Home > Article > Backend Development > How to Verify In-App Purchase Receipts for Authenticity
Verifying In-App Purchase Receipts
In-app purchases allow users to acquire digital goods and services within mobile applications. Validating receipts is crucial to ensure the authenticity of these purchases. This article aims to address common challenges in receipt validation and provide a practical solution.
Understanding Receipt Validation
Receipt validation involves sending the purchase receipt to Apple's servers to verify its authenticity. The receipt holds crucial information, including the transaction details, product identifier, and purchase date. Apple responds with a validation status, indicating whether the receipt is valid or not.
Implementing Receipt Validation
The provided code demonstrates a method for receipt validation on the client side:
- (BOOL)verifyReceipt:(SKPaymentTransaction *)transaction { // Encode receipt data to base64 string NSString *jsonObjectString = [self encode:(uint8_t *)transaction.transactionReceipt.bytes length:transaction.transactionReceipt.length]; // Construct URL for validation NSString *completeString = [NSString stringWithFormat:@"http://url-for-your-php?receipt=%@", jsonObjectString]; NSURL *urlForValidation = [NSURL URLWithString:completeString]; // Send HTTP GET request to server for validation NSMutableURLRequest *validationRequest = [[NSMutableURLRequest alloc] initWithURL:urlForValidation]; [validationRequest setHTTPMethod:@"GET"]; NSData *responseData = [NSURLConnection sendSynchronousRequest:validationRequest returningResponse:nil error:nil]; [validationRequest release]; // Extract response status NSString *responseString = [[NSString alloc] initWithData:responseData encoding: NSUTF8StringEncoding]; NSInteger response = [responseString integerValue]; [responseString release]; // Return validation status return (response == 0); }
Server-Side Implementation
On the server side, a simple PHP script can handle the request and forward it to Apple.
<code class="php">$receipt = json_encode(array("receipt-data" => $_GET["receipt"])); $url = "https://sandbox.itunes.apple.com/verifyReceipt"; $response_json = call-your-http-post-here($url, $receipt); $response = json_decode($response_json); echo $response->status;</code>
Conclusion
By implementing these methods, you can validate in-app purchase receipts on your iOS application and securely record transaction data on your server. This ensures that only legitimate purchases are processed, preventing fraudulent activities.
The above is the detailed content of How to Verify In-App Purchase Receipts for Authenticity. For more information, please follow other related articles on the PHP Chinese website!