2016-01-22 101 views
3

使用託管貝寶IPN握手發出

錯誤消息

Can't connect to PayPal to validate IPN message: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

測試形式

<form action="http://dev.myurlishere.com/ipn.php" method="POST"> 
    <input name="mc_gross" type="hidden" value="500.00" /> 
    <input name="custom" type="hidden" value="some custom data" /> 
    <input name="address_status" type="hidden" value="confirmed" /> 
    <input name="item_number1" type="hidden" value="6" /> 
    <input name="item_number2" type="hidden" value="4" /> 
    <input name="payer_id" type="hidden" value="FW5W7ZUC3T4KL" /> 
    <input name="tax" type="hidden" value="0.00" /> 
    <input name="address_street" type="hidden" value="1234 Rock Road" /> 
    <input name="payment_date" type="hidden" value="14:55 15 Jan 07 2005 PST" /> 
    <input name="payment_status" type="hidden" value="Completed" /> 
    <input name="address_zip" type="hidden" value="12345" /> 
    <input name="mc_shipping" type="hidden" value="0.00" /> 
    <input name="mc_handling" type="hidden" value="0.00" /> 
    <input name="first_name" type="hidden" value="Jason" /> 
    <input name="last_name" type="hidden" value="Anderson" /> 
    <input name="mc_fee" type="hidden" value="0.02" /> 
    <input name="address_name" type="hidden" value="Jason Anderson" /> 
    <input name="notify_version" type="hidden" value="1.6" /> 
    <input name="payer_status" type="hidden" value="verified" /> 
    <input name="business" type="hidden" value="[email protected]" /> 
    <input name="address_country" type="hidden" value="United States" /> 
    <input name="num_cart_items" type="hidden" value="2" /> 
    <input name="mc_handling1" type="hidden" value="0.00" /> 
    <input name="mc_handling2" type="hidden" value="0.00" /> 
    <input name="address_city" type="hidden" value="Los Angeles" /> 
    <input name="verify_sign" type="hidden" value="AlUbUcinRR5pIo2KwP4xjo9OxxHMAi6.s6AES.4Z6C65yv1Ob2eNqrHm" /> 
    <input name="mc_shipping1" type="hidden" value="0.00" /> 
    <input name="mc_shipping2" type="hidden" value="0.00" /> 
    <input name="tax1" type="hidden" value="0.00" /> 
    <input name="tax2" type="hidden" value="0.00" /> 
    <input name="txn_id" type="hidden" value="TESTER" /> 
    <input name="payment_type" type="hidden" value="instant" /> 
    <input name="last_name=Borduin" type="hidden" /> 
    <input name="payer_email" type="hidden" value="[email protected]" /> 
    <input name="item_name1" type="hidden" value="Rubber+clog" /> 
    <input name="address_state" type="hidden" value="CA" /> 
    <input name="payment_fee" type="hidden" value="0.02" /> 
    <input name="item_name2" type="hidden" value="Roman sandal" /> 
    <input name="invoice" type="hidden" value="123456" /> 
    <input name="quantity" type="hidden" value="1" /> 
    <input name="quantity1" type="hidden" value="1" /> 
    <input name="receiver_id" type="hidden" value="5HRS8SCK9NSJ2" /> 
    <input name="quantity2" type="hidden" value="1" /> 
    <input name="txn_type" type="hidden" value="web_accept" /> 
    <input name="mc_gross_1" type="hidden" value="0.01" /> 
    <input name="mc_currency" type="hidden" value="USD" /> 
    <input name="mc_gross_2" type="hidden" value="0.01" /> 
    <input name="payment_gross" type="hidden" value="0.02" /> 
    <input name="subscr_id" type="hidden" value="PP-1234" /> 
    <input name="test" type="submit" value="test" /> 
</form> 

ipn.php

<?php 
// CONFIG: Enable debug mode. This means we'll log requests into 'ipn.log' in the same directory. 
// Especially useful if you encounter network errors or other intermittent problems with IPN (validation). 
// Set this to 0 once you go live or don't require logging. 
define("DEBUG", 1); 
// Set to 0 once you're ready to go live 
define("USE_SANDBOX", 1); 
define("LOG_FILE", "./ipn.log"); 
// Read POST data 
// reading posted data directly from $_POST causes serialization 
// issues with array data in POST. Reading raw POST data from input stream instead. 
$raw_post_data = file_get_contents('php://input'); 
$raw_post_array = explode('&', $raw_post_data); 
$myPost = array(); 
foreach ($raw_post_array as $keyval) { 
    $keyval = explode ('=', $keyval); 
    if (count($keyval) == 2) 
     $myPost[$keyval[0]] = urldecode($keyval[1]); 
} 
// read the post from PayPal system and add 'cmd' 
$req = 'cmd=_notify-validate'; 
if(function_exists('get_magic_quotes_gpc')) { 
    $get_magic_quotes_exists = true; 
} 
foreach ($myPost as $key => $value) { 
    if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { 
     $value = urlencode(stripslashes($value)); 
    } else { 
     $value = urlencode($value); 
    } 
    $req .= "&$key=$value"; 
} 
// Post IPN data back to PayPal to validate the IPN data is genuine 
// Without this step anyone can fake IPN data 
if(USE_SANDBOX == true) { 
    $paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr"; 
} else { 
    $paypal_url = "https://www.paypal.com/cgi-bin/webscr"; 
} 
$ch = curl_init($paypal_url); 
if ($ch == FALSE) { 
    return FALSE; 
} 
curl_setopt($ch, CURLOPT_SSLVERSION, 4); 
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); 
curl_setopt($ch, CURLOPT_POST, 1); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $req); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); 
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1); 
if(DEBUG == true) { 
    curl_setopt($ch, CURLOPT_HEADER, 1); 
    curl_setopt($ch, CURLINFO_HEADER_OUT, 1); 
} 
// CONFIG: Optional proxy configuration 
//curl_setopt($ch, CURLOPT_PROXY, $proxy); 
//curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); 
// Set TCP timeout to 30 seconds 
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); 
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close')); 
// CONFIG: Please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path 
// of the certificate as shown below. Ensure the file is readable by the webserver. 
// This is mandatory for some environments. 
//$cert = __DIR__ . "./cacert.pem"; 
//curl_setopt($ch, CURLOPT_CAINFO, $cert); 
$res = curl_exec($ch); 
if (curl_errno($ch) != 0) // cURL error 
    { 
    if(DEBUG == true) { 
     error_log(date('[Y-m-d H:i e] '). "Can't connect to PayPal to validate IPN message: " . curl_error($ch) . PHP_EOL, 3, LOG_FILE); 
    } 
    curl_close($ch); 
    exit; 
} else { 
     // Log the entire HTTP response if debug is switched on. 
     if(DEBUG == true) { 
      error_log(date('[Y-m-d H:i e] '). "HTTP request of validation request:". curl_getinfo($ch, CURLINFO_HEADER_OUT) ." for IPN payload: $req" . PHP_EOL, 3, LOG_FILE); 
      error_log(date('[Y-m-d H:i e] '). "HTTP response of validation request: $res" . PHP_EOL, 3, LOG_FILE); 
     } 
     curl_close($ch); 
} 
// Inspect IPN validation result and act accordingly 
// Split response headers and payload, a better way for strcmp 
$tokens = explode("\r\n\r\n", trim($res)); 
$res = trim(end($tokens)); 
if (strcmp ($res, "VERIFIED") == 0) { 
    // check whether the payment_status is Completed 
    // check that txn_id has not been previously processed 
    // check that receiver_email is your PayPal email 
    // check that payment_amount/payment_currency are correct 
    // process payment and mark item as paid. 
    // assign posted variables to local variables 
    //$item_name = $_POST['item_name']; 
    //$item_number = $_POST['item_number']; 
    //$payment_status = $_POST['payment_status']; 
    //$payment_amount = $_POST['mc_gross']; 
    //$payment_currency = $_POST['mc_currency']; 
    //$txn_id = $_POST['txn_id']; 
    //$receiver_email = $_POST['receiver_email']; 
    //$payer_email = $_POST['payer_email']; 

    if(DEBUG == true) { 
     error_log(date('[Y-m-d H:i e] '). "Verified IPN: $req ". PHP_EOL, 3, LOG_FILE); 
    } 
} else if (strcmp ($res, "INVALID") == 0) { 
    // log for manual investigation 
    // Add business logic here which deals with invalid IPN messages 
    if(DEBUG == true) { 
     error_log(date('[Y-m-d H:i e] '). "Invalid IPN: $req" . PHP_EOL, 3, LOG_FILE); 
    } 
} 
?> 
+1

https://github.com/paypal/TLS-update – mattslone

回答

3

我BEL網絡的1and1即使你得到這個錯誤的原因是因爲你正在使用SSL v3,它存在嚴重的安全問題,因此不再受到任何嚴重的網站的支持。 (點擊此處瞭解詳情:http://disablessl3.com/)在上面的代碼

,你指定

curl_setopt($ch, CURLOPT_SSLVERSION, 4); 

然而,在錯誤信息,它說

sslv3 alert handshake failure 

所以obviousely SSL V3使用的PHP。而是試圖

curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "TLSv1") 

如下所示:SSL error can not change to TLS

希望幫助你

+0

改變,但仍然得到同樣的錯誤。我也試過curl_setopt($ ch,CURLOPT_SSLVERSION,6);哪個說應該是TLS1.2 – Tsukasa

+2

我的下一個假設是你的主機安裝了一個非常舊的mod_curl版本?你的php_info()應該在CURL部分中的libcurl版本(對於我來說它是表中的第二行,標題爲「捲曲信息」)。 你可以在這裏找到版本歷史:http://curl.haxx.se/docs/releases.html如果你的版本太老了,那麼問題可能是沒有新的支持。 (在這種情況下,捲曲可能會回落到ssl v3) –

+0

7.21.0 \t 2010年6月16日\t 5.5年 – Tsukasa