`

PHP集成PayPal

    博客分类:
  • PHP
 
阅读更多

1.注册开发者账号,注册完登陆,然后新建一个Business账号和一个Personal账号,然后选择一个账号登陆,可以看到一些明细之类的东东,

 

2.几个地址

 a.return        ---就是付款完成之后返回的页面

 b.notify_url   ---付完款之后PayPal通知你的页面,这个页面会处理逻辑(包括接受IPN信息,验证, 判断是否付款完成以及你付款完成之后的后续逻辑处理)

 c.cancel_return  ----就是在跳到付款页面直接取消回到的页面

 

3.你的页面上生成一个form表单,然后把你的需要支付的信息放到表单的hidden里面,例如:

 

<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
    <input type="hidden" name="cmd" value="_xclick">
    <input type="hidden" name="business" value="business email">  <!--接受付款的账号 >
    <input type="hidden" name="item_name" value="cash">
    <input type="hidden" name="amount" value="0.5">
    <input type="hidden" name="currency_code" value="HKD">
    <input type="hidden" name="return" value="http://xxx/paypal_return.php">
    <input type="hidden" name="invoice" value="82">
    <input type="hidden" name="charset" value="utf-8">

    <input type="hidden" name="no_shipping" value="1">
    <input type="hidden" name="no_note" value="">
    <input type="hidden" name="notify_url" value="http://xxx/paypal_notify.php">
    <input type="hidden" name="rm" value="82">
    <input type="hidden" name="cancel_return"value="http://xxx/paypal_cancel.php">
    <input type="submit" value="submit">
</form>

 

4.最重要的paypal.notify.php页面

 a.接受Paypal post给你的数据,完全按照收到表单变量时的原样发送所有收到的表单变量。您还需要将一个值为“_notify-validate”的名为“cmd”变量(例如,cmd=_notify-validate)附加到 POST 字符串。

 b.然后把post过来的数据加上标签和修改的cmd请求PayPal页面

 c.PayPal将回复该 POST,并在回复的正文中包含一个单词“VERIFIED”或“INVALID”。当您收到 VERIFIED 回复时,       在实施订单之前执行若干检查:

    @确认“payment_status”为“Completed”,因为系统也会为其他结果(如“Pending”或“Failed”)发送 IPN。

    @检查“txn_id”是否未重复,以防止欺诈者重复使用旧的已完成的交易。

    @验证“receiver_email”是已在您的PayPal账户中注册的电子邮件地址,以防止将付款发送到欺诈者的账户 。

    @检查其他交易详情(如物品号和价格),以确认价格未改变完成了以上检查后,您可以使用 IPN 数据更新您的DB,并      处理购物。

    @如果收到“无效”通知,则应将其视为可疑通知,并应对其进行调查。

 

 d.最后正式部署的时候需要去掉sandbox

 

<?php
  //reading raw POST data from input stream. reading pot data from $_POST may cause serialization issues since POST data may contain arrays

  $raw_post_data = file_get_contents('php://input');
  $raw_post_array = explode('&', $raw_post_data);
  $myPost = array();
  foreach ($raw_post_array as $keyval)
  {
      $keyval = explode ('=', $keyval);
      if (count($keyval) == 2)
         $myPost[$keyval[0]] = urldecode($keyval[1]);
  }
  // read the post from PayPal system and add 'cmd'
  $req = 'cmd=_notify-validate';
  if(function_exists('get_magic_quotes_gpc'))
  {
       $get_magic_quotes_exits = true;
  } 
  foreach ($myPost as $key => $value)
  {        
       if($get_magic_quotes_exits == true && get_magic_quotes_gpc() == 1)
       { 
            $value = urlencode(stripslashes($value)); 
       }
       else
       {
            $value = urlencode($value);
       }
       $req .= "&$key=$value";
  }

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.sandbox.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: www.paypal.com'));
// In wamp like environment where the root authority certificate doesn't comes in the bundle, you need
// to download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path 
// of the certificate as shown below.
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
$res = curl_exec($ch);
curl_close($ch);

/*
file_put_contents(dirname(__FILE__) . '/payresp/rc_req.txt', print_r($req, true));
file_put_contents(dirname(__FILE__) . '/payresp/rc_resp.txt', print_r($res, true));
file_put_contents(dirname(__FILE__) . '/payresp/rc_post.txt', print_r($_POST, true));
*/

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];


if (strcmp ($res, "VERIFIED") == 0) {
	// check the payment_status is Completed
	// check that txn_id has not been previously processed
	// check that receiver_email is your Primary PayPal email
	// check that payment_amount/payment_currency are correct
	// process payment
}
else if (strcmp ($res, "INVALID") == 0) {
	// log for manual investigation
}
?>
分享到:
| Yii SendMail
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics