PayPal PHP接口 测试php-paypal-sandbox

1,到developer.paypal.com注册EMail激活，登录后创建一个business和一个personal帐号（要记住密码，最好弄个简单容易记的，测试而已）

2,php环境问题
好不容易成功启动了php的curl和openssl，我用的是php的msi安装程序，开始会出现“访问拒绝”的提示，后来将curl和openssl取消后，然后重新选择安装，OK

3,研读paypal的文档 PP_OrderManagement_IntegrationGuide.pdf
通过business帐号登录，在激活IPN，步骤是：
在Profile的Selling Preferences一栏，进入“Instant Payment Notification Preferences”，然后Edit，选中checkbox，填入notify_url地网址
走了很多弯路，才知道AutoReturn，可是设置return的网址，步骤是：
同样在Profile的Selling Preferences一栏，进入“Web Payment Preferences”，第一项是AutoReturn，设置为On，并填入自己要return到的网址；

第二项是PDT，设置为On，否则return的网址得不到相应数据。

弄清楚了notify_url，return这两个网址的作用,POST FORM代码:

<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="notify_url" value="http://wyg517.gicp.net/py/validate.php" />
<input type="hidden" name="return" value="http://wyg517.gicp.net/py/success.php" />

其实在Payment Complete的时候，notify_url会被后台运行，用来核对交易数据（数据通过POST传递），return则是用来给用户交易完成后显示（可以不使用AutoReturn，那样的话就是用户点击"return mytest's test Store"按钮后转向的页面，打开PDT的话，就会把交易数据通过GET传至此页面）
notify_url: 需要激活，后台运行，POST传入数据，提交给curl处理，获取交易信息验证（在Profile统一设置，也可在提交的Form里用notify_url参数指定特殊指向，最好附带一个自定义的秘密参数，参与最后的验证）；
return: 前台显示，用户点击转至或者设置AutoReturn自动转至，GET传入数据，用于显示交易信息（可在Profile统一设置，也可在提交的Form里用return参数指定特殊指向）。
附validate.php代码
<?php
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
// post back to PayPal system to validate
$ppCurl = curl_init(); // initialize curl handle
curl_setopt($ppCurl, CURLOPT_POST, true); // set POST method
curl_setopt($ppCurl, CURLOPT_URL, "http://www.sandbox.paypal.com/cgi-bin/webscr"); // set url
curl_setopt($ppCurl, CURLOPT_POSTFIELDS, $req); // fields to POST
curl_setopt($ppCurl, CURLOPT_RETURNTRANSFER, true); // return var
curl_setopt($ppCurl, CURLOPT_TIMEOUT, 4); // time out after 5 secs
curl_setopt($ppCurl, CURLOPT_FAILONERROR, true);
curl_setopt($ppCurl, CURLOPT_FOLLOWLOCATION, true); // allow redirects
curl_setopt($ppCurl, CURLOPT_FRESH_CONNECT, true); // no caching
$result = curl_exec($ppCurl); // engage!

$curlErrorNum = curl_errno($ppCurl); // save error code; 0=none
$curlErrorText = curl_error($ppCurl); // save error message; ""=none
curl_close($ppCurl);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

if ($curlErrorNum != 0) {
// CURL error

} else if ($result == "VERIFIED") {
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
} else if ($result == "INVALID") {
// handle false claim
}
}

附success.php代码:

<?php
$token = "2UYwGN41Dmb9KvjJHmcRIsHs2NQTZ0lG4BXoFrQaocxGMXhfRO_wtcQEbte";
$req = 'cmd=_notify-synch&tx='.$_GET["tx"]."&at=".$token;
foreach ($_GET as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

// post back to PayPal system to validate
$ppCurl = curl_init(); // initialize curl handle
curl_setopt($ppCurl, CURLOPT_POST, true); // set POST method
curl_setopt($ppCurl, CURLOPT_URL, "http://www.sandbox.paypal.com/cgi-bin/webscr"); // set url
curl_setopt($ppCurl, CURLOPT_POSTFIELDS, $req); // fields to POST
curl_setopt($ppCurl, CURLOPT_RETURNTRANSFER, true); // return var
curl_setopt($ppCurl, CURLOPT_TIMEOUT, 4); // time out after 5 secs
curl_setopt($ppCurl, CURLOPT_FAILONERROR, true);
curl_setopt($ppCurl, CURLOPT_FOLLOWLOCATION, true); // allow redirects
curl_setopt($ppCurl, CURLOPT_FRESH_CONNECT, true); // no caching
$result = curl_exec($ppCurl); // engage!

$curlErrorNum = curl_errno($ppCurl); // save error code; 0=none
$curlErrorText = curl_error($ppCurl); // save error message; ""=none
curl_close($ppCurl);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

// parse the data
$lines = explode("\n", $result);

if (strcmp (substr($lines[0],0,7), "SUCCESS") == 0) {
/通过截取获取参数start/
$fig = explode("payment_status=", $result);
echo substr($fig[1],0,strpos($fig[1],"n"));
/通过截取获取参数end/

echo ("