php - Paypal IPN sends invalid response after successful payment completion -

-

first thing first, language: php framework: code igniter

this first time i'm implementing paypal payment in website users can pay paypal accounts owner. obviously.

tutorial followed implementing paypal payment here. , implementing ipn listener, used this code. wrote ipn listener in core php , it's standalone file (no relation codeigniter framework or website). cron job makes file run 24x7. thought that's necessary not quite sure. ipn listener listens every time , whenever paypal sends ipn, takes data post , checks verification. if verified, write post data database , log file accordingly.

this whole things mess , think made worse.

my ipn listener is:

<?php require_once 'query.php'; define("debug", 1);  define("use_sandbox", 1); define("log_file", "./ipn.log"); $raw_post_data = str_replace('=utf-8', '=utf-8', file_get_contents('php://input')); $raw_post_array = explode('&', $raw_post_data); $mypost = array(); foreach ($raw_post_array $keyval) {     $keyval = explode ('=', $keyval);     if (count($keyval) == 2)         $mypost[$keyval[0]] = urldecode($keyval[1]); } // read post paypal system , add 'cmd' $req = 'cmd=_notify-validate';  foreach ($mypost $key => $value)  {         $value = urlencode(stripslashes($value));     $req .= "&$key=$value"; } if(use_sandbox == true) {     $paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr"; } else {     $paypal_url = "https://www.paypal.com/cgi-bin/webscr"; } $ch = curl_init($paypal_url); if ($ch == false) {     return false; } curl_setopt($ch, curlopt_http_version, curl_http_version_1_1); curl_setopt($ch, curlopt_post, 1); curl_setopt($ch, curlopt_returntransfer,1); curl_setopt($ch, curlopt_postfields, $req); curl_setopt($ch, curlopt_ssl_verifypeer, 1); curl_setopt($ch, curlopt_ssl_verifyhost, 2); curl_setopt($ch, curlopt_forbid_reuse, 1); if(debug == true) {     curl_setopt($ch, curlopt_header, 1);     curl_setopt($ch, curlinfo_header_out, 1); }  curl_setopt($ch, curlopt_connecttimeout, 30); curl_setopt($ch, curlopt_httpheader, array('connection: close')); $res = curl_exec($ch); if (curl_errno($ch) != 0) // curl error     {     if(debug == true) {          error_log(date('[y-m-d h:i e] '). "can't connect paypal validate ipn message: " . curl_error($ch) . php_eol, 3, log_file);     }     curl_close($ch);     exit; } else {         // log entire http response if debug switched on.         if(debug == true) {             error_log(date('[y-m-d h:i e] '). "http request of validation request:". curl_getinfo($ch, curlinfo_header_out) ." ipn payload: $req" . php_eol, 3, log_file);             error_log(date('[y-m-d h:i e] '). "http response of validation request: $res" . php_eol, 3, log_file);         }         curl_close($ch); } // inspect ipn validation result , act accordingly // split response headers , payload, better way strcmp $tokens = explode("\r\n\r\n", trim($res)); $res = trim(end($tokens));   if (strcmp ($res, "verified") == 0) {          $user_id = $_post['custom'];         $product_id = $_post["item_number"];         $txn_id = $_post["txn_id"];         $payment_gross = $_post["mc_gross"];         $currency_code = $_post["mc_currency"];         $payer_email = $_post["payer_email"];         $payment_status = $_post["payment_status"];               $qry2="insert payments(user_id,product_id,txn_id,payment_gross,currency_code,payer_email,payment_status) values(".$user_id.",".$product_id.",'".$txn_id."',".$payment_gross.",'".$currency_code."','".$payer_email."','".$payment_status."')"   ;       setdata($qry2);           if(debug == true) {         error_log(date('[y-m-d h:i e] '). "verified ipn: $req ". php_eol, 3, log_file);     } } else if (strcmp ($res, "invalid") == 0) {     // log manual investigation     // add business logic here deals invalid ipn messages     if(debug == true) {         error_log(date('[y-m-d h:i e] '). "invalid ipn: $req" . php_eol, 3, log_file);     } } ?>

what i'm trying here , if condition if (strcmp ($res, "verified") == 0) true, database write operation occurs , write log file using error_log(date('[y-m-d h:i e] '). "verified ipn: $req ". php_eol, 3, log_file);

i checked log file , try search verified ipn couldn't find anything. here ipn log.

[2016-03-07 05:41 utc] http request of validation request:post /cgi-bin/webscr http/1.1 host: www.sandbox.paypal.com accept: */* connection: close content-length: 20 content-type: application/x-www-form-urlencoded   ipn payload: cmd=_notify-validate [2016-03-07 05:41 utc] http response of validation request: http/1.1 200 ok date: mon, 07 mar 2016 05:41:03 gmt server: apache x-frame-options: sameorigin set-cookie: c9mwduvptt9gimypc3jwol1vslo=wklhkpj3laas07yu1wcxqpnlpgnpvtmx79in33fvjvu-1qcqq1bko2blco-lthcgrng4bymhlqdieakpmyldwqa1qp3eqttcdln-erdgl_nuifhufy7yejbynyzjs7w8xkofuhbvw5eqocb6f3ugtwovgpybhewxrejcu1o37sfljyynvgzkwmzhuvsg7ps9t19zcqfrldhnv8pyptxlba4uewbyuevwiyutvhbde_ula1l7e-ho8j-rui0bfkqohvsalakqcz9xp1xbyfijb2hlrtpddfmkqnqts2ibxlgo-ejnhcjg1boi06islt4dg0zfgplthpobrkz0as59ocotagoyrearbwqddzxwq0tdwi8uijwmaft9w0fproq5167v1nws6qizynxmezco40ss93nqw2otelrakx-1e92agsl3uxsq_yde5dm; domain=.paypal.com; path=/; secure; httponly set-cookie: cookie_check=yes; expires=thu, 05-mar-2026 05:41:03 gmt; domain=.paypal.com; path=/; secure; httponly set-cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; secure; httponly set-cookie: navlns=0.0; expires=wed, 07-mar-2018 05:41:03 gmt; domain=.paypal.com; path=/; secure; httponly set-cookie: apache=10.72.108.11.1457329263101875; path=/; expires=wed, 28-feb-46 05:41:03 gmt vary: accept-encoding,user-agent connection: close http_x_pp_az_locator: sandbox.slc paypal-debug-id: d4da8be813fa0 set-cookie: x-pp-silover=name%3dsandbox3.web.1%26silo_version%3d1880%26app%3dappdispatcher%26time%3d1863638358; domain=.paypal.com; path=/; secure; httponly set-cookie: x-pp-silover=; expires=thu, 01 jan 1970 00:00:01 gmt strict-transport-security: max-age=14400 transfer-encoding: chunked content-type: text/html; charset=utf-8  invalid [2016-03-07 05:41 utc] invalid ipn: cmd=_notify-validate [2016-03-07 05:42 utc] http request of validation request:post /cgi-bin/webscr http/1.1 host: www.sandbox.paypal.com accept: */* connection: close content-length: 20 content-type: application/x-www-form-urlencoded   ipn payload: cmd=_notify-validate [2016-03-07 05:42 utc] http response of validation request: http/1.1 200 ok date: mon, 07 mar 2016 05:42:02 gmt server: apache x-frame-options: sameorigin set-cookie: c9mwduvptt9gimypc3jwol1vslo=f8rnnkowps27ajk43k_vggihmcbyl0kxcalbl_qxj8x0jlk-lbchgcr3owkzlqj_mju_uo7cx7wooie45ayro6ico7wjjlxcvhm90mzdngfwxjhyddotovs9zrppcmiq2o7rxw6uhyvsaq3stnxcfj2rxouwssyry8ytdst6vyvjwdtpzsie24bebkqh2b1jbpot_vj1xhlrb_fmvpr6cb4scn9fhgndkyuedqefp3o-xbt-vzhbfutdsr3p2vvkkavfbos7oodfmiylsokxnkrbhvr2uwkgcpoo9hobywpqkfn2tllbw6w1ppksgnzy5m8txaa-a1htkkvmq6tn4vyc46b7ekps0zlo3vtt9arfvvscgrmxopgcqvwsgyrghqv4vyv_m47hrrrojf-ybdmebyhugsukysbjuspifdi5ozg2inodpq0o0vc; domain=.paypal.com; path=/; secure; httponly set-cookie: cookie_check=yes; expires=thu, 05-mar-2026 05:42:03 gmt; domain=.paypal.com; path=/; secure; httponly set-cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; secure; httponly set-cookie: navlns=0.0; expires=wed, 07-mar-2018 05:42:03 gmt; domain=.paypal.com; path=/; secure; httponly set-cookie: apache=10.72.108.11.1457329322876295; path=/; expires=wed, 28-feb-46 05:42:02 gmt vary: accept-encoding,user-agent connection: close http_x_pp_az_locator: sandbox.slc paypal-debug-id: ec94240d19c4 set-cookie: x-pp-silover=name%3dsandbox3.web.1%26silo_version%3d1880%26app%3dappdispatcher%26time%3d2853494102; domain=.paypal.com; path=/; secure; httponly set-cookie: x-pp-silover=; expires=thu, 01 jan 1970 00:00:01 gmt strict-transport-security: max-age=14400 transfer-encoding: chunked content-type: text/html; charset=utf-8  invalid [2016-03-07 05:42 utc] invalid ipn: cmd=_notify-validate [2016-03-07 05:43 utc] http request of validation request:post /cgi-bin/webscr http/1.1 host: www.sandbox.paypal.com accept: */* connection: close content-length: 20 content-type: application/x-www-form-urlencoded   ipn payload: cmd=_notify-validate [2016-03-07 05:43 utc] http response of validation request: http/1.1 200 ok date: mon, 07 mar 2016 05:43:02 gmt server: apache x-frame-options: sameorigin set-cookie: c9mwduvptt9gimypc3jwol1vslo=qfiftmj81m9xvbngk-_zfd_plia-_hitqhkt7thssgu2hjnyg1p7b2xqdrftowexijnxwmbbwbaofwf1azf07vq_stcvy9sfonsm83oiv3s8wctk9ekaxs6owbcfw4qvltydkxakfnklu576_bymafxulvj3paklegfukznc9kjy5ouhrku3bzo7eshrrpgqhnbqdoi6ncthh697bqfegaffypmixdbyheispakm22v0j7hs4a_nntlaxbwrrroztzmtuojdqnkf3ws26pjjkm4zywpdy8xp21visck9saaqjiozcspps1ttjsxhdi4nyuzejnjqg8xshbqb_lfweeqcqqc17meivchn19f32ojfh--lfsp3cza9yy34rbjxl1tny-owkzw9n3qhpn-tnvp6--dgtj-h3aqf0q6qs3gcfam3tlnd5tei9z0; domain=.paypal.com; path=/; secure; httponly set-cookie: cookie_check=yes; expires=thu, 05-mar-2026 05:43:03 gmt; domain=.paypal.com; path=/; secure; httponly set-cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; secure; httponly set-cookie: navlns=0.0; expires=wed, 07-mar-2018 05:43:03 gmt; domain=.paypal.com; path=/; secure; httponly set-cookie: apache=10.72.108.11.1457329382840458; path=/; expires=wed, 28-feb-46 05:43:02 gmt vary: accept-encoding,user-agent connection: close http_x_pp_az_locator: sandbox.slc paypal-debug-id: 8ad4234c9398 set-cookie: x-pp-silover=name%3dsandbox3.web.1%26silo_version%3d1880%26app%3dappdispatcher%26time%3d3860127062; domain=.paypal.com; path=/; secure; httponly set-cookie: x-pp-silover=; expires=thu, 01 jan 1970 00:00:01 gmt strict-transport-security: max-age=14400 transfer-encoding: chunked content-type: text/html; charset=utf-8  invalid [2016-03-07 05:43 utc] invalid ipn: cmd=_notify-validate

there's nothing 'verified' in , log file has 'invalid' in means

error_log(date('[y-m-d h:i e] '). "invalid ipn: $req" . php_eol, 3, log_file);

this function gets executed. but data written database also.

i don't what's wrong here. can point out mistakes? should take additional security measures? thanks. gracias. 

public function success()             {                 if(isset($_get['tx']))                 {                     $tx = $_get['tx'];                     $result=$this->verifywithpaypal($tx);                     // $this->load->view('success',$result);                 }             }  public function verifywithpaypal($tx)             {                // $tx = $_request['tx'];                      $token = $this->config->item('authtokan');                    $paypal_url = $this->config->item('posturl').'?cmd=_notify-synch&tx='. $tx.'&at='.$token;                  $curl= curl_init($paypal_url);                 $data=array(                            "cmd"=>"_notify-synch",                            "tx"=>$tx,                            "at"=>$token                        );                 $data_string=json_encode($data);                 curl_setopt($curl,curlopt_header, 0);                 curl_setopt($curl,curlopt_post, 1);                 curl_setopt($curl,curlopt_postfields,$data_string);                 curl_setopt($curl,curlopt_ssl_verifypeer, 0);                 curl_setopt($curl,curlopt_returntransfer,1);                 $headers= array(                     'content-type:application/x-www-form-urlencoded',                     'host: www.sandbox.paypal.com',                     'connection: close'                 );                 curl_setopt($curl,curlopt_http_version,curl_http_version_1_1);                 curl_setopt($curl,curlopt_httpheader, $headers);                 $response= curl_exec($curl);                  $lines= explode("\n", $response);                  $keyarray = array();                 if(strcmp($lines[0],"success")==0){                     for($i=1;$i<count($lines)-1; $i++){                         list($key,$val)=explode("=",$lines[$i]);                         $keyarray[urldecode($key)]=urldecode($val);                     }                      $this->getlistproducts($keyarray);                  }                }        public function getlistproducts($result)             {              $i=1;             $data = array();          //        echo "<pre>";         //        print_r($result);         //        echo "</pre>";                  foreach($result $key => $value)                 {                     if(0===strpos($key,'item_number')){                         $product = array(                             'first_name'           => $result['first_name'],                             'last_name'            => $result['last_name'],                             'receiver_email'       => $result['receiver_email'],                             'txn_type'             => $result['txn_type'],                              'txn_id'               => $result['txn_id'],                             'payment_date'         => $result['payment_date'],                             'payer_id'             => $result['payer_id'],                                                'payer_email'          => $result['payer_email'],                             'address_street'       => $result['address_street'],                             'address_zip'          => $result['address_zip'],                             'address_status'       => $result['address_status'],                             'address_country_code' => $result['address_country_code'],                             'address_name'         => $result['address_name'],                             'address_country'      => $result['address_country'],                             'address_city'         => $result['address_city'],                             'address_state'        => $result['address_state'],                               'receiver_id'          => $result['receiver_id'],                             'receiver_email'       => $result['receiver_email'],                             'item_number'          => $result['item_number1'],                             'item_name'            => $result['item_name1'],                             'quantity'             => $result['quantity1'],                             'mc_currency'          => $result['mc_currency'],                             'mc_fee'               => $result['mc_fee'],                             'mc_gross'             => $result['mc_gross_1'],                             'payment_gross'        => $result['payment_gross']                                         );                  $this->load->model('mdl_order');                 $this->mdl_order->insert_record($product);                //   echo "alert<script>successfully transaction</script>";                 if(isset($product)){                         //echo 'hello';                                                $time=$this->session->userdata('last_time');                        // echo $time;                         //$data=array( $time=$this->session->userdata('last_time'));                         $this->load->model('mdl_order');                         $this->mdl_order->update($time);                         echo "success update";                  } //                redirect('manage_order');                  $this->load->view('success',$product);                 }             }                   return $data;           }

Comments

Post a Comment

Popular posts from this blog

java - Run spring boot application error: Cannot instantiate interface org.springframework.context.ApplicationListener -

-
i have spring project , try make use spring boot , run @ embadded tomcat following : https://spring.io/guides/gs/rest-service/ this application //@configuration //@enableaspectjautoproxy @springbootapplication @componentscan(basepackages = "gux.prome") public class application { public static void main(string[] args) { springapplication.run(application.class, args); } } if use maven command: mvn spring-boot:run , project starts fine, need debug , run main method @ intelij, exception occurs: exception in thread "main" java.lang.illegalargumentexception: cannot instantiate interface org.springframework.context.applicationlistener : org.springframework.boot.logging.classpathloggingapplicationlistener @ org.springframework.boot.springapplication.createspringfactoriesinstances(springapplication.java:414) @ org.springframework.boot.springapplication.getspringfactoriesinstances(springapplication.java:394) @ org.springframework.bo...
Read more

reactjs - React router and this.props.children - how to pass state to this.props.children -

-
i'm using react-router first time , don't know how think in yet. here's how i'm loading components in nested routes. entry point .js reactdom.render( <router history={hashhistory} > <route path="/" component={app}> <route path="models" component={content}> </route> </router>, document.getelementbyid('app') ); app.js render: function() { return ( <div> <header /> {this.props.children} </div> ); } so child of app content component sent in. i'm using flux , app.js has state , listens changes, don't know how pass state down this.props.children. before using react-router app.js defines children explicitly, passing state natural don't see how now. using couple of react helper methods can add state, props , whatever else this.props.children render: function() { var children = react.ch...
Read more

Excel VBA "Microsoft Windows Common Controls 6.0 (SP6)" Location Changes -

-
i have excel workbook used generate quotations customers. there main page user inputs data, , there buttons generate various pdfs , send them customer. however, 1 user consistently getting error preventing generating , sending pdfs. i beleive "microsoft windows common controls 6.0 (sp6)". it's installed on users' computers. on mine, location "c:\windows\syswow64\mscomctl.ocx" on others "c:\windows\system32\mscomctl.ocx" the user experiencing issues on 32-bit machine, "mscomctl.ocx" file should in system32. have manually put in there, , pointed common controls reference in vba it. issue seems keep reverting looking in syswow64. since folder doesn't exist, can't find it, , can't produce pdfs. i thought perhaps issue user running older version of office (2007) there users on 2013 , 2016. thought perhaps mixture of 64-bit , 32-bit users. user gets sent workbook other users (as quotation process goes further, gets passed ...
Read more