OK, I put together some sample code from Paypal's api, that should complete a payment and notify me with IPN. For some reason it is not working. I tested it with sandbox.paypal.com's IPN tester, and that worked. (if it works, it is supposed to write all post variables to ipn.html)
For it to display the "buy" button, not the IPN code, use the argument ?buy=whatever
<?php
if($_GET['buy'])
{
echo '
<html>
<body>
<form name="_xclick" action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="seller_1241290868_biz@sysach.com">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="item_name_1" value="Cheap Plasticware">
<input type="hidden" name="amount_1" value="2.99">
<input type="hidden" name="item_name_2" value="Teddy Bear">
<input type="hidden" name="amount_2" value="2.99">
<input type="hidden" name="notify_url" value="http://'.$_SERVER['HTTP_HOST'].'/ipn.php">
<input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but01.gif" border="0" name="submit" alt="Make payments with PayPal - it\'s fast, free and secure!">
</form>
</body>
</html>';
}
else
{
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://sandbox.paypal.com', 443, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
$fh = fopen('ipn.html', 'w');
foreach($_POST as $var => $value) fwrite($fh, $var .':'.$value .'<br/>');
fclose($fh);
}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
}
?>
it probably something really simple, but I'm stuck..