipn - " . gmstrftime ("%b %d %Y %H:%M:%S", time()) . "\n");
$db = mysql_connect("localhost", "XXXXXXXXX", "XXXXXXXXXXXX");
mysql_select_db("XXXXXXXXXXX",$db);
// Create a reply to validate the PayPal post. (Standard PayPal Code)
//This bit of code first creates a new array ($postvars) containing all of the values posted from PayPal.
//Then it begins a reply message ($req), with 'cmd=_notify-validate'
//Using a 'for' loop, it adds a list of posted vars in the format 'variable=value .
//------------------------------------------------
// Read post from PayPal system and create reply
// starting with: 'cmd=_notify-validate'...
// then repeating all values sent - VALIDATION.
//------------------------------------------------
$postvars = array();
while (list ($key, $value) = each ($HTTP_POST_VARS)) {
$postvars[] = $key;
}
$req = 'cmd=_notify-validate';
for ($var = 0; $var < count ($postvars); $var++) {
$postvar_key = $postvars[$var];
$postvar_value = $$postvars[$var];
$req .= "&" . $postvar_key . "=" . urlencode ($postvar_value);
}
//INFO: Note the values are urlencoded - this is the format in which data is transmitted in a post from a web page.
//The function 'urlencode':
// "Returns a string in which all non-alphanumeric characters except -_. have been replaced with a percent (%) sign followed by two hex digits and spaces encoded as plus (+) signs" (from the PHP manual).
//This is basically a method of transmitting an 8-bit character set in just 7-bits.
// Create an HTTP header for the reply message, open a connection...
//--------------------------------------------
// Create message to post back to PayPal...
// Open a socket to the PayPal server...
//--------------------------------------------
//$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
//$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
//$header .= "Content-Length: " . strlen ($req) . "\r\n\r\n";
//$fp = fsockopen ("www.sandbox.paypal.com", 80, $errno, $errstr, 30);
//============
// Write the transaction details to the log file.
//The log file is useful for debugging problems. You'll ideally never lose any details, and if the database is
//down for any reason, you need a backup..
//---------------------------------------------
$somecontent = "Add this to the file\n";
fwrite($log, "Vals: ".$invoice." ".$receiver_email." ".$item_name." ". $item_number." ". $quantity." ". $payment_status." ". $pending_reason." ".$payment_date. " ". $payment_gross." ". $payment_fee." ". $txn_id." ". $txn_type." ". $first_name." ". $last_name." ". $address_street." ". $address_city." ". $address_state . " ".$address_zip." ". $address_country." ". $address_status." ". $payer_email. " ". $payer_status." ". $payment_type." ". $notify_version." ". $verify_sign. "\ n");
//==============
//Check Connection...
//The variables $errstr and $errno are system variables which report details on the last error.
//----------------------------------------------------------------------
// Check HTTP connection made to PayPal OK, If not, print an error msg
//----------------------------------------------------------------------
if (!$fp) {
echo "$errstr ($errno)";
fwrite($log, "Failed to open HTTP connection!\n");
$res = "FAILED";
}
//Final Verification
//At last, the string of posted variables ($req) is sent to PayPal's server. When it receives it - the server gives a 'VERIFIED' response if the transaction was real and successful.
//--------------------------------------------------------
// If connected OK, write the posted values back, then...
//--------------------------------------------------------
else {
echo "Connected to paypal\n";
fwrite($log, "SUCCESFULLY Opened HTTP connection!\n");
fputs ($fp, $header . $req);
//-------------------------------------------
// ...read the results of the verification...
// If VERIFIED = continue to process the TX...
//-------------------------------------------
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
//If payment is complete, get the password from the database.
//If the payment status is 'Completed'... The payment wasn't by e-check. The transaction's complete.
//Using the 'while' construct to get the data into a local variable is just a convenience... We know that only 1 row will come back from the query.
//----------------------------------------------------------------------
// If the payment_status=Completed... Get the password for the product
// from the DB and email it to the customer.
//----------------------------------------------------------------------
if (strcmp ($payment_status, "Completed") == 0) {
//$qry = "SELECT password FROM products WHERE pid = \"$item_number\" ";
//$result = mysql_query($qry,$db);
//----------------------------------------------------------------------
// Create message. Send the email
// The message is created in the variable '$message' then sent using the PHP 'mail' function.
// Note the sender and reply-to info goes at the end.
//----------------------------------------------------------------------
//while ($myrow = mysql_fetch_row($result)) { $passwd = $myrow[0]; }
$message .= "Dear Customer,\n Thankyou for your order.\n\nThe password f or the item you ordered is: row[0]\n\nIf you have any problems, please contact us: \n\nsales\@yourdomain.com";
mail($payer_email, "Your Book Password...", $message, "From: ipn@yourdomain.com\nReply-To: sales@yourdomain.com");
}
//Handle Incomplete Transactions
//Inform the customer, and also inform yourself that something needs doing.
//----------------------------------------------------------------------
// If the payment_status is NOT Completed... You'll have to send the
// password later, by hand, when the funds clear...
//----------------------------------------------------------------------
else {
$message .= "Dear Customer,\n Thankyou for your order.\n\nThe password for the item you ordered will be sent to you when the funds have cleared.\n\nThankyou \n\nsales\@yourdomain.com";
mail($payer_email, "Your Book Password...", $message, "From: ipn@yourdomain.com\nReply-To: sales@yourdomain.com");
mail($receiver_email, "Incomplete PayPal TX...", "An incomplete transaction requires your attention.");
}
//Deal with 'Unverified' transactions
//If, for example, the transaction you just processed didn't originate with PayPal, but was an attempted hack - it would cause this error to occur. An invalid transaction needs human intervention.
//----------------------------------------------------------------
// ..If UNVerified - It's 'Suspicious' and needs investigating!
// Send an email to yourself so you investigate it.
//----------------------------------------------------------------
else {
mail($payer_email, "An Error Occurred...", "Dear Customer,\n an error occurred while PayPal was processing your order. It will be investigated by a human at the earliest opportunity.\n\nWe apologise for any inconvenience.", "From: ipn@yourdomain.com\nReply-To: sales@yourdomain.com");
mail($receiver_email, "Invalid PayPal TX...", "An invalid transaction requires your attention.");
}
}
}
//Insert Details Into DB
//The '\"' is placed around each of the variable to ensure that they appear in double quotes in the query string. This ensures that whatever they contain, they'll get inserted.
//--------------------------------------
// Insert Transaction details into DB.
//--------------------------------------
$qry = "INSERT into sales (
invoice, receiver_email, item_name, item_number, quantity, payment_status, pendi ng_reason, payment_date, payment_gross, payment_fee, txn_id, txn_type, first_nam e, last_name, address_street, address_city, address_state, address_zip, address_ country, address_status, payer_email, payer_status, payment_type, notify_version , verify_sign )
VALUES
( \"$invoice\", \"$receiver_email\", \"$item_name\", \"$item_number\", \"$quanti ty\", \"$payment_status\", \"$pending_reason\", \"$payment_date\", \"$payment_gr oss\", \"$payment_fee\", \"$txn_id\", \"$txn_type\", \"$first_name\", \"$last_na me\", \"$address_street\", \"$address_city\", \"$address_state\", \"$address_zip \", \"$address_country\", \"$address_status\", \"$payer_email\", \"$payer_status \", \"$payment_type\", \"$notify_version\", \"$verify_sign\" ) ";
$result = mysql_query($qry,$db);
// Close up.
//-------------------------------------------
// Close PayPal Connection, Log File and DB.
//-------------------------------------------
fclose ($fp);
fclose ($log);
mysql_close($db);
include "pypl-transc-log.txt";
?>