Not receiving a response from Paypal IPN Sandbox

I'm putting a paypal checkout onto my website but am falling down with the listener. For those of you who are unfamiliar with the Paypal IPN system, basically Paypal sends your script with a message about the transaction, which you send back with a couple of bits added. If Paypal receives the correct reply, it'll reply with 'VERIFIED', and if not it'll say 'INVALID'.

I've succeeded with the first bit. My code is able to receive the info from paypal, add on the extras and post it back. However, I get no response from the Sandbox saying either 'VERIFIED' or 'INVALID'. I've pretty much copied my code from the paypal website so I was hoping this was going to be fairly straightforward, so if you could take a minute to look at my code, perhaps some new eyes could pick out where I've gone wrong.

Here's the code. Nothing special, it literally just gets the info, adjusts it, passes it back and reads the response (which it either isn't getting or doesn't realise it's getting)

<?php

$debug=true;

//Put together postback info

$postback = 'cmd=_notify-validate';

foreach($_POST as $key =>$value){
     $postback .= "&$key=$value";
}

// build the header string to post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
$header .= "Host: www.sandbox.paypal.com\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($postback) . "\r\n\r\n";

$fp = fsockopen ('www.sandbox.paypal.com', 80, $errno, $errstr, 30);//open the connection

if(!$fp){ //no conn
    die();
}

//post data back
fputs($fp, $header . $postback);

while(!feof($fp)){

    $res=fgets ($fp, 1024);

    if((strcmp($res, "VERIFIED")) == 0){ //verified!
        if($debug){         
            $filename = 'debug/debug5_verified.txt'; //create a file telling me we're verified
            $filehandle=fopen($filename, 'w');
            fwrite($filehandle,'VERIFIED!');
            fclose($filehandle);
        }
    }
}

?>

Thanks in advance!

Thanks for the help! I tried every combination of everything and still drew a blank, but I'll show you what I tried: Mostly I changed the $fp variable and left $header =."Host:...." alone or commented it out. I'm not sure whether I made it clear, but before I was getting a successful connection (according to my code) to the site I was connecting to, i.e. $fp was valid, and as such the condition if(!$fp) wasn't being met. Every combination I've tried since your post hasn't worked. Oddly, $fp=fsockopen('h ttp://w ww.san...com' 80,,, 30) DIDN'T work (but it does work with the 'http' removed).

Thanks for your help! Could you tell me how you made the switch?

Yes sorry, I tried both 80 and 443 for all combinations of https:// http:// or just www. I also tried it with the /cgi-bin/webscr added on the end, but the only combination that works is www.sand... and port 80.

could you try using ssl:// instead of https:// (while keeping port 443) to see if that works

Thanks again! Although when I add ssl:// it can't send the IPN. It just hangs and says that it can't access the website.

I did find this forum post: phpbuilder.com/board/archive/index.php/t-10329375.html which mentions the similar problems you are facing. I really hope you find a solution from that thread, good luck and sorry for not being able to help more!

Thanks again for the help! Will have a good old read of your link tomorrow I think...it's getting too late for all this! Will post back if I get a solution.

For background on this change: x.com/content/bulletin-ip-address-expansion-paypal-services

Thanks for the help, I managed to get a solution this morning!

If you are looking for the correct answer. For some it is using ssl:// and port 443. I came here with the same problem and switching to ssl protecol and using port 443 fixed it for me. I was getting an empty response in the sandbox environment. Note that stream_get_contents solution didn't work for me, so if that doesn't work for you try some of the other suggestions! Though -> Port 80 is still working from live site, as of June 8th 2012.

That's what I noticed as well. I set up an IPN two years ago and the docs said I could use normal HTTP for sandbox. Now, today, I found it returned 302 and I had to use SSL on post 443.

Source? I didn't find anything about this URL change at PayPal's site. The PHP5.2 IPN example at their site uses sandbox.paypal.com.

Why did this solution work? How did you realized that this was the solution?