0

我希望能够从 PayPal IPN 帖子中获取信息,并使用某些项目来更新我的数据库。这是我的 ipn.php 的当前代码

<?php
// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');

// intantiate the IPN listener
include('ipnlistener.php');
$listener = new IpnListener();

// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = true;

// try to process the IPN POST
try {
$listener->requirePostMethod();
    $verified = $listener->processIpn();
} catch (Exception $e) {
    error_log($e->getMessage());
    exit(0);
}

if ($verified) {

$errmsg = '';   // stores errors from fraud checks

// 1. Make sure the payment status is "Completed" 
if ($_POST['payment_status'] != 'Completed') { 
    // simply ignore any IPN that is not completed
    exit(0); 
}

// 2. Make sure seller email matches your primary account email.
if ($_POST['receiver_email'] != 'PRIMARY EMAIL ADDRESS') {
    $errmsg .= "'receiver_email' does not match: ";
    $errmsg .= $_POST['receiver_email']."\n";
}

// 3. Make sure the currency code matches
if ($_POST['mc_currency'] != 'USD') {
    $errmsg .= "'mc_currency' does not match: ";
    $errmsg .= $_POST['mc_currency']."\n";
}

// 4. Ensure the transaction is not a duplicate.
mysql_connect('localhost', '[DB_USER]', '[DB_PW') or exit(0);
mysql_select_db('DB_NAME') or exit(0);

$txn_id = mysql_real_escape_string($_POST['txn_id']);
$sql = "SELECT COUNT(*) FROM orders WHERE txn_id = '$txn_id'";
$r = mysql_query($sql);

if (!$r) {
    error_log(mysql_error());
    exit(0);
}

$exists = mysql_result($r, 0);
mysql_free_result($r);

if ($exists) {
    $errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
}

if (!empty($errmsg)) {

    // manually investigate errors from the fraud checking
    $body = "IPN failed fraud checks: \n$errmsg\n\n";
    $body .= $listener->getTextReport();
    mail('NOTIFICATION EMAIL ADDRESS', 'IPN Fraud Warning', $body);

} else {

    <?php 
    $csvData = file_get_contents($_POST['custom']); 
    $csvNumColumns = 3; 
    $csvDelim = ";"; 
    $data = array_chunk(str_getcsv($csvData, $csvDelim), $csvNumColumns); 
    ?>

    // add this order to a table
    $user_id = mysql_real_escape_string($_POST['item_name']);
    $credit_amount = mysql_real_escape_string($_POST['item_number']);
    $type = mysql_real_escape_string($_POST['custom']);

    $sql = "INSERT INTO TABLE_NAME VALUES 
         (NULL, '$user_id', '$credit_amount', '$type')";

    if (!mysql_query($sql)) {
        error_log(mysql_error());
        exit(0);

    }


}

} else {
    // manually investigate the invalid IPN
    mail('NOTIFICATION EMAIL ADDRESS', 'Invalid IPN', $listener->getTextReport());
}

?>

当使用 PayPal Sandbox 的 IPN 测试服务对其进行测试时,这似乎工作正常,我可以输入 item_name、item_number 和 custom 所需的值(或使用以下代码时)

<form name="_xclick" action="https://www.sandbox.paypal.com/cgi-bin/webscr" 
    method="post">
    <input type="hidden" name="cmd" value="_xclick">
    <input type="hidden" name="business" value="SANDBOX EMAIL ADDRESS">
    <input type="hidden" name="currency_code" value="USD">
    <input type="hidden" name="amount" value="9.99">
    <input type="hidden" name="custom" value="<?=$this->package['0']['delivered'];?>"
    <input type="hidden" name="item_name" value="<?=$_SESSION["user_id"]?>"
    <input type="hidden" name="item_number" value="<?=$this->package['0']['number'];?>"
    <input type="hidden" name="return" value="WEBSITE_URL/success">
    <input type="hidden" name="notify_url" value="WEBSITE_URL/ipn.php">
    <input type="image" src="http://www.paypal.com/en_US/i/btn/btn_buynow_LG.gif" 
    border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>

然而,我很快意识到,让“item_name”成为客户可识别的东西,而不是将其定义为“user_id”会好得多。是否可以将“自定义”传递定义为我需要的所有 3 个变量,并在 PayPal 按钮中用分号分隔它们(如下所示)

<input type="hidden" name="custom" value="<?=$_SESSION["user_id"]?>;<?=$this->package['0']['number'];?>;<?=$this->package['0']['delivered'];?>"

然后使用类似的东西

<?php 
    $csvData = file_get_contents($_POST['custom']); 
    $csvNumColumns = 3; 
    $csvDelim = ";"; 
    $data = array_chunk(str_getcsv($csvData, $csvDelim), $csvNumColumns); 
    ?>

给我单独的变量,然后可以将其定义为“user_id”、“credit_amount”和“type”

一旦这些变量被分离和定义,它们将被发布到数据库,但是,如果表中已经有一个列具有与试图发布的相同的“user_id”以及相同的“类型”正在尝试发布,那么它应该只通过将“credit_amount”添加到旧行中相应的“credit_amount”单元格来更新该行(尝试添加之前表中已经存在的行)。

4

1 回答 1

0

您可以传递多个值,并将它们填充到单个变量中,例如变量“custom”。这不会有问题。过去我自己也这样做过。当我对此进行编码时,我使用了 | 分离这些值,然后让我的 IPN 解析出我的 IPN 脚本中的值。

于 2013-03-07T13:44:48.763 回答