Postback to PayPal suddenly stopped working! Help!

ShorePatrol
Contributor
Contributor

My website has been working for years - I have not changed the IPN or PDT scripts, the database has not changed on my end at all....this just started the past 3-4 days...I am using SSL on my site, and communicating with PayPal via SSL for the PostBack.

 

The GET string the customer is being sent back to my site with is correct, and looks like this:
https://mysite.com/paypal-payment.php?amt=1.00&cc=USD&cm=216.55.17.15&item_name=MyService&item_numbe...

 

The payment gets processed by PayPal, and the customer is returned to the above URL ("paypal-payment.php"), but the IPN and PDT script does not complete. I troubleshot the PDT script and it seems the part of the script that posts back to PayPal is no longer returning data.

 

The below code is where the problem is happening:

 

$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
	if (!$fp) {
		exitCode();
	} else {
		fputs ($fp, $header . $req);
		// read the body data
		$res = '';
		$headerdone = false;
		while (!feof($fp)) {
			$line = fgets ($fp, 1024);
			if (strcmp($line, "\r\n") == 0) {
				// read the header
				$headerdone = true;
			}
			else if ($headerdone) {
				// header has been read. now read the contents
				$res .= $line;
			}
		}

		// parse the data
		$lines = explode("\n", $res);
		$response = array();
		if (strcmp ($lines[0], "SUCCESS") == 0) {

If I echo out the $line variable, this is what it says:

 

HTTP/1.0 400 Bad Request 
Server: AkamaiGHost 
Mime-Version: 1.0 
Content-Type: text/html 
Content-Length: 208 
Expires: Wed, 12 Sep 2018 00:52:49 GMT 
Date: Wed, 12 Sep 2018 00:52:49 GMT 
Connection: close 

Invalid URL


The requested URL "[no URL]", is invalid.
Reference #9.b4d06bd1.1536713569.4439c06 

 

So for whatever reason, I'm getting "bad requests" all of a sudden....

 

PayPal says they don't see any problems on their side - my hosting company says it's not them.

 

Please help ASAP because this has a serious impact to my business. Each payment that comes in I have to manually update my database and send emails, etc since the script is no longer working.

 

Willing to pay someone to help resolve.

 

Thanks!

Login to Me Too
12 REPLIES 12

angelleye
Advisor
Advisor
You are using HTTP 1.0 in this example. PayPal no longer accepts requests from 1.0. You need to update this to 1.1.

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
Login to Me Too

ShorePatrol
Contributor
Contributor

Thank you - but how do I change that?

 

Is it as simple as changing:

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";

to

$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";

 

?

 

Also - when did this change go into effect?

Login to Me Too

angelleye
Advisor
Advisor
I think that should do it, yeah, but you may need to check your server software stack, too. If it's old and outdated it may not support what you need.

Here is some general info about the security updates that have been happening: https://www.paypal.com/au/webapps/mpp/tls-http-upgrade

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
Login to Me Too

kenirwin
Contributor
Contributor

I'm having the same problem. Updating the header to HTTP/1.1 did not fix the problem. Any other ideas?

Login to Me Too

angelleye
Advisor
Advisor
There could be more that needs updated in order to fix it on your server. Check these details: https://www.paypal.com/au/webapps/mpp/tls-http-upgrade

Then you'll need to work with your server admin / hosting provider to ensure your server meets those requirements.
Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!
Login to Me Too

wasabis
Member
Member

Hi !

had the same problem.

 

resolved it with :

 

https://www.paypal.com/us/smarthelp/article/how-do-i-modify-my-ipn-php-listener-to-support-http1.1-t...

 

 

//post back to PayPal system to validate (replaces old headers)
$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Host: www.paypal.com\r\n";
$header .= "Connection: close\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

 

 also add trim to the result test :

 

if (strcmp (trim($res), "VERIFIED") == 0) {
//your code
}else if (strcmp (trim($res), "INVALID") == 0) {
//your code
}

hope it helped !

Login to Me Too

tikei
Contributor
Contributor

Thank you, wasabis. This worked for me too!

Login to Me Too

Danuk1
Contributor
Contributor

Thank you Wasabis!

 

Typically this change happened on the same day I updated my site and I've spent hours trying to figure it out ... thank you so very much 🙂

Login to Me Too

gsu
Contributor
Contributor

@ShorePatrol   and @kenirwin

 

I got the same problem and solved it by  modifying the posted Header information from  

$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";

into 

$header .= "POST /cgi-bin/webscr HTTP/1.1\r\n";

also be aware to add the Host variable to the header that is typically missing in HTTP 1.0 requests!!  so add a line like

$header .= "Host: www.paypal.com\r\n";

if your script communicates with www.paypal.com  or  change it to the proper endpoint i.e.  ipnpb.paypal.com 

 

good luck  Smiley Wink

Login to Me Too

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.