So I have a paypal shop set up, im using the rest php api. for credit card transactions, the api allows me to make my own form on my site, but if paying with a paypal account, part of the api call redirects a user to the paypal.com site to log in. I understand that for security reasons, paypal doesn't want the user giving their username/password to my site. However, i do not want the user to be redirected away from my site. is there a way to make that auto redirect in a new window, instead of the current window being changed? Ideally, the flow would be pop paypal.com window, complete payment, close window, and now back on my original page.
is this possible?
PayPal has a feature that does exactly that. It is called DigitalGoods. Unfortunately, it is still not available with their REST API.
If you examine their REST API then you'll notice that you are handing over the control of workflow to PayPal and you don't get to open or close windows.
So, no. You cannot do what you are trying to do with the REST API.
After banging my head several times on my desk I gave up on their latest and greatest REST API and went back to their DigitalGoods API. My suggestion is you do the same and save yourself the agony I went through.
BTW, I recommend using a library such as this one. This way you don't have to learn the innards of the Digital Goods API in order to use it.
Related
I'm new here!
I'm trying to let my customers get recuring billing membership on my website based on this tutorial.
The button work, evverything is fine, except one thing. I need to validate that paypal really went successfull, to prevent anyone to go directly on the success page and get free membership. I noticed that it return a token=VALUE data to the success / cancel redirect.
I cannot find any $_POST or any others $_GET than that and I wonder, nor anything that could solve this in the Paypal doc (which changed a lot since last time I used it).
How can I check if the membership really went trought paypal using this token=1RXXXXXXXXH484112Y.
The return of such an integration may never happen. Reliable notification that a subscription has been created can only be done with a separate, server-side integration.
For the old HTML subscription button integration in the tutorial you reference, you can implement the old Instant Payment Notification (IPN) service.
The current solution would be to use a smart subscribe button with server side API calls to create the subscription and activate it -- with this, your server immediately knows it has been activated (because it did so itself and received the response). You can find some details on that solution here: https://stackoverflow.com/a/63908112/2069605
To give you an overview of my platform, I am using Angular.js 1.5 and Laravel 5.1.
I am using the Paypal REST API SDK for PHP. I have followed the instuctions from this Medium article. On my front end Angular side, once I successfully call the first "postPayment" function, I receive the redirect url, which I redirect to. Once the user completes their payment successfully on the paypal side, the return url comes back to my confirmation page where I handle the "getPaymentStatus" function from the Medium article.
I am using a Sandbox account for testing purposes right now, but I am able to successfully complete the transaction when a user logs in on the Paypal side. However, when a user tries to go through as a guest "Debit/Credit card", enters their information, and completes the transaction, I receive this 400 error in the console:
POST sandbox.paypal.com/webapps/xoonboarding/api/onboard/guest 400 (Bad Request)
jquery.min.js:5
On my Paypal profile settings, I have activated the Account Optional in the My Selling Tools->Website Preferences. I have been looking for other instances of this, but I cannot find a solution. I have tried using the test credit cards with various phone numbers, but that does not resolve this issue.
Has anyone dealt with this issue before? I am in the dark and do not know how to handle this.
I would appreciate any help in this. Thanks in advance!
I sell a (very cheap and dynamically generated through PHP) file of data online. For the payment, I use a basic PayPal button.
This has two advantages I want to keep:
PayPal is known, and people are not afraid to proceed to payment, as they are on PayPal website when they pay (they get redirected to my website at the end of the process, and the file automatically downloads).
I don't need any SSL certificate on my website (quite expensive).
This has several drawbacks, I would like to be fixing:
As the file is dynamically generated in PHP, I would like to be choosing the price and the currency dynamically (according to many parameters; currently the price is fixed).
In my JavaScript, there is POST action, with a hidden "return" parameter (the URL customer get redirected to once payment is successful). If you know this URL, you can get the file without paying. This is a big security flaw here in my implementation (even if most of my users won't know how to inspect client code)
I understand I should be using the PHP PayPal API rather than the basic PayPal button. The workflow I imagine is:
a PayPal button on the page when clicked, triggers a server side PHP script.
this PHP script decides of the price, contacts PayPal with the return URL (not available on client side) and redirects the client to this payment page on PayPal.
the client pays in PayPal secure environment and, once payment is successful, gets redirected to my website with a temporary authenticated token (?) so he cannot transfer this URL to someone else and the file download happens.
I am a little lost with the PayPal documentation. Could you confirm my architecture principles and provides me some sample PHP codes in order to achieve all that?
Other questions: I currently have a basic PayPal account. Do I need I business account? Do I need an SSL certificate? Do you know good alternatives to PayPal to do all that? Google? Visa?
I'm putting sagepay into a PHP powered site.
So far I've had no trouble integrating the Form into the site, their docs are great compared to paypal (mutter mutter)
However I noticed in the dev guide for form integration, they say you can't rely on sagepay sending the customer back every time as they could close the browser, or navigate somewhere else etc.
At the same time, I don't want to move everything out of the user's cart and into an order before I know it's been confirmed / payed for - otherwise if they cancel or the transaction fails somehow on sagepay's end, their cart will be wiped out when they come back, making retrying the transaction a pain for the user, and I will have a duff order polluting my database.
So what I want to know is if there is a way to get sagepay to send a request to the site when something happens with a payment, similar to paypal's Instant Payment Notifications?
EDIT:
Or are they only saying it's patchy because they can't garuantee it, but it works enough of the time to practically rely on it?
Sagepay (AKA Protx) form integration redirects the user automatically once the transaction has completed.
For small sites, i advise my clients to always check the sagepay transaction logs (on the sagepay site) before sending out any goods.
You should be logging the order before they go to Sagepay. Then changing it's "status" to paid when they get redirected back to your site. This gives you a bit more of a paper trail to pick up any possible issues.
If you want a more robust solution. Try Sagepay direct integration. It has more requirements and is harder to integrate but on bigger projects (where you can't manually check orders) it's usually required. Mainly because users can stay on-site without having to go off to Sagepay to make payments.
I'm looking for a way to build a web application using paypal payments standard. I'd like the user to get redirected to paypal, then fill out their information, and upon completion, add a value in our database saying that they successfully paid. I haven't found a solution or answer to this.
I found this thread for RoR, but didn't find anything for PHP
Paypal Website Payments Standard with a Ruby/Rails application
You can see instructions for a Payment Data Transfer at PayPal's site. Basically, you post the transaction amount and an ID token to their site, the customer pays on paypal.com, and then they're sent back to a pre-defined URL on your site with the transaction details.
I used the NVP API to do that.