我之前曾多次使用过用PHP编写的PayPal IPN脚本,但现在我遇到了这个错误。
[07/31/2018 4:42 PM] - FAIL: IPN Validation Failed.
IPN POST Vars from Paypal:
IPN Response from Paypal Server:
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.paypal.com/smarthelp/article/how-do-i-check-and-update-my-web-browser-faq3893
Date: Tue, 31 Jul 2018 23:42:14 GMT
Connection: close
Set-Cookie: akavpau_ppsd=1533081134~id=4fddfa711d2216538f54014af27277b0; Domain=www.paypal.com; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000
我用的是卡里克的剧本。我的编辑是这样的。paypal.php
<?php
require('../inc/db.php');
define('LOG_FILE', 'ipn_results.log');
define('SSL_P_URL', 'https://www.paypal.com/cgi-bin/webscr');
define('SSL_SAND_URL','https://www.sandbox.paypal.com/cgi-bin/webscr');
class paypal_class {
var $last_error; // holds the last error encountered
var $ipn_log; // bool: log IPN results to text file?
var $ipn_log_file; // filename of the IPN log
var $ipn_response; // holds the IPN response from paypal
var $ipn_data = array(); // array contains the POST values for IPN
var $fields = array(); // array holds the fields to submit to paypal
function paypal_class() {
// initialization constructor. Called when a class is created.
$this->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';
$this->last_error = '';
$this->ipn_log_file = '/ipn_results.log';
$this->ipn_log = true;
$this->ipn_response = '';
// populate $fields array with a few default values. See the PayPal
// documentation for a list of fields and their data types. These default
// values can be overwritten by the calling script.
$this->add_field('rm','2'); // Return method = POST
$this->add_field('cmd','_xclick');
}
function add_field($field, $value) {
$this->fields["$field"] = $value;
}
function submit_paypal_post() {
echo "<html>n";
echo "<head><title>Processing Payment...</title>";
echo "<body onLoad="document.forms['paypal_form'].submit();">n";
echo "<center><h2>Please wait, your order is being processed and you";
echo " will be redirected to the paypal website.</h2></center>n";
echo "<form method="post" name="paypal_form" ";
echo "action="".$this->paypal_url."">n";
foreach ($this->fields as $name => $value)
{
echo "<input type="hidden" name="$name" value="$value"/>n";
}
echo "<center><br/><br/>If you are not automatically redirected to ";
echo "paypal within 5 seconds...<br/><br/>n";
echo "<input type="submit" value="Click Here"></center>n";
echo "</body></html>n";
}
function validate_ipn() {
mysqli_query($db, "UPDATE matches SET status = 3");
// parse the paypal URL
$url_parsed=parse_url($this->paypal_url);
// read post data from PayPal and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// open the connection to paypal
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
if(!$fp) {
// could not open the connection. If loggin is on, the error message
// will be in the log.
$this->last_error = "fsockopen error no. $errnum: $errstr";
$this->log_ipn_results(false);
mysqli_query($db, "UPDATE matches SET status = 5");
return false;
} else {
// Post the data back to paypal
fputs($fp, "POST $url_parsed[path] HTTP/1.1rn");
fputs($fp, "Host: $url_parsed[host]rn");
fputs($fp, "Content-type: application/x-www-form-urlencodedrn");
fputs($fp, "Content-length: ".strlen($post_string)."rn");
fputs($fp, "Connection: closernrn");
fputs($fp, $post_string . "rnrn");
// loop through the response from the server and append to variable
while(!feof($fp)) {
$this->ipn_response .= fgets($fp, 1024);
}
fclose($fp); // close connection
mysqli_query($db, "UPDATE matches SET status = 8");
}
if (eregi("VERIFIED",$this->ipn_response)) {
// Valid IPN transaction.
$this->log_ipn_results(true);
mysqli_query($db, "UPDATE matches SET status = 9");
return true;
} else {
// Invalid IPN transaction. Check the log for details.
$this->last_error = 'IPN Validation Failed.';
$this->log_ipn_results(false);
mysqli_query($db, "UPDATE matches SET status = 6");
return false;
}
}
function log_ipn_results($success) {
if (!$this->ipn_log) return; // is logging turned off?
// Timestamp
$text = '['.date('m/d/Y g:i A').'] - ';
// Success or failure being logged?
if ($success) $text .= "SUCCESS!n";
else $text .= 'FAIL: '.$this->last_error."n";
// Log the POST variables
$text .= "IPN POST Vars from Paypal:n";
foreach ($this->ipn_data as $key=>$value) {
$text .= "$key=$value, ";
}
// Log the response from the paypal server
$text .= "nIPN Response from Paypal Server:n ".$this->ipn_response;
// Write to log
$fp=fopen($this->ipn_log_file,'a');
fwrite($fp, $text . "nn");
fclose($fp); // close file
}
function dump_fields() {
echo "<h3>paypal_class->dump_fields() Output:</h3>";
echo "<table width="95%" border="1" cellpadding="2" cellspacing="0">
<tr>
<td bgcolor="black"><b><font color="white">Field Name</font></b></td>
<td bgcolor="black"><b><font color="white">Value</font></b></td>
</tr>";
ksort($this->fields);
foreach ($this->fields as $key => $value) {
echo "<tr><td>$key</td><td>".urldecode($value)." </td></tr>";
}
echo "</table><br>";
}
}
paypal.class.php
<?php
include_once('../inc/db.php');
require ('../inc/steamauth.php');
function filter($var)
{
return stripslashes(htmlspecialchars($var));
}
require_once('paypal.class.php'); // include the class file
$p = new paypal_class;
$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';
$this_script = 'https://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
if (empty($_GET['action'])) $_GET['action'] = 'process';
switch ($_GET['action']) {
case 'process':
$teamid = mysqli_real_escape_string($db, $_POST['teamid']);
$type = mysqli_real_escape_string($db, $_POST['type']);
switch($type) {
case 'me':
$cost = '0.01';
break;
case 'team':
$cost = '0.01';
break;
}
$p->add_field('business', 'MY EMAIL');
$p->add_field('return', 'https://'.$_SERVER['HTTP_HOST']); //The success URL
$p->add_field('custom', $teamid);
$p->add_field('cancel_return', 'http://'.$_SERVER['HTTP_HOST']); // The "canceled" URL
$p->add_field('notify_url', $this_script.'?action=ipn'); //The IPN URL, the URL pointing to THIS page.
$p->add_field('item_number', filter($_POST['type']));
$p->add_field('item_name', $_POST['type'] . '');
$p->add_field('amount', $cost); // How ever much the VIP cost.
$p->submit_paypal_post();
break;
case 'ipn':
$db = mysqli_connect("localhost", "root", "*****", "***");
$problem = mysqli_query($db, "UPDATE matches SET status = '1'");
if ($p->validate_ipn()) {
$complete = mysqli_query($db, "UPDATE matches SET status = '2'");
}
break;
}
?>
我已经尝试了多个修复程序,在StackOverflow上找到。大部分是代码编辑,但我不认为这可能是问题所在。我试着禁用我的防火墙,看看我是否最终屏蔽了一些PayPal IP。但这不是问题所在。
我也尝试过PHP 5.3.8和PHP 7.2.7,但都不起作用,我在Windows 2016 VPS上的IIS 10上运行了这个脚本。我也在为我的网站使用SSL证书,但我也尝试过不使用它
我知道IPN URL是正确的,因为它做了我想要的一切,除了验证IPN。但价格是正确的,付款是通过的。正如您所看到的,查询$problem甚至会执行,但查询$complete不会执行,这正是我所需要的。
有人知道这可能是什么原因造成的吗?
Paypal二月份的电子邮件:
引用:"如果需要,我们还鼓励您与您的网络托管公司、电子商务软件提供商或内部网络程序员/系统管理员联系,以获得实施这些更改的进一步帮助。本电子邮件以及TLS 1.2和HTTP/1.1升级网站上提供的计划更改日期可能会发生更改。请监控我们的TLS 1.2和HTTP/1.1升级Microsite以获取最新信息。以下是我们将在2017年6月30日后开始实施的安全更新的几个关键点,我们强烈建议您的系统兼容,以确保您的业务不会受到干扰:•PayPal沙盒或测试环境已升级为仅允许TLS 1.2和HTTP/1.1连接。•2017年6月30日之后,所有生产端点将更新为仅接受TLS 1.2和HTTP/1.1连接。请注意,如果您尚未对系统进行必要的升级以使其符合要求,则在进行必要的更改之前,您的企业将无法接受PayPal付款。•验证端点可用,可在https://tlstest.paypal.com并具有最新的安全标准,因此客户可以在2017年6月30日之后快速检查其系统是否准备好接受交易。">
引用:"IPN验证返回HTTPS–2017年6月30日前完成需要更新:是">
Micah有一段时间没有更新他的剧本,但这个应该对你有用:https://github.com/xtuc/Paypal-ipn-SDK/blob/master/paypal.class.php