PayPal Community

ShorePatrol · ‎Sep-11-2018

My website has been working for years - I have not changed the IPN or PDT scripts, the database has not changed on my end at all....this just started the past 3-4 days...I am using SSL on my site, and communicating with PayPal via SSL for the PostBack.

The GET string the customer is being sent back to my site with is correct, and looks like this:
https://mysite.com/paypal-payment.php?amt=1.00&cc=USD&cm=216.55.17.15&item_name=MyService&item_numbe...

The payment gets processed by PayPal, and the customer is returned to the above URL ("paypal-payment.php"), but the IPN and PDT script does not complete. I troubleshot the PDT script and it seems the part of the script that posts back to PayPal is no longer returning data.

The below code is where the problem is happening:

$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
	if (!$fp) {
		exitCode();
	} else {
		fputs ($fp, $header . $req);
		// read the body data
		$res = '';
		$headerdone = false;
		while (!feof($fp)) {
			$line = fgets ($fp, 1024);
			if (strcmp($line, "\r\n") == 0) {
				// read the header
				$headerdone = true;
			}
			else if ($headerdone) {
				// header has been read. now read the contents
				$res .= $line;
			}
		}

		// parse the data
		$lines = explode("\n", $res);
		$response = array();
		if (strcmp ($lines[0], "SUCCESS") == 0) {

If I echo out the $line variable, this is what it says:

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Wed, 12 Sep 2018 00:52:49 GMT
Date: Wed, 12 Sep 2018 00:52:49 GMT
Connection: close

Invalid URL

The requested URL "[no URL]", is invalid.
Reference #9.b4d06bd1.1536713569.4439c06

So for whatever reason, I'm getting "bad requests" all of a sudden....

PayPal says they don't see any problems on their side - my hosting company says it's not them.

Please help ASAP because this has a serious impact to my business. Each payment that comes in I have to manually update my database and send emails, etc since the script is no longer working.

Willing to pay someone to help resolve.

Thanks!

angelleye · ‎Sep-12-2018

You are using HTTP 1.0 in this example. PayPal no longer accepts requests from 1.0. You need to update this to 1.1.

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!

ShorePatrol · ‎Sep-12-2018

Thank you - but how do I change that?

Is it as simple as changing:

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";

to

$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";

?

Also - when did this change go into effect?

angelleye · ‎Sep-12-2018

I think that should do it, yeah, but you may need to check your server software stack, too. If it's old and outdated it may not support what you need.

Here is some general info about the security updates that have been happening: https://www.paypal.com/au/webapps/mpp/tls-http-upgrade

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!

kenirwin · ‎Sep-14-2018

I'm having the same problem. Updating the header to HTTP/1.1 did not fix the problem. Any other ideas?

angelleye · ‎Sep-14-2018

There could be more that needs updated in order to fix it on your server. Check these details: https://www.paypal.com/au/webapps/mpp/tls-http-upgrade

Then you'll need to work with your server admin / hosting provider to ensure your server meets those requirements.

Angell EYE - www.angelleye.com
PayPal Partner and Certified Developer - Kudos are Greatly Appreciated!

wasabis · ‎Sep-14-2018

Hi !

had the same problem.

resolved it with :

https://www.paypal.com/us/smarthelp/article/how-do-i-modify-my-ipn-php-listener-to-support-http1.1-t...

//post back to PayPal system to validate (replaces old headers)
$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Host: www.paypal.com\r\n";
$header .= "Connection: close\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

also add trim to the result test :

if (strcmp (trim($res), "VERIFIED") == 0) {
//your code
}else if (strcmp (trim($res), "INVALID") == 0) {
//your code
}

hope it helped !

tikei · ‎Sep-15-2018

Thank you, wasabis. This worked for me too!

Danuk1 · ‎Sep-19-2018

Thank you Wasabis!

Typically this change happened on the same day I updated my site and I've spent hours trying to figure it out ... thank you so very much 🙂

gsu · ‎Sep-25-2018

@ShorePatrol and @kenirwin

I got the same problem and solved it by modifying the posted Header information from

$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";

into

$header .= "POST /cgi-bin/webscr HTTP/1.1\r\n";

also be aware to add the Host variable to the header that is typically missing in HTTP 1.0 requests!! so add a line like

$header .= "Host: www.paypal.com\r\n";

if your script communicates with www.paypal.com or change it to the proper endpoint i.e. ipnpb.paypal.com

good luck

PayPal Community

Postback to PayPal suddenly stopped working! Help!

Haven't Found your Answer?