Paypal recently sent out an email subject: Action Required before October 7, 2013

This was to instruct all current sellers using their PHP IPN for automatically completing payments that would you need to make changes as they are changing over to HTTP1.1 from HTTP1.0

 

The PHP code they emailed:

PHP
// post back to PayPal system to validate
$header=”POST /cgi-bin/webscr HTTP/1.1\r\n”;
$header .=”Content-Type: application/x-www-form-urlencoded\r\n”;
$header .=”Host: http://www.paypal.com\r\n”;
$header .=”Connection: close\r\n\r\n”;
This is missing Content-Length which is required for HTTP1.1
Here is a modified version of the code which I have tested and does work:
PHP
// post back to PayPal system to validate
$header = “POST /cgi-bin/webscr HTTP/1.1\r\n”;
$header .= “Content-Type: application/x-www-form-urlencoded\r\n”;
$header .= “Content-Length: ” . strlen($req) . “\r\n”;
$header .= “Host: http://www.paypal.com\r\n”;
$header .= “Connection: close\r\n\r\n”;

 

I guess not even one of the web giants double checks all code sent out to millions of customers before clicking send!

Advertisements