I've been going round in circles looking at Paypal's convoluted API docs trying to work out exactly what I need to be doing.
I have a PHP website that has its own cart already developed, and now I need to integrate Paypal with it.
What I want it to do is allow buying multiple items from multiple sellers and dealing with them all in one transaction, while allowing the oppertunity to adjust postage cost once the buyers address is confirmed.
So far I've gotten a barebones single amount single seller transaction nearly working, using PHP from Paypal's integration wizard, however I'm not having much luck getting that working properly (or understanding what's going on) - I've given up trying to debug that and am currently poking bits of the API on the sandbox to see if I can decipher what I actually need to do.
I'd ideally like to see a good how-to guide from someone who has already done what I'm doing, or a link to some further reading that is less vague and more example-rich than paypal's docs.
I'm sure it's not just me but I have a hard time reading a description of what some code should do compared to reading the code itself.
Any nudges in the right direction are much appreciated
I assume you're using the PayPal NVP / SOAP API?
What you describe seems to be what the PayPal Adaptive Payments API (documentation) tries to accomplish, I've never messed with it personally but I'm pretty sure that's what you are looking for:
Send simple payments to a single recipient.
Make split payments to multiple recipients.
Send chained payments to multiple recipients, one after the other, each of which can take a cut of the payment.
Make parallel payments to multiple recipients at the same time.
Related
I'm using the GTM data layer to populate data through the enhanced ecommerce interface of Analytics. The goal is to provide detailed cost data so I can build a dashboard that shows profitability for my business. It's working great on a transaction basis and I am uploading shipping costs, product costs, discounts, and a host of other transaction data. However, my business also has fixed overhead costs. I want to upload that to analytics once per day so I can see the true profitability on a day by day basis. This requires it to be a server-side request from my PHP server. I am unfamiliar with how to set a custom metric from the server side. Does anyone know how I can send this once-per-day data to analytics from the server side? Would I send it as a pageview event? The variable name would be "fixed overhead". I'm not really sure where to start. Thanks in advance!
Sending data server-side to Google Analytics is entirely possible (and admittedly it is pretty daunting if you've not done it before).
The two best resources to use are the Google Analytics Measurement Protocol documentation and the Google Analytics Hit Builder. Use the parameter guide to prep the custom metric data specifically.
Here is my actual snippet that I use for all of my PHP projects (first ~150 lines or so). I'm certain there are better ways to do it, but at the very least it might help you figure out some of the complexities.
It's a lot of info to soak in, but I hope that gets you headed in the right direction!
Firstly this is my first question so I apologize if it not up to standards.
TL:DR -
I need to be able to get a notification of a Paypal transaction with the amount, and message, if any to an IRC bot. I am thinking about a webpage to take the transaction and notify the bot. I was hoping to use PHP for the webpage and this for the IRC bot: willie.dftba.net - An open source Python IRC Bot.
Long Format -
Context:
I am attempting to create a webpage that will take a Paypal transaction, then send a notification containing the amount and the message the user left(if any) to the IRC Bot.
The reasoning behind using a webpage over having the bot query the Paypal API directly is to avoid spamming Paypal while at the same time reducing the communication to a notification only when an event occurs.
The webpage will likely be running on a hosted webserver that I have little control over. I am familiar with PHP, my Javascript is not so great though.
The IRC bot has not yet been created, I was hoping to utilize willie.dftba.net for the bot, it's Open source and in Python. The bot will be running on a Windows machine most likely. Other options for IRC bots should probably be left to the comments. The bot will be doing other things outside the scope of this question. Though this is a critical function for the bot.
Answers I'm looking for:
What sort of technologies or libraries for the languages I am trying to use can help me achieve this as simply as possible? Please state why.
Suggestions that are within the scope of this question:
Using different technologies, languages, or APIs than I mentioned if it will make the job easier/faster. Please state why.
Why am I asking?
I am asking this question because there seems to many possible technologies or APIs I could utilize but I am not experienced enough to ascertain which route I should head down. I am honestly at a loss right now.
Background on my Knowledge & Experience:
For web technologies, I am familiar with HTML, PHP CSS, & a little Javascript.
For programming languages I have taken a few classes covering basic C++, Visual Basic .NET, and some Java.
I have messed around with Python a little over a decade ago when modding a game.
I have created, or helped to create a dozen or so smaller websites. I have used things like Jquery before but in an extremely limited fashion, my PHP is much stronger than my Javascript.
I have made a few simple command line C++ & Java programs as learning exercises.
I have made many simple VB.NET applications and 3 practical use, but small applications.
Research I have conducted:
I have searched Google, and here for possibilities, and have several links that I have looked through. While I must admit I have not read every single word on every single link, I have read a fair portion and skimmed a lot of the rest. And clicked on many links within the pages I am about to reference here. For the sake of not posting the entire internet, I am only posting the starting links.
After typing this all up, I discovered it will not let me post more than two links so I have had to alter these links.
willie.dftba.net
php.net/manual/en/book.sockets.php
socket.io
www.npmjs.com/package/socket.io
stackoverflow.com/questions/6398887/using-php-with-socket-io
www.htmlgoodies.com/html5/other/create-a-bi-directional-connection-to-a-php-server-using-html5-websockets.html#fbid=XmAMX7ESMm7
stackoverflow.com/questions/14418950/broadcast-notification-to-multiple-users-at-the-same-time-php-mysql-ajax
cometdaily.com/maturity.html
stackoverflow.com/questions/12284565/how-to-communicate-between-a-php-and-a-c-application-through-a-socket
davidwalsh.name/nodejs-irc
sourceforge.net/projects/phpsmartirc/
Final Thoughts:
Thank for reading this question and devoting some of your time and energy to this question, it is highly appreciated! I really hope I have been thorough & specific enough.
You've been pretty broad with your questions, so I'll be broad with my answer.
I would recommend sticking with PHP and setting up an Instant Payment Notification (IPN) solution for your PayPal account.
That will send POST data about any transaction that hits in your PayPal account in real-time. You can use it to automate tasks based on payments, refunds, disputes, cleared payments when they're pending, etc.
There are lots of good IPN packages for PHP available on GitHub/Packagist. If you happen to be working with WordPress, take a look at my PayPal IPN for WordPress plugin, and on that note, if you are using WordPress I'll assume you're using WooCommerce, so I'd also take a look at my PayPal for WooCommerce plugin.
For API calls, I would recommend taking a look at my class library for PayPal. It will make any API call you need to make with PayPal very quick and easy, and it is also available on GitHub and Packagist.
Those tools should give you everything you need to get any PayPal task you need done.
I am creating an ecommerce site that uses the payment gateway DPS. The payment gateway just takes a users details and returns whether the payment was successful or not.
I am just wondering if anyone has any good resources for how to make a really robust payments page that can handle large volumes of transactions safely. Are there well tested techniques and strategies for high volume payments pages?
You'll want to design your code in such a way as took keep your data in a valid state.
The big liability you face is that you send data off for Auth/Capture, and then, for whatever reason, something on your end fails. You've charged your customer, but for whatever reason, you don't know this fact! Eventually, some irate customer is going to start shouting at you over the phone. That's a bad time.
The general idea is to put some safeguards in place so you can identify these kinds of problems. The problem should be very rare, if it even ever happens, so fixing the mess will probably be a manual process.
Here's what I would do:
Design a database table that tracks payments (let's call it "payment"), and relate it to your "order" table (so payment.order_id references order.id).
When it's time to interact with your gateway, set up a new payment record, containing any non-sensitive data you're about to pass to the payment gateway. Have a "status" column in your payment table, and set it to "pending"
Attempt the auth/capture transaction with your gateway. Upon receiving a response, update the payment record status to "approved", "declined", or "error" and save any relevant metadata (decline reasons, transaction ID, etc). If the gateway times out, that's probably just a kind of "error", though you might retry once or twice.
Run a cron job every now and then looking for payment records that are "pending", and older than, say, 30 seconds. If you find any, panic and tell a developer/operations person.
There are certainly other things that could go wrong, but this is the big one that comes to mind, and the strategy I've described is one I've used on multiple occasions to mitigate the risk.
I'm not an expert on payment processing and developing ecommerce applications, but some of my (commonsense) guidelines are:
Force HTTPS for the submission of CC information from users (pretty much all payment processing gateways force the use of SSL when communicating with their gateway);
Do not store Credit Card information in the database after processing;*
Follow general security guidelines (e.g. don't save plain-text passwords or e-mail passwords);
*Note:
PCI does allow for the storage of credit card details after processing, but you need PCI-compliant hosting, which is usually quite expensive. And even then you're running a huge risk. So if you decide to give your customers that option (and I know it's very tempting since big sites like Amazon all offer "one-click" checkout), you better make sure your application and server are locked down tight.
I don't know much about scalability issues with payment processing as I have no experience in that area. All of my applications only process about 5-25 orders a day.
Use SagePay (formerly Protx) it supports PayPal and allows you to take card payments. It also integrates into the Sage Suite (an accoutants dream) it can automate a lot of time consuming data entry.
www.sagepay.com
As others are saying - Sometimes for smaller sites it's not worth taking the risk of storing cards yourself. I prefer paying on websites where I'm redirected to a well known payment service (such as paypal, sagepay or google checkout) as i know that a lot of money is spent on securing this software. If you're a website that i'm using for the first time, well I'm going to be put off.
I am working on an apartment CRM of sorts and I would like to allow renters to be able to pay bills online. My issue is that I don't know how you would implement a system that would work in this case. I would both need to accept payment from landlords/owners for providing a service to them and also allow them to collect rent from their renters(users). Any tips on setting up something like this? For the accepting payments from landlords/owners part, that is pretty straightforward as I would just need to integrate some payment gateway but the other part has me stumped.
For security and accountability reasons I don't want to be responsible for moving funds myself from the rents collected to each individual owner. I would like to keep each payment relationship (landlords and renters) separate if that makes any sense.
In case it matters, I am using the PHP framework CodeIgniter for this.
Here's the challenge...when you're talking about removing yourself from the money moving game, I believe you're talking about multiple merchant accounts. Now I'm sure that there's some sort of discount out there for running multiple accounts, but generally the merchants aren't your friend unless you're doing some serious traffic--the last merchant account I worked on did about $1million USD/year and we still didn't feel like we were very high on the totem pole with customer service or negotiating position for merchant fees. You'll be talking about $30/month (give or take) plus a percentage of the transaction as the cost to operate the merchant account.
Fees add up in a hurry. Not a problem if you're doing volume, but if you're only talking 25 renters and then only a portion of them use the service, you may get hit harder that you can justify with them spread amongst multiple sites.
Consider some already done options out there:
https://www.erentpayment.com/Default.aspx
http://www.landlord.com/rent_collection_online.htm
http://www.rentmatic.com/
Obviously, I don't know the specifics of your situation, so these may not be a great option. Regardless, it never hurts to explore alternatives if only to learn what UI patterns they used to achieve the goal you're shooting for.
You'll have to set up some sort of payment gateway account for each owner. You can save their settings for the gateway in your database.
I was given the task of creating a registration page for an upcoming church retreat. Design-wise, it will consist of fields for name, sex, phone number, email, and grade. We need a way for the end user to put their credit/debit card info and have it charge them for the retreat.
After some searching I found that Braintree offers a good service (37 signals likes them). The down side is that I have no clue on how to implement this sort of system into my site. So we are going to apply for a merchant account using their service. I also found documentation on how to implement it with PHP.
My question is, do I have to do anything else? I've always heard of https but I don't know if that's something I should implement. What security measures should I put in place? Should credit card numbers be stored in a database as plain text or encrypted? Has anyone used Braintree and can let me know what to expect after getting a merchant account?
Edit: I was looking through the PHP documentation code and was lost at this:
Braintree_Configuration::environment('sandbox');
Braintree_Configuration::merchantId('your_merchant_id');
Braintree_Configuration::publicKey('your_public_key');
Braintree_Configuration::privateKey('your_private_key');
I'm guessing the environment is set to sandbox for testing but is a merchantId provided to you after you make an account? Also, I have no idea what a public or private key is.
Hire someone with ecommerce experience to do this. If you don't know what https is then you shouldn't be handling sensitive information like credit card numbers or processing payments. The implications of a poor implementation are huge and lives can literally be ruined from it.
Do not store the credit card information in a database. This is a bad idea for numerous reasons listed many places on the Interwebs. PCI Compliance being the most commonly cited one. It is a really, really, really bad idea.
Https, by the way, is the secure version of the http protocol and allows for http traffic to be encrypted between clients (usually a browser and server but not always). It is implemented by the installation of an SSL certificate.
Your best bet is to use a merchant account and a payment gateway service like Authorize.Net's SIM API which handles the order form for you. That way you hand the handling of sensitive data to them.
You may want to read Merchant Accounts 101 and Ecommerce 101 before proceeding. Disclaimer, I wrote those articles.
You should not and cannot store any credit card information in your database. Mostly any payments service like Braintree will handle entering sensitive data, HTTPS and all other things. All you need to do is to give correct request to payment gateway and process answer.
A second reason to consider a site such as Google Checkout, Amazon, or Paypal is because the big merchants charge a set fee by the month plus transaction fee. If this is a one-time deal, the registration fees aren't that significant, or you don't plan to use it year-round, it's likely not worth going this route, even with a professional doing the work. I do a lot of work with quite a few smaller non-profits and the only way they can afford to do merchant accounts is via grouping of resources...but that brings up several tricky accounting questions.
Even easier than doing all the work yourself, consider a simple online registration site such as Active.com (or many multiples of others out there--I'd bet there's even one specifically for church groups) Their business is online event registration, and they do this for hundreds of smaller parks and rec type registrations, so they certainly would have the capability to do something like this. Trust me, having built several registration systems, there's nothing worse than the first bug popping up that makes 50 registrants show up unregistered or charging someone 4 times.
Unless there's some good reason for you to roll your own, use a third-party service to handle registrations for you. Among the others mentioned, some of my friends who put on shows and improptu classes use eventbrite.com and brownpapertickets.com
Both will tack on a small service fee