java - PayPal IPN returns INVALID on live and VERIFIED on sandbox -
i have been trying implement paypal ipn system in our company website. when test script in ipn sandbox tool, validated , goes well, when move live, ipn returned invalid payment has been completed well. when check ipn history in account, can see ipn message http response 200:
mc_gross=0.01&invoice=40&protection_eligibility=ineligible&item_number1=&payer_id=mypayerid&tax=0.00&payment_date=08:06:52 sep 03, 2013 pdt&payment_status=completed&charset=windows-1252&mc_shipping=0.00&mc_handling=0.00&first_name=myname&mc_fee=0.01¬ify_version=3.7&custom=18528&payer_status=verified&business=bussiness_mail&num_cart_items=1&mc_handling1=0.00&verify_sign=aj.hl1f2a9aobifqcln.3j-qkkqgaf.rvw8er5rbgj6ssqfwbbsturtd&payer_email=mymail&mc_shipping1=0.00&tax1=0.00&txn_id=61052338b4613440h&payment_type=instant&last_name=mysurname&item_name1=paquete lite&receiver_email=mybussiness_mail&payment_fee=&quantity1=1&receiver_id=svrxvczye2ayc&txn_type=cart&mc_gross_1=0.01&mc_currency=eur&residence_country=es&transaction_subject=18528&payment_gross=&ipn_track_id=38c492cbe6257
- paypal live credentials ok.
- url ok (https://www.paypal.com/cgi-bin/webscr)
my ipnhandler java servlet. dopost action is:
@override protected void dopost(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception { // java jsp log.error("ipn dopost " + new date().gethours() + ":" + new date().getminutes() + ":" + new date().getseconds()); // read post paypal system , add 'cmd' enumeration en = request.getparameternames(); string str = "cmd=_notify-validate"; while (en.hasmoreelements()) { string paramname = (string) en.nextelement(); string paramvalue = request.getparameter(paramname); paramvalue = new string(paramvalue.getbytes("iso-8859-1"), "utf-8"); str = str + "&" + paramname + "=" + urlencoder.encode(paramvalue); } boolean issandbox = "true".equals(propertiesmanager.getproperty("signbox", "paypalsandbox")); // post paypal system validate // note: change http: https: in following url verify using ssl (for increased security). // using https requires either java 1.4 or greater, or java secure socket extension (jsse) // , configured older versions. string url = null; if (issandbox){ url = "https://www.sandbox.paypal.com/cgi-bin/webscr"; }else{ url = "https://www.paypal.com/cgi-bin/webscr"; } log.error("la url de la que redirigimos paypal es " + url); url u = new url(url); urlconnection uc = u.openconnection(); uc.setdooutput(true); uc.setrequestproperty("content-type", "application/x-www-form-urlencoded"); printwriter pw = new printwriter(uc.getoutputstream()); pw.println(str); pw.close(); bufferedreader in = new bufferedreader( new inputstreamreader(uc.getinputstream())); string res = in.readline(); in.close(); log.error("tras abrir la conexión, res es = " + res); // assign posted variables local variables string iduser = request.getparameter("custom"); string idcompra = request.getparameter("invoice"); string paymentstatus = request.getparameter("payment_status"); string paymentamount = request.getparameter("mc_gross"); string fee = request.getparameter("mc_fee"); string paymentcurrency = request.getparameter("mc_currency"); string txnid = request.getparameter("txn_id"); string receiptid = request.getparameter("receipt_id"); string receiveremail = request.getparameter("receiver_email"); string payeremail = request.getparameter("payer_email"); string paymenttype = request.getparameter("payment_type"); string txntype = request.getparameter("txn_type"); if (!"instant".equals(paymenttype) || !"cart".equals(txntype)) { log.debug("no es un cart checkout. detalles:"); log.debug("idcompra=" + idcompra); log.debug("status=" + paymentstatus); log.debug("amount=" + paymentamount); log.debug("currency=" + paymentcurrency); log.debug("transactionid=" + txnid); log.debug("receiptid=" + receiptid); log.debug("receiveremail=" + receiveremail); log.debug("payeremail=" + payeremail); log.debug("paymenttype=" + paymenttype); log.debug("txntype=" + txntype); return; } **//here response invalid in live mode** if (res != null && res.equals("verified")) { //res = "verified" res = "invalid" // more code not important issue.... any idea? said, payments completed ipn sended invalid.
i know old might else, think need post data validation.
according paypal ipn docs:
//after receiving ipn message paypal, //you must respond paypal post message //that begins "cmd=_notify-validate". //append message duplicate of //notification received (the same ipn fields //and values in exact order received them) ... url u = new url(url); httpurlconnection uc = (httpurlconnection) u.openconnection(); uc.setrequestmethod("post"); ...
Comments
Post a Comment