LYECS LYECS电商系统 老杨商城系统 ECSHOP二次开发
【老杨】paypal更新(2018年9月)后,ecshop paypal支付无法更新支付状态,显示未支付
LYECS,LYECS+商城系统,多用户商城系统,开源商城系统 发布日期:2018-09-10 作者:老杨
paypal更新(2018年9月)后,ecshop paypal支付无法更新支付状态
原因:原EC的请求方式获取到404错误,后经反复测试,发现是由于paypal更新了隐私策略,导致了请求的链接中含有不被paypal识别的字符,直接返回错误结果。
解决方法:改为POST方式请求接口。
支付文件代码如下(定制过的按需求修改):
提示,该代码是老杨在LYECS版本测试通过后,再移植到原版ECSHOP中的,所以未经测试,具体思路大家自行根据自己的情况修改。代码仅供参考,老杨不提供技术支持。
<?php
if (!defined('IN_ECS'))
{
die('Hacking attempt');
}
$payment_lang = ROOT_PATH . 'languages/' .$GLOBALS['_CFG']['lang']. '/payment/paypal.php';
if (file_exists($payment_lang))
{
global $_LANG;
include_once($payment_lang);
}
/* 模块的基本信息 */
if (isset($set_modules) && $set_modules == TRUE)
{
$i = isset($modules) ? count($modules) : 0;
/* 代码 */
$modules[$i]['code'] = basename(__FILE__, '.php');
/* 描述对应的语言项 */
$modules[$i]['desc'] = 'paypal_desc';
/* 是否支持货到付款 */
$modules[$i]['is_cod'] = '0';
/* 是否支持在线支付 */
$modules[$i]['is_online'] = '1';
/* 作者 */
$modules[$i]['author'] = 'http://www.lyecs.com';
/* 网址 */
$modules[$i]['website'] = 'http://www.paypal.com';
/* 版本号 */
$modules[$i]['version'] = '1.0.0';
/* 配置信息 */
$modules[$i]['config'] = array(
array('name' => 'paypal_account', 'type' => 'text', 'value' => ''),
array('name' => 'paypal_currency', 'type' => 'select', 'value' => 'USD')
);
return;
}
/**
* 类
*/
class paypal
{
/**
* 构造函数
*
* @access public
* @param
*
* @return void
*/
function paypal()
{
}
function __construct()
{
$this->paypal();
}
/**
* 生成支付代码
* @param array $order 订单信息
* @param array $payment 支付方式信息
*/
function get_code($order, $payment)
{
$data_order_id = $order['log_id'];
$data_amount = $order['order_amount'];
$data_return_url = return_url(basename(__FILE__, '.php'));
$data_pay_account = $payment['paypal_account'];
$currency_code = $payment['paypal_currency'];
$data_notify_url = return_url(basename(__FILE__, '.php'));
$cancel_return = $GLOBALS['ecs']->url();
$def_url = '<br /><form style="text-align:center;" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">' . // 不能省略
"<input type='hidden' name='cmd' value='_xclick'>" . // 不能省略
"<input type='hidden' name='business' value='$data_pay_account'>" . // 贝宝帐号
"<input type='hidden' name='item_name' value='$order[order_sn]'>" . // payment for
"<input type='hidden' name='amount' value='$data_amount'>" . // 订单金额
"<input type='hidden' name='currency_code' value='$currency_code'>" . // 货币
"<input type='hidden' name='return' value='$data_return_url'>" . // 付款后页面
"<input type='hidden' name='invoice' value='$data_order_id'>" . // 订单号
"<input type='hidden' name='charset' value='utf-8'>" . // 字符集
"<input type='hidden' name='no_shipping' value='1'>" . // 不要求客户提供收货地址
"<input type='hidden' name='no_note' value=''>" . // 付款说明
"<input type='hidden' name='notify_url' value='$data_notify_url'>" .
"<input type='hidden' name='rm' value='2'>" .
"<input type='hidden' name='cancel_return' value='$cancel_return'>" .
"<input type='submit' value='" . $GLOBALS['_LANG']['paypal_button'] . "'>" . // 按钮
"</form><br />";
return $def_url;
}
/**
* 响应操作
*/
function respond()
{
$payment = get_payment('paypal');
$merchant_id = $payment['paypal_account']; ///获取商户编号
// read the post from PayPal system and add 'cmd'
// $req = 'cmd=_notify-validate';
$_POST['cmd']='_notify-validate';
// foreach ($_POST as $key => $value)
// {
// $value = urlencode(stripslashes($value));
// $req .= "&$key=$value";
// }
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) ."\r\n\r\n";
//$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$order_sn = $_POST['invoice'];
$memo = !empty($_POST['memo']) ? $_POST['memo'] : '';
$action_note = $txn_id . '(' . $GLOBALS['_LANG']['paypal_txn_id'] . ')' . $memo;
if($req){
$res=$this->send_paypal_url('https://www.paypal.com',$_POST);
}
if (strcmp($res, 'VERIFIED') == 0)
{
// check the payment_status is Completed
if ($payment_status != 'Completed' && $payment_status != 'Pending')
{
return false;
}
// check that txn_id has not been previously processed
/*$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('order_action') . " WHERE action_note LIKE '" . mysql_like_quote($txn_id) . "%'";
if ($GLOBALS['db']->getOne($sql) > 0)
{
return false;
}*/
// check that receiver_email is your Primary PayPal email
if ($receiver_email != $merchant_id)
{
return false;
}
// check that payment_amount/payment_currency are correct
$sql = "SELECT order_amount FROM " . $GLOBALS['ecs']->table('pay_log') . " WHERE log_id = '$order_sn'";
if ($GLOBALS['db']->getOne($sql) != $payment_amount)
{
return false;
}
if ($payment['paypal_currency'] != $payment_currency)
{
return false;
}
// process payment
order_paid($order_sn, PS_PAYED, $action_note);
return true;
}
elseif (strcmp($res, 'INVALID') == 0)
{
// log for manual investigation
return false;
}
}
function send_paypal_url($url, $post_data = '', $timeout = 5){
$options = array(
CURLOPT_RETURNTRANSFER =>true,
CURLOPT_HEADER =>false,
CURLOPT_POST =>true,
CURLOPT_POSTFIELDS => $post_data,
);
$ch = curl_init($url);
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
}
?>
