CODEWITHSUNDEEP
asp.netpaypalpaypal-sandbox
SHEKHAR SHETE
SHEKHAR SHETE

Reputation: 6056

Why i am getting INVALID response from Paypal in asp.net using c#?

I have a sandbox account for paypal for trial purpose An aspx page:sampleprocess.aspx

In Merchant A/c the page is Redirected to http://www.Hostsite.com/member/samplepaypal.aspx after completion of payment.

In samplepaypal.aspx.cs Page Load:

protected void Page_Load(object sender, EventArgs e)
    {
        //string tx = Request.QueryString["tx"];
        //Post back to either sandbox or live
        string strSandbox = "https://www.sandbox.paypal.com/cgi-bin/webscr";
        string strLive = "https://www.paypal.com/cgi-bin/webscr";
        HttpWebRequest req = (HttpWebRequest)WebRequest.Create(strSandbox);

        //Set values for the request back
        req.Method = "POST";
        req.ContentType = "application/x-www-form-urlencoded";
        byte[] param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
        string strRequest = Encoding.ASCII.GetString(param);
        strRequest += "&cmd=_notify-validate";

        req.ContentLength = strRequest.Length;

        //for proxy
        //WebProxy proxy = new WebProxy(new Uri("http://url:port#"));
        //req.Proxy = proxy;

        //Send the request to PayPal and get the response
        StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
        streamOut.Write(strRequest);
        streamOut.Close();
        StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
        string strResponse = streamIn.ReadToEnd();
        streamIn.Close();

        if (strResponse == "VERIFIED")
        {
            lblmsg.Text = "Verified";
            //check the payment_status is Completed
            //check that txn_id has not been previously processed
            //check that receiver_email is your Primary PayPal email
            //check that payment_amount/payment_currency are correct
            //process payment
        }
        else if (strResponse == "INVALID")
        {
            lblmsg.Text = "Not Verified";
            //log for manual investigation
        }
        else
        {
            lblmsg.Text = "IPN Logged";
            //log response/ipn data for manual investigation
        }
    }

here i get the result "INVALID"! whats wrong plz rectify the error. after post back to http://www.Hostsite.com/member/samplepaypal.aspx page from paypal it shows :

http://111.111.111.111/member/samplepaypal.aspx?tx=8L903541KW5338647&st=Pending&amt=100.00&cc=USD&**cm=&item_number=&**sig=QRmNHFf5%2fAH3io9Tn2kj%2fuicu3gpAuMew701OvazfkCdN3jSR5tmFoX3OUPbQlZGoj2PY7vI%2fP1dH84g1CEzSG9NhjnLbjuAFFHyENVsBjKb1dVvK1nZe3FJfElZt11qPfggMOPu8%2bUhDwHekJvNAcXkjLQV01vAjN1y%2fZs1rJw%3d

what are these cm & item_number are blank! what to do to get "VALID" response.

help appreciated..!

Upvotes: 0

Views: 2158

Answers (1)

user1660166
user1660166

Reputation: 79

Using Postbacks for Validation:

If you cannot use shared secrets for notification validation, you can use postbacks to PayPal, instead. Your postback must include exactly the same variables and values that you receive in the IPN posted to your server by PayPal, and they must be in the same order.

Constructing Your Postback

Use these guidelines for constructing your postback to PayPal:.

  1. Your postback must be sent to https://www.paypal.com/cgi-bin/webscr. NOTE:You can implement IPN without SSL, including your postbacks for validation, but PayPal recommends against doing so.

  2. Your postback must include the variable cmd with the value _notify-validate: cmd=_notify-validate

  3. Your postback must include exactly the same variables and values that you receive in the IPN from PayPal, and they must be in the same order.

Processing the PayPal Response to Your Postback PayPal responds to your postbacks with a single word in the body of the response: VERIFIED or INVALID. When you receive a VERIFIED postback response, perform the following checks on data in the IPN:

  1. Check that the payment_status is Completed.

  2. If the payment_status is Completed, check the txn_id against the previous PayPal transaction that you processed to ensure it is not a duplicate.

  3. Check that the receiver_email is an email address registered in your PayPal account.

  4. Check that the price, carried in mc_gross, and the currency, carried in mc_currency, are correct for the item, carried in item_name or item_number. After you complete the above checks, notification validation is complete. You can update your database with the information provided, and you can initiate other appropriate automated back-end processing.

Upvotes: 1

Related Questions