I have the following HTML form
<form action="https://sandbox.paypal.com/cgi-bin/webscr" method="post" id="paypalpost" name="paypalpost"> <input type="hidden" name="rm" value="2"/> <input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="business" value=" vbnetdiscuss@yahoo.com "> <input type="hidden" name="item_name" value="Wedding Gift"> <input type="hidden" name="currency_code" value="EUR"> <input type="hidden" name="amount" value="<?php echo $value['total'];?>"> <input type="hidden" name="return" value="http://developwithus.com/wedding/return.php"> <input type="hidden" name="cancel_return" value="http://developwithus.com/wedding/return.php?status=0"> <input onclick="return submitatoc();" disabled type="submit" name="submit" id="pay" class="buttonBlueBg" value="Checkout" style="cursor:pointer;"> </form>
I mentioned the return URL as http://developwithus.com/wedding/return.php on which (I downloaded this from: https://cms.paypal.com/cms_content/US/en_US/files/developer/IPN_PHP_41.txt and added
<?php print_r('<pre>'); print_r($_POST); // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; if (!$fp) { // HTTP ERROR echo "HTTP Error"; } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); echo $res; if (strcmp ($res, "VERIFIED") == 0) { // check the payment_status is Completed // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment echo("verified"); } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation echo ("invalid"); } } fclose ($fp); } echo "end"; ?>
but I got a "Bad request" as a response. If I go to the account in my PayPal mailbox and make a payment and go back.
Array ( [CONTEXT] => wtgSziM4C5x0SI-9CmKcv2vkSeTLK5P_g6HqzC__YTYkcqziFNcB84p79Ja [myAllTextSubmitID] => [cmd] => _flow [mc_gross] => 100.00 [protection_eligibility] => Ineligible [address_status] => confirmed [payer_id] => Z5NWSYYVZW268 [tax] => 0.00 [address_street] => 1 Main St [payment_date] => 09:04:08 May 14, 2011 PDT [payment_status] => Pending [charset] => windows-1252 [address_zip] => 95131 [first_name] => Test [address_country_code] => US [address_name] => Test User [notify_version] => 3.1 [custom] => [payer_status] => verified [address_country] => United States [address_city] => San Jose [quantity] => 1 [payer_email] => sujeet_1302606445_per@gmail.com [verify_sign] => AozIjtjfCe0jUnbJpR4qPrW54olKAq.SrnEktGSocrk8yYv4bpR4lJX7 [txn_id] => 3HG58230W32603443 [payment_type] => instant [last_name] => User [address_state] => CA [receiver_email] => vbnetdiscuss@yahoo.com [pending_reason] => unilateral [txn_type] => web_accept [item_name] => Wedding Gift [mc_currency] => EUR [item_number] => [residence_country] => US [test_ipn] => 1 [transaction_subject] => Wedding Gift [handling_amount] => 0.00 [payment_gross] => [shipping] => 0.00 [merchant_return_link] => click here [form_charset] => UTF-8 ) HTTP/1.1 400 Bad Request Date: Sat, 14 May 2011 16:05:20 GMT Server: Apache Set-Cookie: c9MWDuvPtT9GIMyPc3jwol1VSlO=%7cgA9mW0Yh7-iBp435VBDwyCqtOtnlE8KAk8fT_sjGXHGx2mDzXgFit5ZdHd3BOOEUt_UDRW%7cRD1g8aAyLevIAP-u4WfCokEQkimrkpQk6v6rLZ_xD-pT1ATWuv5RtcK3NIbPPwfF1cXq3G%7c; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: cookie_check=yes; expires=Tue, 11-May-2021 16:05:20 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: Apache=10.191.196.11.9095130538912094; path=/; expires=Fri, 31-Mar-05 09:37:04 GMT Connection: close Content-Type: text/plain; charset=ISO-8859-1 -iBp435VBDwyCqtOtnlE8KAk8fT_sjGXHGx2mDzXgFit5ZdHd3BOOEUt_UDRW% 7cRD1g8aAyLevIAP-u4WfCokEQkimrkpQk6v6rLZ_xD-pT1ATWuv5RtcK3NIbPPwfF1cXq3G% 7c; Array ( [CONTEXT] => wtgSziM4C5x0SI-9CmKcv2vkSeTLK5P_g6HqzC__YTYkcqziFNcB84p79Ja [myAllTextSubmitID] => [cmd] => _flow [mc_gross] => 100.00 [protection_eligibility] => Ineligible [address_status] => confirmed [payer_id] => Z5NWSYYVZW268 [tax] => 0.00 [address_street] => 1 Main St [payment_date] => 09:04:08 May 14, 2011 PDT [payment_status] => Pending [charset] => windows-1252 [address_zip] => 95131 [first_name] => Test [address_country_code] => US [address_name] => Test User [notify_version] => 3.1 [custom] => [payer_status] => verified [address_country] => United States [address_city] => San Jose [quantity] => 1 [payer_email] => sujeet_1302606445_per@gmail.com [verify_sign] => AozIjtjfCe0jUnbJpR4qPrW54olKAq.SrnEktGSocrk8yYv4bpR4lJX7 [txn_id] => 3HG58230W32603443 [payment_type] => instant [last_name] => User [address_state] => CA [receiver_email] => vbnetdiscuss@yahoo.com [pending_reason] => unilateral [txn_type] => web_accept [item_name] => Wedding Gift [mc_currency] => EUR [item_number] => [residence_country] => US [test_ipn] => 1 [transaction_subject] => Wedding Gift [handling_amount] => 0.00 [payment_gross] => [shipping] => 0.00 [merchant_return_link] => click here [form_charset] => UTF-8 ) HTTP/1.1 400 Bad Request Date: Sat, 14 May 2011 16:05:20 GMT Server: Apache Set-Cookie: c9MWDuvPtT9GIMyPc3jwol1VSlO=%7cgA9mW0Yh7-iBp435VBDwyCqtOtnlE8KAk8fT_sjGXHGx2mDzXgFit5ZdHd3BOOEUt_UDRW%7cRD1g8aAyLevIAP-u4WfCokEQkimrkpQk6v6rLZ_xD-pT1ATWuv5RtcK3NIbPPwfF1cXq3G%7c; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: cookie_check=yes; expires=Tue, 11-May-2021 16:05:20 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: Apache=10.191.196.11.9095130538912094; path=/; expires=Fri, 31-Mar-05 09:37:04 GMT Connection: close Content-Type: text/plain; charset=ISO-8859-1
Can you guys tell me what I'm doing wrong? INVALID works
source share