logo标签列表

PHP Paypal授权/捕获NVP集成问题

phpcurlpaypalpaymentexpress-checkout
17

背景:

我们使用NVP集成和php-curl实现了Paypal授权和捕获流程。
完整的流程描述在PayPal开发者网站上: https://developer.paypal.com/webapps/developer/docs/classic/express-checkout/ht_ec-singleAuthPayment-curl-etc/

在我们的网站上,当前的支付场景如下:
- 首先,用户点击按钮以启动支付授权流程,将其重定向到PayPal网站(SetExpressCheckout with paymentaction=Authorization)
- 如果用户在PayPal网站上成功确认了付款,则被重定向到我们网站上的特定成功页面
- 此“成功页面”从PayPal网站获取tokenPayerID,然后我们调用GetExpressCheckoutDetails来检查此授权的状态和金额
- 如果一切正常,我们告诉PayPal确认此授权(DoExpressCheckoutPayment with paymentaction=Authorization),并获得一个授权ID存储到我们的数据库中
- 稍后,其他人可以通过单击按钮结算交易,使用我们存储的授权ID(DoCapture)

其他信息:

根据PayPal文档:

PayPal会尊重授权资金的100%,时间为三天
如果有待处理(未结算)的授权,则买家和商家的帐户将不会关闭
https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/authcapture/

在我们的网站上,如果24小时内没有结算授权,则会自动作废。(使用crontab)

问题:

问题出现在最后一个步骤(当我们调用“确认”函数时):当用户单击“确认”按钮时,似乎curl请求有时需要一些时间才能从PayPal获得交易ID。
当发生这种情况时,用户通常会关闭网页,PayPal会确认授权(因此进行资金转移),但是我们的网站没有得到通知,因为下面的代码(来自“源代码”部分)没有被执行或到达:

if ($transaction_id) {
    /*
     * [...]
     * Everything is ok, payment has been performed
     * so we do everything to give our user what he asked for
     */
} else {
    // Error : No transaction id
}

由于脚本在获取 Curl 响应之前停止。
此外,如果我们尝试再次点击按钮,则 PayPal 告诉我们授权 ID 不存在(因为已经执行)。

但有时一切都能顺利进行,没有任何问题或滞后。

源代码:

/*
 * This is our main function, called when
 * we have to settle our transaction 
 * when an user click on a "confirm" button
**/
public function confirm($cart_id) {
    /*
     * [...]
     * We check lot of stuff to be sure this user 
     * can perform this action
     */

    // We get theses values from the database
    authorization_id = "lorem ipsum";
    $amount = 10; 

    // We tell PayPal to settle the transaction
    $transaction_id = $this->settle_transaction($authorization_id, $amount);
    if ($transaction_id) {
        /*
         * [...]
         * Everything is ok, payment has been performed
         * so we do everything to give our user what he asked for
         */
    } else {
        // Error : No transaction id
    }
}

private function settle_transaction($authorization_id, $amount) {
    // Our credentials
    $params = array(
        "USER" => $this->paypal_user,
        "PWD" => $this->paypal_pwd,
        "SIGNATURE" => $this->paypal_signature,
        "VERSION" => 95
    );
    $params["METHOD"] = "DoCapture";
    $params["AUTHORIZATIONID"] = $authorization_id;
    $params["AMT"] = $amount;
    $params["CURRENCYCODE"] = "EUR";
    $params["COMPLETETYPE"] = "Complete";

    $result = $this->curl($params);
    if ($result) {
        // We check that this PayPal request has been successful
        if ($result["ACK"] == "Success") {
            $transaction_id = $result["TRANSACTIONID"];
            if ($result["PAYMENTSTATUS"] == "Completed") {
                return $transaction_id;
            }
        }
    }
    return NULL;
}


private function curl($params) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $this->paypal_endpoint);
    curl_setopt($ch, CURLOPT_POST, count($params));
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    parse_str(curl_exec($ch), $result);
    curl_close($ch);
    return $result;
}

您有解决这个问题的任何想法吗?
我在考虑在脚本结束时结算交易,因为PayPal会为已授权资金保留100%的三天,而我只需要它们被保留1天,但我仍然不确定...

编辑1:

当出现此问题时,我的apache2 error.log报告了以下内容:

[Mon Aug 08 20:42:55.959330 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:42:56.960453 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:42:57.961188 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:42:58.962230 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:42:59.963297 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:00.964384 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:01.965476 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:02.966478 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:03.967595 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:04.968713 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:05.969783 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:06.970877 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:07.972002 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:08.972749 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:09.973847 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:10.974926 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:11.976080 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:12.977168 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:13.978244 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:14.979320 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:15.980414 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:16.981493 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:17.982578 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:18.983673 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:19.984762 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:20.985841 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:21.986650 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:22.987725 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:23.988826 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:24.989939 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:25.991061 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:26.992181 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:27.993305 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:28.994422 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:29.995556 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:30.996661 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:31.997774 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:32.998905 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:34.000089 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:35.001202 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:36.002326 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:37.003424 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:38.004551 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:39.005677 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:40.006799 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:41.007902 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:42.009021 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:43.010132 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:44.011245 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:45.012361 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:46.013479 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:47.014577 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:48.015685 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:49.016801 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:50.017906 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:51.018980 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:52.020049 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:53.021158 2016] [mpm_event:error] [pid 141:tid 3779940374400] AH00485: scoreboard is full, not at MaxRequestWorkers
[Mon Aug 08 20:43:53.391316 2016] [:error] [pid 980:tid 3779386513152] (104)Connection reset by peer: [client MY-IP:55236] FastCGI: failed to read from backend server, referer: http://####
[Mon Aug 08 21:18:04.748237 2016] [:error] [pid 1287:tid 3779782977280] (104)Connection reset by peer: [client MY-IP:37196] FastCGI: failed to read from backend server

编辑 2:

我找到了 这个主题,它似乎有类似的问题:

特别奇怪的是,付款已经正确处理了。

而且现在我似乎无法重现这个错误。
你认为这可能是PayPal的问题还是像这样的问题?
即使是这样,我也想确保这个问题不会再次发生,但如果我无法重现这个问题,我该如何测试?

2个回答
8

你需要了解ignore_user_abort(true);(可能还有set_time_limit(0);),使用它可以避免脚本在执行过程中中途退出的问题。其次,我建议使用最近确认的令牌数据库,在curl调用之前更新,这样如果用户退出,然后再次尝试按下“确认”按钮,你就知道它已经是一个确认的令牌了,不会重新运行curl代码,并且可以立即通知用户。-- http://php.net/manual/en/function.ignore-user-abort.php

  • 警告:一些共享主机提供商不允许在运行时修改 ignore_user_abort / set_time_limit
感谢你的帮助,我无法尝试你提出的建议,因为似乎我无法再次重现这个问题。我已经在我的问题中添加了一些信息。 - Marc
2
注意:并非所有付款都会立即到账。如果买家只有与其PayPal账户关联的银行账户,则转账不会是即时的。因此,最好使用IPN来自动接收所有付款和相关活动的通知。
根据PayPal官方文档:
即时付款通知 (IPN) 是一种消息服务,用于通知您有关PayPal交易的事件。您可以使用IPN消息自动化后台和管理功能,例如履行订单、跟踪客户或提供状态和其他与交易相关的信息。”
作为最佳实践,在您的IPN监听器中设置事务脚本。您可以参考此处的集成指南:https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNImplementation/ 我几个月前扩展了一个用于PayPal IPN Listener的PHP类。希望它可以作为起点帮助你。随意分叉:https://github.com/datumradix/PayPal-IPN-PHP-Class- 编辑:(PayPal文档在许多地方不清楚,对许多初次阅读者来说似乎很混乱) IPN可作为第二个机制来确认DoCapture是否成功。 IPN变量如txn_typetxn_idauth_idauth_amountpayer_id都通过IPN通知。 请参见此处的完整列表:https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNandPDTVariables/ 注意:我们可以在每个调用中指定NOTIFYURL,也可以从PayPal后端设置相同。有关从PayPal配置文件设置相同的步骤,请参考https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNSetup/
谢谢您的回答,我查看了您的代码(以及官方PayPal示例中的代码)。在您的“payment.php”文件中的第99行,是不是我需要使用IPN回调来检查DoCapture的结果? - Marc
在这个链接中,他们说我们可以使用DoExpressCheckoutPayment中的NOTIFYURL来使用IPN。但是我的DoExpressCheckoutPayment设置为paymentaction=Authorization以稍后完成付款,因此我收到通知的时刻并不是我想要执行付款的时刻。 - Marc
从您的问题中,我猜测您的问题是当有人成功执行“DoCapture”时,您的网站有时无法收到通知。 IPN 可以作为第二个机制非常方便地确认“DoCapture”的成功执行。IPN 变量例如 “txn_type”、“txn_id”、“auth_id”、“auth_amount” 和 “payer_id” 都可以通过 IPN 发送通知。 - Amar Pratap
请参考此处:https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNandPDTVariables/#id08CTB0S055Z - Amar Pratap
好的,我不确定是否理解了其中的一个部分,首先我必须在我的DoExpressCheckoutPayment调用中设置一个NOTIFYURL字段。 然后,当我的用户触发DoCapture调用时,我此时不会验证订单。 但是当PayPal调用我的回调脚本时,我必须检查txn_type是否等于express_checkout? 因为根据您提供的链接,express_checkout收到单个项目的付款;来源是Express Checkout。 我是对的吗?还是...不是? - Marc
显示剩余3条评论
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接