I have a paypal IPN system in place. The payment system works very well, it takes t he required amount of money fine, however the IPN is just slightly off.
I've done some timestamps on the time the IPN connects to my site and the time I load the /shop/thanks page - and here is the data:
IPN:
[1416406186 // 14:09:46 19-11-14] papypal.php runtime: 1 seconds. (start time: 1416406185 / end time: 1416406186)
/shop/thanks error:
[1416406183 // 14:09:43 19-11-14] /shop/thanks error - could not display thank you message.
THREE SECONDS. If I go straight through the paypal process I get to my website 3 seconds before paypal updates me via IPN. If I go through it slowly then most likely I get correct thank you page.
I haven't encountered this problem before. What can I do to sort it out? The runtime of the paypal.php script is 1 second, so It's not like I am taking too long to update the database.
You can't. IPN is supposed to be asynchronous. You are supposed to say "thank you for your payment, we will notify you when your payment is complete."
But why?
Because let's say I decide to pay you by eCheque, ie. directly from my bank account through PayPal. eCheques may take six to ten DAYS to clear.
IPN may stand for "Instant Payment Notification", but the "Instant" part refers to when you actually get the payment, not when the user sends it to you.
Now, that being said, you might be able to adjust your IPN script to accept "Pending" status payments, and act accordingly. However, this is not necessarily a good idea because it may mislead the user into thinking their payment has completed, when in fact it may be cancelled or deemed invalid later. But that's a question for UX. Even then, you'd still have some kind of delay while the IPN system processes your notification.
Related
I have Integrated Paypal using php. I know there is return url ,that means when payment is received it will return to the url for our website.My Question is if payment is received and due to internet problem it does not return to our web page, how do I know that payment is received from a particular user?
If there is a network issue and PayPal cannot issue the IPN message, then according to their documentation, they will retry 15 times up to 4 days.
The IPN message service does not assume that your listener will receive all IPN messages. Because the Internet is not 100% reliable, IPNs can get lost or be delayed. To address these issues, the IPN message service includes a retry mechanism that re-sends a message at various intervals until your listener acknowledges receipt. An IPN message may be present up to four days after the original was sent. The maximum number of retries is 15.
https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNIntro/
This item below might help. Instant Payment Notification should work, but in the case of a network failure, if the payment reached PayPal but the purchaser did not get back to your site to complete a purchase, then you should still receive an email from PayPal telling you that you have received a payment.
using paypal button - can my webpage tell if paypal transaction was successful or not?
You get a confirmation email with their name and email address - be aware that occasionally this may not be the user's current, most active email address. You can also log in to your PayPal dashboard to see all details as well, of course.
You can look up your payment details from the email and compare them to your own user records in your database. If the email they use for PayPal is not the same as the one they registered on your site with, you can still look up their name from the email - in practice it seems to happen extremely rarely that payments have such a problem in my personal experience
I set up a script which emails my users with a passcode to get to the online product they bought which is emailed to them so they can submit that later along with their email address. This is the first thing that happens on return to my script so at least if the site fails to respond properly they can get to what they bought later.
The script uses PHPMailer and cc's me with their passcode so I have it available to re-send to them if they write with a complaint. It doesn't help if the PayPal return for Instant Payment Notification fails completely but the other answers cover that very fully and detail the PayPal repeat attempt process well.
Instant Payment Notification scripts can be downloaded from PayPal for modification by yourself as per the article linked to above.
To be perfectly honest, this is one of PayPal Standard's largest holes. IPN is a POST callback (as is PDT) and they check to make sure they get a 200 response or else they retry (and you can use the IPN history in your PayPal account to resend missing IPNs). But this method still relies on you getting the callback in a timely manner and it's not foolproof. Worse, you need to verify the IPN call and that introduces yet another point of failure in calling PayPal to make sure they did indeed send you the IPN you got.
There's a couple of ways to deal with this
Audit your account regularly. This is a good idea in general, but for a small website this shouldn't be terribly hard. Match your invoices up to your PayPal payments. Obviously this doesn't scale well so...
Switch to Payments Pro. There's more hurdles to this (like more PCI compliance, SSL certificate, etc) but the major advantage is that the API is far less susceptible to the whims of the Internet and only involves one call for credit cards (you can ignore the IPN because the API tells you everything you need to know). The worst that can happen is you send a payment API call and fail to get a response. This is exceptionally rare as PayPal makes sure their API is 99.9% reliable (IPN relies on your server being reliable). Speaking from experience, Payments Pro has far fewer issues than IPN does.
In your application, you should have a status field for orders. If you haven't received the ipn, you wouldn't change the status to Paid.
After that, if you receive an email from Paypal that someone has paid, check the order number, and change the status manually.
how do I know that payment is received from a particular user?
Paypal will send an email both user and you.
Paypal offers 2 solutions for your problem.
PayPal IPN - it notifies the server with a POST request to a specific URL, whena transaction has been successful, declined, aborted by user and so on. Paypal provide an IPN Simulator (the worst simulator ever) in order to test its functionality. you may give it a try at : https://developer.paypal.com/developer/ipnSimulator/
Paypal WebHooks - The webhooks are the "New Kid in the Block",they are basically "user-defined HTTP callbacks that receive events for the subscribed event types. Webhooks are asynchronous, the order is not guaranteed, and idempotency may lead to the same event being sent more than once." as stated in the Paypal documentation.
You can read more about it on : https://developer.paypal.com/docs/integration/direct/rest-webhooks-overview/
For any further help, comment below and I shall try to help.
Cheers,
You have to use notify_url for this purpose
<input type="hidden" name="notify_url" value="https://domain-name.com/ipn.php">
I am using PayPal express checkout API to make user subscription.
And i created IPN so when user complete subscription process IPN set user status=1.
But right now IPN takes 3 or more hours to respond. sometime it works quickly but some time takes more time.
User want to activate account immediately after payment complete, but right now it takes more time because of irregular delay in IPN. So what should i have to do in this case? I want user to access subscription immediately.
Thanks in advance.
We have a little problem in our system, we allow customers to pay using PayPal which is great!
But in the following situation we have this issue:
A customer pays us using PayPal.
We send the product to our customer when the transaction has completed.
A few days later, PayPal refuses to pay us because the customer have his PayPal account connected with his bank account. And the funds on that bank account is too low.
So, is there a way to let PayPal know us when this happens through API/URL call to our server ?
As Dagon mentioned, IPN is the best way to handle this.
You'll setup a listener script on your server, and every time a transaction happens on your PayPal account, the PayPal server will POST data about that account to your listener script. You'll get different parameters depending on the type of transaction that occurs. You can see a list of the types and parameters here.
You can build your email notifications, database updates, etc. into your IPN script to fully automate post-payment processing tasks.
So, in the example you've provided, what would happen is when the transaction first takes place the IPN would be triggered with a payment_status of Pending, and then you'd also see a parameter called pending_reason with a value of echeck. This tells you the payment was made, but it's an echeck which takes time to clear, so the status again is Pending instead of Completed.
A few days later when that payment does clear (or fails) you'd get another IPN with an updated payment_status. Only upon receiving an actual COMPLETED payment_status would you then would you deliver the order.
Again, this can all be automated within your IPN script.
I just moved my server to a new host, and obviously changed the DNS for my paypal ipn page.
For some reason paypal keeps hitting my page about every 30 seconds with the same transactions over and over again.
So of course its verified then stored in the database as duplicate records.
Has anyone had this problem? Or know how to fix?
Make sure that your browser is returning 200 OK status to paypal.
Either way, you should store IPN tracking IDs (ipn_track_id) in your database and check for duplicates. This is the only guaranteed way to solve your problem.
According to PayPal's IPN documntation:
Your listener must respond to each message, whether or not you intend
to do anything with it. If you do not respond, PayPal assumes that the
message was not received and resends the message. PayPal continues to
resend the message periodically until your listener sends the
correct message back, although the interval between resent
messages increases each time. The message can be resent for up to four
days.
This resend algorithm can lead to situations in which PayPal
resends the IPN message while you are sending back the original
message. In this case, you should send your response again, to cover
the possibility that PayPal did not actually receive your response the
first time. You should also ensure that you do not process the
transaction associated with the message twice.
IMPORTANT: PayPal
expects to receive a response to an IPN message within 30 seconds.
Your listener should not perform time-consuming operations, such as
creating a process, before responding to the IPN message.
So a) is your script properly responding and b) is the notify_url parameter from your transaction different with your DNS change?
I am developing a crowd-funding site (similar to Kickstarter) using the CodeIgniter framework.
I "successfully" implemented PayPal's adaptive payments using this library.
But, I'm just not sure how to correctly and securely check for succesfull/failed payments and witch data is important to save to database.
Note: it's a chained delayed payment, I am the primary receiver, and the secondary receiver is the crowd-funding project creator. The money is transferred to the secondary receiver after a predetermined period of time.
The flow I have right now goes like this:
User click to buy a reward.
I use the 'Pay' API operation to request payment (unique TrackingID included) and save the request in the database.
If the request is succesfull, I save some response data in the session (TrackingID, PayKey, amount, ...) and redirect to PayPal..
In this step the user can: accept payment, cancel, or just close the browser, so I dont really know what happens here... (recommendations?)
If the user accepts the payment, he is redirected back to my site and I use data I saved in the session to request a 'PaymentDetails' API operation to obtain information about the payment.
I save the result in database and check to see if the response 'amount' is equal to the request 'amount' (for security).
If everything went OK I update the database and connect the payment TrackingID with the user and the reward he bought.
Later (can be months later), the 'ExecutePayment' API operation is requested by an admin, and the money is transferred from us to the project creator, and we take a small fee (thats how crowd-funding works...)
Now, I'm sure I'm missing lot of things but I have no idea what:
What about the IPN API? I need it? Where it comes to play inside the flow and checks?
What I do if the user closes the browser window when he is in PayPay (out of my site).
I heard that the PayKey is valid for 3 hours, how can I 'ExecutePayment' after months?
How I handle the enormous amount of error types in the PayPal API?
Any tips or examples of others things I need to take care of? Security? Errors? Others?
Thank you very much, I really need your answer!
IPN will automatically POST data to your "listener" (which you'd need to develop) in order to automate post-payment procedures. For example, you could update a database, hit 3rd party web services, generate email receipts, etc. within IPN so that those events happen automatically any time you receive money in your PayPal account. You can also set it up to handle refunds, disputes, and other events. It's not required, but often very useful.
This is one reason IPN can be useful. IPN will be triggered whether the user makes it back to your site or not. If you're doing post-payment processing procedures within your thank you page or something like that, I'd recommend you move it into an IPN solution.
The PayKey is indeed valid for 3 hours when being used as a token. When you call Pay with an ActionType of CREATE, though, it sets up a delayed payment and the PayKey is then valid for up to 90 days.
The error information will always come back in the same format in the response. You can just log or display errors accordingly based on this standard response.
Sounds like you're pretty much on top of everything for the most part.