所以我正在使用 Paypal 提供的示例代码,以便正确通信和验证传入的 IPN 消息。使用提供的 Paypal 开发工具“IPN 模拟器”,我能够确认我的 IPN 监听器代码能够成功地与 Paypal 服务器握手,但是当需要重新发送信息进行验证时,我只能成功连接非-paypal 的沙盒版本(无论如何都会返回无效,因为一切都设置为与沙盒 paypal 通信)。当我尝试连接到沙盒版本时,我收到一个 http 错误,这意味着我无法连接到服务器。
我想我已经将问题隔离到这行代码:
$fh = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); //HTTP error
下面的代码演示了我的测试,看看哪些 url 可以工作:
$fh = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);//works, returns invalid
$fh = fsockopen ('tls://www.paypal.com', 443, $errno, $errstr, 30);//works, returns invalid
$fh = fsockopen ('www.paypal.com', 443, $errno, $errstr, 30);//Does not work but does not throw HTTP Error (does not return Verified or Invalid either)
$fh = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);//HTTP error
$fh = fsockopen ('tls://www.sandbox.paypal.com', 443, $errno, $errstr, 30);//HTTP error
$fh = fsockopen ('www.sandbox.paypal.com', 443, $errno, $errstr, 30);//Does not work but does not throw HTTP Error (does not return Verified or Invalid either)
这是目前在我的服务器上的 IPN 监听器代码(为简单起见,未显示在我的数据库中记录 IPN 数据的额外代码;这里还有此代码基于的链接:https://developer.paypal.com/docs/classic/ipn/gs_IPN/):
<?php
// STEP 1 - acknowledge PayPal's notification
header('HTTP/1.1 200 OK');
// STEP 2 - create the response we need to send back to PayPal for them to confirm that it's legit
$resp = 'cmd=_notify-validate';
foreach ($_POST as $parm => $var)
{
$var = urlencode(stripslashes($var));
$resp .= "&$parm=$var";
}
// STEP 3 - Get the HTTP header into a variable and send back the data we received so that PayPal can confirm it's genuine
$httphead = "POST /cgi-bin/webscr HTTP/1.1\r\n";
$httphead .= "Content-Type: application/x-www-form-urlencoded\r\n";
$httphead .= "Content-Length: " . strlen($resp) . "\r\n\r\n";
// Now create a ="file handle" for writing to a URL to paypal.com on Port 443 (the IPN port)
$errno ='';
$errstr='';
$fh = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); //PROBLEM?
// STEP 4 - Nearly done. Now send the data back to PayPal so it can tell us if the IPN notification was genuine
if (!$fh) {
// Uh oh. This means that we have not been able to get thru to the PayPal server. It's an HTTP failure
}
// Connection opened, so spit back the response and get PayPal's view whether it was an authentic notification
else {
fputs ($fh, $httphead . $resp);
while (!feof($fh))
{
$readresp = fgets ($fh, 1024);
// $readresp = trim($readresp);
if (strcmp ($readresp, "VERIFIED") == 0) //yay verified data!
{
}
else if (strcmp ($readresp, "INVALID") == 0) //Invalid data! :(
{
}
}
fclose ($fh);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
</body>
</html>
这是我的按钮代码:
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="M8IC3G88S5WFQ">
<input type="image" src="https://www.sandbox.paypal.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
对我应该使用什么fsockopen()配置有什么帮助吗?
最佳答案
好吧,我通过在我的域上安装一个私有(private) SSL 证书(必须是 2048 位和 SHA-256)来让它工作,这意味着你必须有 HTTPS。
我也开始使用官方的 Paypal 监听器 php 示例代码,可以在这里找到:https://github.com/paypal/ipn-code-samples/blob/master/paypal_ipn.php .
此外,我在示例代码 curl 语句中添加了 curl_setopt($ch, CURLOPT_SSLVERSION, 6); 以使用 TSLv1.2 通信,这是必需的,因为当前 Paypal 正在进行安全更新.
如果这与任何人相关(私有(private) ssl 证书自动为 2048 位和 SHA-256,这很好),我目前使用 Hostgator 进行托管。
我希望我这些天的奋斗成果也能帮助遇到同样问题的人,干杯!
关于php - Paypal IPN 响应适用于 Paypal 但不适用于 sandbox-Paypal?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36224970/