Paypal Masspay API in PHP

Question

I am implementing paypal masspay API in my PHP webpage.

but currently I am stuck at one error which describe below :

MassPay failed: SSL connect error(35)Invalid HTTP Response for POST request(METHOD=MassPay&VERSION=93&PWD=TNQAETBEXP7ZC9P9&USER=_______ ) to https://api-3t.sandbox.paypal.com/nvp.

Here is is my code:

 $vEmailSubject = 'Mass Payment';

        /** MassPay NVP example.
         *
         *  Pay one or more recipients. 
        */

        // For testing environment: use 'sandbox' option. Otherwise, use 'live'.
        // Go to www.x.com (PayPal Integration center) for more information.
        $environment = 'sandbox'; // or 'beta-sandbox' or 'live'.

        /**
         * Send HTTP POST Request
         *
         * @param string The API method name
         * @param string The POST Message fields in &name=value pair format
         * @return array Parsed HTTP Response body
         */

        function PPHttpPost($methodName_, $nvpStr_)
        {
            global $environment;

            // Set up your API credentials, PayPal end point, and API version.
            // How to obtain API credentials:
            // https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_NVPAPIBasics#id084E30I30RO
            $API_UserName = urlencode('UserName');
            $API_Password = urlencode('Password');
            $API_Signature = urlencode('Signature');
            $API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";

            if("sandbox" === $environment || "beta-sandbox" === $environment)
            {
                $API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
            }


            $version = urlencode('93');

            // Set the curl parameters.
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
            curl_setopt($ch, CURLOPT_VERBOSE, 1);

            // Turn off the server and peer verification (TrustManager Concept).
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
            curl_setopt($ch, CURLOPT_SSLVERSION , 1);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_POST, 1);


            // Set the API operation, version, and API signature in the request.

            $nvpreq = "METHOD=MassPay&VERSION=$version&PWD=$API_Password&USER=$API_UserName&SIGNATURE=$API_Signature$nvpStr_";

            // Set the request as a POST FIELD for curl.
            curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq."&".$nvpStr_);

            // Get response from the server.
            $httpResponse = curl_exec($ch);

            if( !$httpResponse)
            {
             echo $methodName_ . ' failed: ' . curl_error($ch) . '(' . curl_errno($ch) .')';
            }

            // Extract the response details.
            $httpResponseAr = explode("&", $httpResponse);

            $httpParsedResponseAr = array();
            foreach ($httpResponseAr as $i => $value)
            {
             $tmpAr = explode("=", $value);
             if(sizeof($tmpAr) > 1)
             {
              $httpParsedResponseAr[$tmpAr[0]] = $tmpAr[1];
             }
            }

            if((0 == sizeof($httpParsedResponseAr)) || !array_key_exists('ACK', $httpParsedResponseAr))
            {
             exit("Invalid HTTP Response for POST request($nvpreq) to $API_Endpoint.");
            }
            print_r($httpParsedResponseAr);

            return $httpParsedResponseAr;
        }

        // Set request-specific fields.
        $emailSubject = urlencode($vEmailSubject);
        $receiverType = urlencode('EmailAddress');
        $currency = urlencode('USD'); // or other currency ('GBP', 'EUR', 'JPY', 'CAD', 'AUD')

        // Receivers
        // Use '0' for a single receiver. In order to add new ones: (0, 1, 2, 3...)
        // Here you can modify to obtain array data from database.

        $receivers = array(
            0 => array(
            'receiverEmail' => 'Receiver mail id', 
            'amount' => 100,
            'uniqueID' => 10, // 13 chars max
            'note' => "Transfer amount to Person"),
            1 => array(
            'receiverEmail' => 'Receiver mail id 2', 
            'amount' => 200,
            'uniqueID' => 11, // 13 chars max
            'note' => "Transfer amount to Person")
        );

        $receiversLenght = count($receivers);

        // Add request-specific fields to the request string.
        $nvpStr="&EMAILSUBJECT=$emailSubject&RECEIVERTYPE=$receiverType&CURRENCYCODE=$currency";

        $receiversArray = array();

        for($i = 0; $i < $receiversLenght; $i++)
        {
         $receiversArray[$i] = $receivers[$i];
        }

        foreach($receiversArray as $i => $receiverData)
        {
         $receiverEmail = urlencode($receiverData['receiverEmail']);
         $amount = urlencode($receiverData['amount']);
         $uniqueID = urlencode($receiverData['uniqueID']);
         $note = urlencode($receiverData['note']);
         $nvpStr .= "&L_EMAIL$i=$receiverEmail&L_Amt$i=$amount&L_UNIQUEID$i=$uniqueID&L_NOTE$i=$note";
        }

        // Execute the API operation; see the PPHttpPost function above.
        $httpParsedResponseAr = PPHttpPost('MassPay', $nvpStr);

        if("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"]))
        {
            echo 'MassPay Completed Successfully: ' . $httpParsedResponseAr;
        }
        else
        {
            echo '\nMassPay failed: ';
            print_r($httpParsedResponseAr);
        }

Answer 1

Your server needs to be configured to send HTTP requests using TLS 1.2. Sounds like yours is configured to send via SSLv3. Don't confuse this with an SSL certificate running on your site, which is a different thing.

Here's an article I wrote about this a while back: https://www.angelleye.com/paypal-ssl-error-poodle-vulnerability/

The important part is:

If you want to use TLS 1.2 you’ll need to upgrade to OpenSSL 1.0.1 as a minimum, and then you’ll be able to set CURLOPT_SSLVERSION to 6 (TLS 1.2).

If you want TLS 1.2 to be used automatically during SSL requests, you’ll also need to upgrade to PHP 5.5.19+ (this is the ideal solution but many projects are still on older PHP versions).