Updating Paypal IPN PHP 4.1 scripts to use HTTP 1.1: SOLVED!
Paypal has made a change in their system which required some changes to my long-working PHP code, version 4.1. Here's the official notice:
Action Required before February 1, 2013
Merchants need to update their IPN and/or PDT scripts to use HTTP 1.1, and include the "Host: www.paypal.com" and "Connection: close" HTTP headers in the IPN and PDT scripts.
Their full-sized example script is now for PHP 5.x so it wasn't easy to see how to make the changes to my older 4.1 script. Yes, they give you a four line snippet showing the new code added, but without enough context to make it work. There's several other forum posts out there suggesting that I'm not the only one confused. None of them have the complete working code posted, though. So here's the correct solution (tested and working as of today):
One thing that tripped me up: the header needs to end with the double end-line, so the order matters at least in that one way. I'm not sure the rest of the order really matters, buy hey, this works!
Note: this code is part of a larger package that delivers software (or anything zipped) via email to people who send you money with PayPal (or Amazon). Check it out: http://hcidesign.com/linux/
Action Required before February 1, 2013
Merchants need to update their IPN and/or PDT scripts to use HTTP 1.1, and include the "Host: www.paypal.com" and "Connection: close" HTTP headers in the IPN and PDT scripts.
Their full-sized example script is now for PHP 5.x so it wasn't easy to see how to make the changes to my older 4.1 script. Yes, they give you a four line snippet showing the new code added, but without enough context to make it work. There's several other forum posts out there suggesting that I'm not the only one confused. None of them have the complete working code posted, though. So here's the correct solution (tested and working as of today):
// post back to PayPal system to validate
// OLD working version
//$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
//$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
//$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
// new working version:
$header .="POST /cgi-bin/webscr HTTP/1.1\r\n";
$header .="Host: www.paypal.com\r\n";
$header .="Content-Type: application/x-www-form-urlencoded\r\n";
$header .="Connection: close\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
// new working version changes finished, old code resumes:
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
One thing that tripped me up: the header needs to end with the double end-line, so the order matters at least in that one way. I'm not sure the rest of the order really matters, buy hey, this works!
Note: this code is part of a larger package that delivers software (or anything zipped) via email to people who send you money with PayPal (or Amazon). Check it out: http://hcidesign.com/linux/