支付宝.在接受付款之前验证付款的方法 [英] php paypal. A way to validate a payment before accepting the payments
问题描述
有没有办法在 paypal 处理订单之前验证付款?
Is there a way to validate a payment before paypal proceed the order ?
我使用自己的购物车.当客户点击提交订单时,我将用户重定向到另一个页面调用 PayPalRedirect.php
I Use my own shopping cart.
When the customer click on Submit Order, I redirect the user on an other page call, PayPalRedirect.php
PayPalRedirect.php
<form name="paypalform" action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="invoice" value="<? echo $idInvoice; ?>">
<input type="hidden" name="business" value="business_email@example.com">
<input type="hidden" name="notify_url" value="http://mydomain.com/catalog/IPNReceip">
<?
$cpt = 1;
foreach($ordering as $k => $v)
{
?>
<input type="hidden" name="item_name_<? echo $cpt?>" value="<? echo$v->Product->ProductNumber; ?>">
<input type="hidden" name="quantity_<? echo $cpt?>" value="<? echo $v->Qty; ?>">
<input type="hidden" name="amount_<? echo $cpt?>" value="<? echo $v->Price ?>">
<?
$cpt++;
}
?>
<input type="hidden" name="currency_code" value="CAD">
<input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but01.gif" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
我使用这个 JavaScript 在页面加载时提交表单:
I use this JavaScript to submit the form when the page is loaded:
<script>
document.forms.paypalform.submit();
</script>
此时一切正常.用户重定向到贝宝页面,可以登录贝宝支付订单.
At this time all is alright. The user is Redirect to PayPal page and can login to PayPal and then pay the order.
我现在的问题是.PayPal 有没有办法在我身边调用 Web 服务(例如:http://mydomain.com/ValidatePayment.php) 并传递 paypal 收到的购物车中的所有物品以确认价格正确.如果价格不正确,我想回复paypal付款无效并取消交易.所有这一切都是在客户点击贝宝页面的 PayNow 之前完成的.如果可能,我该怎么做?
My question at this point is. Is there a way with PayPal to call a web service in my side (for example: http://mydomain.com/ValidatePayment.php) and pass all the items of the shoping cart that paypal receive to confirm that the price is correct. If the price is not correct, I would like to response to paypal that the payment is invalid and cancel the transaction. All that before the customer click on PayNow of paypal page. How can I do this if it's possible?
非常感谢
推荐答案
我认为不可能做你想做的事.一旦您将客户发送到 Paypal,他们将处理付款并在最后向您发送确认.
I don't think it is possible to do what you want. Once you send the client over to Paypal, they will handle the payment and send you a confirmation at the end.
如果您想确保客户支付了正确的金额,您应该检查 Paypal 发送给您的确认信息.
If you want to make sure the client paid the correct amount, you should check the confirmation that Paypal sends you.
您可能知道 Paypal 有两种付款确认机制 - PDT 和 IPN.
As you probably know Paypal has two payment confirmation mechanisms - PDT and IPN.
PDT 依赖于客户在付款后返回您的网站.客户付款后,Paypal 将向您发送包含交易详情的 PDT 消息.您可以使用此信息向客户显示收据.问题是客户是否在付款后立即关闭浏览器.如果发生这种情况,您可能永远不会收到 PDT 消息.
PDT relies on the client coming back to your website after the payment. Once the client makes the payment, Paypal will send you a PDT message with the details of the transaction. This information is what you can use to show a receipt to the client. The issue is if the client closes his browser immediately after making a payment. If that happens, you may never receive the PDT message.
IPN 不依赖客户端返回您的网站.每次客户付款时,Paypal 都会向您发送包含交易详情的 IPN 消息.
IPN does not rely on the client coming back to your website. Every time a client makes a payment, Paypal will send you an IPN message with the details of the transaction.
您可以使用一个或两个来确认付款已完成.您还可以检查付款是否符合您的预期.
You can use either one or both to confirm that payment was completed. And you can also check that the payment was made for the amount you were expecting.
请参阅下面我在我的网站上使用的流程:
See below the flow I use on my website:
1 - 客户按下按钮以使用 Paypal 付款
1 - client presses button to make payment with Paypal
2 - 我的网站将交易详情发送给 Paypal 的客户
2 - my website sends client to Paypal with the details of the transaction
3 - Paypal 处理付款
3 - Paypal handles the payment
4 - 付款完成后,Paypal 会向客户发送 PDT 消息返回我的网站.
4 - once payment is completed, Paypal will send the client back to my website with a PDT message.
5 - 我的网站向 Paypal 发送确认消息,以检查 PDT 消息是否合法且来自 Paypal.
5 - my website sends a confirmation message to Paypal to check that the PDT message is legit and came from Paypal.
6 - Paypal 发回一条消息,其中包含交易的所有详细信息,包括支付的价格.
6 - Paypal sends back a message with all the details of the transaction, including price paid.
7 - 我的网站检查来自 Paypal 的确认消息,并在屏幕上向我的客户显示收据
7 - my website checks the confirmation message from Paypal and shows a receipt on screen to my client
8 - 一旦向我的卖家帐户付款,Paypal 也会发送一条 IPN 消息.
8 - Paypal will also send an IPN message once a payment is made to my seller account.
9 - 当我的网站收到 IPN 消息时,它会向 Paypal 发回一条消息,以确认该消息是合法的并且来自 Paypal.
9 - when my website receives an IPN message, it sends back a message to Paypal to confirm that the message is legit and was originated from Paypal.
10 - 我的网站然后检查从 Paypal 发回的确认消息并确认付款正确.
10 - my website then checks the confirmation message sent back from Paypal and confirms the payment was correct.
请注意,在大多数情况下,我会收到来自 Paypal 的两条消息(一条 PDT 和一条 IPN).没关系,因为我会跟踪每笔交易,如果我收到已标记为已付款的交易的 IPN,我只需丢弃 IPN 消息.
Note that in most cases I will receive two messages from Paypal (one PDT and one IPN). It is ok because I keep track of each transaction and if I receive an IPN for a transaction where I have already marked as paid, I simply discard the IPN message.
请注意,如果您收到 PDT 消息,则您实际上并不需要 IPN 消息.但是,我建议您同时实施这两项措施,以防客户在 Paypal 有机会将他发送回您的网站之前关闭他的浏览器.
Note that if you receive the PDT message you don't really need the IPN message. However I recommend you implement both just in case the client closes his browser before Paypal has a chance to send him back to your website.
在两条消息(PDT 和 IPN)中,Paypal 都会告诉您付款是否已结清.您可能知道,某些付款类型要在提交到 Paypal 几天后才会清除.Paypal 建议您在付款结清之前不要运送产品.付款清算后,Paypal 将向您发送另一条 IPN 消息.
In both messages (PDT and IPN) Paypal tells you if the payment cleared or not. As you probably know, some payment types do not clear until a few days after they are submitted to Paypal. Paypal recommends that you don't ship the product until the payment has cleared. Paypal will send you another IPN message once the payment is cleared.
我的网站上有两个脚本 - 一个用于处理 PDT 消息,另一个用于处理 IPN 消息.它们在处理付款确认时非常相似.看下面的例子:
I have two scripts on my website - one to handle the PDT messages and another one to handle the IPN messages. They are very similar when handling payment confirmation. See below an example:
$req = 'cmd=_notify-synch';
$tx_token = $_GET['tx'];
$auth_token = "enter your own authorization token";
$req .= "&tx=$tx_token&at=$auth_token";
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
//$fp = fsockopen ('http://www.sandbox.paypal.com', 80, $errno, $errstr, 30);
// If possible, securely post back to paypal using HTTPS
// Your PHP server will need to be SSL enabled
// replace www.sandbox.paypal.com with www.paypal.com when you go live
$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
if (!$fp)
{
// HTTP ERROR
}
else
{
fputs ($fp, $header . $req);
// read the body data
$res = '';
$headerdone = false;
while (!feof($fp))
{
$line = fgets ($fp, 1024);
if (strcmp($line, "\r\n") == 0)
{
// read the header
$headerdone = true;
}
else if ($headerdone)
{
// header has been read. now read the contents
$res .= $line;
}
}
// parse the data
$lines = explode("\n", $res);
$keyarray = array();
if (strcmp ($lines[0], "SUCCESS") == 0)
{
for ($i=1; $i<count($lines);$i++)
{
list($key,$val) = explode("=", $lines[$i]);
$keyarray[urldecode($key)] = urldecode($val);
}
$firstname = $keyarray['first_name'];
$lastname = $keyarray['last_name'];
$itemname = $keyarray['item_name'];
$amount = $keyarray['payment_gross'];
$invoiceid = $keyarray['invoice'];
$profileid = $keyarray['subscr_id'];
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
// show receipt to client
}
}
我希望这会有所帮助.请随时提出后续问题.
I hope this helps. Please feel free to ask follow up questions.
祝你好运!
这篇关于支付宝.在接受付款之前验证付款的方法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
