I have been using paypal in the past for selling stuff through my website ( e.g. memberships ) but I always had to verify through paypal whether the user really bought the membership (for example) before I could assign it to his/her account. Now I was wondering if there's a way that I can put a paypal purchase button onto my webpage to ( for example ) purchase a membership and then once the user paid, he'll automaticly be assigned the membership on my website ( e.g. there's a page purchase_result.php which assigns the membership, but ONLY if the user really bought it through paypal ). How can I make sure the user actually bought the item through paypal on the return page on my website?
Thanks in advance,
Skyfe.
btw, I hope my question can be understood
You would PayPal Instant Payment Notifications to receive a server-to-server notification from PayPal which you can subsequently verify and use to update your database.
IPN works as follows:
You create the PayPal and incude a "notify_url". The value for this parameter will be the full URL to a script on your server, called the 'IPN script' or 'IPN handler'.
You can specify an IPN handler as follows for Website Payments Standard
<input type="hidden" name="notify_url" value="http://blah.com/ipn.php
For Express Checkout or Website Payments Pro, simply include the following in your SetExpressCheckout/DoExpressCheckoutPayment or DoDirectPayment API call respectively.
NOTIFYURL=http://blah.com/ipn.php
A buyer completes a transaction via PayPal
Once the buyer completes the transaction, he/she may close the browser, or return to your website
Once the transaction is accepted and processed by PayPal, PayPal will send out a notification to http://blah.com/ipn.php
You need to take all POST data that was sent to this script, and POST it back to https://www.paypal.com/cgi-bin/webscr?cmd=_notify-validate
If the data you send back matches the data PayPal sent you, a 'VERIFIED' response is returned.
If the response is VERIFIED, it's at this point that you would look up the matching transaction/buyer on your end, and update your database appropriately.
Some sample code and documentation for PayPal IPN is available at https://www.paypal.com/ipn/
In addition, some tips on making a secure IPN script are available at https://www.x.com/developers/community/blogs/ppmtsrobertg/securing-your-instant-payment-notification-ipn-script
Note: If you want to include any custom data along with the transaction which you can read out later, use 'custom'.
<input type="hidden" name="custom" value="xxxxx">
This will also be returned in the IPN POST data sent from PayPal.
Related
My sent data to paypal is
"https://www.paypal.com/cgi-bin/webscr/cmd=_cart&upload=1&business=seller.email#something.com¤cy_code=USD&bn=BusinessName&return=http://www.sellersite.com&item_number_1=55&item_name_1=battery&amount_1=55&quantity_1=2&item_number_2=52&item_name_2=bat&amount_2=5&quantity_2=3"
And I want to show those sent data(item number, item name,amount,quantity) and the paypal transaction id to the buyer on "http://www.sellersite.com" after successful payment. (Suppose, the seller has the merchant account with paypal and he would enter that paypal id into database from admin section of the website. So,I would not think about his paypal account settings, my job is just to create the environment for paypal payment for the seller.)
If I write a script like
$T_ID=$_REQUEST['tx']; // or $T_ID=$_GET['tx']; **ref(tx):- "https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_html_paymentdatatransfer"
$item=$_REQUEST['item_number_1']; // or $item=$_GET['item_number_1'];
Then would I get those data from paypal ?
Please tell me.
-Thanks.
It's not going to be quite that simple. You'll need to setup Payment Data Transfer (PDT) in order to get details sent back to your return URL after the buyer completes the payment.
This is useful if you're simply going to display details back to the user, but it's not recommended for updating your own database, sending out email notifications, etc. because there is no guarantee this page will ever be reached so the code won't always run.
For that sort of thing you'll want to use Instant Payment Notification (IPN). This works very similar to PDT except that it will always POST data to your IPN listener on your server regardless of whether or not the user makes it back to your return URL, and it happens outside of your checkout system all together.
I'm using an HTML PayPal button together with IPN to achieve a direct payment on my PHP website. The IPN URL is correctly pinged but I need a way to identify the transaction, because I need to update it on my local database during the IPN call.
So my question is : is there a simple way to send a token / identifier from the HTML button and get it back on the IPN call, so that I retrieve the transaction?
If no, I guess I'll have to use the API but the code samples I found on the PayPal website confused me. I need the payment to offer both Paypal / Credit Card options to the user once he lands on the PayPal payment page. This is what they call a "Direct Payment" but is there any clear Direct Payment code samples I can use somewhere?
Thanks!
I used the simple form to redirect customers to paypal. In this form i have a hidden input <input type="hidden" name="invoice" value="myCustomInvoiceId" />.
After the customer finished his payment, paypal will do the IPN call including invoice=myCustomInvoiceId. So yes. There are plenty of variables more that paypal can include in their IPN call. See this link for further reading.
if i remember correctly, you can chose which variables to include in the IPN call in your merchant paypal account.
I have seen and know how to use IPN for paypal payments but I am having a small issue. With IPN you need to enter an IPN address to your PayPal File so it knows you got sent the payment (Instant Activation of Product). If I have multiple sites, I can't do this as It only allows one.
I have seen the WHMCS system manage to do this using Website Payments Standard (Does not require any IPN Settings) where the user's invoice is marked as paid after the payment is sent. The user does not need to be redirected to another page and as a seller, the only info you need to put in is your paypal email for things to start working.
Does anyone know how this works and where to learn this?
Thank you for your help
You can specify a per-transaction IPN URL by passing in notify_url along with the other data in the form.
E.g. <input type="hidden" name="notify_url" value="http://....">
This will override whatever you have set up within your PayPal Profile.
I have an option on my phpBB forum to add a Paypal Buy Now button to enable users to sell and purchase items. I would like to have the ability to automatically close a topic once a user makes a purchase through paypal to avoid multiple users from purchasing the same item.
Is it possible to get the user's session data from paypal once they make a transaction? Then incorperate session data into a variable like:
$paypal = (isset($_POST['purchased'])) ? true : false;
Not sure if I need to download the Paypal SDK for this or not.
Any suggestions would be great, thanks.
Is it possible to get the user's session data from paypal once they
make a transaction?
You really want to trust the user's session data? I am sure you can read the session data, you don't want to do that, would be trivial task to alter it. Even if you can you really shouldn't read the session data for another website.
Not sure if I need to download the Paypal SDK for this or not.
This would be the correct way to do it.
When I last used it, Paypal Standard allowed you to specify a return URL (where to send the user) for failures and for successes. Dynamically generate some secret hashes to facilitate when the user is finally redirected.
Or you can use IPN.
Don't rely on the return URL. Buyers can (and will) close their browser / tab after completing a payment.
Instead, use PayPal Instant Payment Notifications to receive a server-to-server notification from PayPal which you can subsequently verify and use to update your database with the appropriate flag for a phpBB closed thread.
IPN works as follows:
You create the PayPal and incude a "notify_url". The value for this parameter will be the full URL to a script on your server, called the 'IPN script' or 'IPN handler'.
You can specify an IPN handler as follows for Website Payments Standard
<input type="hidden" name="notify_url" value="http://blah.com/ipn.php
For Express Checkout or Website Payments Pro, simply include the following in your SetExpressCheckout/DoExpressCheckoutPayment or DoDirectPayment API call respectively.
NOTIFYURL=http://blah.com/ipn.php
A buyer completes a transaction via PayPal
Once the buyer completes the transaction, he/she may close the browser, or return to your website
Once the transaction is accepted and processed by PayPal, PayPal will send out a notification to http://blah.com/ipn.php
You need to take all POST data that was sent to this script, and POST it back to https://www.paypal.com/cgi-bin/webscr?cmd=_notify-validate
If the data you send back matches the data PayPal sent you, a 'VERIFIED' response is returned.
If the response is VERIFIED, it's at this point that you would look up the matching transaction/buyer on your end, and update the phpBB thread status appropriately.
Some sample code and documentation for PayPal IPN is available at https://www.paypal.com/ipn/
In addition, some tips on making a secure IPN script are available at https://www.x.com/developers/community/blogs/ppmtsrobertg/securing-your-instant-payment-notification-ipn-script
Note: If you want to include any custom data along with the transaction which you can read out later, use 'custom'.
<input type="hidden" name="custom" value="xxxxx">
This will also be returned in the IPN POST data sent from PayPal.
I'm developing a website with PHP and MySQL. How can I make it so that if you click the Paypal button and pay successfully it will change a string in the database from "Personal" to "Professional"?
Assuming you're talking about PayPal Website Payments Standard (if you're not paying a monthly fee, you are), then you need to use Instant Payment Notification. You can either enable it account-wide from the profile tab of your account, or per payment button/link by setting the notify_url parameter.
PayPal will send an HTTP POST to your notify URL when a payment is completed. Your script at that URL should verify that the POST is authentic, then update the appropriate row in the database now that you know it's paid for.