I have a website with account system. I am selling some services. I am using a paypal dynamic subscription button for selling. My question is how do I know, when the IPN is sent back from paypal, what user made the payment? I have a working script that sends the payment info to paypal and another script that receives the info back from paypal and inserts it into the database, but I don't know how to know what user sent the payment. I am looking for an idea on how to accomplish this.
Send button:
<form name="_xclick" action="https://www.sandbox.paypal.com/cgi-bin/webscr method="post">
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<input type="hidden" name="business" value="user#example.com">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="no_shipping" value="1">
<input type="image" src="http://www.paypal.com/en_US/i/btn/btn_subscribe_LG.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<input type="hidden" name="a3" value="<?php echo $pay_value; ?>">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
</form>
ipn script:
<?php
// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');
// intantiate the IPN listener
include('include/ipnlistener.php');
include('include/conn.php');
$listener = new IpnListener();
// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = true;
// try to process the IPN POST
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage());
exit(0);
}
if ($verified) {
$errmsg = ''; // stores errors from fraud checks
// Make sure the payment status is "Completed"
if ($_POST['payment_status'] != 'Completed') {
}
exit(0);
}
if ($_POST['txn_type'] == 'subscr_eot') {
$link = mysql_connect($conn_host,$conn_user,$conn_pass) or die('Connection to mysql failed!');
mysql_select_db($conn_db,$link) or die('Connection to database failed!');
$sql = mysql_query("UPDATE user_data SET paid='0.00' WHERE uid='$userID'");
mysql_close($link);
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
$body = "IPN failed fraud checks: \n$errmsg\n\n";
$body .= $listener->getTextReport();
mail('user#example.com', 'IPN Fraud Warning', $body);
} else {
$link = mysql_connect($conn_host,$conn_user,$conn_pass) or die('Connection to mysql failed!');
mysql_select_db($conn_db,$link) or die('Connection to database failed!');
$sql = mysql_query("UPDATE user_data SET paid='$paid' WHERE uid='$userID'");
mysql_close($link);
}
} else {
// manually investigate the invalid IPN
mail('user#example.com', $listener->getTextReport());
}
?>
You can send the encrypted user id in the form as custom variable
<input type="hidden" name="custom" value="put user id here " />
The IPN will send you this custom code back, so that you can update your database.
you will get the value using $_POST['custom'] in your IPN validation page.
Please find the complete set of variables below.
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<input type="hidden" name="business" value="nora#paypal.com">
<input type="hidden" name="item_name" value="Baseball Hat Monthly">
<input type="hidden" name="item_number" value="123">
<input type="hidden" name="image_url" value="https://www.yoursite.com/logo.gif">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="http://www.yoursite.com/thankyou.htm">
<input type="hidden" name="cancel_return" value="http://www.yoursite.com/cancel.htm">
<input type="hidden" name="a1" value="0">
<input type="hidden" name="p1" value="1">
<input type="hidden" name="t1" value="W">
<input type="hidden" name="a2" value="5.00">
<input type="hidden" name="p2" value="2">
<input type="hidden" name="t2" value="M">
<input type="hidden" name="a3" value="50.00">
<input type="hidden" name=”p3" value="1">
<input type="hidden" name="t3" value="Y">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<input type="hidden" name="srt" value="5">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="custom" value="customcode">
<input type="hidden" name="invoice" value="invoicenumber">
<input type="hidden" name="usr_manage" value="1">
<input type="image" src="http://images.paypal.com/images/x-click-but01.gif" border="0" name="submit" alt="Make payments with PayPal - it’s fast, free and secure!">
I hope this helps.
Thanks.
Related
I have using paypal in my desktop website and it worked. Below is my code:
<?php
......
echo '<form name="form1" action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post"><div>
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="charset" value="UTF-8">
<input type="hidden" name="cancel_return" value="'.$host.'/my-order-history">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="return" value="'.$host.'/payment-done?nid='.$node->nid.'&order='.date("YmdHis",$time).'">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="currency_code" value="HKD">
<input type="hidden" name="handling_cart" value="0.00">
<input type="hidden" name="invoice" value="'.date("YmdHis",$time).'">
<input type="hidden" name="tax_cart" value="0.00">
<input type="hidden" name="business" value="'.$paypal.'">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="amount" value="'.$total_amount.'">
<input type="hidden" name="item_name" value="'.$company_name."-".date("YmdHis",$time).'">
<input id="go_pay" type="submit" name="next" value="confirm" />
</form>';
......
?>
and in payment-done page, I can get the txn_id with $_POST["txn_id"]. But When I use above code in my mobile website, I can pay with paypal by I can't get the txn_id in payment-done page. What can I do to change the code to work in mobile site?
Thank you.
Paypal says the txn_id value is:
The merchant's original transaction identification number for the payment from the buyer, against which the case was registered.
So this seems to imply that if you are not getting a txn_id value back from your transaction, then you're not supplying one to Paypal to use. So this means that you're loosing some data placement in your display flow for transitioning between desktop and mobile display of your website.
I'm actually stuck, sending a form post request to multiple action receiver.
What am I trying to do?
I'm trying to send an post request to my database and to paypal at the same time using one button.
After the user submitted the form, I want my PHP script to post those informations to the database before redirecting to paypal. To work with those sent informations.
My actual code:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="item_name" id="item_name" value="Helpful.ninja coins"/>
<input type="hidden" name="business" value="pr0bpayment#gmail.com">
<input type="hidden" name="return" value="http://helpful.ninja/?username=payment_complete=1">
<input type="hidden" name="image_url" value="http://helpful.ninja/assets/images/logo_dark.png">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="amount" class="amountToPay" value="">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<button type="submit" name="submit" alt="PayPal - The safer, easier way to pay online!" class="btn bg-danger-400">Purchase now <i class="icon-paypal position-right"></i></button>
</form>
<?php
require_once('../handling/database.php');
require_once('../handling/user.class.php');
require_once('../handling/purchase.class.php');
require_once('../handling/config.php');
$user = new user($_SESSION['Username']);
$config = new config();
if(!empty($_POST)){
$purchase = new purchase($user->username, $user->coins, $_POST['coinValue'], $config->coin_price);
$purchase->insert_purchase($user->username, $user->email, $_SERVER['REMOTE_ADDR'], $purchase->ordernumber, $purchase->purchase_amount, $purchase->price);
}
?>
<script type="text/javascript">
$(".coinValue").bind("change paste keyup", function() {
$(".amountToPay").val($(this).val() * <?php echo $config->coin_price; ?>);
});
</script>
So I'm trying to post the following code:
if(!empty($_POST)){
$purchase = new purchase($user->username, $user->coins, $_POST['coinValue'], $config->coin_price);
$purchase->insert_purchase($user->username, $user->email, $_SERVER['REMOTE_ADDR'], $purchase->ordernumber, $purchase->purchase_amount, $purchase->price);
}
to the databse before the user gets redirected to paypal.
Does anyone have an idea how to manage this?
The best option is probably to use one of the other PayPal apis that is designed for this type of thing, but sticking with the simple paypal button api, you can use the fact that the paypal api endpoint will accept the parameters in a get request as well as a post.
So you can post the form to your php handler then perform a header redirect to paypal with the data:
<?php
//php must be at top of file, before ANY output, in order to use header redirect
require_once('../handling/database.php');
require_once('../handling/user.class.php');
require_once('../handling/purchase.class.php');
require_once('../handling/config.php');
$user = new user($_SESSION['Username']);
$config = new config();
if(!empty($_POST)){
$purchase = new purchase($user->username, $user->coins, $_POST['coinValue'], $config->coin_price);
$purchase->insert_purchase($user->username, $user->email, $_SERVER['REMOTE_ADDR'], $purchase->ordernumber, $purchase->purchase_amount, $purchase->price);
//redirect to paypal
header('Location: https://www.paypal.com/cgi-bin/webscr?' . http_build_query($_POST));
die();
}
?>
<!-- post form to itsself, not paypal-->
<form action="" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="item_name" id="item_name" value="Helpful.ninja coins"/>
<input type="hidden" name="business" value="pr0bpayment#gmail.com">
<input type="hidden" name="return" value="http://helpful.ninja/?username=payment_complete=1">
<input type="hidden" name="image_url" value="http://helpful.ninja/assets/images/logo_dark.png">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="amount" class="amountToPay" value="">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<button type="submit" name="submit" alt="PayPal - The safer, easier way to pay online!" class="btn bg-danger-400">Purchase now <i class="icon-paypal position-right"></i></button>
</form>
I have this button:
<button name="pay">BUY FOR 0.50$</button>
when clicked it inserts a payment with $0 paid, the buyer IP and an account detail into DB:
$connect->query("INSERT INTO payments(ip,payed,acc,showed) VALUES('$ip','$payed', '$s', '$h')");
echo '
<form action="https://www.paypal.com/cgi-bin/webscr" id="formsend" method="post" target="_top">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value='.$paypal.'>
<input type="hidden" name="lc" value="US">
<input type="hidden" name="item_name" value="LOL ACC">
<input type="hidden" name="amount" value="0.50">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="custom" value="<?=$ip;?>">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="0">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynowCC_LG.gif:NonHostedGuest">
<input type="submit" name="sub" class="sub" />
</form>
';
?>
<script type="text/javascript">
document.getElementById('formsend').submit(); // SUBMIT FORM
</script>
After that it automatically clicks a new form to go to payment, if Paypal works fine. But then on the IPN the variable custom is not passing the IP address.
This is inside the IPN verified part:
require_once("config/config.php");
$connect = new mysqli($server['database']['host'],$server['database']['username'],$server['database']['password'],$server['database']['db']);
// PAYMENT VALIDATED & VERIFIED!
$ip = $_POST['custom'];
$check = $connect->query("SELECT * FROM payments WHERE ip='$ip' AND payed = 0");
if($check->num_rows){
$connect->query("UPDATE payments SET payed = 1 WHERE ip = '$ip'");
}
I also tried for it to insert a random string, but that doesn't seem to work either. What am I doing wrong?
Since you have the <?php and ?> inside single quotes, it will not be parsed. In order to do this, you should use the string concatenation operators, like so:
echo '<form...>
<input type="hidden" name="custom" value="' . $ip . '">
</form>';
I am using paypal sandbox account, I have buy now button.
My form is here : index.php
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="xxxxxx#gmail.com">
<input type="hidden" name="return" value="http://xxxx.net/success.php">
<input type="hidden" name="cancel_return" value="http://xxxxx.net/cancel.php">
<input type="hidden" name="notify_url" value="http://xxx.net/ipn.php">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="item_name" value="Bike">
<input type="hidden" name="amount" value="12.99">
<input type="hidden" name="a3" value="5.00">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="invoice" value="ADDEdEd3dd3">
<input type="image" src="https://www.sandbox.paypal.com/en_US/i/btn/btn_buynow_SM.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
Here is my success.php
<?php
$con = mysql_connect("host","user","pass");
mysql_select_db("db");
if($con == null) {
echo "Not any connection..";
} else {
$re = mysql_query("insert into test(value) values('inserted')");
if($re != 0) {
echo "Data inserted..";
} else {
echo "Error while adding data..";
}
}
?>
I have enable IPN notificatin setting and url, also i have enabled auto redirect url, all the things working fine. but IPN notification is not working.
Any idea, i am just trying to ping this page.
Try the IPN Simulator here https://developer.paypal.com/webapps/developer/applications/ipn_simulator and see if it can send the IPN message or not. IF it fails - it would show you the reason.
I have integrated paypal with my website and but it does take the payment but it doesnot send any IPN to my php file which should update my databse....
there is the code I have been using:
to call
session_start();
if($mode=='live')
{
$url=" https://www.paypal.com/cgi-bin/webscr";
$email="nnnnnnn_singh#live.com";
$_SESSION['url']=$url;
$_SESSION['email']=$email;
$_SESSION['subtotal']=$subtotal;
}
else if($mode=='sandbox')
{
$url= "https://www.sandbox.paypal.com/cgi-bin/webscr";
$email="nnnnnnn_1329707350_biz#gmail.com";
$_SESSION['url']=$url;
$_SESSION['email']=$email;
$_SESSION['subtotal']=$subtotal;
}
?>
<form action="<?php echo $url; ?>" method="post">
<input type="hidden" name="cmd" value="_xclick"/>
<input type="hidden" name="business" value="<?php echo $email; ?>"/>
<input type="hidden" name="item_name" value="shopping cart"/>
<input type="hidden" name="currency_code" value="GBP"/>
<input type="hidden" name="amount" value="<?php echo $subtotal;?>"/>
<input type="hidden" name="return" value="<?php echo SITE_URL; ?>"/>
<input type="hidden" name="cancel_return" value="<?php echo SITE_URL."/shoppingCart.php" ?>"/>
<input type="hidden" name="notify_url" value="php url" />
<input type="hidden" name="rm" value="2"/>
<input type="hidden" name="custom" value="<?php echo $customer_ID;?>"/>
<input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but01.gif" name="submit" alt="Make payments with PayPal - it's fast, free and secure!"/>
</form>
and php code
from php IPN sample code.....
Try:
1. login in your paypal account
2. go to profile --> History --> IPN history --> turn on my IPN
3. insert your IPN listener URL.
What's the value of:
<input type="hidden" name="notify_url" value="php url" />
This shouldn't be on localhost, since PayPal sends POST data from its servers to that URL. So localhost won't work.