PayPal Community

Iñaki · ‎Aug-03-2012

Hi, the PayPay IPN responses I get with sandbox account are empty. I've tried two functions to do this and any works today. Yesterday the function wich uses fputs it worked, the curl function only I've tested today and not.
I think I haven't made any changes to fputs function since yesterday.

The language code I use is PHP.

fputs function:

<?php
function paypal_ipn_validate() {
$req = 'cmd=_notify-validate';

  foreach ($_POST as $key => $value) {
    $req .= "&$key=" .  urlencode(stripslashes($value));
  }

  // Post back to PayPal to validate
  $paypal_url = 'www.sandbox.paypal.com';
  $header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
  $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
  $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
  $fp = fsockopen ('ssl://' . $paypal_url, 443, $errno, $errstr, 30);

  if (!$fp) {
    return FALSE;
  }

  $validated = FALSE;
  $full_res = '';

  fputs($fp, $header . $req);
  while (!feof($fp)) {
    $enter = TRUE;
    $res = fgets ($fp, 1024);
    if (strcmp ($res, "VERIFIED") == 0) {
      $validated = TRUE;
    }
    else if (strcmp ($res, "INVALID") == 0) {
      // log
    }
    else {
      $full_res .= $res;
    }
  }
  fclose ($fp);

  return $validated;
}
?>

curl function:

<?php
function paypal_ipn_validate() {
// read the post from PayPal system and add 'cmd'
  $req = 'cmd=' . urlencode('_notify-validate');

  foreach ($_POST as $key => $value) {
    $value = urlencode(stripslashes($value));
    $req .= "&$key=$value";
  }

  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, 'https://www.sandbox.paypal.com/cgi-bin/webscr');
  curl_setopt($ch, CURLOPT_HEADER, 0);
  curl_setopt($ch, CURLOPT_POST, 1);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: www.sandbox.paypal.com'));
  $res = curl_exec($ch);
  $status   = curl_getinfo($ch);
  curl_close($ch);

  $validated = FALSE;
  if (strcmp ($res, "VERIFIED") == 0) {
    $validated = TRUE;
  }
  else if (strcmp ($res, "INVALID") == 0) {
    // log
  }

  return $validated;
}
?>

$full_res variable in fputs function:

HTTP/1.0 400 Bad Request
Server: BigIP
Connection: close
Content-Length: 19
 
Invalid Host header

curl_getinfo output:

array(26) {
  ["url"]=>
  string(45) "https://www.sandbox.paypal.com/cgi-bin/webscr"
  ["content_type"]=>
  NULL
  ["http_code"]=>
  int(0)
  ["header_size"]=>
  int(0)
  ["request_size"]=>
  int(0)
  ["filetime"]=>
  int(-1)
  ["ssl_verify_result"]=>
  int(0)
  ["redirect_count"]=>
  int(0)
  ["total_time"]=>
  float(0.25314)
  ["namelookup_time"]=>
  float(0.062148)
  ["connect_time"]=>
  float(0.253164)
  ["pretransfer_time"]=>
  float(0)
  ["size_upload"]=>
  float(0)
  ["size_download"]=>
  float(0)
  ["speed_download"]=>
  float(0)
  ["speed_upload"]=>
  float(0)
  ["download_content_length"]=>
  float(-1)
  ["upload_content_length"]=>
  float(-1)
  ["starttransfer_time"]=>
  float(0)
  ["redirect_time"]=>
  float(0)
  ["certinfo"]=>
  array(0) {
  }
  ["primary_ip"]=>
  string(11) "173.0.82.77"
  ["primary_port"]=>
  int(443)
  ["local_ip"]=>
  string(13) "192.168.1.131"
  ["local_port"]=>
  int(33713)
  ["redirect_url"]=>
  string(0) ""
}

curl_exec returns an empty string.

Regards.

P.S. I from Spain and my English is not so good.

saif1337 · ‎Aug-04-2012

I have the exact same problem. I havent tested it with the real accounts yet as i need to find someone with a paypal account, but with the sandbox feature i am getting this error. I realised that on the sandbox account the users money is also being spent so its not like the error stops the transaction either. So im worried that this may be happening in the real version too. If so, my users are paying for something they wont be recieving as the script stops half way through and doesnt update the database.

This code was working fine 2 months back when i last checked. What has changed?

saif1337 · ‎Aug-04-2012

I have just tested it with real paypal accounts and it does work. Therefore the problem is only with the sandbox accounts. Please let me know when this issue has been resolved.

Cheers

Yummler · ‎Aug-04-2012

I have exactly the same problem. Does anyone know what's wrong now? It was working few days ago... I can't use the sandbox now...

lzanatta · ‎Aug-04-2012

try this.... I had same problem and naw It works!

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Host: www.sandbox.paypal.com\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

Notice the second line!.

hecaton · ‎Aug-06-2012

Thanks for that - it fixed my ipn process.

Unfortunately this didn't work as well for pdt, it did change the error from Invalid Host Header to just INVALID but it still fails.

Anybody worked out what changes need to be made for pdt?

Or if this is just a temporary change?

Or if the real sandbox will need this soon? (my old code still works fine currently over there)

Thanks.

PayPal_paula · ‎Aug-06-2012

Hi All,

Thanks for all your responses on this post. It is great to see such support to the other members on this and I am so glad that it is resolved for you.

Kudos to you all

Paula

TomTheBomb · ‎Aug-06-2012

Hi Paula,

This was extremely frustraiting. I wasted hours debugging the problem when it turned out to due to some change on the Paypal Sandbox end.

After reverting my codebase to a revision i knew was 100% working with it i was able to debug the issue and find the response "HTTP/1.0 400 Bad Request" occuring.

It's great that the community has come up with a solution to fix it.... but why did this happen in the first place?

I don't mean to be rude but that's pathetic that this happened in the first place. Will this have an effect on production systems pointing towards "ssl://www.paypal.com" ... ?

By the way you didn't actually answer Hecaton's questions...

Cheers,

Tom

ChrisG_UK · ‎Aug-08-2012

I also had to add the Host: header to my IPN and PDT code. The same change fixes the problem for me in both cases. Questions:

Is this a temporary or permanent change?

Will it affect the live system, and if so, when?

I need to know what to tell my customers!!

hoppyite · ‎Aug-17-2012

I had this problem to and

$header .= "Host: www.sandbox.paypal.com\r\n";

fixed it.

But only after many, many frustrating hours of trying to find out why my original code was not working. It's not the first time PayPal's done this sort of thing.

PayPal really needs to get a system together to warn people of changes in advanced so they don't waste so much of their customers time trying to sort out stupid problems.

PayPal Community

IPN response problem

Haven't Found your Answer?