My paypalipn.php file looks like,
<?php
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// STEP 2: Post IPN data back to paypal to validate
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
if( !($res = curl_exec($ch)) ) {
// error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
// STEP 3: Inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
} else if (strcmp ($res, "INVALID") == 0) {
}
?>
I have implemented the Paypal into my application. where I can successfully got the profile Id for recurring payments but The response I got from Instant payment Notification was invalid. only that reason was I got ,and also I dont get any more error messages regarding that. so I was looking for your help to get this....
Are you using the Sandbox? The live site won't verify IPNs from the Sandbox, and vice-versa. If the IPN came from the Sandbox, you need to send it back to the Sandbox to verify it.
Try changing this code:
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
To this:
if($myPost['test_ipn'] == "1") {
$ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr');
} else {
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
}
Related
I have a problem. In January the code for PayPal IPN was working, and in February is stopped working. What could it change?
Here is the code
<?php
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
if( !($res = curl_exec($ch)) ) {
curl_close($ch);
exit;
}
curl_close($ch);
if (strcmp ($res, "VERIFIED") == 0) {
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
if ($_POST['mc_gross'] != NULL)
$payment_amount = $_POST['mc_gross'];
else
$payment_amount = $_POST['mc_gross1'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$custom = $_POST['custom'];
$adres = "jankowski095#gmail.com";
$tytul = "Zakupiono przedmiot";
$wiadomosc = "Zakupiono ";
mail($adres, $tytul, $wiadomosc);
} else if (strcmp ($res, "INVALID") == 0) {
$adres = "jankowski095#gmail.com";
$tytul = "Tytuł wiadomoścasdi no";
$wiadomosc = "IPN nie działa.";
mail($adres, $tytul, $wiadomosc);
}
?>
I do not know why it stopped working from PayPal I did not get any notification of changes in the software. Help me please
I'm using https://github.com/Zizaco/entrust for my ReST API integration in Laravel 5.2
I can retrieve the token. Then, I try to pass it to some route which needs the token. But I get this error with status code 401:
Failed to authenticate because of bad credentials or an invalid authorization header.
This is the code I use:
$base_url = 'http://mysite/api/';
$fields = array(
'email' => urlencode('myEmail'),
'password' => urlencode('myPass'),
);
$fields_string = '';
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $base_url . 'login');
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
$result = curl_exec($ch);
$result = json_decode($result, true);
$token = false;
if ($result['result'] == 'success') {
$token = $result['token'];
}
if ($token) { //call the api by passing the token:
// var_dump($token);
curl_setopt($ch,CURLOPT_URL, $base_url . 'admin/sells');
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'Authorization: Bearer ' . $token
]);
curl_setopt($ch,CURLOPT_POST, null);
curl_setopt($ch,CURLOPT_POSTFIELDS, null);
curl_setopt($ch, CURLOPT_HTTPGET, 1);
// var_dump(curl_getinfo($ch));
$result = curl_exec($ch);
$result = json_decode($result, true);
var_dump($result);
}
And this is my route:
$api = app('Dingo\Api\Routing\Router');
$app_controller = 'App\\Http\\Controllers\\';
$auth_controller = 'App\\Http\\Controllers\\Auth\\';
$api->version('v1', function ($api) use ($app_controller,$auth_controller) {
$api->post('login', ['as' => 'api_login', 'uses' => $auth_controller . 'AuthController#authenticate']);
});
$api->version('v1', ['middleware' => 'api.auth'], function ($api) use ($app_controller,$auth_controller) {
$api->get('admin/sells', ['as' => 'api_admin_sells', 'uses' => $app_controller . 'SellsController#apiIndex']);
});
Am I doing anything wrong?
I used the following PayPal IPN script. The code works perfectly when testing using the IPN simulator, but the moment I make it live it doesn't work at all. I've been searching for a solution all over the net. Is there a way to see why it returns invalid? Any ideas?
<?php
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
// Step 2: POST IPN data back to PayPal to validate
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
if( !($res = curl_exec($ch)) ) {
error_log("Got " . curl_error($ch) . " when processing IPN data", 1, "myemail");
curl_close($ch);
exit;
}
curl_close($ch);
if (strcmp ($res, "VERIFIED") == 0) {
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$payment_id = $_POST['custom'];
$email_from = "from#email";
$subject = "Your Deep Democracy account has been activated!";
$headers = "From: DD Notifications\r\n";
$headers .= "Reply-To: notifications#deep-democracy.net\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
require_once("../includes/db_connection.php");
mail("myemail", $subject, $payment_id." ".$payer_email, $headers);
//Customs
$result = mysql_query("SELECT * FROM delegate_payments WHERE payment_id='$payment_id' AND payment_completed='No'");
if (mysql_num_rows($result) == 1) {
mysql_query("UPDATE delegate_payments SET payment_completed='Yes' WHERE payment_id='$payment_id'");
$row = mysql_fetch_array($result);
$amount = $row['payment_amount'];
$names_array = explode(', ', $row['payment_content']);
$result2 = mysql_query("SELECT * FROM users WHERE email='$payer_email'");
$row = mysql_fetch_array($result2);
$current_amount = $row['amount_due'];
$new_amount = $current_amount - $amount;
mysql_query("UPDATE users SET amount_due='$new_amount' WHERE email='$payer_email'");
foreach ($names_array as &$value) {
mysql_query("UPDATE users SET activated='1' WHERE email='$value'");
mail($value, $subject, $email_message, $headers);
mail("an#email.com", "Delegate Payment Notification", "Hi Britta, \n\nThis is a notification email to inform you that a new delegate has been paid for. The email address is: {$value}", $headers);
}
}
} else if (strcmp ($res, "INVALID") == 0) {
mail("myemail", "Failed", $res, $headers);}
?>
I am trying to develop a fb app that should send the news feed to a website;
I managed to subscribe using the app_id and app_secret but i don't get the news feed;
public function actionSubscription() {
$app_id = '691036934243090';
$app_secret = 'ca6e828f41c638dba4fb0864f7d9f6e8';
$app_url = 'http://www.ghidul-comercial.ro';
$fields = 'feed';
$verify_token = 'blabla';
// Fetching an App Token
$app_token_url = 'https://graph.facebook.com/oauth/access_token?client_id='
. $app_id . '&client_secret=' . $app_secret
. '&grant_type=client_credentials';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $app_token_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$res = curl_exec($ch);
parse_str($res, $token);
if (isset($token['access_token'])) {
// Let's register a callback
$params = array(
'object'
=> 'page',
'fields'
=> $fields,
'callback_url'
// This is the endpoint that will be called when
// a User updates the location field
=> $app_url . '/index.php/site/api',
'verify_token'
=> $verify_token,
);
curl_setopt($ch, CURLOPT_URL, 'https://graph.facebook.com/'
. $app_id . '/subscriptions?access_token='
. $token['access_token']);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
$res = curl_exec($ch);
if ($res && $res != 'null') {
print_r($res);
}
// Fetch list of all callbacks
curl_setopt($ch, CURLOPT_POST, 0);
$res = curl_exec($ch);
}
if ($res && $res != 'null') {
print_r($res);
}
curl_close($ch);
error_log('test');
}
This is how i intend to catch the feed:
public function actionApi() {
$data = new Data();
$data->info = '1';
$data->save(false);
$method = $_SERVER['REQUEST_METHOD'];
$data = new Data();
$data->info = $method;
$data->save(false);
$rawdata1 = file_get_contents('php://input');
$rawdata2 = json_decode($HTTP_RAW_POST_DATA,true);
$rawdata2 = json_decode(file_get_contents('php://input'),true);
$data = new Data();
$data->info = $rawdata1;
$data->save(false);
if ($method == 'GET' && isset($_GET['hub_mode']) && $_GET['hub_mode'] == 'subscribe' && isset($_GET['hub_verify_token']) && $_GET['hub_verify_token'] == 'blabla') {
echo $_GET['hub_challenge'];
exit;
} elseif ($method == 'POST') {
$post = file_get_contents("php://input");
$data = new Data();
$data->info = $post;
$data->save(false);
}
$data = new Data();
$data->info = '2';
$data->save(false);
}
go to link click Get Access Token , select by click everything from the 3 tabs , click get acccess token , then paste your group id ; also at your feed field and click submit.
That's all ! this will work
Small problem here
I want to make a small fb app which show different views for page admin and users, page admin can add html to the app and include the app in their page (somewhat like the old fbml app).
but the problem is when i'm authenticating the app it is jumping from page tab to its app page.
i need to acces the following things
[page] => stdClass Object
(
[id] => FAN_PAGE_ID
[liked] => 1
[admin] =>
)
for this i need to be in fb page tab while authenticating. How ? :(
i am posting my current code here.
please help me.
ob_start();
$app_id = "----------";
$app_secret = "-----------------";
include_once 'src/facebook.php';
$my_url = "http://apps.facebook.com/-----beta/index.php";
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
));
session_start();
$code = $_REQUEST["code"];
//echo $code . "</br>";
if(empty($code)) {
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&display=popup&scope=manage_pages,email&redirect_uri=" . urlencode($my_url) . "&state=" . $_SESSION['state'];
echo("<script> top.location.href='" . $dialog_url . "'</script>");
}
if($_REQUEST['state'] == $_SESSION['state']) {
$token_url = "https://graph.facebook.com/oauth/access_token?" . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url) . "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$graph_url = "https://graph.facebook.com/me?access_token=" . $params['access_token'];
$user = json_decode(file_get_contents($graph_url));
//echo $_REQUEST['signed_request'];echo "<hr>";
//var_dump($user);
$signedRequest = $facebook->getSignedRequest();
$appData = array();
if (!empty($signedRequest) && !empty($signedRequest['page'])) {
$appData = json_decode($signedRequest['page'], true);
}
var_dump($appData); echo "<hr>";
var_dump(parse_signed_request($_REQUEST['signed_request'] , $app_secret));
echo("<hr>Hello " . $user->name);
}
else {
echo("The state does not match. You may be a victim of CSRF.");
}
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
I am using this script in the tab:
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
return null;
}
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
$signed_request = $_REQUEST['signed_request'];
$secret = $app_secret;
$getdata = parse_signed_request($signed_request, $secret);
$fanpage = $getdata['page'];
$page_id = $fanpage['id']; // GET THE PAGE ID
$is_fan = $fanpage['liked']; // 0 if its not fan, 1 if its fan
$is_admin = $fanpage['admin']; //1 if user is admin of page. 0 if not
if($page_id){
//if app is tab
if($is_admin){
//if user is admin
}
if($is_fan){
//I am fan
}else{
// I am not a fan
}
}