Recently, we finally completed the damn Paypal ipn, and made some notes here.
Therefore, paypal ipn (Instant Payment Notification) is a mechanism developed by Paypal to actively notify third-party sellers of the transaction status. The principle of IPN is very simple, that is, when a transaction is generated and the transaction status changes, such as the user has already paid, refunded, or revoked, Paypal uses the common http post method, submit some transaction variables to a website page (called IPN Handler). When the page receives the request, add cmd = _ policy-validate indicating verification to the original data and POST the interface address to Paypal. If the data is correct, Paypal returns the string VERIFIED; otherwise, it is INVALID, if the result is VERIFIED, your program can use the data for operations.
However, code debugging is a very painful task, because as a third-party developer, it is impossible to open two accounts and trade some money between each test, so Paypal specially developed Sandbox for developers to develop, first to the https://developer.paypal.com/register a development account, after that, go to Sandbox to create a virtual Paypal account for testing (at least one Business account and one Personal account should be created). This account registration process is the same as that of Paypal, information can be fake, including bank accounts and credit cards (in fact, Paypal Sandbox will automatically generate some random numbers ). Next, activate the virtual account of the Paypal Sandbox. Note that no matter what email address you enter when registering the Paypal Sanbox, any emails sent to the Email address entered by the virtual account are saved on the Email page (on the navigation bar) of the Development Account Management Interface. Log on to the virtual Paypal environment of Sandbox and verify the bank of the virtual account. You can fill in the field here and Add Funds to recharge your account (How much do you want to fill in ). Then, you also need to activate the IPN option. On the Profile Settings page of the Business account, click, and then click the Edit button to open IPN, if you are using a fixed IPN Handle, you can enter the address directly.
Next, we should set the address of the PayPal interface to https://www.sandbox.paypal.com/cgi-bin/webscr during the test
The basic process is as follows:
The user selects products on our website, puts them in the shopping cart, and then checks for the preparation and payment
The website generates a Paypal payment form based on the items in the shopping cart (which is also the address of the PayPal interface used for submission to IPN ), contains some information about this transaction (next time I will look for a special opportunity to explain it ). And generate an order record in your database.
PayPal records the transaction information in the session.
Use a PayPal account to log on to PayPal (sandbox's virtual account), review details, and click pay.
PayPal handles transactions. If our PayPal account has no problems with the account to be accepted (there is no special place to accept) and the transaction is completed, PayPal will send an IPN, and send a prompt email.
Our IPN handler receives the information and first checks the information with Paypal. If the information is correct, it compares the information with the information in its own database. If the information is correct, it can save the payment information, and modify the order status.
Then, PayPal will display an interface indicating that the transaction is complete. If you click "return", PayPal will send the user back to the specified location on our website.
Our website welcomes the user back, expresses thanks to the user, reminds me, and gives the order number.
The entire process is basically as follows, but there are many points to note:
We can see that the interface address starts with https. In fact, the Paypal Sandbox can use http, but the actual Paypal interface does not support http, therefore, if you use PHP to write IPN Handler scripts, it is useless to simply use tools such as fopen and HTTP_Request in the Code section of the verification information. You should use curl. There are two methods, one is to use libcurl in PHP extension, which is used in the SDK officially released by Paypal, but the SDK of Paypal is very complicated. If you want to write it yourself, you can use Snoopy, A simple and practical PHP request library (which simulates browser behavior by itself), uses the executable file of Curl to obtain results through pipelines rather than php libcurl, therefore, you may need to install OpenSSL when downloading a version that supports SSL on the home page of your cURL. However, it may be required for Linux systems.
In the payment form, you can set the policy_url field to specify where the transaction information should be sent, so that we can overwrite the settings in the Profile. In addition, urlencode is required for this field.
In the obtained IPN information, the status corresponds to the transaction status. For example, if Complete indicates completion, the initial letter is capitalized, and the verification result is VERIFIEY or INVALID. All are capitalized. The specific content is as follows, you can refer to the official documentation of Paypal Order Management Integration guide.