dear experts,
I'd like to add a VIP option on my website through subscription. Like an already existing member pay a monthly fee to gain features.
So I tried to use the paypal subscribtion button but I don't get how I can pass parameters like the account id to give him access.
I added variables but in the code they gave me, there is not way to change it :
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="DUFC7HMH4RRJU">
<input type="image"src="https://www.paypalobjects.com/en_GB/i/btn/btn_subscribe_LG.gif" border="0" name="submit" alt="PayPal – The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/fr_FR/i/scr/pixel.gif" width="1" height="1">
</form>
Also I'm not familiar with the Paypal API, is there a way to do what I want easily ?
Thanks in advance.
You won't be able to with a hosted button. You'll need to go into the button editor and disable the option to save the button at PayPal. This will give you back button code with the parameters actually embedded in the code.
Then you can include the "custom" parameter and populate it with the value of your record ID that you need to track. That same value will back in the custom parameter of IPN so you can update your database accordingly.
A better, more secure option would be to go with the Express Checkout API. This will require some actual programming, though. If you're working with PHP I'd recommend taking a look at my class library for PayPal. It'll make that very simple for you.
If you decide to give that a try I can answer any other questions you have about it.
Related
I have a website providing a product such as an EBook. Initially i was configuring the site to use Paypal's basic payment processing.
The user would:
Register
Make an order
Proceed to paypal checkout
Return to a site page (after successful payment) containing a download link.
I had this in place but then spotted a glaring issue. The return url upon successful payment is stored in a hidden input; as such, a user could simply view the source of the page, take the return URL and traverse to it. Even if i pass a validation token, it wont prevent the issue as no matter what i do, the user can see the URL.
I have looked into using the IPN service and i can see this will provide me with a way of confirming if a transaction has been accomplished.
My questions is: How would i approach securely confirming a registered user has paid before providing either a URL download link or simply an email containing the ebook.
You answered it yourself. IPN is what you want. When a transaction takes place you'll get an IPN with data like txn_type, txn_id, payment_status, etc. If you check the payment status within this script and it's completed then you know you can deliver the link. If not, deliver a different message accordingly.
For example, if somebody pays with an e-check you'll get an IPN with a payment_status of pending. You could have your IPN script generate an email that says "thanks for your payment, it is currently pending. As soon as it clears you will receive your download link."
Then when it does clear (or fail) you'll get another IPN with an updated payment_status but the same txn_id. If the status is completed at that point it would generate a completed email, or if it failed, a failed email, etc.
There are all sorts of cool things you can do within IPN to automate tasks based on transactions.
If you want it to work over PDT, then Why don't you Save button at PayPal - all you'll get is a button code in the form. here's how:-
and the button code will look something like:-
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="N3AAAFZTMQ7S">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
Your return URL (where from users can download stuff) will not be shown anywhere. Everything will be stored in the button configuration at PayPal servers and will be tied to the button id.
Otherwise, as Andrew suggested, you can always use IPN or PDT+IPN.
I'm building a simple shopping cart using PHP and I want to be able to use paypal with it. I want to use the tools described here:
https://www.paypal.com/cgi-bin/webscr?cmd=p/pdn/howto_checkout-outside
This seems to be the easiest way to go about doing this. I looked over at their development page, and was really confused, but this made sense. My only problem is with this I have been told that it's fairly easy to change the prices. Now I could run a script to check the return from paypal to check to see if their order price matches their cart total, but I want to stop this before it happens. The one thing I did take from the development site was their token call. Would I be able to build a function that creates the buy now button by providing all the items through the method above, and then making a token call to link the id of those items and prices to the button? I'm just a bit confused, a lot of people have said to look at the documentation, but I'm having a difficult time understanding all of it so any help is really appreciated.
You just pass the variable that has the total to paypal
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="you#youremail.com">
<input type="hidden" name="item_name" value="Item Name">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="amount" value="$TOTAL">
<input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but01.gif" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
If you want to stick with Payments Standard you can u se the cart upload method to send all of the info over to the PayPal checkout.
If you're comfortable with PHP, though, I'd recommend using the Express Checkout API. This will free you up to a lot more with your checkout experience.
You might want to check out this PHP class library for PayPal. It makes this very simple for you. With that library it's just a matter of knowing which API calls to make and then using the included files to pass in your own data accordingly.
For Express Checkout you would be using SetExpressCheckout, GetExpressCheckoutDetails, and DoExpressCheckoutPayment.
I'd like to send a custom variable to PayPal when users make a purchase. The variable contains information the user has supplied and is being stored in the $message variable. The $product variable is just used to identify the product being purchased and create the appropriate PayPal button for that product (by referring to an array included in 'products.php'. PayPal allows you to pass it information through an input with the name "custom" as I've done below.
<?php
include('products.php');
$currentProduct = $_GET['product'];
$message = $_GET['message'];
?>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_s-xclick"/>
<input type="hidden" name="hosted_button_id" value="<?php echo $products[$currentProduct]["paypal"]; ?>"/>
<input type="hidden" name="custom" value="<?php echo $message?>"/>
<input type="submit" class="button paypal" value="Pay with PayPal"/>
</form>
However, I've looked around a fair bit and can't find an explanation for how to actually retrieve this information from PayPal once an order is completed. Could anyone please provide a simple explanation for how to go about retrieving the information found in $message once an order is completed (with or without the use of the custom PayPal variable). Thanks.
When you're using a hosted button you can't include the custom variable like this. You'd have to include it in the advanced section of the hosted button creation wizard. Unfortunately, it's pretty much useless there because you can't use dynamic values that way.
What you're going to have to do is go back into your button editor on PayPal and disable the "save button at PayPal" option. This will make more fields available to your button code and custom would then work.
This isn't as secure as a hosted button, though. As such, I would recommend you use the Express Checkout API instead of Payments Standard. Of course, that will require you to have experience working with web service API's in general.
I have been developing a website with PHP in which users will subscribe and pay their subscription fees monthly to resume their memberships. To do this, I created a Subscribe button from PayPal and tested it with sandbox, I can receive the payment. However, I couldn't find a way to determine which user have subscribed.
Here is the HTML code for the PayPal button:
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="BUTTONID">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
As you can guess all users have unique IDs, I want to pass this unique ID to the PayPal page where payment is done then PayPal will pass this ID to me again, therefore the users account will be activated.
I have been searching for this for a very long time. There are many tutorials to do it with IPN but I can't see where to send the user id as an IPN parameter. I haven't managed to use PayPal APIs since their documentation is totally crap.
Maybe someone can give a link with a complete tutorial for this, or tell me what I understood wrongly?
Thanks
As far as I know, you can add up to 255 bytes of data to field labeled CUSTOM in just about every request to PayPal. PayPal returns this field in its responses and IPN's.
For something like subscriptions, I would recommend you to checkout the recurring payment mechanism offered by PayPal via NVP and SOAP. It is not that easy as just generating a button and placing it on your website but since you already wrote an entire website in PHP, you will not have any problems coding it. Recurring payments should provide everything you need to let your users subscribe and pay a monthly fee, including the ability to track who is who.
How can I verify a paypal donation?
In the user panel I have a donate button. And once someone actually donates I want to do something to him. But I do not know how to check if the user actually donated or just clicked the donate button.
Look in to Paypal's IPN (Instant Payment Notification)
When someone makes a payment or donation to your Paypal account, Paypal will send a post message to your web server with all the payment details. You can then send a message back to Paypal to make sure that the payment was real...
There are even some code examples on paypal's website. Including one for PHP.
Note you have to enable IPN and define the call back URL in your paypal account before you can start using IPN.
It's in the same manual. It may be a bit tougher to do however, as you will need a PHP script that receives the payment info.
Return URL – Let people return to a page on your website if they
click a return link or button on the
PayPal payment confirmation page.
To learn more, see Step 2 of Page 2 – Specifying Advanced Features
of Your Donate Button or HTML
Variables for Displaying PayPal
Checkout Pages.
Auto Return – Have PayPal return people automatically to a page on your
website.
Important: PayPal recommends that you turn Payment Data Transfer on
when you turn Auto Return on. With
Auto Return on, PayPal redirects
people to your website from an
alternative PayPal payment
confirmation page that does not
display a View Printable Receipt link,
so people cannot print PayPal payment
receipts. Payment Data Transfer
provides the transaction information
that you need to let people print
receipts from your website.
To learn more, see Auto Return.
Payment Data Transfer – PayPal includes information about the
completed transaction when you use a
return URL or Auto Return to send
people back to your website. Use the
information that Payment Data Transfer
provides to display a “thank you,
print your receipt” page on your
website.
To learn more, see the Payment Data Transfer page on Developer
Central.
There are two way to check donor made donation:
1) used "notify_url" parameter (safe)
2) used "return" parameter ( unsafe)
Code example:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<!-- Identify your business so that you can collect the payments. -->
<input type="hidden" name="business"
value="donations#kcparkfriends.org">
<input type="hidden" name="bn" value="mbjtechnolabs_SP">
<!-- Specify a Donate button. -->
<input type="hidden" name="cmd" value="_donations">
<!-- Specify details about the contribution -->
<input type="hidden" name="item_name" value="Friends of the Park">
<input type="hidden" name="item_number" value="Fall Cleanup Campaign">
<input type="hidden" name="amount" value="25.00">
<input type="hidden" name="currency_code" value="USD">
<!-- Display the payment button. -->
<input type="image" name="submit" border="0"
src="https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif"
alt="PayPal - The safer, easier way to pay online">
<img alt="" border="0" width="1" height="1"
src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" >
</form>
When some one made donation donor automatically redirect to return url but this option is not safe because may be some one direct open this url.
best way to know donor made donation choose paypal notify_url parameter.
PayPal will send post request to notify_url.