Laravel 5.1 csrftoken curl from paypal

Question

How i Can add or somethink do with csrftoken when paypal send post on my website. My error code: TokenMismatchException in VerifyCsrfToken.php line 53.

Here code:

    public function getPaypal(Request $request)
   {

    $uri = $request->all();

    if(isset($uri['tx']))
    {

      $pp_hostname = "www.sandbox.paypal.com"; // Change to www.sandbox.paypal.com to test against sandbox
      // read the post from PayPal system and add 'cmd'
      $req = 'cmd=_notify-synch';

      $tx_token = $uri['tx'];
      $auth_token = "EHNebv....e";
      $req .= "&tx=$tx_token&at=$auth_token";

      $ch = curl_init();
      curl_setopt($ch, CURLOPT_URL, "https://$pp_hostname/cgi-bin/webscr");
      curl_setopt($ch, CURLOPT_POST, 1);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
      curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
      curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
      //set cacert.pem verisign certificate path in curl using 'CURLOPT_CAINFO' field here,
      //if your server does not bundled with default verisign certificates.
      curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
      curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: $pp_hostname"));
      $res = curl_exec($ch);
      curl_close($ch);

   }

Mwaa Joseph · Accepted Answer · 2015-09-24 14:10:11Z

You don't need to completely disable the middleware just go to VerifyCrsfToken file in app\Http\Middle then edit the protected array $except and include and entry of the route paypal is posting to.

protected $except = [
    /paypal/data,


];

Mustafa Ehsan · Answer 2 · 2015-09-24 14:56:46Z

According to Laravel Docs: http://laravel.com/docs/5.1/routing#csrf-protection.

Excluding URIs From CSRF Protection
Sometimes you may wish to exclude a set of URIs from CSRF protection. For example, if you are using Stripe to process payments and are utilizing their webhook system, you will need to exclude your webhook handler route from Laravel's CSRF protection.
You may exclude URIs by adding them to the $except property of the VerifyCsrfToken middleware:

<?php

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;

class VerifyCsrfToken extends BaseVerifier
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        'paypal/*',
    ];
}

Let me know if it is still not clear.

ntzm · Answer 3 · 2015-09-24 13:57:28Z

TokenMismatchException is a Laravel error, not PayPal. With every POST request, you need to send a _token value through with it.

If you are sending this through a form, simply echo csrf_field() into your form template.

If you are sending the request from something other than Laravel, you can disable the CSRF protection on that route. Read more about Middleware here: http://laravel.com/docs/5.1/middleware

Read more about it here: http://laravel.com/docs/5.1/routing#csrf-protection

You are here

Laravel 5.1 csrftoken curl from paypal

3 Answers 正确答案

来自 https://stackoverflow.com/questions/32762630/laravel-5-1-csrftoken-curl-from-paypal

友情链接

搜索表单

用户登录

You are here

Laravel 5.1 csrftoken curl from paypal

3 Answers 正确答案

来自 https://stackoverflow.com/questions/32762630/laravel-5-1-csrftoken-curl-from-paypal

友情链接