I'm new here!
I'm trying to let my customers get recuring billing membership on my website based on this tutorial.
The button work, evverything is fine, except one thing. I need to validate that paypal really went successfull, to prevent anyone to go directly on the success page and get free membership. I noticed that it return a token=VALUE data to the success / cancel redirect.
I cannot find any $_POST or any others $_GET than that and I wonder, nor anything that could solve this in the Paypal doc (which changed a lot since last time I used it).
How can I check if the membership really went trought paypal using this token=1RXXXXXXXXH484112Y.
The return of such an integration may never happen. Reliable notification that a subscription has been created can only be done with a separate, server-side integration.
For the old HTML subscription button integration in the tutorial you reference, you can implement the old Instant Payment Notification (IPN) service.
The current solution would be to use a smart subscribe button with server side API calls to create the subscription and activate it -- with this, your server immediately knows it has been activated (because it did so itself and received the response). You can find some details on that solution here: https://stackoverflow.com/a/63908112/2069605
Related
I am working on a subscription service for a test website of mine. I have the infrastructure in place so that when a user registers, they need to subscribe before going to their profile. How can I tell if a user has finished subscribing? I have a flag in my database that will turn to true after they subscribe, but I can't seem to figure out that last handshake.
I tried to set it up when making the button to go to "http://www.example.com/profile.php?completed=true" so that I can simply look for that completed variable, but paypal seems to ignore that. Any thoughts on how to do that?
Upon looking at a similar post on here, I could redirect to a success.php, where it can update the database flag. This is a work around, but is this the only solution? Or is there one similar to what I originally wanted to do? Thanks for your input everyone.
You should make use of Instant Payment Notification
Instant Payment Notification (IPN) is a message service that automatically notifies merchants of events related to PayPal transactions. Merchants can use it to automate back-office and administrative functions, like automatically fulfilling orders and providing customers with order status.
I've a problem with Paypal IPN. The callback works very well.
I've a site and anyone can signup for free in my site. Later, the user can upgrade the account and here intervenes paypal.
How can I be sure that the user (A) paid to the transaction_id (0123) ?
Ex.
User (A) -> Click to button (item_number = (0009)) -> redirect to paypal page;
User (?) paid -> Paypal IPN sended and server received data -> [Which user has paid?]
!! This, without the user return to the site !!
Thank You
I'm sorry #Vincenzo Raco, but that is bad advice.
PDT and IPN are essentially the same exact thing except that PDT sends data to your return URL and IPN sends it to a silent listener.
There is no guarantee that users will make it back to your return URL, even if you have Auto Return enabled, so it's never a good idea to handle post-payment processing tasks on the return URL. If your IPN is getting hacked that means you have a problem with your configuration.
All IPN's are verified with PayPal's servers, and if you're using API calls, hosted buttons, encrypted buttons, etc. people can't see the original code, copy it, and make adjustments to pricing, which would be the only potential "hack" that anybody could do. Just make sure not to use basic, standard HTML buttons and that potential problem goes away.
IPN is definitely what you want to use to handle your post-payment processing. You can save your user record or whatever data you're working with in your database prior to sending the user over to PayPal. You can include the record ID of your database in the PayPal payment request (I typically use the invoice parameter for this) and then that will be returned in IPN so that you can pull that data back out of your database or add new related accordingly.
I'm trying to set up a website that allows users to sign up at various membership levels, each at their own price, using PayPal Subscriptions. I have searched Stack Overflow and gotten numerous very helpful answers about setting up the IPN script, which I have done successfully. (Thanks!)
My question now is, how does a member cancel their account within my site? If they cancel using PayPal, my IPN will detect it and act accordingly, but there must be a way for my users to cancel their subscription on my page, right? Or at least provide a more direct link than simply telling them "log into PayPal, go to this page, and cancel it there"?
I've found scattered references to generic ideas like "have your script send a cancel request to PayPal" or some indication that maybe only the Pro (Advanced?) membership with PayPal allows you to do this, but I haven't found a straight answer that says definitively yes or no, and if so, how.
Can I have my members cancel and/or upgrade/downgrade their PayPal subscriptions through my PHP website, and if so, what code samples or other considerations will I need to make that happen? Most helpfully, is there a tutorial that can walk me through it? I'm fairly familiar with PHP/MySQL, but APIs and such are still new to me...
Thank you!
I want to achieve something like this
http://depositfiles.com/en/gold/payment.php
I have normal users signed up. I want them to upgrade to premium user. Once a person pays, how do I know which user he was signed in ? How do i force the user to login first before being able to click the paypal button and make payment ? Otherwise, I would receive money, but wouldn't know which user to mark as "PAID" in my database.
when you click on the paypal button, it redirects you to the paypal page where you can login and pay.
I also want to accept Visa and Mastercards, is it doable through paypal using the same method ?
Paypal's information can be found here:
Part 1
You can create a subscribe button for each type of subscription you want and use the HTML variables in Part 2 to enable you to know what type of product and what user is included in the invoice.
This needs a lot more details than you currently provide. What language have you written your website in? Static HTML? Ruby? PHP? How does PayPal's payment system work?
normally the way it will work is that your site will pass information to paypal (http://paypal.sourceforge.net/ is one toolkit that seems to be made for php, thought I've never used it so I can't really promise its not abandonware).
once the paypal transaction is completed successfully, control is passed back to your site. you can then set the user's flag in your database as a premium user.
as far as I can tell, you tell paypal to handle payments for you, and the user picks a funding source in paypal. if you want to have visa/mastercard separately handled from paypal you'll need another payment gateway to handle it, like mirapay or something else.
I have a client who will be selling access to an online service on their website. They would like to integrate a PayPal Buy Now button into the site... no problems there. However, they want their customers to have instant access to the online service that they are selling as soon as the payment is processed. That seems reasonable to me... the problem is that I can't seem to find a way to automate that. So my question is really this:
How can I automatically alert my php/mysql web app that a PayPal transaction has gone through?
All I would really need is like a callback process that triggers a php script to updates the customer's record in the database... right? Seems simple to me. But I can't seem to find a way to do it! Anyway, if you've accomplished anything similar with PayPal, I'd be grateful for your advice!
See Instant Payment Notification.
I think you want to send in a variable to paypal (item_number) that they will return to a page that you specify in your post to them (return - success and cancel_return - cancel). They will send you back whether the transaction was successful or not and then with your variable you can make a call to your db to update the record in your database based upon the result of the transaction. In the return page you can also send some sort of notification to the client of the success or failure of the payment process and clean up after a canceled transaction.
PayPal maintains an extensive knowledge base on how to integrate their services with your web app. In think that is a good first starting point. See www.x.com