Security header is not valid - using curl php

Question

Hi all,

Im implementing the Express Checkout, Paypal API using PHP.

I have no problem with the first step:SetExpressCheckout. I a have awk=success.

But in method GetExpressCheckout I get "Security header is not valid". I try to figure out the problem and i think found out maybe it was the curl not working well..

What i did i copy the whole URL:

https://api-3t.sandbox.paypal.com/nvp?USER=sanbox_1276609583_biz_api1.gmail.com&PWD=1276609589&SIGNATURE=AYVosblmD7khKkvvb.bNxvFT0OQ2A8GopwByEuC.CfMHt65VaUmvAEy-&VERSION=62.0&token=EC-3YG18670X88588437&METHOD=GetExpressCheckoutDetails

and paste it to the browser. This will result to:

TOKEN=EC%2d3YG18670X88588437&CHECKOUTSTATUS=PaymentActionNotInitiated&TIMESTAMP=2010%2d06%2d16T07%3a40%3a12Z&CORRELATIONID=e1a1e469bf066&ACK=Success&VERSION=62%2e0&BUILD=1356926...

But when that url executed in the function I made it will not work. Below is my function:

function mycurl($url,$querystr){

  $ch = curl_init();

  curl_setopt($ch, CURLOPT_URL, $url);

  curl_setopt($ch, CURLOPT_VERBOSE, 1);

  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

  curl_setopt($ch, CURLOPT_POST, 1);

  curl_setopt($ch, CURLOPT_POSTFIELDS, $querystr);

  curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);

  $response = curl_exec($ch); 

  curl_close ($ch);

  return $response;

}

I hope somebody can help on this. thanks so much.

Note: - I Used the sandbox for this. I created a sandbox account, I have a Business account to represent a merchant, and a Personal account to represent a buyer.

And I used this:

endpoint url: api-3t.sandbox.paypal.com/nvp sandbox url: www.sandbox.paypal.com/cgi-bin/webscr

This should not be the issue.

Answer 1

This is most likely an issue of scope

In the function, you should write the $querystr variable to a file right before executing your curl call, or print it to the screen and make sure everything is there. Most likely you are using variables from outside your function for your $querystr variable and it is either empty or missing parts as a result.

Here is an example to illustrate the problem

<?php
$variable = 'bar';
echo $variable;         // prints bar

function myfunc(){
    echo $variable;         // prints nothing
}
function myfunc1(){
    global $variable, $variable1, $variable2;
    echo $variable;        // prints bar
}
?>

See http://us3.php.net/manual/en/language.variables.scope.php for more information

also add this line after you set the $response variable

echo '<pre>'; print_r($response); echo '</pre>';

you will get an error code and a long error message, look these up on paypals site for more information here: [https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_errorcodes]