我有以下 CakePHP 2.x 代码
<?php
App::uses('HttpSocket', 'Network/Http');
class PaypalUtility
{
public static function isValidPayPalIPN( $data )
{
$result = false;
$HttpSocket = new HttpSocket();
$data[ "cmd" ] = "_notify-validate";
$response = $HttpSocket->post( 'https://www.sandbox.paypal.com/cgi-bin/webscr', $data );
if( trim( $response->body ) == "VERIFIED" )
{
$result = true;
}
return $result;
}
}
?>
以及我的 Controller 中的以下代码
debug( PaypalUtility::isValidPayPalIPN( $this->getTestIPN() ) );
debug( PaypalUtility::isValidPayPalIPN( $this->getRealIPN() ) );
public function getRealIPN()
{
return json_decode
(
'{
"mc_gross": "77.00",
"protection_eligibility": "Eligible",
"address_status": "confirmed",
"payer_id": "",
"tax": "0.00",
"address_street": "",
"payment_date": "16:58:02 Oct 28, 2013 PDT",
"payment_status": "Completed",
"charset": "windows-1252",
"address_zip": "",
"first_name": "",
"mc_fee": "2.53",
"address_country_code": "US",
"address_name": "",
"notify_version": "3.7",
"custom": "5269cf50-b898-4c45-bff0-0eea48a70080",
"payer_status": "unverified",
"business": "",
"address_country": "United States",
"address_city": "",
"quantity": "1",
"verify_sign": "AnPnM9mwa.0sVUNKppvjyOwMkqbKAABVDC8dkcXYOK4e-cpFzVuF4YvS",
"payer_email": "",
"txn_id": "",
"payment_type": "instant",
"last_name": "",
"address_state": "",
"receiver_email": "",
"payment_fee": "",
"receiver_id": "",
"txn_type": "web_accept",
"item_name": "",
"mc_currency": "USD",
"item_number": "",
"residence_country": "",
"handling_amount": "0.00",
"transaction_subject": "5269cf50-b898-4c45-bff0-0eea48a70080",
"payment_gross": "77.00",
"shipping": "0.00",
"ipn_track_id": ""
}',
true
);
}
public function getTestIPN()
{
return json_decode
(
'{
"residence_country": "US",
"invoice": "abc1234",
"address_city": "San Jose",
"first_name": "John",
"payer_id": "TESTBUYERID01",
"shipping": "3.04",
"mc_fee": "0.44",
"txn_id": "611422392",
"receiver_email": "seller@paypalsandbox.com",
"quantity": "1",
"custom": "xyz123",
"payment_date": "22:29:21 28 Oct 2013 PDT",
"address_country_code": "US",
"address_zip": "95131",
"tax": "2.02",
"item_name": "something",
"address_name": "John Smith",
"last_name": "Smith",
"receiver_id": "seller@paypalsandbox.com",
"item_number": "AK-1234",
"verify_sign": "AiPC9BjkCyDFQXbSkoZcgqH3hpacAaChsjNZq2jHG82F97aoFSMa6SED",
"address_country": "United States",
"payment_status": "Completed",
"address_status": "confirmed",
"business": "seller@paypalsandbox.com",
"payer_email": "buyer@paypalsandbox.com",
"notify_version": "2.1",
"txn_type": "web_accept",
"test_ipn": "1",
"payer_status": "verified",
"mc_currency": "USD",
"mc_gross": "12.34",
"address_state": "CA",
"mc_gross1": "12.34",
"payment_type": "echeck",
"address_street": "123, any street"
}',
true
);
}
字段已从 realIPN 函数中删除,以保护我的买家的隐私。
这是代码的输出: http://i.imgur.com/9xcM7hL.png
您会注意到来自 IPN 模拟器的测试 IPN 是有效的,但我作为请求捕获的真实数据被确定为无效。 (我还验证了 paypal 正在返回“INVALID”以验证 realipn。
有谁知道我的 isValidPayPalIPN 函数有什么问题,或者为什么没有验证真实的 IPN 数据?我不得不想象这与通知版本有关。
最佳答案
那个函数是硬编码的https://www.sandbox.paypal.com作为端点。当你上线时,必须切换到 www.paypal.com。否则,它会针对错误的服务器进行验证,因此您确实会无效。
处理它的最佳方法是根据某处的配置文件动态填充该端点值。
关于php - PayPal IPN 未经验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19803233/