PayPal IPN重复运行

Question

我正在编写一个WordPress插件，通过PayPal处理付款。我有一个PayPal的IPN脚本，发送电子邮件通知(除了贝宝的电子邮件通知)时，付款是成功的。我的插件的一些用户报告说，他们收到了这个电子邮件通知的几天多副本。

我在开发插件的早期就发现了这个问题，我找到的解决方案是立即向PayPal发送200个响应。(以下是对这个问题的一些讨论：https://www.paypal-community.com/t5/About-Settings-Archive/Paypal-repeats-identical-IPN-posts/td-p/465559 )。这在我的测试站点上似乎很好，但显然并不适用于我的所有用户。

当我使用PayPal IPN模拟器时，它不会给我任何错误消息。

除了立即发送200个响应外，我还能做些什么来阻止PayPal一次又一次地重复IPN请求吗？

这是我的代码：

<?php 

// Create a query var so PayPal has somewhere to go
// https://willnorris.com/2009/06/wordpress-plugin-pet-peeve-2-direct-calls-to-plugin-files
function cdashmm_register_query_var($vars) {
    $vars[] = 'cdash-member-manager';
    return $vars;
}
add_filter('query_vars', 'cdashmm_register_query_var');


// If PayPal has gone to our query var, check that it is correct and process the payment
function cdashmm_parse_paypal_ipn_request($wp) {
    // only process requests with "cdash-member-manager=paypal-ipn"
   if (array_key_exists('cdash-member-manager', $wp->query_vars) && $wp->query_vars['cdash-member-manager'] == 'paypal-ipn') {

    if( !isset( $_POST['txn_id'] ) ) {
        // send a 200 message to PayPal IPN so it knows this happened
        header('HTTP/1.1 200 OK'); 
        // POST data isn't there, so we aren't going to do anything else
    } else {
        // we have valid POST, so we're going to do stuff with it
        // send a 200 message to PayPal IPN so it knows this happened
        header('HTTP/1.1 200 OK'); 

        // process the request.
        $req = 'cmd=_notify-validate';
        foreach($_POST as $key => $value) :
          $value = urlencode(stripslashes($value));
          $req .= "&$key=$value";
        endforeach;

        $header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
        $header .= "Content-Length: " . strlen($req) . "\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Host: www.paypal.com\r\n";
        $header .= "Connection: close\r\n\r\n";
        $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

        if(!$fp) {
          // HTTP ERROR
        } else {
            fputs ($fp, $header . $req);
            while(!feof($fp)) {

                $res = fgets ($fp, 1024);

                $fh = fopen('result.txt', 'w');
                    fwrite($fh, $res);
                    fclose($fh);

                if (strcmp (trim($res), "VERIFIED") == 0) {

                   /* Do a bunch of WordPress stuff - create some posts, send some emails */

                  }

                elseif(strcmp (trim($res), "INVALID") == 0) {
                    // probably ought to do something here

                }

            }
        fclose ($fp);
        }
    }
}
}
add_action('parse_request', 'cdashmm_parse_paypal_ipn_request');

?>

Answer 1

您不能阻止Paypal重复请求。这是IPN系统的一部分，以确保即使站点崩溃，交易也是透明的。因此，您应该将此事务ID存储在数据库中，并检查以确保您以前没有遇到过它。如果您以前遇到过它，您可以记录您正在看到的重复。否则，处理它。

使用一个事务类对此有一个简单的认识：

foreach ($_POST as $key => $value) {
  $value = urlencode(stripslashes($value));
  $req .= "&$key=$value";
  $value = urldecode($value);
  foreach ($pp_vars as $search) {
    if ($key == $search)
      $$key = $value;
  }
  if (preg_match("/txn_id/", $key)) {
      $txn_id = $value;
  }
  if (preg_match("/item_number/", $key)) {
    $item_number = $value;
  }
}

$model = new Transactions();
if ($model->exists('txid', $txn_id)) {
    $res = "REPEAT";
}
$model->action[0] = $res;
$model->txid[0] = $txn_id;
$model->description[0] = $req;
$model->price[0] = $payment_gross;
$model->reviewed[0] = 0;
$model->user_id[0] = $user->id;
$model->created_at[0] = date("Y-m-d H:i:s");
$model->updated_at[0] = $model->created_at;
$model->save();