通过 POST 信息验证 Paypal 交易 [英] Verifying a Paypal transaction via POST information

问题描述

我完全不知所措.我想我可能会收到错误信息"，但我会尽力解释我的情况.

I'm at a complete loss. I think I might be getting "mis-informed", but I'll try explain my situation as best I can.

想法

• 我们有一个表格供用户购买积分.输入信用号码，单击 pp 按钮.
• 点击按钮后，会发布一个帖子来设置事务日志信息并将其设置为待处理(工作正常).
• 在有效退货后，它会继续提交贝宝表格(也可以使用).
• 用户被重定向到 paypal 页面并付款(到目前为止一切顺利).
• 付款后，他们点击退货并被定向到成功"页面(仍在工作).
• 到达此页面后，我从 pp 接收帖子数据(呃，哦，这是它变得粘稠的地方)
• 验证数据是否为真实"pp 数据并更新事务日志(如何！?)

我被告知的内容 &我试过的

What I'm being told & what i've tried

我最初打算使用 IPN 回发到 paypal 以验证收到的数据(确保它没有被欺骗)，但是，我被告知出于成本目的并且不得不设置一个ipn 服务器"" 我们不能使用 IPN ....

I was initially going to use IPN to do a post back to paypal to verify the recieved data (ensure it wasn't spoofed), however, I'm being told that for cost purposes and having to setup an "ipn server" we can't use IPN ....

好的，所以我打算使用 PDT，除非我错过了我尝试中的一个重要步骤，或者它根本无法正常工作，因为我没有做正确的事情.这就是我迷路的地方，我尝试了十几种不同的方法，包括直接链接帖子，使用 sparks(用于 CI)设置数据并调用 paypal 链接等等......

Ok, so I was gonna use PDT, except either I missed a major step in my attempt or it ISNT working right at all because I'm not doing somthing right. Here is where I'm lost, i've tried a dozen different things, including a direct link post, using sparks (for CI) to set the data and call to paypal link, and etc ...

我已经查看了这里和其他六个论坛上的每个 paypal 问题，但似乎无法解决任何问题.

I've looked over every paypal question on here and a half dozen other forums and can't seem to get anything going.

谁能清楚地"告诉我如何验证成功的 paypal 交易的 POST 数据，甚至可以告诉我是否对 IPN 有误解，因为我查看了文档但找不到什么有人告诉我，我也真的找不到我的解决方案.

Can anyone "clearly" tell me how I can verify the POST data of a successful paypal transaction and maybe even tell me if i'm being misinformed about the IPN, cause I looked over the docs and I can't find what i've been told, nor can I really find my solution.

我觉得自己很笨，请帮忙.

I feel stupid, please help.

推荐答案

由于 IPN 信息的更新，最终使其正常工作.我的解决方案在表单中添加了以下行:

Finally made it work correctly thanks to the update in info on IPN. My solution added the following line to my form:

<input type="hidden" name="notify_url" value="<?= site_url('payment/notifyTest'); ?>">

然后在notifyTest函数中我运行了这个:

Then in the notifyTest function i ran this:

    $pDat = $this->input->post(NULL, TRUE);
    $isSandBox = array_key_exists('test_ipn', $pDat) && 1 === (int)$pDat['test_ipn'] ? TRUE : FALSE;
    $verifyURL = $isSandBox ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr';
    $token = random_string('unique');

    $request = curl_init();
    curl_setopt_array($request, array
    (
        CURLOPT_URL => $verifyURL,
        CURLOPT_POST => 0,
        CURLOPT_POSTFIELDS => http_build_query(array('cmd' => '_notify-validate') + $pDat),
        CURLOPT_RETURNTRANSFER => 0,
        CURLOPT_HEADER => 0,
        CURLOPT_SSL_VERIFYHOST => 0,
        CURLOPT_SSL_VERIFYPEER => 0,
        CURLOPT_CAINFO => 'cacert.pem',
    ));

    $response = curl_exec($request);
    $status   = curl_getinfo($request, CURLINFO_HTTP_CODE);

    curl_close($request);

    if($status == 200 && $response == 'VERIFIED') {
        //  SUCCESS
        $data = array (
            ... => ...
        );
        $this->db->insert('transactions', $data);
    }
    else {
        //  FAILED
        $data = array (
            ... => ...
        );
        $this->db->insert('transactions', $data);
    };

我们发现的重要差异 -> 不要将 CURL VARS 设置为 TRUE 或 FALSE用 0 表示真，用 1 表示假，这可能听起来很愚蠢，但它很糟糕！！！

THE IMPORTANT DIFFERENCE AS WE FOUND -> DO NOT SET YOUR CURL VARS TO TRUE OR FALSE USE 0 FOR TRUE AND 1 FOR FALSE, IT MIGHT SOUND STUPID, BUT IT WOIKED!!!

这篇关于通过 POST 信息验证 Paypal 交易的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！