Clueking
Reputation: 21
Error from cURL: #3: <url> malformed
When debug is on I get, I'm testing payments using sandbox.paypal.com to test when a payment is made it should upgrade the user but instead when I had the debug on I get this error. Error from cURL: #3: malformed
0 0 0 -1 0 0 0 0 0 0 0 0 0 0 -1 -1 0 0
Script for handling the IPN
<?php
define("IN_MYBB", 1);
require_once "./inc/init.php";
$email = '[email protected]'; // the email debug emails are sent to
$sandbox = '.sandbox'; // set to .sandbox if you want to use sandbox
$debugging = 1; // set to 1 to receive emails
if($debugging)
my_mail($email, "IPN NOTIFICATION #1", "Debugging only.");
// The following part of the code comes mainly from PayPal's sample
// Quoting the comments:
// "reading posted data from directly from $_POST causes serialization
// issues with array data in POST
// reading raw POST data from input stream instead."
//
// Possible explanation(?): http://stackoverflow.com/a/14008214
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($myPost as $key => $value) {
$value = urlencode($value);
$req .= "&$key=$value";
}
$ch = curl_init('https://www'.$sandbox.'.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", 'Connection: Close', 'User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0', "Content-Length: " . strlen($req)));
curl_setopt($ch, CURLOPT_HEADER , 0);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
if(!($curl_result = curl_exec($ch)))
{
if($debugging)
{
$cInfo = curl_getinfo($ch);
my_mail($email, "IPN ERROR #1", "Error from cURL: #".curl_errno($ch).': ' . curl_error($ch)."\n\n".implode("\n", $cInfo));
}
curl_close($ch);
exit;
}
curl_close($ch);
if (strcmp($res, "VERIFIED") == 0)
{
$address_city = $db->escape_string($_POST['address_city']);
$address_country = $db->escape_string($_POST['address_country']);
$address_country_code = $db->escape_string($_POST['address_country_code']);
$address_name = $db->escape_string($_POST['address_name']);
$address_state = $db->escape_string($_POST['address_state']);
$address_status = $db->escape_string($_POST['address_status']);
$address_street = $db->escape_string($_POST['address_street']);
$address_zip = $db->escape_string($_POST['address_zip']);
$first_name = $db->escape_string($_POST['first_name']);
$last_name = $db->escape_string($_POST['last_name']);
$payer_business_name = $db->escape_string($_POST['payer_business_name']);
$payer_email = $db->escape_string($_POST['payer_email']);
$payer_id = $db->escape_string($_POST['payer_id']);
$payer_status = $db->escape_string($_POST['payer_status']);
$residence_country = $db->escape_string($_POST['residence_country']);
$business = $db->escape_string($_POST['business']);
// subscription name
$item_name = $db->escape_string($_POST['item_name']);
// subscription id
$item_number = intval($_POST['item_number']);
$quantity = $db->escape_string($_POST['quantity']);
$receiver_email = $db->escape_string($_POST['receiver_email']);
$receiver_id = $db->escape_string($_POST['receiver_id']);
// user id
$custom = intval($_POST['custom']);
$invoice = $db->escape_string($_POST['invoice']);
$memo = $db->escape_string($_POST['memo']);
$option_name1 = $db->escape_string($_POST['option_name1']);
$option_name2 = $db->escape_string($_POST['option_name2']);
$option_selection1 = $db->escape_string($_POST['option_selection1']);
$option_selection2 = $db->escape_string($_POST['option_selection2']);
$tax = $db->escape_string($_POST['tax']);
$auth_id = $db->escape_string($_POST['auth_id']);
$auth_exp = $db->escape_string($_POST['auth_exp']);
$auth_amount = $db->escape_string($_POST['auth_amount']);
$auth_status = $db->escape_string($_POST['auth_status']);
$mc_gross = $db->escape_string($_POST['mc_gross']);
$mc_handling = $db->escape_string($_POST['mc_handling']);
$mc_shipping = $db->escape_string($_POST['mc_shipping']);
$num_cart_items = $db->escape_string($_POST['num_cart_items']);
$parent_txn_id = $db->escape_string($_POST['parent_txn_id']);
$payment_date = $db->escape_string($_POST['payment_date']);
$payment_status = $db->escape_string($_POST['payment_status']);
$payment_type = $db->escape_string($_POST['payment_type']);
$pending_reason = $db->escape_string($_POST['pending_reason']);
$reason_code = $db->escape_string($_POST['reason_code']);
$remaining_settle = $db->escape_string($_POST['remaining_settle']);
$transaction_entity = $db->escape_string($_POST['transaction_entity']);
$txn_id = $db->escape_string($_POST['txn_id']);
$txn_type = $db->escape_string($_POST['txn_type']);
$exchange_rate = $db->escape_string($_POST['exchange_rate']);
$mc_currency = $db->escape_string($_POST['mc_currency']);
$mc_fee = $db->escape_string($_POST['mc_fee']);
$payment_fee = $db->escape_string($_POST['payment_fee']);
$payment_gross = $db->escape_string($_POST['payment_gross']);
$settle_amount = $db->escape_string($_POST['settle_amount']);
$settle_currency = $db->escape_string($_POST['settle_currency']);
$for_auction = $db->escape_string($_POST['for_auction']);
$auction_buyer_id = $db->escape_string($_POST['auction_buyer_id']);
$auction_closing_date = $db->escape_string($_POST['auction_closing_date']);
$auction_multi_item = $db->escape_string($_POST['auction_multi_item']);
$subscr_date = $db->escape_string($_POST['subscr_date']);
$subscr_effective = $db->escape_string($_POST['subscr_effective']);
$period1 = $db->escape_string($_POST['period1']);
$period2 = $db->escape_string($_POST['period2']);
$period3 = $db->escape_string($_POST['period3']);
$amount1 = $db->escape_string($_POST['amount1']);
$amount2 = $db->escape_string($_POST['amount2']);
$amount3 = $db->escape_string($_POST['amount3']);
$mc_amount1 = $db->escape_string($_POST['mc_amount1']);
$mc_amount2 = $db->escape_string($_POST['mc_amount2']);
$mc_amount3 = $db->escape_string($_POST['mc_amount3']);
$recurring = $db->escape_string($_POST['recurring']);
$reattempt = $db->escape_string($_POST['reattempt']);
$retry_at = $db->escape_string($_POST['retry_at']);
$recur_times = $db->escape_string($_POST['recur_times']);
$username = $db->escape_string($_POST['username']);
$password = $db->escape_string($_POST['password']);
$subscr_id = $db->escape_string($_POST['subscr_id']);
$case_id = $db->escape_string($_POST['case_id']);
$case_type = $db->escape_string($_POST['case_type']);
$case_creation_date = $db->escape_string($_POST['case_creation_date']);
$notify_version = $db->escape_string($_POST['notify_version']);
$verify_sign = $db->escape_string($_POST['verify_sign']);
if ($debugging)
my_mail($email, "IPN NOTIFICATION #2", "Debugging only.");
$valid = true;
$lang->load("mysubscriptions");
// does the user exist?
$user = get_user(intval($custom));
if (empty($user))
{
if ($debugging)
my_mail($email, "IPN - Subscription Invalid #1", "\nInvalid user.\n");
}
else {
// verify if subscription exists
$query = $db->simple_select('mysubscriptions_subscriptions', '*', 'sid=\''.$item_number.'\''); // check sid
$sub = $db->fetch_array($query);
if (!$sub)
{
if ($debugging)
my_mail($email, "IPN - Subscription Invalid #2", "\nInvalid subscription\nItem Number:".$item_number."\nItem Name:".$item_name);
$valid = false;
}
if ($debugging)
my_mail($email, "IPN - Validation", "\nis valid: ".intval($valid));
$additional = $sub['additional'];
$endgroup = intval($user['usergroup']);
$uname = $db->escape_string($user['username']);
$query = $db->query("INSERT INTO `".TABLE_PREFIX."mysubscriptions_log` values (
'NULL',
'$uname',
'$custom',
'$additional',
'$item_number',
'$endgroup',
'$receiver_email',
'$receiver_id',
'$business',
'$item_name',
'$item_number',
'$quantity',
'$invoice',
'$option_name1',
'$option_selection1',
'$option_name2',
'$option_selection2',
'$payment_type',
'$payment_status',
'$pending_reason',
'$reason_code',
'$payment_date',
'$settle_amount',
'$settle_currency',
'$exchange_rate',
'$payment_gross',
'$payment_fee',
'$mc_gross',
'$mc_fee',
'$mc_currency',
'$mc_handling',
'$mc_shipping',
'$tax',
'$txn_id',
'$txn_type',
'$for_auction',
'$auction_buyer_id',
'$auction_closing_date',
'$auction_multi_item',
'$first_name',
'$last_name',
'$address_name',
'$address_street',
'$address_city',
'$address_state',
'$address_zip',
'$address_country',
'$address_country_code',
'$address_status',
'$payer_business_name',
'$payer_email',
'$payer_id',
'$payer_status',
'$residence_country',
'$memo',
'$subscr_date',
'$subscr_effective',
'$period1',
'$period2',
'$period3',
'$amount1',
'$amount2',
'$amount3',
'$mc_amount1',
'$mc_amount2',
'$mc_amount3',
'$recurring',
'$reattempt',
'$retry_at',
'$recur_times',
'$username',
'$password',
'$subscr_id',
'$auth_id',
'$auth_exp',
'$auth_amount',
'$auth_status',
'$transaction_entity',
'$remaining_settle',
'$parent_txn_id',
'$case_id',
'$case_type',
'$case_creation_date',
'$notify_version',
'$verify_sign',
'".TIME_NOW."',
'0',
'0')");
if ($debugging)
my_mail($email, "IPN VERIFICATION", "\npayment_status: {$payment_status}\nmc_gross: {$mc_gross}\nsub['price']: {$sub['price']}\nreceiver_email: {$receiver_email}\nmybb->settings['mysubscriptions_paypal_email']: {$mybb->settings['mysubscriptions_paypal_email']}\nmc_currency: {$mc_currency}\nmybb->settings['mysubscriptions_paypal_currency']: {$mybb->settings['mysubscriptions_paypal_currency']}\n\n");
if ($sub['enabled'] == 1 && $valid === true && $payment_status == "Completed" && $mc_gross == $sub['price'] && $receiver_email == $mybb->settings['mysubscriptions_paypal_email'] && $mc_currency == $mybb->settings['mysubscriptions_paypal_currency']) // now is the time!
{
if ($sub['additional'])
join_usergroup($custom, $sub['group']);
else
$db->update_query('users', array('usergroup' => $sub['group']), 'uid=\''.$custom.'\'');
// send PM to subscriber
if ($debugging)
my_mail($email, "IPN Success", "\n Verified IPN $txn_type Transaction, sending PM.\n \n $postipn\n");
if($sub['message'] == '')
{
$sub['message'] = $lang->sprintf($lang->mysubscriptions_success_message, $sub['title']);
}
mysubscriptions_send_pm(array('receivepms' => 1, 'subject' => $lang->mysubscriptions_success_title, 'message' => $sub['message'], 'touid' => $custom), 1);
mysubscriptions_send_pm(array('receivepms' => 1, 'subject' => $lang->mysubscriptions_success_title_admin, 'message' => $lang->sprintf($lang->mysubscriptions_success_message_admin, $sub['title']), 'touid' => 1), $custom);
}
// If Refuned or Reversed, lets make sure the user gets "unsubscribed"
if($payment_status == "Refunded" || $payment_status == "Reversed")
{
$query = $db->simple_select('mysubscriptions_log', '*', 'payment_status=\'Completed\' AND sid=\''.$item_number.'\' AND uid='.$custom, array('order_by' => 'timestamp', 'order_dir' => 'desc'));
$sub = $db->fetch_array($query);
if(!$sub)
{
if ($debugging)
my_mail($email, "IPN - Subscription Invalid", "\nInvalid subscription (Refuned/Reversed)\n");
}
else{
if ($sub['additional'])
leave_usergroup($custom, $sub['group']);
else
$db->update_query('users', array('usergroup' => $sub['endgroup']), 'uid=\''.$custom.'\'');
}
}
// End of time, get user out of the usergroup
if($txn_type == "subscr_eot")
{
$query = $db->simple_select('mysubscriptions_log', '*', 'sid=\''.$item_number.'\'');
$sublog = $db->fetch_array($query);
if (!$sublog)
{
if ($debugging)
my_mail($email, "IPN - Subscription Log Invalid", "\nInvalid subscription log (End of Time)\n");
}
if ($sublog['additional'])
{
$query = $db->simple_select('mysubscriptions_subscriptions', '*', 'sid=\''.$item_number.'\'');
$sub = $db->fetch_array($query);
if (!$sub)
{
if ($debugging)
my_mail($email, "IPN - Subscription Invalid", "\nInvalid subscription (End of Time)\n");
}
leave_usergroup($custom, $sub['group']);
}
else
{
$query = $db->query("UPDATE ".TABLE_PREFIX."users SET usergroup='".$sublog['endgroup']."' WHERE uid='".$custom."'");
}
}
// We're not using any trials here so subscr_signup = subscr_payment, do nothing for this one since we've done it for the other
if($txn_type == "subscr_payment")
{
// do nothing here
}
}
}
else
{
// Invalid
if ($debugging)
my_mail($errormail, "IPN ERROR 2", "IPN transaction was invalid.");
}
exit;
?>
Upvotes: 2
Views: 5661
Answers (2)
PP_MSI_Colin
Reputation: 112
"Now I'm getting this. Error from cURL: #35: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure sandbox.paypal.com/cgi-bin/webscr 0 100 354 -1 0 0 0.311861 0.000235 0.000283 0 0 0 0 0 -1 -1 0 0 – Clueking yesterday"
To follow up on this, due to changes to data security standards by the Payment Card Industry (PCI) Security Standards Council, PayPal is implementing security upgrades and the sandbox endpoint has already been upgraded as of November 2015.
Here is a link to more information on the changes and how to fix the issue: https://www.paypal-knowledge.com/infocenter/index?page=content&id=FAQ1913&expand=true&locale=en_US
Upvotes: 1
willwashburn
Reputation: 106
It looks like you're overwriting the url with curl_setopt with an undefined variable.
$ch = curl_init('https://www'.$sandbox.'.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_URL,$url);
Removing curl_setopt($ch, CURLOPT_URL,$url); should do the trick!
Upvotes: 2
Related Questions
- How do I get a YouTube video thumbnail from the YouTube API?
- Converting a Postman request to curl
- Deleting an element from an array in PHP
- Getting only response header from HTTP POST using cURL
- How to send a header using a HTTP request through a cURL call?
- How do I POST JSON data with cURL?
- How do I measure request and response times at once using cURL?
- How to display request headers with command line curl
- PayPal IPN returns "INVALID" even though payment was processed
- PayPal IPN and buyer address