I'm using a paypal button link, and trying to pass arguments to it for the IPN listener.
(I passed them like this: www.paypal.com/.../&name1=value1&name2=value2)
The payment is done fine, and my IPN Listener is called.
The thing is, those additional parameters are not getting into my IPN listener.
Does anyone know how can I pass them, or what am I doing wrong?
If you were going to do it that way you would actually include those URL parameters on the end of your NotifyURL as opposed to the PayPal URL. I wouldn't recommend doing it that way, though, because it can cause issues depending on the values of the parameters.
Instead, you can use the single CUSTOM parameter in your button code and put an NVP string in there. That would come back in IPN as $_POST['custom'] and then you could parse the individual parameters and values back out of that.
Another option would be to save the order details in your database prior to sending the user over to PayPal. You can then include the order ID from your database in the button code using the INVOICE parameter, and again, that would come back in IPN as $_POST['invoice']. At that point you can hit your database to pull the data you need back out based on that record ID and processing it accordingly.
Related
i have IPN data sending back the correct info, i have the product id and i also have a text box for user's to write in their in-game-name in on my website.
im stuggling to attach the username input with the IPN product_id. what i want it to do is when the user clicks the paypal button, it process's the transaction and if approved the username entered from the website and product_id get placed into a array or something that i can later put into my database
im quite new to php and html please bare with me
When you create a PayPal transaction, pass a variable named custom with the values you want to store as part of the transaction.
For old-style HTML integrations that use no API or JS, this is documented here: https://developer.paypal.com/docs/paypal-payments-standard/integration-guide/Appx-websitestandard-htmlvariables/#payment-transaction-variables
IPN is very old and clunky. Crrent PayPal integrations don't use IPN at all, but rather two routes on your server that call the PayPal API -- one for 'Create Order' and one for 'Capture Order', documented here: https://developer.paypal.com/docs/business/checkout/server-side-api-calls/#server-side-api-calls
When you do that capture call you get an immediate response of success/failure and can update your database/system accordingly. Thus there is no need to wait around for PayPal to send you an IPN notification.
Those two routes on your server should return JSON data (and only JSON data) when called. The approval flow to pair with them is https://developer.paypal.com/demo/checkout/#/pattern/server
You can add POST data values to your fetch request.
I have a payment button that uses the custom variable to identify in my database who bought what when the ipn message comes. my custom field looks like this :
<input type="hidden" name="custom" value="userName">
My problem is that anybody can change this value to what ever they want, allowing people to buy stuff for other users. Is there any possible way to send this custom value from php to paypal, so that the user cannot change the value to something else?
You can use the Express Checkout APIs instead of standard payment buttons.
You'd make a call to SetExpressCheckout to start the process and obtain a token, then redirect the user to PayPal.
When they're returned from PayPal you can call GetExpressCheckoutDetails to obtain the buyer information as returned by PayPal, and then you call DoExpressCheckoutPayment to finalize the order and actually move the money.
You would include the CUSTOM parameter in that final DECP request the same way you are now, but it would all be hidden in the PHP code, of course. Nothing people would see in HTML.
This PayPal PHP SDK will make those API calls very quick and easy for you.
I've set up my IPN on PayPal and I get the transaction id, product name and all that but my question is how can I set up custom fields that I can retrieve after payment using the IPN?
Thanks in advance
There is a parameter called CUSTOM that you include in your button code or API calls. Anything you pass here will come back in IPN as $_POST['custom']. If you need multiple parameters you could store them there as an NVP string or however you want to pass them and then parse them back out within your IPN script.
Alternatively, you could save all your order data to your database prior to sending the user over to PayPal. Then you can include your db record ID in the PayPal payment using the INVOICE parameter, which again, would come back in IPN as $_POST['invoice']. With that you could pull the data back out of your DB based on the record ID and process it accordingly.
I added an additional parameter in the paypal button code.
This value represents the user_id inside my wordpress website.
Is there a way to simulate the IPN protocol passing this parameter?
First, you can't create your own parameters. You'll need to use the INVOICE parameter and pass a record ID of some sort, or you can use the CUSTOM parameter to include value you need to pull back out of IPN.
There is an IPN Simulator built in to the tools at developer.paypal.com, but it's not perfect. What I like to do is build an HTML form with the action set to my IPN URL and then a bunch of hidden fields that resemble what I would expect to get back from a PayPal IPN. This can be loaded in a browser and submitted so you can see the result on screen which can really help with testing and troubleshooting. Once everything works the way you expect within the browser you can be sure it'll work the same with a real IPN.
Just keep in mind that when testing that way the data is not coming from PayPal's server so it will not be VERIFIED. You'll need to make sure your IPN code logic can handle that accordingly.
I have a PayPal listener that gets an HTTP POST request from PayPal (or the PayPal documentation seems to indicate that's what they send), the listener sends back the information for verification by PayPal, and then if the information is verified, it does database transactions. This is the normal PayPal IPN process and the verification part works fine.
One of the values in the POST array that I get from PayPal is something that I am passing through to keep track of the transaction number. So I make a call that looks like: (not actual code; I am fully aware of SQL injection)
UPDATE transactions SET status='paid' WHERE id=$_POST['invoice']
The problem: If I fake the input by pointing a form with some inputs to my listener everything works fine, but if I get a real POST array from PayPal the database doesn't run. I know the $_POST['invoice'] variable is set when I get the real PayPal data, I've tested that, and it has a valid value, like 84, so I don't know why my transaction doesn't execute. The lines above and below the transaction both execute.
Maybe I'll have to post my actual code, but is it possible that PHP could be configured in some way that it wouldn't run transactions when it gets a request from PayPal? Like I said, I think PayPal is sending an HTTP POST request so it should be indistinguishable from my fake form, but something is wrong.
Probably your form input looks different from the actual IPN.
PayPal's IPN's can contain arrays, which are not handled very well by php when reading from the $_POST variable. It's possible that this is tripping up your handler (In this case, you will need to read and manipulate the raw data) .
If possible try to read the raw incoming data and compare against your simulated data, as others have suggested.
The notify URL was set to point at the listener in the development database. So I got the emails indicating that the POST['invoice'] variable was set, but all the transactions were run on the development database