0
Answer

Paypal Instant Payment Notification Handler

Todd Nichols

Todd Nichols

14y
5.4k
1
I'm building a web site in ASP.net, C#.  I'm using paypal for payments and when they process a payment they will send an instant payment notification (IPN).  The IPN is received, sent back to PayPal for verification, then they send back a response to verify that the IPN was sent by them.  The sample code to handle the notifications uses the following for sending the IPN back to PayPal and receiving the verification:
//Send the request to PayPal and get the response
StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
streamOut.Write(strRequest);
streamOut.Close();
StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
string strResponse = streamIn.ReadToEnd();
streamIn.Close();
I get an error when I test using that code - I'm not sure, but I think my host isn't allowing it.  I found another way to get the process to work, but I end up with nothing in the strResponse.  In place of the above code I'm using:

        Response.Write(strRequest);

        param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
        strResponse = Encoding.ASCII.GetString(param);

 The PayPal test completes successfully, but I can't see the verification.  Here's what I'm doing (the whole code):


// ASP .NET C#

using System;
using System.IO;
using System.Text;
using System.Net;
using System.Web;
using System.Data.SqlClient;

public partial class csIPNexample : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        //Post back to either sandbox or live
        string strSandbox = "https://www.sandbox.paypal.com/cgi-bin/webscr";
        string strLive = "https://www.paypal.com/cgi-bin/webscr";
        string strResponse;
        HttpWebRequest req = (HttpWebRequest)WebRequest.Create(strSandbox);

        //Set values for the request back
        req.Method = "POST";
        req.ContentType = "application/x-www-form-urlencoded";
        byte[] param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
        string strRequest = Encoding.ASCII.GetString(param);
        strRequest = strRequest+"&cmd=_notify-validate";
       
        Response.Write(strRequest);

        param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
        strResponse = Encoding.ASCII.GetString(param);

        if (strResponse == "VERIFIED")
        {
            //check the payment_status is Completed
            //check that txn_id has not been previously processed
            //check that receiver_email is your Primary PayPal email
            //check that payment_amount/payment_currency are correct
            //process payment
        }
        else if (strResponse == "INVALID")
        {
            //log for manual investigation
        }
        else
        {
            //log response/ipn data for manual investigation
        }
    }
}

Any explanations or suggestions would be greatly appreciated.