PayPal PHP接口 测试php-paypal-sandbox

1,到developer.paypal.com注册EMail激活，登录后创建一个business和一个personal帐号（要记住密码，最好弄个简单容易记的，测试而已）

2,php环境问题
好不容易成功启动了php的curl和openssl，我用的是php的msi安装程序，开始会出现“访问拒绝”的提示，后来将curl和openssl取消后，然后重新选择安装，OK

3,研读paypal的文档 PP_OrderManagement_IntegrationGuide.pdf
通过business帐号登录，在激活IPN，步骤是：
在Profile的Selling Preferences一栏，进入“Instant Payment Notification Preferences”，然后Edit，选中checkbox，填入notify_url地网址
走了很多弯路，才知道AutoReturn，可是设置return的网址，步骤是：
同样在Profile的Selling Preferences一栏，进入“Web Payment Preferences”，第一项是AutoReturn，设置为On，并填入自己要return到的网址；

第二项是PDT，设置为On，否则return的网址得不到相应数据。

弄清楚了notify_url，return这两个网址的作用,POST FORM代码:

<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="notify_url" value="http://wyg517.gicp.net/py/validate.php" />
<input type="hidden" name="return" value="http://wyg517.gicp.net/py/success.php" />
<input name="cmd" value="_cart" type="hidden">
<input name="add" value="1" type="hidden">
<input name="business" value="wyg517_1302201892_biz@163.com" type="hidden">
<!--商品名称-->
<input name="item_name" value="Stuff Test" type="text">
<!--商品单价-->
<input name="amount" value="3.00" type="text">
<!--商品数量-->
<input name="quantity" value="2" type="text">
<input name="currency_code" value="USD" type="hidden">
<input name="lc" value="US" type="hidden">
<input type="submit" value="Add Cart"/>
</form>
其 实在Payment Complete的时候，notify_url会被后台运行，用来核对交易数据（数据通过POST传递），return则是用来给用户交易完成后显示（可 以不使用AutoReturn，那样的话就是用户点击"return mytest's test Store"按钮后转向的页面，打开PDT的话，就会把交易数据通过GET传至此页面）
notify_url: 需要激活，后台运行，POST传入数据，提交给curl处理，获取交易信息验证（在Profile统一设置，也可在提交的Form里用notify_url参数指定特殊指向，最好附带一个自定义的秘密参数，参与最后的验证）；
return: 前台显示，用户点击转至或者设置AutoReturn自动转至，GET传入数据，用于显示交易信息（可在Profile统一设置，也可在提交的Form里用return参数指定特殊指向）。
附validate.php代码
<?php
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
// post back to PayPal system to validate
$ppCurl = curl_init(); // initialize curl handle
curl_setopt($ppCurl, CURLOPT_POST, true); // set POST method
curl_setopt($ppCurl, CURLOPT_URL, "http://www.sandbox.paypal.com/cgi-bin/webscr"); // set url
curl_setopt($ppCurl, CURLOPT_POSTFIELDS, $req); // fields to POST
curl_setopt($ppCurl, CURLOPT_RETURNTRANSFER, true); // return var
curl_setopt($ppCurl, CURLOPT_TIMEOUT, 4); // time out after 5 secs
curl_setopt($ppCurl, CURLOPT_FAILONERROR, true);
curl_setopt($ppCurl, CURLOPT_FOLLOWLOCATION, true); // allow redirects
curl_setopt($ppCurl, CURLOPT_FRESH_CONNECT, true); // no caching
$result = curl_exec($ppCurl); // engage!

$curlErrorNum = curl_errno($ppCurl); // save error code; 0=none
$curlErrorText = curl_error($ppCurl); // save error message; ""=none
curl_close($ppCurl);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

if ($curlErrorNum != 0) {
// CURL error

} else if ($result == "VERIFIED") {
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
} else if ($result == "INVALID") {
// handle false claim
}
}

附success.php代码:

<?php
$token = "2UYwGN41Dmb9KvjJHmcRIsHs2NQTZ0lG4BXoFrQaocxGMXhfRO_wtcQEbte";
$req = 'cmd=_notify-synch&tx='.$_GET["tx"]."&at=".$token;
foreach ($_GET as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

// post back to PayPal system to validate
$ppCurl = curl_init(); // initialize curl handle
curl_setopt($ppCurl, CURLOPT_POST, true); // set POST method
curl_setopt($ppCurl, CURLOPT_URL, "http://www.sandbox.paypal.com/cgi-bin/webscr"); // set url
curl_setopt($ppCurl, CURLOPT_POSTFIELDS, $req); // fields to POST
curl_setopt($ppCurl, CURLOPT_RETURNTRANSFER, true); // return var
curl_setopt($ppCurl, CURLOPT_TIMEOUT, 4); // time out after 5 secs
curl_setopt($ppCurl, CURLOPT_FAILONERROR, true);
curl_setopt($ppCurl, CURLOPT_FOLLOWLOCATION, true); // allow redirects
curl_setopt($ppCurl, CURLOPT_FRESH_CONNECT, true); // no caching
$result = curl_exec($ppCurl); // engage!

$curlErrorNum = curl_errno($ppCurl); // save error code; 0=none
$curlErrorText = curl_error($ppCurl); // save error message; ""=none
curl_close($ppCurl);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

// parse the data
$lines = explode("\n", $result);

if (strcmp (substr($lines[0],0,7), "SUCCESS") == 0) {
/*通过截取获取参数start*/
$fig = explode("payment_status=", $result);
echo substr($fig[1],0,strpos($fig[1],"n"));
/*通过截取获取参数end*/

echo ("<p><h3>Thank you for your purchase!</h3></p>");

echo ("<b>Payment Details</b><br>\n");
foreach ($keyarray as $key => $value) {
$value = urlencode(stripslashes($value));
echo "<li>$key: $value</li>\n";

echo ("");
}
} else if (strcmp ($lines[0], "FAIL") == 0) {
// log for manual investigation
echo ("<p><h3>FAIL...</h3></p>");
}

?>