I'm having a problem that I do not know since it's my first time using the paypal integration ...
I am trying to make the integration for recurring payments and I am doing it in the following way ...
On the page where the packages and the botos to go to the paypal page are displayed, I do it in the following way
packages.php
<?php
$loggedUser = $_SESSION["id"];
$date = getdate();
$day = $date["mday"];
$month = $date["mon"];
$year = $date["year"];
//PayPal variables
$paypalURL = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
$paypalID = 'Correo de paypal';
$successURL = 'http://localhost/AmoriaDateFinal/FrontEnd/success';
$cancelURL = 'http://localhost/AmoriaDateFinal/FrontEnd/cancel';
$notifyURL = 'http://localhost/AmoriaDateFinal/FrontEnd/paypal_ipn';
$itemName = 'Suscripcion a Amoria!';
$itemName2 = 'Suscripcion a Amoria Plus!';
$itemName3 = 'Suscripcion a Amoria Hot!';
$itemNumber = 'MS/'.$day.'/'.$month.'/'.$year.'/'.$loggedUser;
//subscription price for one month
$itemPrice = 25.00;
?>
<form action="<?php echo $paypalURL; ?>" method="post">
<!-- identify your business so that you can collect the payments -->
<input type="hidden" name="business" value="<?php echo $paypalID; ?>">
<!-- specify a subscriptions button. -->
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<!-- specify details about the subscription that buyers will purchase -->
<input type="hidden" name="item_name" value="<?php echo $itemName; ?>">
<input type="hidden" name="item_number" value="<?php echo $itemNumber; ?>">
<input type="hidden" name="currency_code" value="MXN">
<input type="hidden" name="a3" id="paypalAmt" value="<?php echo $itemPrice; ?>">
<input type="hidden" name="p3" id="paypalValid" value="1">
<input type="hidden" name="t3" value="M">
<!-- custom variable user ID -->
<input type="hidden" name="custom" value="<?php echo $loggedUser; ?>">
<!-- specify urls -->
<input type="hidden" name="cancel_return" value="<?php echo $cancelURL; ?>">
<input type="hidden" name="return" value="<?php echo $successURL; ?>">
<input type="hidden" name="notify_url" value="<?php echo $notifyURL; ?>">
<!-- display the payment button -->
<input class="paypal_button" type="submit" value="Comprar Suscripción">
</form>
in the success.php window I have this code
<?php
//Database credentials
$dbHost = 'localhost';
$dbUsername = 'root';
$dbPassword = '';
$dbName = 'nombreBaseDatos';
//Connect with the database
$db = new mysqli($dbHost, $dbUsername, $dbPassword, $dbName);
//Display error if failed to connect
if ($db->connect_errno) {
printf("Connect failed: %s\n", $db->connect_error);
exit();
}
if(!empty($_GET['item_number']) && !empty($_GET['tx']) && !empty($_GET['amt']) && $_GET['st'] == 'Completed'){
//get transaction information from query string
$itemnumber = $_GET['item_number'];
$txnid = $_GET['tx'];
$paymentgross = $_GET['amt'];
$currencycode = $_GET['cc'];
$paymentstatus = $_GET['st'];
$custom = $_GET['cm'];
var_dump($_GET);
//Check if subscription data exists with the TXN ID
$prevPaymentResult = $db->query("SELECT * FROM usersubscriptions WHERE txnid = '".$txnid."'");
if($prevPaymentResult->numrows > 0){
//get subscription info from database
$paymentRow = $prevPaymentResult->fetch_assoc();
//prepare subscription html to display
$phtml = '<h5 class="success">Thanks for payment, your payment was successful. Payment details are given below.</h5>';
$phtml .= '<div class="paymentInfo">';
$phtml .= '<p>Payment Reference Number: <span>MS'.$paymentRow['id'].'</span></p>';
$phtml .= '<p>Transaction ID: <span>'.$paymentRow['txnid'].'</span></p>';
$phtml .= '<p>Paid Amount: <span>'.$paymentRow['paymentgross'].' '.$paymentRow['currencycode'].'</span></p>';
$phtml .= '<p>Validity: <span>'.$paymentRow['validfrom'].' to '.$paymentRow['validto'].'</span></p>';
$phtml .= '</div>';
}else{
$phtml = '<h5 class="error">Your payment was unsuccessful, please try again.</h5>';
}
}elseif(!empty($_GET['itemnumber']) && !empty($_GET['tx']) && !empty($_GET['amt']) && $_GET['st'] != 'Completed'){
$phtml = '<h5 class="error">Your payment was unsuccessful, please try again.</h5>';
}
?>
<!DOCTYPE html>
<html>
<head>
<title>PayPal Subscriptions Payment Payment Status</title>
<meta charset="utf-8">
</head>
<body>
<div class="container">
<h1>PayPal Subscriptions Payment Status</h1>
<!-- render subscription details -->
<?php echo !empty($phtml)?$phtml:''; ?>
</body>
</html>
and in the section where I receive the IPN
<?php
/*
* Read POST data
* reading posted data directly from $_POST causes serialization
* issues with array data in POST.
* Reading raw POST data from input stream instead.
*/
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// Read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
}
/*
* Post IPN data back to PayPal to validate the IPN data is genuine
* Without this step anyone can fake IPN data
*/
$paypalURL = "https://www.sandbox.paypal.com/cgi-bin/webscr";
$ch = curl_init($paypalURL);
if ($ch == FALSE) {
return FALSE;
}
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSLVERSION, 6);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
// Set TCP timeout to 30 seconds
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close', 'User-Agent: company-name'));
$res = curl_exec($ch);
/*
* Inspect IPN validation result and act accordingly
* Split response headers and payload, a better way for strcmp
*/
$tokens = explode("\r\n\r\n", trim($res));
$res = trim(end($tokens));
if (strcmp($res, "VERIFIED") == 0 || strcasecmp($res, "VERIFIED") == 0) {
//Include DB configuration file
include 'dbConfig.php';
$unitPrice = 25;
//Payment data
$subscrid = $_POST['subscrid'];
$payeremail = $_POST['payeremail'];
$itemnumber = $_POST['itemnumber'];
$txnid = $_POST['txnid'];
$paymentgross = $_POST['mcgross'];
$currencycode = $_POST['mccurrency'];
$paymentstatus = $_POST['paymentstatus'];
$custom = $_POST['custom'];
$subscrmonth = ($payment_gross/$unitPrice);
$subscrdays = ($subscr_month*30);
$subscrdatefrom = date("Y-m-d H:i:s");
$subscrdateto = date("Y-m-d H:i:s", strtotime($subscr_date_from. ' + '.$subscr_days.' days'));
if(!empty($txn_id)){
//Check if subscription data exists with the same TXN ID.
$prevPayment = $db->query("SELECT id FROM usersubscriptions WHERE txnid = '".$txnid."'");
if($prevPayment->num_rows > 0){
exit();
}else{
//Insert tansaction data into the database
$insert = $db->query("INSERT INTO usersubscriptions(userid,validity,validfrom,validto,itemnumber,txnid,paymentgross,currencycode,subscrid,paymentstatus,payeremail) VALUES('".$custom."','".$subscrmonth."','".$subscrdatefrom."','".$subscrdateto."','".$itemnumber."','".$txnid."','".$paymentgross."','".$currencycode."','".$subscrid."','".$paymentstatus."','".$payeremail."')");
//Update subscription id in users table
if($insert){
$subscriptionid = $db->insertid;
$update = $db->query("UPDATE users SET subscriptionid = {$subscriptionid} WHERE id = {$custom}");
}
}
}
}
die;
The problem is that when you click on the button, it sends me to the sandbox page and shows all the data correctly but when I click on login I get the following error
