[Chapter 6 Ipn]

Thanks Michael! I just tested it this morning and it definitely works fine now. I won't be having many more headaches for a while now. I owe you a few rounds for that

[Chapter 6 Ipn]

Well, I seem to be getting closer to solving this conundrum. Apparently, PayPal are planning to drop support for HTTP 1.0 for IPN, starting February 2013. Yet they've configured the sandbox to turn off support early. I've fixed up the code a bit so that it validates www.sandbox.paypal.com as the host:

 

$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";

$header .= "Content-Type: application/x-www-form-urlencoded\r\n";

$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

$header .= "Host: www.sandbox.paypal.com\r\n";

fputs($fp, $header . $req);

 

Part of the IPN process seemingly goes through, but then it hits another 400 error midway. Then the request fails to go through. Here's my latest error log that ipn.txt has produced:

 

---

 

Received:

Array

(

[txn_type] => subscr_signup

[subscr_id] => I-S74MY3AY6RFJ

[last_name] => Powers

[residence_country] => GB

[mc_currency] => USD

[item_name] => Knowledge is Power Membership

[business] => seanpw_1345583968_biz@eternalrain.org

[amount3] => 10.00

[recurring] => 1

[verify_sign] => A5S6uY74MvuexX795XG3CdYBOgQIAlUhrT9xU-RcnexACTDCtGUiDue8

[payer_status] => verified

[test_ipn] => 1

[payer_email] => smaug1_1345584245_per@eternalrain.org

[first_name] => Sean

[receiver_email] => seanpw_1345583968_biz@eternalrain.org

[payer_id] => LBG3RR7LYFWJ2

[reattempt] => 1

[subscr_date] => 10:22:48 Aug 27, 2012 PDT

[btn_id] => 2578773

[custom] => 23

[charset] => windows-1252

[notify_version] => 3.5

[period3] => 1 Y

[mc_amount3] => 10.00

[ipn_track_id] => cc2f701aa1fcd

)

 

Sent:

POST /cgi-bin/webscr HTTP/1.1

Content-Type: application/x-www-form-urlencoded

Host: www.sandbox.paypal.com

Content-Length: 662

 

 

cmd=_notify-validate&txn_type=subscr_signup&subscr_id=I-S74MY3AY6RFJ&last_name=Powers&residence_country=GB&mc_currency=USD&item_name=Knowledge+is+Power+Membership&business=seanpw_1345583968_biz%40eternalrain.org&amount3=10.00&recurring=1&verify_sign=A5S6uY74MvuexX795XG3CdYBOgQIAlUhrT9xU-RcnexACTDCtGUiDue8&payer_status=verified&test_ipn=1&payer_email=smaug1_1345584245_per%40eternalrain.org&first_name=Sean&receiver_email=seanpw_1345583968_biz%40eternalrain.org&payer_id=LBG3RR7LYFWJ2&reattempt=1&subscr_date=10%3A22%3A48+Aug+27%2C+2012+PDT&btn_id=2578773&custom=23&charset=windows-1252&notify_version=3.5&period3=1+Y&mc_amount3=10.00&ipn_track_id=cc2f701aa1fcd

Received:

HTTP/1.1 200 OK

 

Received:

Date: Mon, 27 Aug 2012 17:29:52 GMT

 

Received:

Server: Apache

 

Received:

X-Frame-Options: SAMEORIGIN

 

Received:

Set-Cookie: c9MWDuvPtT9GIMyPc3jwol1VSlO=bWQzBFA8HBkKg8ljA6rF-kzqIPUDWfTJ-s1hG0J90WLFZAyxzYDH16KsD3WY9xJUPiTy6AF06KvR_kLSYcGOuywTORTBHsqE-8jtV09BNNsiKIyEYOk40hvC0YkExostCOaTa0%7cL4rey604uUdT9zkdK7aT-5ztzfDtT9rnOQVHV6IsWDznR7fJb67gLy0h2iEfoK273nQQA0%7cyOouS-6v5pDCMLCpjtiU4FrXs6OAtHhZPJ40zQHP1zwAWlVW4kRZCoFUswoObQ5YFMGsQW%7c1346088592; domain=.paypal.com; path=/; Secure; HttpOnly

 

Received:

Set-Cookie: cookie_check=yes; expires=Thu, 25-Aug-2022 17:29:52 GMT; domain=.paypal.com; path=/; Secure; HttpOnly

 

Received:

Set-Cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; Secure; HttpOnly

 

Received:

Set-Cookie: navlns=0.0; expires=Sun, 22-Aug-2032 17:29:52 GMT; domain=.paypal.com; path=/; Secure; HttpOnly

 

Received:

Set-Cookie: Apache=10.72.109.11.1346088592145913; path=/; expires=Wed, 20-Aug-42 17:29:52 GMT

 

Received:

X-Cnection: close

 

Received:

Transfer-Encoding: chunked

 

Received:

Content-Type: text/html; charset=UTF-8

 

Received:

 

 

Received:

8

 

Received:

VERIFIED

 

Received:

0

 

Received:

 

 

Received:

Array

(

[transaction_subject] => Knowledge is Power Membership

[payment_date] => 10:31:52 Aug 27, 2012 PDT

[txn_type] => subscr_payment

[subscr_id] => I-PA7GM537VAHV

[last_name] => Powers

[exchange_rate] => 0.486111

[residence_country] => GB

[item_name] => Knowledge is Power Membership

[payment_gross] => 10.00

[mc_currency] => USD

[business] => seanpw_1345583968_biz@eternalrain.org

[payment_type] => instant

[protection_eligibility] => Ineligible

[verify_sign] => AKHFr8--kVOqhVOa1C0DPHdDlFWrADo4BhY7X.Tb7aaAafZGaEnkBRip

[payer_status] => verified

[test_ipn] => 1

[payer_email] => smaug1_1345584245_per@eternalrain.org

[txn_id] => 19B157050C148792J

[receiver_email] => seanpw_1345583968_biz@eternalrain.org

[first_name] => Sean

[payer_id] => LBG3RR7LYFWJ2

[receiver_id] => AANK57TL69S8S

[settle_amount] => 4.55

[settle_currency] => GBP

[payment_status] => Completed

[payment_fee] => 0.64

[mc_fee] => 0.64

[mc_gross] => 10.00

[custom] => 24

[charset] => windows-1252

[notify_version] => 3.5

[ipn_track_id] => 8395752361bc8

)

 

Sent:

POST /cgi-bin/webscr HTTP/1.1

Content-Type: application/x-www-form-urlencoded

Content-Length: 889

 

Host: www.sandbox.paypal.com

 

cmd=_notify-validate&transaction_subject=Knowledge+is+Power+Membership&payment_date=10%3A31%3A52+Aug+27%2C+2012+PDT&txn_type=subscr_payment&subscr_id=I-PA7GM537VAHV&last_name=Powers&exchange_rate=0.486111&residence_country=GB&item_name=Knowledge+is+Power+Membership&payment_gross=10.00&mc_currency=USD&business=seanpw_1345583968_biz%40eternalrain.org&payment_type=instant&protection_eligibility=Ineligible&verify_sign=AKHFr8--kVOqhVOa1C0DPHdDlFWrADo4BhY7X.Tb7aaAafZGaEnkBRip&payer_status=verified&test_ipn=1&payer_email=smaug1_1345584245_per%40eternalrain.org&txn_id=19B157050C148792J&receiver_email=seanpw_1345583968_biz%40eternalrain.org&first_name=Sean&payer_id=LBG3RR7LYFWJ2&receiver_id=AANK57TL69S8S&settle_amount=4.55&settle_currency=GBP&payment_status=Completed&payment_fee=0.64&mc_fee=0.64&mc_gross=10.00&custom=24&charset=windows-1252&notify_version=3.5&ipn_track_id=8395752361bc8

Received:

HTTP/1.0 400 Bad Request

 

Received:

Server: BigIP

 

Received:

Connection: Keep-Alive

 

Received:

Content-Length: 19

 

Received:

[Chapter 6 Ipn]

Found out what part of the problem was. My payment settings were set to ask first before converting currencies, so payment status was always set to pending. Just set it to "Convert automically".

 

Still getting error 400 codes, though.

[Chapter 6 Ipn]

I've checked my IPN history, and they seem to be being sent successfully. But here's the thing - the request's being sent out twice. Once for a transaction, which it accepts, and another for a recurring payment profile. Is this normal?

[Chapter 6 Ipn]

Hi Larry and all, it's me again. I have a problem getting the IPN script to work properly. The IPN request is sent successfully, but the ipn.php script doesn't seem to be updating the database. I've checked my code against the one provided on this site, but I don't seem to be finding anything wrong with mine. Wrote in the function that logs IPN requests, and interestingly it reports back a HTTP 400 error code. Is there something I've missed or done wrong? Or could it be an issue with my host? Thanks for any help offered!

 

<?php # Script 1.22 - ipn.php

 

// Include the configuration file:

require ('includes/config.inc.php');

 

// Open the text file:

// Change this path to make it accurate.

// The text file must be writable by PHP!

$file = fopen('../../ipn.txt', 'a');

 

// Write the POST data to the file:

fwrite($file, "Received:\n");

fwrite($file, print_r($_POST, true));

fwrite($file, "\n");

 

// Create a request variable:

$req = 'cmd=_notify-validate';

 

// Add each received key=value pair to the request:

foreach ($_POST as $key => $value){

$value = urlencode(stripslashes($value));

$req .= "&$key=$value";

}

 

// Open a socket connection to PayPal:

$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); // Test

 

// If no connection was made, trigger an error:

if (!$fp){

trigger_error('Could not connect to the IPN!');

 

// If a connection was made, send the request to PayPal:

} else {

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";

$header .= "Content-Type: application/x-www-form-urlencoded\r\n";

$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

fputs($fp, $header . $req);

 

// Write the PayPal request to the text file:

fwrite($file, "Sent:\n");

fwrite($file, "$header\n");

fwrite($file, "$req\n");

 

// Read in the response:

while (!feof($fp)){

$res = fgets($fp, 1024);

 

// Write the PayPal response to the text file:

fwrite($file, "Received:\n");

fwrite($file, "$res\n");

 

// If the response equals VERIFIED, process the response:

if (strcmp($res, "VERIFIED") == 0){

 

// Check for the right values:

if (isset($_POST['payment_status'])

&& ($_POST['payment_status'] == 'Completed')

&& ($_POST['receiver_email'] == 'seanpw_1345583968_biz@eternalrain.org')

&& ($_POST['mc_gross'] == 10.00)

&& ($_POST['mc_currency'] == 'USD')

&& (!empty($_POST['txn_id']))

){

 

// Check for this transaction in the database:

require (MYSQL);

$txn_id = mysqli_real_escape_string($dbc, $_POST['txn_id']);

$q = "SELECT id FROM t_orders WHERE transaction_id='$txn_id'";

$r = mysqli_query($dbc, $q);

 

if (mysqli_num_rows($r) == 0){

 

// Add this transaction to the t_orders table:

$uid = (isset($_POST['custom'])) ? (int) $_POST['custom'] : 0;

$status = mysqli_real_escape_string($dbc, $_POST['payment_status']);

$amount = (float) $_POST['mc_gross'];

$q = "INSERT INTO t_orders (user_id, transaction_id, payment_status, payment_amount) VALUES ($uid, '$txn_id', '$status', $amount)";

$r = mysqli_query($dbc, $q);

 

if (mysqli_affected_rows($dbc) == 1){

 

// Update the users table:

if ($uid > 0){

$q = "UPDATE t_users SET date_expires = IF(date_expires > NOW(), ADDDATE(date_expires, INTERVAL 1 YEAR), ADDDATE(NOW(), INTERVAL 1 YEAR)), date_modified=NOW() WHERE id=$uid";

$r = mysqli_query($dbc, $q);

if (mysqli_affected_rows($dbc) != 1){

trigger_error('The user\'s expiration date could not be updated!');

}

}

 

// Complete several conditionals:

} else { // Problem inserting the order!

trigger_error('The transaction could not be stored in the orders table!');

}

} // The order has already been stored!

}// The right values don't exist in $_POST[

 

// If the PayPal response is INVALID, log the request:

} elseif (strcmp ($res, "INVALID") == 0){

// log for manual investigation

}

 

// Complete the remaining control structures and close the socket connection:

} // End of the WHILE loop.

fclose ($fp);

} // End of $fp IF-ELSE.

 

// Inidicate the end of this transaction in the text file:

fwrite($file, "--------------\n");

fclose($file);

 

// Complete the script.

?>

 

---

 

ipn.txt:

 

Received:

Array

(

[transaction_subject] => Knowledge is Power Membership

[txn_type] => subscr_payment

[payment_date] => 18:38:13 Aug 26, 2012 PDT

[subscr_id] => I-698HUCWVWPU0

[last_name] => Powers

[residence_country] => GB

[pending_reason] => multi_currency

[item_name] => Knowledge is Power Membership

[payment_gross] => 10.00

[mc_currency] => USD

[business] => seanpw_1345583968_biz@eternalrain.org

[payment_type] => instant

[protection_eligibility] => Ineligible

[verify_sign] => AUaxvSojqajxsiGA9qXfGuCulUctAEX2qAJoWZfhz7EUoXGd1UqkrFNf

[payer_status] => verified

[test_ipn] => 1

[payer_email] => smaug1_1345584245_per@eternalrain.org

[txn_id] => 85784420FY7236456

[receiver_email] => seanpw_1345583968_biz@eternalrain.org

[first_name] => Sean

[payer_id] => LBG3RR7LYFWJ2

[receiver_id] => AANK57TL69S8S

[payment_status] => Pending

[mc_gross] => 10.00

[custom] => 14

[charset] => windows-1252

[notify_version] => 3.5

[ipn_track_id] => bee2c1c0e1432

)

 

Received:

Array

(

[txn_type] => subscr_signup

[subscr_id] => I-698HUCWVWPU0

[last_name] => Powers

[residence_country] => GB

[mc_currency] => USD

[item_name] => Knowledge is Power Membership

[business] => seanpw_1345583968_biz@eternalrain.org

[amount3] => 10.00

[recurring] => 1

[verify_sign] => AjxZJebk9lejPEV2ML23J4WJKG23AngBmkinZM784XPHRkdshPFK029t

[payer_status] => verified

[test_ipn] => 1

[payer_email] => smaug1_1345584245_per@eternalrain.org

[first_name] => Sean

[receiver_email] => seanpw_1345583968_biz@eternalrain.org

[payer_id] => LBG3RR7LYFWJ2

[reattempt] => 1

[subscr_date] => 18:38:08 Aug 26, 2012 PDT

[btn_id] => 2578773

[custom] => 14

[charset] => windows-1252

[notify_version] => 3.5

[period3] => 1 Y

[mc_amount3] => 10.00

[ipn_track_id] => bee2c1c0e1432

)

 

Sent:

POST /cgi-bin/webscr HTTP/1.0

Content-Type: application/x-www-form-urlencoded

Content-Length: 826

 

 

cmd=_notify-validate&transaction_subject=Knowledge+is+Power+Membership&txn_type=subscr_payment&payment_date=18%3A38%3A13+Aug+26%2C+2012+PDT&subscr_id=I-698HUCWVWPU0&last_name=Powers&residence_country=GB&pending_reason=multi_currency&item_name=Knowledge+is+Power+Membership&payment_gross=10.00&mc_currency=USD&business=seanpw_1345583968_biz%40eternalrain.org&payment_type=instant&protection_eligibility=Ineligible&verify_sign=AUaxvSojqajxsiGA9qXfGuCulUctAEX2qAJoWZfhz7EUoXGd1UqkrFNf&payer_status=verified&test_ipn=1&payer_email=smaug1_1345584245_per%40eternalrain.org&txn_id=85784420FY7236456&receiver_email=seanpw_1345583968_biz%40eternalrain.org&first_name=Sean&payer_id=LBG3RR7LYFWJ2&receiver_id=AANK57TL69S8S&payment_status=Pending&mc_gross=10.00&custom=14&charset=windows-1252&notify_version=3.5&ipn_track_id=bee2c1c0e1432

Received:

HTTP/1.0 400 Bad Request

 

Received:

Server: BigIP

 

Received:

Connection: close

 

Received:

Content-Length: 19

 

Received:

 

 

Received:

Invalid Host header

--------------

Sent:

POST /cgi-bin/webscr HTTP/1.0

Content-Type: application/x-www-form-urlencoded

Content-Length: 662

 

 

cmd=_notify-validate&txn_type=subscr_signup&subscr_id=I-698HUCWVWPU0&last_name=Powers&residence_country=GB&mc_currency=USD&item_name=Knowledge+is+Power+Membership&business=seanpw_1345583968_biz%40eternalrain.org&amount3=10.00&recurring=1&verify_sign=AjxZJebk9lejPEV2ML23J4WJKG23AngBmkinZM784XPHRkdshPFK029t&payer_status=verified&test_ipn=1&payer_email=smaug1_1345584245_per%40eternalrain.org&first_name=Sean&receiver_email=seanpw_1345583968_biz%40eternalrain.org&payer_id=LBG3RR7LYFWJ2&reattempt=1&subscr_date=18%3A38%3A08+Aug+26%2C+2012+PDT&btn_id=2578773&custom=14&charset=windows-1252&notify_version=3.5&period3=1+Y&mc_amount3=10.00&ipn_track_id=bee2c1c0e1432

Received:

HTTP/1.0 400 Bad Request

 

Received:

Server: BigIP

 

Received:

Connection: close

 

Received:

Content-Length: 19

 

Received:

 

 

Received:

Invalid Host header

--------------

[Ch4, Login Form Not Working]

Disregard this topic, I've fixed it now. I didn't include the login.inc.php file in my index.

[Ch4, Login Form Not Working]

Hi Larry and all! I'm up to Chapter 4, User Accounts, creating a login form for the site. I can access it on index.php, but when I try to test it... nothing happens! No errors, not even a login confirmation. I've tried debugging it with the examples provided by this site, and I'm still having the same problem. Is it possible that one of my includes is causing this bug in some way? Thanks for anyone who helps me out!

 

(PS, I should note that I used form_functions.inc.php for site registration, and it worked fine! But I'm posting it anyway just in case.)

 

<?php # Script 1.7 - form_functions.inc.php

 

// Define the function

function create_form_input($name, $type, $errors){

 

// Check for and process the value:

$value = FALSE;

if (isset($_POST[$name])) $value=$_POST[$name];

 

// Strip the magic quotes:

if ($value && get_magic_quotes_gpc()) $value = stripslashes($value);

 

// Check the input type:

if (($type == 'text') || ($type == 'password')){

 

// Create the input:

echo '<input type="' . $type . '" name="' . $name . '" id="' . $name . '"';

 

// Add the input's value, if applicable:

if ($value) echo ' value="' . htmlspecialchars($value) . '"';

 

// Check for an error:

if (array_key_exists($name, $errors)){

echo ' class="error" /><span class="error">' . $errors[$name] . '</span>';

} else { // No error detected.

echo ' />';

}

 

// Check if the input type is a textarea:

} elseif ($type == 'textarea'){

 

// Display the error first:

if (array_key_exists($name, $errors)) echo '<span class="error">' . $errors[$name] . '</span>';

 

// Create the textarea:

echo '<textarea name="' . $name . '" id="' . $name . '" rows="5" cols="75"';

 

// Add the error class, if applicable:

if (array_key_exists($name, $errors)){

echo ' class="error">';

} else { // No error detected.

echo '>';

}

 

// Add the value to the text area:

if ($value) echo $value;

 

// Complete the textarea:

echo '</textarea>';

 

} // End of primary IF-ELSE.

} // End of the create_form_input() function.

 

---

 

<?php # Script 1.9 - login.inc.php

 

// Create an array for recording errors:

$login_errors = array();

 

// Validate the email address:

if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){

$e = mysqli_real_escape_string($dbc, $_POST['email']);

} else {

$login_errors['email'] = 'Please enter a valid email address!';

}

 

// Validate the password:

if (!empty($_POST['pass'])){

$p = mysqli_real_escape_string($dbc, $_POST['pass']);

} else {

$login_errors['pass'] = 'Please enter your password!';

}

 

// If no errors occurred, query the database:

if (empty($login_errors)){

$q = "SELECT id, username, type, IF(date_expires >= NOW(), true, false) FROM t_users WHERE (email='$e' AND pass='" . get_password_hash($p) . "')";

$r = mysqli_query($dbc, $q);

 

// If everything went OK:

if (mysqli_num_rows($r) == 1){

$row = mysqli_fetch_array($r, MYSQLI_NUM);

$_SESSION['user_id'] = $row[0];

$_SESSION['username'] = $row[1];

if ($row[2] == 'admin') $_SESSION['user_admin'] = TRUE;

if ($row[3] == 1) $_SESSION['user_not_expired'] = TRUE;

} else { // Create an error message.

$login_errors['login'] = 'The email address and password did not match those on file.';

}

 

} // End of $login_errors IF.

 

---

 

<?php # Script 1.10 - login_form.inc.php

 

if (!isset($login_errors)) $login_errors = array();

require_once ('includes/form_functions.inc.php');

 

?>

<div class="title">

<h4>Login</h4>

</div>

<form action="index.php" method="post" accept-charset="utf-8">

<p><?php if (array_key_exists('login', $login_errors)){

echo '<span class="error">' . $login_errors['login'] . '</span><br />';

}?><label for="email"><strong>Email Address</strong></label><br /><?php create_form_input('email', 'text', $login_errors);?><br />

<label for="pass"><strong>Password</strong></label><br /><?php create_form_input('pass', 'password', $login_errors);?> <a href="forgot_password.php" align="right">Forgot?</a><br />

<input type="submit" value="Login →"></p>

</form>

[Chapter 11 Image Popups Not Working]

Nevermind, I found out what the problem was - I was trying to link function.js to a non-existant directory. I've fixed it now, so it's now working as it should.

[Chapter 11 Image Popups Not Working]

Yes, I tried the same scripts in Internet Explorer, and still had the same problem.

[Chapter 11 Image Popups Not Working]

Hi there. I've been working through this book trying out the example scrips shown within, however I've recently come across a problem in chapter 11, Web Application Development. On images.php, none of my links will open up in a popup window, as is the intended action. I've tried copying the scripts as close as possible, and even tried comparing my scripts (function.js, images.php, show_image.php) with the hosted files, but still came up stumped. I've even tried downloading and running the example files myself, and even they won't work.

 

I should also mention that I haven't attempted Script 11.6 yet with the updated images.php code, as I'm too busy pulling my hair out trying to pin down where I'm going wrong.