PHP - PayPal IPN; fsockopen ssl://

Discussion in 'Third-party applications' started by davidmclusa, Feb 22, 2010.

  1. Hi folks,

    I hope you can make a change to the PHP setup -- here's the situation.

    1) Using PayPal IPN requires that an IPN transaction be 'verified' back to PayPal.
    2) Since there is sensitive information, that verification should/must be done with SSL transport going OUT,
    3) The way to do that in PHP is with an fsockopen using the ssl:// transport
    4) When attempting to do that I get the following error message...

    fsockopen() [<a href='function.fsockopen'>function.fsockopen</a>]: unable to connect to ssl://sandbox.paypal.com:443 (Unable to find the socket transport 'ssl' - did you forget to enable it when you configured PHP?) E:\web\percepti\ ... etc.


    Since I'm in testing mode, I changed it to use tcp:// :80 -- and it works fine.


    Any chance of getting ssl:// transport supported ?

    Thanks,

    David
     
  2. Ray

    Ray

    Thats odd I just checked our server and the openSSL is enabled on our server. Are you sure you have the correct connection address?
     
  3. Yes, I'm sure -- it worked on old host, it works when I change the transport as I mentioned, and the error... Unable to find the socket transport 'ssl' ... would indicate that the transport is missing, NOT that the connection address is bad.

    Furthermore, when I did a phpInfo() I did NOT see openssl listed -- it from odbc to PCRE, NO 'openssl' -- so maybe it's installed, but not enabled.

    And, out of curiosity, can we use our own custom php.ini files? I see the

    Scan this dir for additional .ini files = none, so I'm assuming the answer is no, but I thought I'd ask.

    Thanks,

    David
     
  4. Ray

    Ray

    openssl is a dll file and it is uploaded to the PHP extension folder.


    No you cannot use your own PHP.ini. PHP works a little differently in a Windows operating system then a OS such as Linux.
     
  5. I was under the impression that we do not support openSSL, but if Ray checked then it must be there. The reason tcp works via php is because I believe we have tcp and udp transport support enabled. We'll have to check on whether ssl support is feasible.

    php.ini in a shared Windows environment has to be global, unfortunately. Apache supports multiple versions, but there isn't a secure way to do it in shared Windows.
     
  6. Ray

    Ray

    I'll double check with our systems administrators.
     
  7. I understand -- I normally use php on windows/IIS -- but you don't seem to understand is that the phpinfo() is telling me that I DON'T have access to openssl -- and unless you have...

    [PHP_OPENSSL]
    extension=php_openssl.dll

    ... in the php.ini, it doesn't matter if it's in the ext folder or not.

    look at the screen shot in the .zip file -- openssl is NOT there

    So it's not enabled for me.

    dbm
     
  8. Ray

    Ray

    Sorry, Hank is right and I gave you the wrong answer. OpenSSL is not enabled even though the dll exist in the PHP Ext folder. I just checked with our systems adminsitrator on that.
     
  9. OK. That's all I ask -- to check if it's feasible.

    I figure I'll have to get a cheap php/mysql hosting somewhere later for my one client that I need it for, but I was hoping to get through this one project phase before I had to do that.

    ... and I refuse to have anything to do with WebHost4Life anymore. They went from very good to very bad real quick; so much for new management & new platform that both #^&$%#^*@# [expletive deleted] -- which is why I'm here.

    So far I like all the Windows/IIS/.NET/MS SQL support -- I just have one client that provides a good chunk of my income and they are PHP/mySQL loyalists.

    Thanks,

    David
     
  10. Well we're glad you're here!

    We know people who used to work at WH4L, and it sounded like a mess over there. The company that acquired them, Endurance International Group, is less a host than an investment firm (I worked for a large *nix host that was acquired by them back in 2006, so I have painful first hand experience).

    I pity anyone who tries to cling to WH4L through the migration and beyond.
     

Share This Page