我正在尝试更新使用PayPal结账的旧脚本。$auth_token变量等于我的业务帐户的身份令牌。
if ($_REQUEST['do'] == 'receipt')
{
$request = 'cmd=_notify-synch';
$tx_token = $_REQUEST['tx'];
$auth_token = $configtoken;
$request .= "&tx=$tx_token&at=$auth_token";
$headerx .= "POST /cgi-bin/webscr HTTP/1.1rn";
$headerx .= "Content-Type: application/x-www-form-urlencodedrn";
$headerx .= "Host: www.paypal.comrn";
$headerx .= "Content-Length: " . strlen ($request) . "rnrn";
$sock = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
if (!$sock)
{
$file = fopen($config['log'] . $_REQUEST['tx'] . '.datatrans', "w", 0);
fputs($file, "HTTP ERRORn");
fclose($file);
eval('$cartinfo .= "' . fetch_template('covercart_orderfailure') . '";');
} else
{
fputs($sock, $headerx . $request);
// read the body data
$result = '';
$headerdone = false;
while (!feof($sock))
{
$line = fgets($sock, 1024);
if (strcmp($line, "rn") == 0)
{
// read the header
$headerdone = true;
} else
if ($headerdone)
{
// header has been read. now read the contents
$result .= $line;
}
}
// parse the data
$lines = explode("n", $result);
$keyarray = array();
if (!strcmp($lines[0], "SUCCESS") == 0)
{
$file = fopen($config['log'] . $_REQUEST['tx'] . '.datatrans', "w", 0);
fputs($file, "COULD NOT VALIDATEn");
fclose($file);
eval('$cartinfo .= "' . fetch_template('covercart_orderfailure') . '";');
} else
{
for ($i = 1; $i < count($lines); $i++)
{
list($key, $val) = explode("=", $lines[$i]);
$keyarray[urldecode($key)] = urldecode($val);
}
$txn_id = $keyarray['txn_id'];
$item_name = $keyarray['item_name'];
$item_number = $keyarray['item_number'];
$payment_status = $keyarray['payment_status'];
$payer_email = $keyarray['payer_email'];
$product = explode("|", $item_number);
$item_array = explode("-", $product[1]);
$transamount = $_REQUEST['amt'];
$cm = urldecode($_REQUEST['cm']);
$transid = explode(":", $cm);
$transactionid = $transid[2];
$buyerid = $transid[0];
$transcookie = $transid[3];
$who = fetch_userinfo($buyerid);
$buyername = $who['username'];
$buyeremail = $who['email'];
$transamount = sprintf('%.2f', $transamount);
$mcgross = number_format(doubleval($_POST['mc_gross']), 2);
if ($item_name != 'renewal' and $transamount)
{
$verify = $db->query_first("SELECT amount FROM " . TABLE_PREFIX .
"covercartfraud WHERE transactionid='" . $transid[2] . "' AND userid='" . $buyerid .
"'");
if ($verify['amount'] <> $transamount)
{
$file = fopen($config['log'] . $_REQUEST['tx'] . '.datatrans', "w", 0);
fputs($file, "POSSIBLE FRAUD IP: " . $_SERVER['REMOTE_ADDR'] . " FROM PAYPAL: " .
$transamount . " VBCART TRANSACTION ID: " . $transid[2] . " USERID: " . $buyerid .
" FROM DB: " . $verify['amount'] . "n");
fclose($file);
eval(standard_error(fetch_error('covercart_invalidamount')));
}
}
还有一点远,但我觉得我需要关注的部分是在顶部。因为这是它与PayPal通信的地方。
当我向PayPal提交时,它将我发送到https://www.paypal.com/webapps/shoppingcart/error?flowlogging_id=3986eaa08f5be&code=AMOUNT_ERROR并显示Things don't appear to be working at the moment. Please try again later.
我做了以下更改,更新标题并在2个地方添加修剪(我认为是正确的),但当我试图结帐时,我仍然收到此错误。
$headerx .= "POST /cgi-bin/webscr HTTP/1.1rn";
$headerx .= "Content-Length: " . strlen($request) . "rn";
$headerx .= "Content-Type: application/x-www-form-urlencodedrn";
$headerx .= "Host: www.paypal.comrn";
$headerx .= "Connection: closernrn";
//$sock = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
$sock = fsockopen( 'tls://ipnpb.paypal.com', 443, $errno, $errstr, 30);
if (!$sock)
{
$file = fopen($config['log'] . $_REQUEST['tx'] . '.datatrans', "w", 0);
fputs($file, "HTTP ERRORn");
fclose($file);
eval('$cartinfo .= "' . fetch_template('covercart_orderfailure') . '";');
} else
{
fputs($sock, $headerx . $request);
// read the body data
$result = '';
$headerdone = false;
while (!feof($sock))
{
$line = fgets($sock, 1024);
if (strcmp(trim($line), "rn") == 0)
{
// read the header
$headerdone = true;
} else
if ($headerdone)
{
// header has been read. now read the contents
$result .= $line;
}
}
// parse the data
$lines = explode("n", $result);
$keyarray = array();
if (!strcmp(trim($lines[0]), "SUCCESS") == 0)
我的网站和PayPal之间的通信哪里出错了?
更新:我深入研究了我在url中注意到的AMOUNT_ERROR(这似乎很可疑),发现我的输入在需要发送1.00时提交了$1.00,删除了$,允许该过程通过。
这是一个很宽泛的问题,所以我的回答将会很宽泛。
从$request = 'cmd=_notify-synch';到$lines = explode("n", $result);,这是对PayPal的API调用。也许你可以从贝宝文档中查找那个呼叫开始。用PayPal PHP SDK取代代码的和平。该库将包含有关身份验证的信息,我认为它将告诉您将客户端ID和secret放在哪里。