We have a little problem in our system, we allow customers to pay using PayPal which is great!
But in the following situation we have this issue:
A customer pays us using PayPal.
We send the product to our customer when the transaction has completed.
A few days later, PayPal refuses to pay us because the customer have his PayPal account connected with his bank account. And the funds on that bank account is too low.
So, is there a way to let PayPal know us when this happens through API/URL call to our server ?
As Dagon mentioned, IPN is the best way to handle this.
You'll setup a listener script on your server, and every time a transaction happens on your PayPal account, the PayPal server will POST data about that account to your listener script. You'll get different parameters depending on the type of transaction that occurs. You can see a list of the types and parameters here.
You can build your email notifications, database updates, etc. into your IPN script to fully automate post-payment processing tasks.
So, in the example you've provided, what would happen is when the transaction first takes place the IPN would be triggered with a payment_status of Pending, and then you'd also see a parameter called pending_reason with a value of echeck. This tells you the payment was made, but it's an echeck which takes time to clear, so the status again is Pending instead of Completed.
A few days later when that payment does clear (or fails) you'd get another IPN with an updated payment_status. Only upon receiving an actual COMPLETED payment_status would you then would you deliver the order.
Again, this can all be automated within your IPN script.
Related
I am trying to integrate the PayPal REST API into my Symfony 2 web app but I find hard to understand how exactly the complete workflow looks like:
The PayPal docs describe the following steps to accept a payment. One can use the PayPal Playground to simulate these steps:
Get an access token
Create a Payment object by querying the API
Redirect the user to the approval url received in the Payment response
After the user approved the payment on the PayPal page, he is redirected back to my page, using the success-link defined in the Payment object. Use the received information to execute the payment.
Payment is completed with status approved
From the docs: Once a payment is complete, it is referred to as a
sale. You can then look up the sale and refund it.
So far so good. BUT: Where are Webhooks used/fired in this workflow? I have defined a wildcard Webhook (accepting all possible events) in the PayPal Developer Dashboard.
My observation is, that my system receives the Webhook event 1-2 Minutes (!) after the user was redirected back to the success-link and after the payment was executed (Step 4).
Beside this long delay between executing the payment and receiving the Webhook, this workflow means, that I only receive the Webhook AFTER handling the success-link. This means, handling the success-link is absolutly necessary for the payment to be completed. Is this correct?
Do I need to use Webhooks?
I already asked this question a few days before and the answer by nifr is quite reasonable: One cannot trust the user to follow any redirect URL but should only rely on the Webhook events.
However this collides with the observations I described before, since I will never receive the Webhook without handling the redirect URL...
So, handling the PAYMENT.SALE.COMPLETED webhook event does not make a lot of sense, since this should already be done in when handling the redirect URL. Correct?
However, to handle updates on pending payments, handle refunds or reversed payments, etc. are only possible by listening on those events.
So the answer is: Only use Webhooks to get updates on payments made before. Correct?
So, the main questions are:
The 5-step process to accept payments does not say anything about using Webhooks. This does not seem to make a lot of sense, because without Webhooks one would miss update events, etc.? So, is it really possible to implement the complete payment workflow without Webhooks?
If yes, how are updates (refunds, pending, etc) handled in this case?
If no, what is the right strategy/time to fulfill the order since it take quite a long time to completly receive and handle the webhook?
i am still a newbie in PayPal world, but few days ago i integrated PayPal Plus REST API in an online Shop, and from my understanding i can tell that the workflow looks like:
create a Payment
redirect to PayPal
Payer could pay using PayPal account OR (using Bank Direct debit or Credit Card Payment without PayPal Account)
After completing the process on PayPal side, PayPal redirect the user back to your success URL.
till now the user is still not charged(you got no money). At the moment where you (in your success URL) do $payment->execute($paymentExecution,$api); , you ask Paypal to charge the amount from user. BUT also after this, you got no Money. Paypal have first to process the charging and notify you later via WebhookEvents.
the Webhook Notification (with that nasty delay) is especially important when the user pays per direct debit or Credit Card etc. Processing such Payments takes few seconds/minutes.
the redirectUrl ist absolutly necessary for charging/executing the Payment.
here on execution succeed, just to tell the user, that he finished his Job, and you can here save/capture the PaymentID/Transaction id for later usage/update via WebhookEvent Listener.
so i would recommend you to update your Database(Payment completed) only after receiving notofications via WebhookEvent Listener and not in the success RedirectUrl.
I have Integrated Paypal using php. I know there is return url ,that means when payment is received it will return to the url for our website.My Question is if payment is received and due to internet problem it does not return to our web page, how do I know that payment is received from a particular user?
If there is a network issue and PayPal cannot issue the IPN message, then according to their documentation, they will retry 15 times up to 4 days.
The IPN message service does not assume that your listener will receive all IPN messages. Because the Internet is not 100% reliable, IPNs can get lost or be delayed. To address these issues, the IPN message service includes a retry mechanism that re-sends a message at various intervals until your listener acknowledges receipt. An IPN message may be present up to four days after the original was sent. The maximum number of retries is 15.
https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNIntro/
This item below might help. Instant Payment Notification should work, but in the case of a network failure, if the payment reached PayPal but the purchaser did not get back to your site to complete a purchase, then you should still receive an email from PayPal telling you that you have received a payment.
using paypal button - can my webpage tell if paypal transaction was successful or not?
You get a confirmation email with their name and email address - be aware that occasionally this may not be the user's current, most active email address. You can also log in to your PayPal dashboard to see all details as well, of course.
You can look up your payment details from the email and compare them to your own user records in your database. If the email they use for PayPal is not the same as the one they registered on your site with, you can still look up their name from the email - in practice it seems to happen extremely rarely that payments have such a problem in my personal experience
I set up a script which emails my users with a passcode to get to the online product they bought which is emailed to them so they can submit that later along with their email address. This is the first thing that happens on return to my script so at least if the site fails to respond properly they can get to what they bought later.
The script uses PHPMailer and cc's me with their passcode so I have it available to re-send to them if they write with a complaint. It doesn't help if the PayPal return for Instant Payment Notification fails completely but the other answers cover that very fully and detail the PayPal repeat attempt process well.
Instant Payment Notification scripts can be downloaded from PayPal for modification by yourself as per the article linked to above.
To be perfectly honest, this is one of PayPal Standard's largest holes. IPN is a POST callback (as is PDT) and they check to make sure they get a 200 response or else they retry (and you can use the IPN history in your PayPal account to resend missing IPNs). But this method still relies on you getting the callback in a timely manner and it's not foolproof. Worse, you need to verify the IPN call and that introduces yet another point of failure in calling PayPal to make sure they did indeed send you the IPN you got.
There's a couple of ways to deal with this
Audit your account regularly. This is a good idea in general, but for a small website this shouldn't be terribly hard. Match your invoices up to your PayPal payments. Obviously this doesn't scale well so...
Switch to Payments Pro. There's more hurdles to this (like more PCI compliance, SSL certificate, etc) but the major advantage is that the API is far less susceptible to the whims of the Internet and only involves one call for credit cards (you can ignore the IPN because the API tells you everything you need to know). The worst that can happen is you send a payment API call and fail to get a response. This is exceptionally rare as PayPal makes sure their API is 99.9% reliable (IPN relies on your server being reliable). Speaking from experience, Payments Pro has far fewer issues than IPN does.
In your application, you should have a status field for orders. If you haven't received the ipn, you wouldn't change the status to Paid.
After that, if you receive an email from Paypal that someone has paid, check the order number, and change the status manually.
how do I know that payment is received from a particular user?
Paypal will send an email both user and you.
Paypal offers 2 solutions for your problem.
PayPal IPN - it notifies the server with a POST request to a specific URL, whena transaction has been successful, declined, aborted by user and so on. Paypal provide an IPN Simulator (the worst simulator ever) in order to test its functionality. you may give it a try at : https://developer.paypal.com/developer/ipnSimulator/
Paypal WebHooks - The webhooks are the "New Kid in the Block",they are basically "user-defined HTTP callbacks that receive events for the subscribed event types. Webhooks are asynchronous, the order is not guaranteed, and idempotency may lead to the same event being sent more than once." as stated in the Paypal documentation.
You can read more about it on : https://developer.paypal.com/docs/integration/direct/rest-webhooks-overview/
For any further help, comment below and I shall try to help.
Cheers,
You have to use notify_url for this purpose
<input type="hidden" name="notify_url" value="https://domain-name.com/ipn.php">
I'm doing a project involving Paypal, more specifically with the NVP API in PHP. But I just can't seem to figure what to use the IPN feature for.
I mean, when the user has been redirected to Paypal to confirm the purchase, he is redirected back to my website's "Paypal-succes-page", when the transaction is complete. And just to be sure that he actually payed i could use the "PaymentDetails" operation.
Now where does IPN fit in this process? and what is the benefit of it?
Thanks
The integrate with PayPal's services you will notice there are three main channels (and IMO it's important to know this so you can decide the benefits for your application):
IPN: Instant Payment Notification
PDT: Payment Data Transfer
PayPal's API
To use PayPal's IPN you need to add a 'listener' script (example) and add the address to your PayPal account. Whenever an event occurs PayPal will send a message directly to your server via your listener and you then update your accounts appropriately. This is especially useful for running subscription services as events will occur in the background without user intervention and you can capture successful/failed recurring payments etc.
PayPal's PDT is a system for accepting data when a user is redirected back to your site from PayPal. For example, a user clicks 'Buy', they are directed to PayPal, enter information etc. Then, once the payment has been taken, they are redirected back to your site. PayPal can pass details about the transaction including whether it was successful or not so you can display the appropriate success/failed page from your site.
PayPal's API allows you to integrate more deeply with PayPal's services, and you would use this if you were managing payments directly from your site.
These services aren't mutually exclusive, so you can use any combination with your application.
I hope this helps
The IPN feature is a very useful feature which you should use to update your database in my opinion. Sure the user is redirected to your success-page after the purchase where you can validate the payment details.
But what if he closes (by accident or not) the browser before reaching your success page? You will never know the result of the transaction and you will never update your database or process his order accordingly.
When using the IPN you can be sure that the transaction result will always reach you because PayPal will keep on making an offline request to your IPN page until it has reached your servers.
Instant Payment Notification
The typical usage of the IPN is to validate the purchase and to let your script or management system know that the transaction is complete so your system can update any records you may have for your service.
But the most important part is that the transaction is validated.
IPN send all data about transaction to your server - price, items, contacts ... so you can check, if someone don't pay you only 1$ instead of 100$ and confirm your order. It prevets thiefs, cheaters, ... USE IT! ;)
I need to setup paypal auto renewal for my customers in website.
actually customer will get 30 days website access on every month payment.
if the monthly auto payment is ok we can increase "website access" days by 30.
if no it will not add any more days to customers account.
that means i need to RUN a SCRIPT from my own website to check and increase or stop customers "website access" days after each auto payment.
can we set up paypal auto renewal like this?
is there any method to run a script (mywebsite.com/renewalscript.php?customerid=123&payment=ok) after every auto renewal ?
or do you have any other idea to overcome this ?
A simple way could be to have a valid_until date column or something. When a user tries to view content, just check that field and see if they should be able to or not. Then in the IPN listener, you could push that date forward 30 days when a good payment comes in.
If you need help with creating the IPN listener, you might find my tutorial helpful.
PayPal Instant Payment Notification (IPN)
You can do this by listening to the IPN for when the txn_type is subscr_eot. When the subscription fails or is cancelled, you can disallow access.
This question explains a bit more about subscr_eot:
Subscriptions with Paypal IPN
I use this class: PHP Paypal IPN Integration Class
and check:
if($p->ipn_data['txn_type'] == 'subscr_eot')
then set their status to 0 to disallow access.
AFAIK, on every sucessfully debted subscription fee, you get an information via IPN. The "script you need to run" is the IPN script. If PayPal notifies you via IPN, your IPN script needs to handle the request/response and if valid, sets your parameters in your database. This is all done in your IPN handler script on your website.
(Remember to first answer the paypal request in this script before doing any local updates to your tables etc. if you send the request too late, paypal doesn't accept it and sends a new one later).
See https://cms.paypal.com/cgi-bin/marketingweb?cmd=_render-content&content_ID=developer/library_code_ipn_code_samples for sample code
I'm looking to implement a very simple Paypal integration whereby I can enter a valid Paypal Email address (recipient) and a dollar amount, and click "Pay." Ideally, it would send the money from my paypal account automatically via my API key.
I currently have Mass Pay set up with PHP, and it's working fine, except that it charges me 2% on every payment, and doesn't pass back the Transaction ID. It also kinda seems unnecessary since I don't need to pay multiple people at once.
Since I only need to do one transaction at a time, I'm wondering if anyone knows of a simpler Paypal API for single outgoing transactions from my account.
I've been reading the documentation all day and I've yet to find what I'm looking for.
Any advice is greatly appreciated!
PayPal has sample codes for integrating various PayPal features on it's website. This includes PHP take a look at the list of features and I'm sure what you are looking for is there.
Also from the paypal site:
PayPal receives the MassPay request and returns a response indicating
success or failure. If PayPal returns a successful response, then
PayPal processes the payments and, if you have Instant Payment
Notifications (IPN) enabled, PayPal sends a notification to the Notify
URL specified in your account profile. If you do not have IPN enabled,
you can view the details of the MassPay transaction in your PayPal
account.
This implies that in the case of mass pay you need to provide a URL where paypal sends payment notifications. Your program can probably check this url to figure out whether a payment has been made or not, I would suspect this would be the case for all payment integration. That being said I would print_r the the response from paypal, I'm sure something like a transaction id will probably be in there. In the case of DoAuthorization it does return the transaction id
In the case of mass pay it does return the transaction id if IPN is enabled