I am facing some issues with paypal payment pro integration within my project, in development phase of my project i have used sandbox paypal account and it was working perfectly.
But after completing my project when i transferred it from my development server to my production server, i have changed my API credentials i.e. api_username and api_password with my live paypal account and also i have changed the api signature.
But now its giving error
{"TIMESTAMP":"2016-11-23T09:38:54Z","CORRELATIONID":"c32b0a1bb4421","ACK":"Failure","VERSION":"65.1" ,"BUILD":"24616352","L_ERRORCODE0":"10002","L_SHORTMESSAGE0":"Security error","L_LONGMESSAGE0":"Security header is not valid","L_SEVERITYCODE0":"Error"}
This is my php file for payment paypal pro in which i am replacing credentials and signature
<?php
/**
* PaypalPro Class
* Helps to make credit card payment by PayPal Payments Pro
*
*/
class PaypalPro
{
//Configuration Options
//var $apiUsername = 'TESTED.chatter_api1.gmail.com';
//var $apiPassword = 'ASDADSSA324DFS';
//var $apiSignature = 'A5cWWVq7qN.a0Obu5XrQwgPGJzUGAY7ArSfec53UgZJQ27Mwak4s6CTP';
var $apiUsername = 'livedummy_api1.gmail.com';
var $apiPassword = 'liveDummy';
var $apiSignature = 'liveDummy';
var $apiEndpoint = 'https://api-3t.paypal.com/nvp';
var $subject = 'RJ2DRYBXR9AB5M5L';
var $authToken = 'AoDqlKoeWlqY85leCzits3qM1WGPAVqAjHPM7OILXmBQP3PKak9XM7Tl';
var $authSignature = '';
var $authTimestamp = '';
var $useProxy = FALSE;
var $proxyHost = '127.0.0.1';
var $proxyPort = 808;
//var $paypalURL = 'https://www.sandbox.paypal.com/webscr&cmd=_express-checkout&token=';
var $paypalURL = 'https://www.paypal.com/webscr&cmd=_express-checkout&token=';
var $version = '65.1';
var $ackSuccess = 'SUCCESS';
var $ackSuccessWarning = 'SUCCESSWITHWARNING';
public function __construct($config = array()){
// ob_start();
// session_start();
if (count($config) > 0){
foreach ($config as $key => $val){
if (isset($key) && $key == 'live' && $val == 1){
$this->paypalURL = 'https://www.paypal.com/webscr&cmd=_express-checkout&token=';
}else if (isset($this->$key)){
$this->$key = $val;
}
}
}
}
public function nvpHeader(){
$nvpHeaderStr = "";
if((!empty($this->apiUsername)) && (!empty($this->apiPassword)) && (!empty($this->apiSignature)) && (!empty($subject))) {
$authMode = "THIRDPARTY";
}else if((!empty($this->apiUsername)) && (!empty($this->apiPassword)) && (!empty($this->apiSignature))) {
$authMode = "3TOKEN";
}elseif (!empty($this->authToken) && !empty($this->authSignature) && !empty($this->authTimestamp)) {
$authMode = "PERMISSION";
}elseif(!empty($subject)) {
$authMode = "FIRSTPARTY";
}
switch($authMode) {
case "3TOKEN" :
$nvpHeaderStr = "&PWD=".urlencode($this->apiPassword)."&USER=".urlencode($this->apiUsername)."&SIGNATURE=".urlencode($this->apiSignature);
break;
case "FIRSTPARTY" :
$nvpHeaderStr = "&SUBJECT=".urlencode($this->subject);
break;
case "THIRDPARTY" :
$nvpHeaderStr = "&PWD=".urlencode($this->apiPassword)."&USER=".urlencode($this->apiUsername)."&SIGNATURE=".urlencode($this->apiSignature)."&SUBJECT=".urlencode($subject);
break;
case "PERMISSION" :
$nvpHeaderStr = $this->formAutorization($this->authToken,$this->authSignature,$this->authTimestamp);
break;
}
return $nvpHeaderStr;
}
/**
* hashCall: Function to perform the API call to PayPal using API signature
* @methodName is name of API method.
* @nvpStr is nvp string.
* returns an associtive array containing the response from the server.
*/
public function hashCall($methodName,$nvpStr){
// form header string
$nvpheader = $this->nvpHeader();
//setting the curl parameters.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$this->apiEndpoint);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
//turning off the server and peer verification(TrustManager Concept).
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POST, 1);
//in case of permission APIs send headers as HTTPheders
if(!empty($this->authToken) && !empty($this->authSignature) && !empty($this->authTimestamp))
{
$headers_array[] = "X-PP-AUTHORIZATION: ".$nvpheader;
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers_array);
curl_setopt($ch, CURLOPT_HEADER, false);
}
else
{
$nvpStr = $nvpheader.$nvpStr;
}
//if USE_PROXY constant set to TRUE in Constants.php, then only proxy will be enabled.
//Set proxy name to PROXY_HOST and port number to PROXY_PORT in constants.php
if($this->useProxy)
curl_setopt ($ch, CURLOPT_PROXY, $this->proxyHost.":".$this->proxyPort);
//check if version is included in $nvpStr else include the version.
if(strlen(str_replace('VERSION=', '', strtoupper($nvpStr))) == strlen($nvpStr)) {
$nvpStr = "&VERSION=" . urlencode($this->version) . $nvpStr;
}
$nvpreq="METHOD=".urlencode($methodName).$nvpStr;
//setting the nvpreq as POST FIELD to curl
curl_setopt($ch,CURLOPT_POSTFIELDS,$nvpreq);
//getting response from server
$response = curl_exec($ch);
//convrting NVPResponse to an Associative Array
$nvpResArray = $this->deformatNVP($response);
$nvpReqArray = $this->deformatNVP($nvpreq);
$_SESSION['nvpReqArray']=$nvpReqArray;
if (curl_errno($ch)) {
die("CURL send a error during perform operation: ".curl_error($ch));
} else {
//closing the curl
curl_close($ch);
}
return $nvpResArray;
}
/** This function will take NVPString and convert it to an Associative Array and it will decode the response.
* It is usefull to search for a particular key and displaying arrays.
* @nvpstr is NVPString.
* @nvpArray is Associative Array.
*/
public function deformatNVP($nvpstr){
$intial=0;
$nvpArray = array();
while(strlen($nvpstr)){
//postion of Key
$keypos = strpos($nvpstr,'=');
//position of value
$valuepos = strpos($nvpstr,'&') ? strpos($nvpstr,'&'): strlen($nvpstr);
/*getting the Key and Value values and storing in a Associative Array*/
$keyval = substr($nvpstr,$intial,$keypos);
$valval = substr($nvpstr,$keypos+1,$valuepos-$keypos-1);
//decoding the respose
$nvpArray[urldecode($keyval)] =urldecode( $valval);
$nvpstr = substr($nvpstr,$valuepos+1,strlen($nvpstr));
}
return $nvpArray;
}
public function formAutorization($auth_token,$auth_signature,$auth_timestamp){
$authString="token=".$auth_token.",signature=".$auth_signature.",timestamp=".$auth_timestamp ;
return $authString;
}
public function paypalCall($params){
/*
* Construct the request string that will be sent to PayPal.
* The variable $nvpstr contains all the variables and is a
* name value pair string with & as a delimiter
*/
$recurringStr = (array_key_exists("recurring",$params) && $params['recurring'] == 'Y')?'&RECURRING=Y':'';
$nvpstr = "&TOTALBILLINGCYCLES=".$params['totalBillingCycles']."&BILLINGFREQUENCY=".$params['billingFrequency']."&BILLINGPERIOD=".$params['billingPeriod']."&PAYMENTACTION=".$params['paymentAction']."&AMT=".$params['amount']."&CREDITCARDTYPE=".$params['creditCardType']."&ACCT=".$params['creditCardNumber']."&EXPDATE=".$params['expMonth'].$params['expYear']."&CVV2=".$params['cvv']."&FIRSTNAME=".$params['firstName']."&LASTNAME=".$params['lastName']."&CITY=".$params['city']."&ZIP=".$params['zip']."&COUNTRYCODE=".$params['countryCode']."&CURRENCYCODE=".$params['currencyCode'].$recurringStr;
/* Make the API call to PayPal, using API signature.
The API response is stored in an associative array called $resArray */
$resArray = $this->hashCall("DoDirectPayment",$nvpstr);
return $resArray;
}
}
?>
How can i resolve this issue or also please assist me if i am uisng wrong code in above file.
Thanks
First change the proxy host to your live server host and proxy port to '20'
and then Upgrade to Pro, the sandbox business account in the account section of your dashboard