I am trying to (using a sandbox account) sell items using google checkout. I am displaying a form to the user which results in a buy now button
<form method="POST" action="https://sandbox.google.com/checkout/api/checkout/v2/checkoutForm/Merchant/..." accept-charset="utf-8">
<input type="hidden" name="item_name_1" value="Test"/>
<input type="hidden" name="item_description_1" value="An item "/>
<input type="hidden" name="item_quantity_1" value="1"/>
<input type="hidden" name="item_price_1" value="1.50"/>
<input type="hidden" name="item_currency_1" value="GBP"/>
<input type="hidden" name="_charset_"/>
<input type="hidden" name="checkout-flow-support.merchant-checkout-flow-support.continue-shopping-url" value="redirect to this url"/>
<input type="image" name="Google Checkout" alt="Fast checkout through Google" src="http://sandbox.google.com/checkout/buttons/checkout.gif?merchant_id=....&w=180&h=46&style=white&variant=text&loc=en_US" height="46" width="180"/>
</form>
On the google seller account i am setting the url to be called back too. In this instance i am using the php file from the google docs example
// Include Google Checkout PHP Client Library
include ("GlobalAPIFunctions.php");
// Include Response Message Processor
include ("ResponseHandlerAPIFunctions.php");
// Retrieve the XML sent in the HTTP POST request to the ResponseHandler
$xml_response = $HTTP_RAW_POST_DATA;
// Get rid of PHP's magical escaping of quotes
if (get_magic_quotes_gpc()) {
$xml_response = stripslashes($xml_response);
}
// Log the XML received in the HTTP POST request
LogMessage($GLOBALS["logfile"], $xml_response);
/*
* Call the ProcessXmlData function, which is defined in
* ResponseHandlerAPIFunctions.php. The ProcessXmlData will route
* the XML data to the function that handles the particular type
* of XML message contained in the POST request.
*/
ProcessXmlData($xml_response);
The issue is, as soon as i buy an item i get no call back whatsoever. No error message, no nothing so how can i see what is going on? Hopefully someone could help me out
Thanks
Check your Sandbox Integration Console for errors (if any) - just making sure that you are referring to your sandbox account (sandbox and production accounts are distinct)
On the google seller account i am setting the url to be called back too
"too" - just making sure. There is only one place where you set the API Callback URL - and that is in your Account Integration Settings (so there is no "too").
<input type="hidden" name="checkout-flow-support.merchant-checkout-flow-support.continue-shopping-url" value="redirect to this url"/>
Again, just clarifying that you are not referring to the above as the callback api url. The above is the link presented to a buyer after purchase (it's just a link back to your web site). It is not the callback api url.
Related
I implemented a paypal checkout about 3 years ago and it is currently working well. I now want to create a new checkout page for a new set of items. I copied the code from the page that I previously used and updated it for the new items. I set up the new page to use my sandbox for initial testing. The code below is cut from the actual page for display here.
<!DOCTYPE HTML >
<html>
<head>
</head>
<body>
<div>
<form id='paypal_form' action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="add" value="1" />
<input type="hidden" name="business" value="buyer#test.com" />
<input type="hidden" name="item_name" value="non-member RTV Renewal" />
<input type="hidden" name="amount" value="75.00" />
<input type="hidden" name="custom" value="Id=Joe;fixedName=Joe Smith;pw=1234;email=buyer#google.com;expdate=2024-02-14" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="lc" value="US" />
<input type="hidden" name="cancel_return" value="https://www.roundalab.org/Figures_Subscriptions_All/test_renew.htm">
<input type="hidden" name="return" value="https://www.roundalab.org/Figures_Subscriptions_All/success_test.php">
<input type="hidden" name="rm" value="2">
<center>
<div id="add-cart" style="padding:30px;">
<button onClick="document.getElementById('paypal_form').submit();">Click Here To Submit Order To Paypal</button>
</div>
</center>
</form>
</div>
</div>
</body>
</html>
The code works and creates an order in the paypal sandbox. It is then supposed to go the the url in the "return' item, which it does. The problem is that paypal is supposed to return a bunch of data in $_POST. When the return page is displayed, $_POST is empty. I also display $_GET and it contains 1 field which is the payer_id. A couple of questions...
Anyone know why no data in $_POST?
Is there a way that I can get any kind of error message that shows info on why no POST data was sent when going to the url in the return item?
I assume that this method of using paypal is deprecated. Is there a place that I can still get to the docs for using this interface?
The receiving sandbox Business account needs to enable Payment Data Transfer for any data to be returned.
With this sort of HTML-only (no API) PayPal integration that redirects away from your site, a return after a completed transaction is never guaranteed to occur. PayPal may be obligated to show the payer a receipt, or they may never click to return, or their browser may be closed or crash. Therefore, you should not depend on this returned data for absolutely anything of any importance. It is for extra informational purposes only.
If you are trying to do anything important with data returned via _GET/_POST , your integration is flawed.
With such an HTML-only <form> post integration, the only reliable way to receive data is by implementing the IPN service, which is also very old. All of these are poor choices if you need to do anything important with the data being returned.
Instead, use a current PayPal Checkout integration. Follow the Set up standard payments guide and make 2 routes on your server, one for 'Create Order' and one for 'Capture Order', documented here. Both routes should return only JSON data (no HTML or text). Inside the 2nd route, when the capture API is successful you should store its resulting payment details in your database (particularly purchase_units[0].payments.captures[0].id, which is the PayPal transaction ID) and perform any necessary business logic (such as sending confirmation emails or reserving product) immediately before forwarding your return JSON to the frontend caller.
Pair those 2 routes with the frontend approval flow: https://developer.paypal.com/demo/checkout/#/pattern/server
On my order page, I'm using this form:
<input type="hidden" name="item_number" value="<?php echo $refNumber; ?>">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<?php echo $paypal_email; ?>" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="return" value="<?=$_SESSION["web_site_url"]?>/payment_success.php?OrderID=<?=$refNumber;?>" />
input type="hidden" name="amount" id="amount" value="<?=$product_vals["discount_prize"]?>" />
<input type="hidden" name="item_name" id="item_name" value="<?=$product_vals["name"]?>" />
now I want a sample code for my payment_success page from that i came to know whether paypal authenticate the client payment or the client's payment is success of not.. so that i can proceed to next step of gathering information from client.
I have read the Paypal docs but unable to learn useful from them. help me out to solve this problem.Moreover i also want to get the paypal email of client and transaction id / payment_success variable (that is true/false) so that i will help me to identify the payment is succesful or not..
Thanks in advance.
You can use paypal class by Micah Carrick. This is pretty clear class which support notify URL, return URL and success URL. You dont need to use any form or something but just use this class and let this class to do your job.
sample code is:
$p = new paypal_class;
$p->add_field('business', $paypal_email);
$p->add_field('return', $add_fund_url.'/success.php');
$p->add_field('cancel_return', $add_fund_url.'/cancel.php');
$p->add_field('notify_url', $notify_url );
$p->add_field('item_name', $item_name);
$p->add_field('item_number', $item_number);
$p->add_field('custom',$custom_field);
$p->add_field('amount', $amount);
$p->add_field('no_shipping', '1');
$p->submit_paypal_post(); // submit the fields to paypal
If you're gather more data after they pay then you should really using Express Checkout APIs instead of PayPal Standard like you're using now. Even with Auto-Return enabled in your PayPal profile the user still may not make it back to your site (for example, they could simply close their browser before the redirect happens.)
With Express Checkout the user will always end up back on your site even before the final call to finalize the payment, so you could actually gather the additional details from the user even before finalizing the payment if you wanted to.
Check out this guide on Implementing the Simplest Express Checkout Integration. That will get you familiar with how Express Checkout should be setup (ie. the API calls you'll be making).
Then, grab this PayPal PHP SDK and use it to make the API calls. It has everything setup for you so that it would be very quick and easy for you to integrate into your checkout.
Im having a site where I get the payment response sent out by the payment processor.My page is https and whereas my customers page is not.
I post the payment response this way
echo '<html>Redirecting to merchants website..<body>
<form id="myForm" action="'.$response_url.'" method="POST">
<input type="hidden" name="status" value="'.$response['status'].'"/>
<input type="hidden" name="customerReferenceNo" value="'.$data['customerReferenceNo'].'"/>
<input type="hidden" name="amount" value="'.$data['amount'].'"/>
<input type="hidden" name="paymentMode" value="'.$data['paymentMode'].'"/>
<input type="hidden" name="cardProvider" value="'.$data['cardProvider'].'"/>
<input type="hidden" name="orderID" value="'.$orderID.'"/>
<input type="hidden" name="mobileNo" value="'.$mobileNo.'"/>
<input type="hidden" name="email" value="'.$email.'"/>
</form>
<script>document.getElementById("myForm").submit();</script></body></html>';
as an hidden form post.But as Iam posting the values from an https to an http page,its popping up security warning in some browser as:
Although this page is encrypted, the information you have entered is to be sent
over an unencrypted connection and could easily be read by a third party.
Are you sure you want to continue sending this information?
I wonder if this is the correct way to post a response to an external url?Is what Iam doing is right?Is this th exact way I should post a payment response to an external url?
Please help out with some suggestion
As mentioned in the comment above you should definitely take care to post back to a https site. But instead of outputting a hidden form to the browser and posting from there it would be way better to use curl and so sent the data directly from the server to the payment processor.
See curl_exec in php documentation
I want to pass the value for select payment mode and card type.
My code is :
<form method="post" action="http://www.ccavenue.com/shopzone/cc_details.jsp" name="frmTransaction">
<input type="hidden" name="Merchant_Id" value="<?php echo $Merchant_Id;?>">
<input type="hidden" name="Amount" value="<?php echo $Amount;?>">
<input type="hidden" name="Order_Id" value="<?php echo $Order_Id;?>">
<input type="hidden" name="Redirect_Url" value="<?php echo $Redirect_Url;?>">
<input type="hidden" name="Checksum" value="<?php echo $Checksum; ?>">
<input type="hidden" name="Merchant_Param" value="<?php echo $Order_Id; ?>">
<input type="hidden" name="pay_type" value="Debit Card" /> //credit card, netbanking
<input type="hidden" name="nb_bid" value="<?php echo $bank_name;?>" /> //VISA, mastercard
Here, How to pass pay_type and bank type and preselect the value in CCAvenue gateway. I cannot get any resource for this. Thanks in advace.
You want to use cURL. Also, it seems that CC Avenue provides its members with sample PHP code to interact with their web services. I found a manual here that shows where to get sample code from their website on page 12. Using cURL you'll be able to handle the payment before sending it out (adding database records, etc.) and you can obfuscate sensitive data such as your merchant ID.
You'll also probably need to write a second script to handle the response if you're redirecting the user outside of your own site to make the payment (which you might be since you're passing Redirect_Url). All this second script will do is check incoming GET/POST fields that they send you (such as an error code or a confirmation number for the user) and use that to add more info to your database.
I followed the below steps to integrate ccavenue in PHP
Login to ccavenue dashboard.
On the top menu bar navigate to Settings > Api keys. There you can find
merchant_id ,access_code,Working key
Navigate to Resources > Web Integration Kit
Under this screen there is an option to select Testing and Production Environment where you can find the testing and production URL.
Testing URL is not enabled by default you need to ask the support to enable it.
On the same screen there is Download Integration Kits . Click on this and find the Download PHP kit and download the code.
Use the downloaded kit according to your requirments.Also you can find the required parameters on Integration Methods menu as i used the iframe method.
Hope this will help in integrating the payment gateway
I'm using Micha's PayPal IPN script and for the most part it worked great: https://github.com/Quixotix/PHP-PayPal-IPN
When i click Pay now on the website it redirects to paypal with correct information, allows payment to be made, but on return nothing happens, ie it does not upgrade the user as it should. Now i've tested the script my code outside of the IPN and it works perfect so it looks to me like the IPN script is losing the session?
Here is my button code:
<form name="_xclick" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="EMAIL_TO">
<input type="hidden" name="currency_code" value="GBP">
<input type="hidden" name="item_name" value="Text Light">
<input type="hidden" name="amount" value="0.01">
<input type="hidden" name="return" value="http://domain.co.uk/editors">
<input type="hidden" name="notify_url" value="http://domain.co.uk/account/upgrade">
<input type="submit" value="Pay now" class="btn btn-preview" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
So the notify url (IPN code) is /account/upgrade -- as far as i know this is where it should perform the upgrade task? so here is my (stripped down) code
if ($verified) {
$errmsg = '';
// some error checking
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
} else {
// upgrade user
$package = serialize($_SESSION['package']);
$this->db->update('users',array('id' => $_SESSION['user']['id']),array('payment_plan' => $package));
}
} else {
// not verified, investigate problems
}
As above, the code under '// upgrade user' works fine outside, but on return from paypal it's obviously not keeping hold of the session. It's not throwing any errors, it's just not doing anything.
Where have i gone wrong? how can i ensure that session information will be passed back from PayPal.
Thanks
Your question has a short answer: IPN isn't done as the user.
To expand on the answer, here's how IPN works. You make a payment, your visitor returns to your site, and PayPal pings your IPN URL. The important bit is in bold - the request will come from PayPal and not from the user, and will therefore not inherit the user's session!
The reason for this is pretty simple - the IPN URL is supposed to be private, as you could do all sort of silly shenanigans if it wasn't (including creating virtual transactions). For this very reason, the user never sees this address. (Another reason is that not all browsers will follow redirects - and IPN is designed to provide information 100% of the time).
If you would like to do this, you'll need to pass a parameter to the IPN request indicating who the user is. Passing the user ID is a very bad idea - as parameters as modifiable. Instead, generate a transaction ID of some sort containing the info on the user, and pass this. On the IPN call, you'll get this variable back as a custom parameter, which will allow you to fetch stuff from your DB and do whatever you want, knowing who the user was.
Hope this helped.
I saw an answer posted elsewhere that worked for me. For the return_url, I simply removed the "www" part of my web address. So, instead of the retun_url being "https://www.mywebsite.com/ReturnPage.aspx" I changed it to "https://mywebsite.com/ReturnPage.aspx". This seems to keep the session intact.