views:

2043

answers:

3
A: 

Hi all,

Im implementing the Express Checkout, Paypal API using PHP.

I have no problem with the first step:SetExpressCheckout. I have awk=success.

But in method GetExpressCheckout I get "Security header is not valid". I try to figure out the problem and i think found out maybe it was the curl not working well..

What i did i copy the whole URL:

https://api-3t.sandbox.paypal.com/nvp?USER=sanbox_1276609583_biz_api1.gmail.com&PWD=1276609589&SIGNATURE=AYVosblmD7khKkvvb.bNxvFT0OQ2A8GopwByEuC.CfMHt65VaUmvAEy-&VERSION=62.0&token=EC-3YG18670X88588437&METHOD=GetExpressCheckoutDetails

and paste it to the browser. This will result to:

TOKEN=EC%2d3YG18670X88588437&CHECKOUTSTATUS=PaymentActionNotInitiated&TIMESTAMP=2010%2d06%2d16T07%3a40%3a12Z&CORRELATIONID=e1a1e469bf066&ACK=Success&VERSION=62%2e0&BUILD=1356926...

But when that url executed in the function I made it will not work. Below is my function:

function mycurl($url,$querystr){

  $ch = curl_init();

  curl_setopt($ch, CURLOPT_URL, $url);

  curl_setopt($ch, CURLOPT_VERBOSE, 1);

  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

  curl_setopt($ch, CURLOPT_POST, 1);

  curl_setopt($ch, CURLOPT_POSTFIELDS, $querystr);

  curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);

  $response = curl_exec($ch); 

  curl_close ($ch);

  return $response;

}

I hope somebody can help on this. thanks so much.

Note: - I Used the sandbox for this. I created a sandbox account, I have a Business account to represent a merchant, and a Personal account to represent a buyer.

And I used this:

endpoint url: api-3t.sandbox.paypal.com/nvp sandbox url: www.sandbox.paypal.com/cgi-bin/webscr

This should not be the issue.

toni
A: 

api-3t.sandbox.paypal.com/nvp requires different user-accounts than what api-3t.paypal.com/nvp -requires.

The sandbox accounts can be activated from developer.paypal.com

Cheery
A: 

Thanks Toni. You helped me debug it. I was having a very similar problem on my site. Some of the API calls were working fine, others were getting that 10002 Security header is not valid error.

I was able to get past this error by removing urlencode() from my URL passed to PayPal via cURL.

Hope this helps someone. It's a pretty obscure error.

Matt Cassarino