PayPal IPN & LC

Richard Miller wow at together.net
Thu May 3 10:59:07 EDT 2012 

I got my IPN solution working by using a simple PHP script which takes 
the IPN data and stores it out to a file with a unique filename. A LC 
script then scans for these files and does what it needs to with the data.

This was only working in the simulator until I discovered that the 
GoDaddy shopping cart was sending its own IPN url to PayPal, overriding 
the PHP notification url I had specified there. I made a change in 
GoDaddy and all is now working.

Here's the PHP script:

-----------------------------

<?php
// Revision Notes
// 11/04/11 - changed post back url from 
https://www.paypal.com/cgi-bin/webscr to 
https://ipnpb.paypal.com/cgi-bin/webscr
// For more info see below:
// https://www.x.com/content/bulletin-ip-address-expansion-paypal-services
// "ACTION REQUIRED: if you are using IPN (Instant Payment Notification) 
for Order Management and your IPN listener script is behind a firewall 
that uses ACL (Access Control List) rules which restrict outbound 
traffic to a limited number of IP addresses, then you may need to do one 
of the following:
// To continue posting back to https://www.paypal.com  to perform IPN 
validation you will need to update your firewall ACL to allow outbound 
access to *any* IP address for the servers that host your IPN script
// OR Alternatively, you will need to modify  your IPN script to post 
back IPNs to the newly created URL https://ipnpb.paypal.com using HTTPS 
(port 443) and update firewall ACL rules to allow outbound access to the 
ipnpb.paypal.com IP ranges (see end of message)."


// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

// post back to PayPal system to validate

$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";

     // If testing on Sandbox use:
     // $header .= "Host: www.sandbox.paypal.com:443\r\n";
$header .= "Host: ipnpb.paypal.com:443\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

     // If testing on Sandbox use:
// $fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, 
$errstr, 30);
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];


$tempFileName = "dump" . rand(1000, 100000) . ".txt";
file_put_contents($tempFileName, print_r($_POST, true));





if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment

$mail_From = "From: MyOrderEmailAddressGoesHere";
$mail_To = "rdmiller at together.net";
$mail_Subject = "VERIFIED IPN";
$mail_Body = $req;

foreach ($_POST as $key => $value){
$emailtext .= $key . " = " .$value ."\n\n";
}

mail($mail_To, $mail_Subject, $emailtext . "\n\n" . $mail_Body, $mail_From);

}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation

$mail_From = "From: MyOrderEmailAddressGoesHere";
$mail_To = "rdmiller at together.net";
$mail_Subject = "INVALID IPN";
$mail_Body = $req;

foreach ($_POST as $key => $value){
$emailtext .= $key . " = " .$value ."\n\n";
}

mail($mail_To, $mail_Subject, $emailtext . "\n\n" . $mail_Body, $mail_From);

}
}
fclose ($fp);
}
?>


----------------------------------------


On 5/2/2012 5:18 PM, J. Landman Gay wrote:
> On 5/2/12 12:56 PM, Peter Haworth wrote:
>> Congrats on working through all this.
>>
>> Slightly off topic but related.  I assume you're doing this to send out
>> license codes or something similar.
>
> Right, I'm trying to automate AirLaunch sales from my web site. 
> Zygodact makes the serial keys and I've finally got it working with 
> the PayPal "Buy Now" button I think.
>
>> At the time I was using the Mac Mail client and it lets you define rules
>> for identifying and processing incoming messages, including the 
>> ability to
>> run an Applescript.  I was able to cobble together an Applescript that
>> tracked down the mp3 file(s) that had been purchsed (using the PayPal
>> product codes) and send an automated reply to the purchaser with 
>> download
>> link(s) to them.
>
> What a good idea. It would come in handy for the LiveCode market place 
> sales, because those can't be automated with my registration system. I 
> still have to process those orders manually.
>
> I don't use Apple Mail though. It would be great if Thunderbird could 
> automate a response. I wonder...
>

More information about the use-livecode mailing list