Changes to How You Use PayPal in “Effortless E-commerce with PHP and MySQL”

May 22, 2013

One of the problems with technical writing is that the instructions you provide will eventually become outdated. Some details, such as the fundamentals of a programming language like C, Ruby, or PHP, change relatively slowly. Others, like libraries, frameworks, and browsers, change frequently. And so, it was not surprising to find out that PayPal changed some of their systems a while back in a way that will affect readers of my “Effortless E-commerce with PHP and MySQL” book. This issue first appeared last summer in my support forums, with Sean and Michael discovering the problem and the solution

The specific problem seems to occur in the IPN script (ipn.php), and only when using PayPal’s Sandbox. The IPN script confirms with PayPal the transaction that just occurred and updates the system accordingly. To do so, the script includes these lines:

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
fputs ($fp, $header . $req);

That performs the request, sending along three specific headers to customize the request.

Due to changes in PayPal’s Sandbox interface, you have to add one more header, just after the POST header. The resulting code is now:

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Host: www.sandbox.paypal.com\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
fputs ($fp, $header . $req);

Thanks to Sean and Michael for bringing this to my attention.

Let me know if anyone has any problems or questions surrounding this.