I'm currently developing a website that uses PayPal for order processing..
This is the html form I'm using so far for testing purpose
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<select name="amount">
<option value="3.99">6 Months ($3.99)</option>
<option value="5.99">12 Months ($5.99)</option>
</select>
<br>
<input name="currency_code" type="hidden" value="USD">
<input name="shipping" type="hidden" value="0.00">
<input name="tax" type="hidden" value="0.00">
<input name="return" type="hidden" value="urlOnValidPayment">
<input name="cancel_return" type="hidden" value="UrlOnCancelPayment">
<input name="notify_url" type="hidden" value="URLForValidationPayement">
<input name="cmd" type="hidden" value="_xclick">
<input name="business" type="hidden" value="your e-mail">
<input name="item_name" type="hidden" value="name of the object">
<input name="no_note" type="hidden" value="1">
<input type="hidden" name="no_shipping" value="1">
<input name="lc" type="hidden" value="EN">
<input name="bn" type="hidden" value="PP-BuyNowBF">
<input name="custom" type="hidden" value="custom data">
<input type="image" src="https://www.paypalobjects.com/en_US/CH/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/fr_FR/i/scr/pixel.gif" width="1" height="1">
</form>
But, I've noticed that, this method is not secure for ordering purpose. it can be only used for donation purpose. Because, user may return to the url in "notify_url" field without paying. blah blah..
Am I right? Or is there any way to make it secure?
You can reconcile the item amount within an IPN script, but this can be more trouble than its worth in my opinion. Since you're already working with PHP I'd recommend using the Express Checkout API instead of standard payment buttons. This makes everything much more secure and allows you to fully integrate without any limitations.
You can take a look at my PHP class library for PayPal if you want. It'll make the API calls very simple for you. Specifically, you'd be looking at SetExpressCheckout, GetExpressCheckoutDetails, and DoExpressCheckoutPayment.
Related
I'm having a problem with a PayPal button that I made. Yesterday I got my first sale of a digital good on my website, everything worked well except at the end when PayPal blocked the payment.
I called them to know why and they explained me that it was because the order was made for physical products and the shipping information was missing.
They unblocked the payment but I can't find how to set that the payment is for digital goods.
My code below:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="my email">
<input type="hidden" name="lc" value="IT">
<input type="hidden" name="item_name" value="product">
<input type="hidden" name="amount" value="00.00">
<input type="hidden" name="currency_code" value="EUR">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="mysite">
<input type="hidden" name="cancel_return" value="mysite">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynow_SM.gif:NonHosted">
<input type="hidden" name="custom" value="userid" />
<input type="hidden" name="notify_url" value="IPN ">
<input type="image" src="img/paypal1.png" style="width: 100%; height: 100%;" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
</form>
Your code is correct to not collect shipping for a digital good, no_shipping=1. Ref: https://developer.paypal.com/docs/paypal-payments-standard/integration-guide/Appx-websitestandard-htmlvariables/#paypal-checkout-page-variables
Perhaps you were misinformed as to why the payment was on hold.
One thing you can do is to ensure the item name makes clear that it is something digital.
I have a website with a simple ticket shop built into it using IPN. It has been working for the past month and I left it alone. I was working on another payment site on the same webhost and for the first time i specified the "notification_url". I noticed that I couldn't get any response from PayPal on my new build and left it there. I then checked to see that my orginal system was still working at least; It was not.
For some reason when i check my IPN history the "latest delivery atempt" is "1984/12/14 04:53:12 CET (UTC+1)". The worst thing is that it also sais "Notification url: ". Empty.
This aparently returned 200 and success allthough my access logs show no traffic to my ipn-page. I have logs running and i havn't modified either code. I can access the IPN url manualt and it will get logged. No html login and no restrictions.
Heres my payment form:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="8TPEJKFGZEJBS">
<input type="hidden" name="lc" value="sv_SE">
<input type="hidden" name="item_name" value="'.$text.'">
<input type="hidden" name="item_number" value="'.$order_id.'">
<input type="hidden" name="amount" value="'.$cost.'">
<input type="hidden" name="currency_code" value="SEK">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="http://mywebsite.com/?page=13&done">
<input type="hidden" name="cancel_return" value="http://mywebsite.com/? page=13&cancel">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_paynowCC_LG.gif:NonHosted">
<input type="image" style="border: none;" src="images/buy.png" border="0" name="submit" alt="PayPal - Det tryggare, enklare sättet att betala online!">
<img alt="" border="0" src="https://www.paypalobjects.com/sv_SE/i/scr/pixel.gif" width="1" height="1">
</form>
What is wrong and what should i try to fix it?
You just need to add a field "notify_url" in your form. This URL is your IPN file url.
<input type="hidden" name="notify_url" value="http://mywebsite.com/?page=13&done">
For more details:
https://cms.paypal.com/cms_content/GB/en_GB/files/developer/PP_WebsitePaymentsStandard_IntegrationGuide.pdf
I have a rather complicated issue that I am trying to solve in PHP and Paypal's IPN codes..
I am selling one product which has multiple licenses in a drop down box, for example:
5 users - $20
10 users- $50
20 users - $100
Once someone purchases a license, I got the $payment_amount passed from paypal and did an if, ifelse statement to generate the number of usernames accordingly.
I did not think about different currencies, therefore this technique won't work. Instead, I need to be able to assign an ID to each option in the drop down box and pass that instead.
I was wondering if this is possible and how I might go about doing this.
You could easily use any of the variables in the list of HTML variables to accomplish what you wish.
You could use invoice, and save the information to a database.
You could use on0 and os0 to define your own variables and price values.
You could define the 'custom' variable and set it to whatever your dreams desire.
All of them are equally effective, though the most commonly used method is probably #2.
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="business" value="tester#test.com">
<input type="hidden" name="lc" value="US">
<input type="hidden" name="item_name" value="asdfsafd">
<input type="hidden" name="button_subtype" value="products">
<input type="hidden" name="no_note" value="0">
<input type="hidden" name="add" value="1">
<input type="hidden" name="bn" value="PP-ShopCartBF:btn_cart_LG.gif:NonHostedGuest">
<table>
<tr><td><input type="hidden" name="on0" value="numUsers">numUsers</td></tr><tr><td><select name="os0">
<option value="5 users">5 users $5.00</option>
<option value="10 users">10 users $9.00</option>
<option value="20 users">20 users $17.00</option>
</select> </td></tr>
</table>
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="option_select0" value="5 users">
<input type="hidden" name="option_amount0" value="5.00">
<input type="hidden" name="option_select1" value="10 users">
<input type="hidden" name="option_amount1" value="9.00">
<input type="hidden" name="option_select2" value="20 users">
<input type="hidden" name="option_amount2" value="17.00">
<input type="hidden" name="option_index" value="0">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_cart_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
Good day, everyone!
Currently I'm working with my school project. I need to create a checkout form using Paypal and the website is written in php/apache/localhost. After a little research I know that we can use Paypal Sandbox (not the real paypal) to simulate payment. But I've no clue how to do it. I've read some tutorial, but just make me become more confuse. I know a little about web service (soap) with php-curl. So if anyone has ever create paypal checkout using paypal sandbox, could you share what step-by-step you've done using easiest term and language?
This are the best resource I can get (yet can't understand):
http://net.tutsplus.com/tutorials/php/using-paypals-instant-payment-notification-with-php/ --> not using paypal sandbox
And from the paypal itself, https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/library_documentation
Thank you so much and God bless.
Note that I'm maybe the laziest dumb (joke)
Try this code.
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post" style="padding: 0; margin: 0;">
<input type="hidden" name="cmd" value="_xclick/" />
<input type="hidden" name="business" value="your bussiness id" />
<input type="hidden" name="quantity" value="1" />
<input type="hidden" name="item_name" value="your item" />
<input type="hidden" name="item_number" value="1" />
<input type="hidden" name="amount" value="item price" />
<input type="hidden" name="shipping" value="0" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="notify_url" value="Your notify url">
<input type="hidden" name="currency_code" value="GBP" />
<input type="hidden" name="rm" value="2" >
<input type="hidden" name="return" value="your return url">
<input type="image" border="0" name="paypal" src="images/btn_paypal_nl.gif" onClick="" />
</form>
Thanks,
Kanji
Here's some simple code I'm using to test the Paypal Website Payments Standard upload thingy.
My return URL is http://mysite/index.php?module=store&show=order_confirm
I go through the payment process, and when I get to the end and it returns me to the page, it instead just returns me to index.php (i.e. without the extra parameters).
Anyone know what the deal with this is
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart" />
<input type="hidden" name="upload" value="1">
<input type="hidden" name="return" value="http://mysite/index.php?module=store&show=order_confirm" />
<input type="hidden" name="currency_code" value="EUR" />
<input type="hidden" name="business" value="b.coug_1277121937_biz#gmail.com">
<input type="hidden" name="item_name_1" value="adaddada" />
<input type="hidden" name="amount_1" value="30.00" />
<input type="hidden" name="quantity_1" value="1" />
<input type="hidden" name="item_name_2" value="wuiui" />
<input type="hidden" name="amount_2" value="50.00" />
<input type="hidden" name="quantity_2" value="1" />
<input type="hidden" name="custom" value="19" />
<input type="image" name="submit" border="0" src="https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif" alt="PayPal - The safer, easier way to pay online">
</form>
I'm not sure why Paypal is doing what it's doing, but I suspect their desire to add their own GET parameters is wiping out your own. You might want to try something like this, if mod_rewrite or something similar is available to you:
write a rule that changes this:
http://mysite/store/order_confirm/?merchant_return_link=Test+Store
to this
http://mysite/index.php?merchant_return_link=Test+Store&module=store&show=order_confirm
Try escaping the ? and & in the return URL; change them to %3F and %26.
An alternative answer is to set the paypal 'rm' [return method] variable to "2", so that paypal would POST all its own return variables, rather than sending them as GET variables