Here's my IPN handler:
<?php
include 'constants.php';
include 'classes/class.database.php';
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
if(USE_SANDBOX == true) {
$paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
}
$ch = curl_init($paypal_url);
if ($ch == FALSE) {
return FALSE;
}
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
if(DEBUG == true) {
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
}
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
$res = curl_exec($ch);
if (curl_errno($ch) != 0) // cURL error
{
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "Can't connect to PayPal to validate IPN message: " . curl_error($ch) . PHP_EOL, 3, LOG_FILE);
}
curl_close($ch);
exit;
} else {
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "HTTP request of validation request:". curl_getinfo($ch, CURLINFO_HEADER_OUT) ." for IPN payload: $req" . PHP_EOL, 3, LOG_FILE);
error_log(date('[Y-m-d H:i e] '). "HTTP response of validation request: $res" . PHP_EOL, 3, LOG_FILE);
}
curl_close($ch);
}
$tokens = explode("\r\n\r\n", trim($res));
$res = trim(end($tokens));
if (strcmp ($res, "VERIFIED") == 0) {
$status = $_POST['payment_status'];
$currency = $_POST['mc_currency'];
$receiver = $_POST['receiver_email'];
$buyer = $_POST['payer_email'];
$buyer_name = $_POST['custom'];
$db = new Database($sql_host, $sql_user, $sql_pass, $sql_data, "payments");
$db->connect();
for ($i = 0; $i < 10; $i++) {
if (isset($_POST['item_name'.$i])) {
$db->addPayment($_POST['item_name'.$i], $_POST['item_number'.$i], $status, $_POST['mc_gross_'.$i], $currency, $buyer, $receiver, $buyer_name);
}
}
if(DEBUG == true)
error_log(date('[Y-m-d H:i e] '). "Verified IPN: $req ". PHP_EOL, 3, LOG_FILE);
} else if (strcmp ($res, "INVALID") == 0) {
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "Invalid IPN: $req" . PHP_EOL, 3, LOG_FILE);
}
}?>
And here's what the IPN's returning:
INVALID
[2016-02-28 05:55 UTC] Invalid IPN: cmd=_notify-validate&mc_gross=0.01&protection_eligibility=Eligible&address_status=confirmed&item_number1=36&payer_id=7GXJG3SBPYHEY&tax=0.00&address_street=&payment_date=21%3A55%3A22+Feb+27%2C+2016+PST&payment_status=Completed&charset=UTF-8&address_zip=&mc_shipping=0.00&mc_handling=0.00&first_name=&mc_fee=0.01&address_country_code=GB&address_name=¬ify_version=3.8&custom=Alex&payer_status=verified&business=&address_country=United+Kingdom&num_cart_items=1&mc_handling1=0.00&address_city=&verify_sign=AzEkqtmA1WmF4x7TDnCOWp34hPjAASvAQSuGR4.BNB0U46x2nInwBmEo&payer_email=&mc_shipping1=0.00&tax1=0.00&txn_id=50446034DM994872C&payment_type=instant&payer_business_name=&last_name=&address_state=&item_name1=test+%28do+not+buy%29&receiver_email=***&payment_fee=0.01&quantity1=1&receiver_id=RJ5DJ76VDC7RC&txn_type=cart&mc_gross_1=0.01&mc_currency=USD&residence_country=GB&transaction_subject=&payment_gross=0.01&ipn_track_id=487a9f43c92
any help would be great.
