Paypal IPN listener正在破坏我们的网站_Paypal_Paypal Sandbox_Paypal Ipn_Paypal Subscriptions

Paypal IPN listener正在破坏我们的网站

paypal

Paypal IPN listener正在破坏我们的网站,paypal,paypal-sandbox,paypal-ipn,paypal-subscriptions,Paypal,Paypal Sandbox,Paypal Ipn,Paypal Subscriptions,我正在尝试设置Paypal，以便当客户购买我们网站的订阅时，他们的帐户得到批准。不幸的是，在测试我的IPN侦听器时，我相信我不小心让Paypal在我们的网站上发起了拒绝服务攻击。有人知道这可能是什么原因吗？以下是IPN侦听器： // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlen

我正在尝试设置Paypal，以便当客户购买我们网站的订阅时，他们的帐户得到批准。不幸的是，在测试我的IPN侦听器时，我相信我不小心让Paypal在我们的网站上发起了拒绝服务攻击。有人知道这可能是什么原因吗？以下是IPN侦听器：

// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
// check the payment_status is Completed
// check that receiver_email is your Primary PayPal email
if (($payment_status == 'Completed') && ($receiver_email == $paypalemail))
      { 
    // check that txn_id has not been previously processed

    // check that payment_amount/payment_currency are correct
    // process payment
    if ($clientstatus == PENDING){
    $query = "UPDATE clients SET clientStatus = 'APPROVED', substatus = '1'
    WHERE clientID=$item_number";
    $db2->query( $query );
    }
}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
}

?>

另外，我收到了一封来自我的主机的电子邮件，上面有最后100行错误日志——基本上是10次，都是在1秒之内

[Fri May 17 13:07:16 2013] [error] [client 173.0.82.126] PHP Warning:
fgets(): 2 is not a valid stream resource in /var/www/vhosts/
site.com/subdomains/development.site.com/httpdocs/hiddenadmin/ipn/index.phpon
line 33
[Fri May 17 13:07:16 2013] [error] [client 173.0.82.126] PHP Warning:
fclose(): 2 is not a valid stream resource in /var/www/vhosts/
site.com/subdomains/development.site.com/httpdocs/hiddenadmin/ipn/index.phpon
line 53
[Fri May 17 13:07:16 2013] [error] [client 173.0.82.126] PHP Warning:
feof(): 2 is not a valid stream resource in /var/www/vhosts/
site.com/subdomains/development.site.com/httpdocs/hiddenadmin/ipn/index.phpon
line 32

PayPal现在使用HTTP 1.1进行IPN。X.com上的示例脚本已更新以反映更改。我建议尝试使用一个更新的脚本

您提供的代码也响应沙箱环境。如果您没有使用沙箱，将导致帖子验证失败

谢谢，我们的IPN正在工作。我实际上得到了这是基于的代码。他们真的需要更新，我们和我们的主持人为此遇到了麻烦。很好。我很高兴你能把它整理好。我将看看如何更新这些脚本。它们不应该再被使用了。