Paypal IPN PHP MySQL **PROBLEMS!**

software development

#1

I have a script that I am trying to get working on my Dream Host account. The script runs fine on a similar server with no problems. But nothing is happening when I run it on Dream Host.

Any help would be greatly appreciated.

My Pay Pal IPN PHP script >>>>>>>>>

[php]

<?php // Open log file, Generate Date //------------------------------------------------------------------- $log = fopen("ipn.log", "a"); fwrite($log, "\n\nipn - " . gmstrftime ("%b %d %Y %H:%M:%S", time()) . "\n"); // Check to see there are posted variables coming into the script if ($_SERVER['REQUEST_METHOD'] != "POST") die ("No Post Variables"); // Initialize the $req variable and add CMD key value pair $req = 'cmd=_notify-validate'; // Read the post from PayPal foreach ($_POST as $key => $value) { $value = stripslashes($value)); $req .= "&$key=$value"; } // Now Post all of that back to PayPal's server using curl, and validate everything with PayPal // We will use CURL instead of PHP for this for a more universally operable script (fsockopen has issues on some environments) //$url = "https://www.sandbox.paypal.com/cgi-bin/webscr"; $url = "https://www.sandbox.paypal.com/cgi-bin/webscr"; $curl_result=$curl_err=''; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", "Content-Length: " . strlen($req))); curl_setopt($ch, CURLOPT_HEADER , 0); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $curl_result = @curl_exec($ch); $curl_err = curl_error($ch); curl_close($ch); $req = str_replace("&", "\n", $req); // Make it a nice list in case we want to email it to ourselves for reporting // Check that the result verifies if (strpos($curl_result, "VERIFIED") !== false) { $req .= "\n\nPaypal Verified OK"; } else { $req .= "\n\nData NOT verified from Paypal!"; mail("me@my_email_address.com", "IPN interaction not verified", "$req", "From: server@my_email_address.com" ); exit(); } /* CHECK THESE 4 THINGS BEFORE PROCESSING THE TRANSACTION, HANDLE THEM AS YOU WISH 1. Make sure that business email returned is your business email 2. Make sure that the transaction’s payment status is “completed” 3. Make sure there are no duplicate txn_id 4. Make sure the payment amount matches what you charge for items. (Defeat Price-Jacking) */ // Check Number 1 ------------------------------------------------------------------------------------------------------------ $receiver_email = $_POST['receiver_email']; if ($receiver_email != "me@my_email_address.com") \ { $message = "Investigate why and how receiver email is wrong. Email = " . $_POST['receiver_email'] . "\n\n\n$req"; mail("me@my_email_address.com", "Receiver Email is incorrect", $message, "From: server@my_email_address.com" ); exit(); // exit script } // Check number 2 ------------------------------------------------------------------------------------------------------------ if ($_POST['payment_status'] != "Completed") { // Handle how you think you should if a payment is not complete yet, a few scenarios can cause a transaction to be incomplete } // Connect to database ------------------------------------------------------------------------------------------------------ require_once 'connect_to_mysql.php'; // Check number 3 ------------------------------------------------------------------------------------------------------------ $this_txn = $_POST['txn_id']; $sql = mysql_query("SELECT id FROM transactions WHERE txn_id='$this_txn' LIMIT 1"); $numRows = mysql_num_rows($sql); if ($numRows > 0) { $message = "Duplicate transaction ID occured so we killed the IPN script. \n\n\n$req"; mail("me@my_email_address.com", "Duplicate txn_id in the IPN system", $message, "From: server@my_email_address.com" ); exit(); // exit script } // Check number 4 ------------------------------------------------------------------------------------------------------------ $product_id_string = $_POST['custom']; $product_id_string = rtrim($product_id_string, ","); // remove last comma // Explode the string, make it an array, then query all the prices out, add them up, and make sure they match the payment_gross amount $id_str_array = explode(",", $product_id_string); // Uses Comma(,) as delimiter(break point) $fullAmount = 0; foreach ($id_str_array as $key => $value) { $id_quantity_pair = explode("-", $value); // Uses Hyphen(-) as delimiter to separate product ID from its quantity $product_id = $id_quantity_pair[0]; // Get the product ID $product_quantity = $id_quantity_pair[1]; // Get the quantity $sql = mysql_query("SELECT ticket_price FROM tickets WHERE ticket_id='{$product_id}' LIMIT 1"); while($row = mysql_fetch_array($sql)){ $product_price = $row["ticket_price"]; } $product_price = $product_price * $product_quantity; $fullAmount = $fullAmount + $product_price; } $fullAmount = number_format($fullAmount, 2); $grossAmount = $_POST['mc_gross']; if ($fullAmount != $grossAmount) { $message = "Possible Price Jack: " . $_POST['payment_gross'] . " != $fullAmount \n\n\n$req"; mail("me@my_email_address.com", "Price Jack or Bad Programming", $message, "From: server@my_email_address.com" ); exit(); // exit script } // END ALL SECURITY CHECKS NOW IN THE DATABASE IT GOES //////////////////////////////////////////////////// // Variables from the POST variables $txn_id = $_POST['txn_id']; $payer_email = $_POST['payer_email']; $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $payment_date = $_POST['payment_date']; $mc_gross = $_POST['mc_gross']; $payment_currency = $_POST['payment_currency']; $receiver_email = $_POST['receiver_email']; $payment_type = $_POST['payment_type']; $txn_type = $_POST['txn_type']; $payment_status = $_POST['payment_status']; $payer_status = $_POST['payer_status']; $address_street = $_POST['address_street']; $address_city = $_POST['address_city']; $address_state = $_POST['address_state']; $address_zip = $_POST['address_zip']; $address_country = $_POST['address_country']; $address_status = $_POST['address_status']; $notify_version = $_POST['notify_version']; $verify_sign = $_POST['verify_sign']; $payer_id = $_POST['payer_id']; $mc_currency = $_POST['mc_currency']; $mc_fee = $_POST['mc_fee']; $custom = $_POST['custom']; // DEBUGING $results = print_r($_POST, true); $to = 'me@my_email_address.com'; $subject = 'PayPal IPN '.date("Y-m-d_H:i:s"); $message = 'PayPal IPN '.$results.' '.date("Y-m-d_H:i:s"); $headers = 'From: server@my_email_address.com' . "\r\n" . 'Reply-To: server@my_email_address.com' . "\r\n" . 'Content-type:text/plain; charset = utf8' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); // Place the transaction into the database $sql = mysql_query("INSERT INTO transactions ( product_id_array, payer_email, first_name, last_name, payment_date, mc_gross, payment_currency, txn_id, receiver_email, payment_type, payment_status, txn_type, payer_status, address_street, address_city, address_state, address_zip, address_country, address_status, notify_version, verify_sign, payer_id, mc_currency, mc_fee) VALUES( '$custom', '$payer_email', '$first_name', '$last_name', '$payment_date', '$mc_gross', '$payment_currency', '$txn_id', '$receiver_email', '$payment_type', '$payment_status', '$txn_type', '$payer_status', '$address_street', '$address_city', '$address_state', '$address_zip', '$address_country', '$address_status', '$notify_version', '$verify_sign', '$payer_id', '$mc_currency', '$mc_fee')") or die ("unable to execute the query"); $last_id = mysql_insert_id(); $html_list_events = ''; // Enter individual cart items into transaction_items foreach ($id_str_array as $key => $each_item) { $id_quantity_pair = explode("-", $each_item); // Uses Hyphen(-) as delimiter to separate product ID from its quantity $item_id = $id_quantity_pair[0]; // Get the product ID $quantity = $id_quantity_pair[1]; // Get the quantity $sql = mysql_query("SELECT * FROM tickets WHERE ticket_id='{$item_id}'"); while ($row = mysql_fetch_array($sql)) { $ticket_name = $row["ticket_name"]; $ticket_price = $row["ticket_price"]; $event_venue = $row["event_venue"]; $event_date = strftime("%A %d %B %Y", strtotime($row["event_date"])); $ticket_type = $row["ticket_type"]; $query_sql = "INSERT INTO transaction_items (ticket_id, txn_id, ticket_quantity, ticket_price, ticket_name, event_date, event_venue, ticket_type) VALUES ( '{$item_id}', '{$txn_id}', '{$quantity}', '{$ticket_price}', '{$ticket_name}', '{$event_date}', '{$event_venue}', '{$ticket_type}')"; $sql = mysql_query($query_sql); // DEBUGING $results = print_r($query_sql, true); $to = 'me@my_email_address.com'; $subject = 'PayPal IPN SQL '.date("Y-m-d_H:i:s"); $message = 'PayPal IPN '.$results.' '.date("Y-m-d_H:i:s"); $headers = 'From: server@my_email_address.com' . "\r\n" . 'Reply-To: server@my_email_address.com' . "\r\n" . 'Content-type:text/plain; charset = utf8' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); $html_list_events .= " Event: {$ticket_name}
Event Date: {$event_date}
Venue: {$event_venue}
Your unique code is {$last_id}
Name Given: {$first_name} {$last_name}
Persons: {$quantity}

"; } } // Mail the customer $email_template = file_get_contents('template__email_customer.html'); $email_template = str_ireplace('', $html_list_events, $email_template); $html_list_fevents = ''; $sql = mysql_query("SELECT * FROM future_events"); while ($row = mysql_fetch_array($sql)) { $future_event_id = $row["future_event_id"]; $event_name = $row["event_name"]; $event_date = strftime("%A %d %B %Y", strtotime($row["event_date"])); $event_fburl = $row["event_fburl"]; $html_list_fevents .= " ★ $event_date} {$event_name} ★
{$event_fburl}
"; } $email_template = str_ireplace('', $html_list_fevents, $email_template); $to = "{$first_name} {$last_name} <{$payer_email}>"; $subject = "Thanks for your order of Paying Guestlist"; $headers = "Content-type: text/html; charset=utf-8 \r\n"; $headers .= "From: Paying Guestlist \r\n"; mail($to, $subject, $email_template, $headers); // Mail the merchant mysql_close();fclose ($log); ?>

[/php]


#2

What part isn’t working? Do you receive emails? Does anything appear in the log file?

Things that jump out at me are:
[list]
[] The script is pointed at the Paypal sandbox server. Good for testing, not so good for actually using.
[
] You’re sending mail From an address that you’ve blocked out. Make sure that address is at a DreamHost-hosted domain. (You cannot send mail addressed from external mail services.)
[*] There’s some sections of the script that appear to be missing (e.g, “Handle how you think you should if a payment is not complete yet”).
[/list]