I'm currently building a simple ecommerce site for a client that will use solely Paypal to take payments. I want to display orders in the CMS I'm building for them, but only transactions that are made on the site I'm building.
I have achieved this so far by using the Paypal IPN to add transactions from the site into a database table (just the transaction id) and then borrowing heavily from the TransactionSearch.php file that Paypal supply with the API.
My concern is that at the moment, I'm fetching every transaction from the account (even ones not attributed to this site) and then filtering them by matching them against an array and only displaying the ones that are stored in the DB. It would be better if I could send the array I have through to Paypal and just receive those transactions - does any body know if that is possible?
The system works as is but I would prefer to make it more efficient if possible.
Thanks
I'd say a foreach with the GetTransactionDetails API should do the trick?
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_r_GetTransactionDetails
Related
I have a website coded in PHP that uses paypal buttons/IPN for subscriptions.
The method is limited and I need to replace it with the REST-API.
What the system needs to do:
Accept new user recurring-payment subscriptions
Be able to change plan pricing for new users
Be able to change plan pricing for existing users
Change subscription plans mid-subscription(If a user upgrades from pro to master the price goes up, and the opposite way it goes down).
The price difference between packages is 5$
Give periodic discounts for a limited amount of months.
The questions:
1.) What is the equivalent of recurring-payments in the PHP-API or REST-API? (I'd rather it auto-charges and notifies my IPN if possible)
2.) How can I automatically refund/charge an additional amount when the user upgrades/downgrades in the middle of a month?
3.) Is there a standalone PHP control-panel that can connect to the paypal API to manage the subscription packages + sales?
Thanks in advance!
If you are looking to use REST APIs, the best place to start is going to be at the REST API docs. For your situation, you can use the vault to set up a recurring payment system. You could also use the future payments API, but you will need to make sure you buy DPRP for your account. Contact PayPal Customer Support to enable DPRP.
With the Vault API, you can just create one time payments over and over with the token you get when storing a credit card.
There is an in-depth walkthrough using the SDK on the PayPal PHP SDK Wiki.
To do refunds, you can use the Refund REST API. All this assuming that you would be writing scripts to detect your user downgrading/upgrading. You would just need to store the amount they are paying each month in your DB.
There are some shopping carts out there that are implementing REST APIs. You might need to google search for something like that.
Hope that helps and gets you started in the right direction!
I'm trying to pull in orders from paypal into my database. When I say orders, I mean orders from paypal buttons we have in various places.
I've dove into the REST API, but I don't see any API for searching for / listing transactions. I see a list of payment Resources, but that comes back with count 0.
I also see Sale Transactions in the API but that asks for a single transaction ID.
Is there a way I can periodically get transactions? I know this is possible because we use a tool called Shipstation that grabs new orders from Paypal and brings them into their system.
Thanks!
You can use REST APIs to do what you are wanting to do. You can use
GetPaymentList to do this. This is sample code from the PayPal Github PHP homepage. You will need to install and use the PayPal PHP SDK.
I use payment via paypal and I need the customer to enter secure payment information on my webpage.
After reading tutorials, I need to set action to paypal => "https://www.paypal.com/cgi-bin/webscr" and the customer to complete their data on paypal website.
Is it possible to have customers enter card data on my own website? Can you offer any advice or manuals on how to implement this?
Thanks. Sorry for my English
Is it possible to have customers enter card data on my own website?
Yes it's possible. Is it advisable? Not if you don't have to.
If you are passing the user to PayPal to complete payment, there is absolutely no reason for you to collect the CC data on your own website. All you do is add to the customer's risk as well as your own (since there are certain legal ramifications if you screw something up).
If what you are asking is how can you do the entire process on your own site, then that's a different answer and a pretty involved one. PayPal has options for this with different plans and each of those options has plenty of documentation on how to setup and configure the process.
As #butlerblog mentioned, there are different levels of integration for ecommerce. If you truly want to stay away from paypal but are considering your other options for third party integration, you can check this site to start getting an idea of how involved with ecommerce you want to get.
Imagine a site like istockphoto or envato where the user can only purchase digital credits...
How would one implement this in the cleanest, easiest way using paypal's API's? The docs there are a bit confusing to navigate...
Aside from that general "best-practices" question, my guess was to start with the Integration Wizard at https://devtools-paypal.com/integrationwizard/ and select "Express Checkout - Digital goods"
After setting up some test accounts on the sandbox, I've kinda sorta got it working- but I'm confused how I track dynamic data across the session.
I.e. where would I securely store the "number of credits" and "userid" values so that it gets added to this user (who may not have an email address, nevermind one matching their paypal account) upon successful payment. Is a database/callback system necessary?
Assuming so for the time being, my guess is to maybe store the data in a database where the primary key is the TOKEN received at SetExpressCheckoutDG(), and prepopulated fields are the data I want to keep... and then the final confirm.php page will check the database at that token and implement that data... but something just seems strange about that, i.e. relying on a callback (could be timeouts, etc.) and I'm not sure if it's really the most secure way of doing it.
If using examples, please stick with PHP (not curl or other langs). Thanks!
You could just bounce this along with your calls. I'll use NVP for my examples
You set your digital goods in SetExpressCheckout. Inside, you pass how many credits the user is buying and set the PAYMENTREQUEST_0_CUSTOM with their user ID.
In GetExpressCheckoutDetails that data would be passed back to you so you could store it in some fashion (you would get their items and quantity, plus the user ID). Then, you finish with DoExpressCheckoutPayment.
If that still doesn't help let me know.
I'm trying to link my 3rd party shopping cart to PayPal, and in the process I'm finding that my variables are extremely exposed, such that, if someone uses, say, Firebug, to manipulate the values of my variables, they can change the cost of the items in the transaction.
I'm very new to online carts and shopping, so my question is how do I keep this layer of exposure away from users and secure for the website?
The answer is in the Instant Payment Notification service.
Upon completing the transaction, PayPal notifies you, in a separate process, of the payment details for the last transaction.
You can check these details against the data you stored locally. If they match, all is fine. If they do not match, you will need to investigate the issue.
Never understood why PayPal does not allow the data to be signed with some sort of hash + shared secret... but that does not help you any further.
If you POST the variables to PayPal, you can encrypt the data. Unfortunately, this is not possible for a GET request, triggered from a redirect.
There is a way of getting PayPal to host the button variables on their side. Look out for PayPal Hosted Buttons in their documentation:
https://cms.paypal.com/uk/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_ButtonMgrAPIIntro#id093VD0JE0Y4
Otherwise verify with IPN as mentioned bu Jacco.
Use the PayPal NVP or SOAP API to create an encrypted button. Basically you set all the information using PHP and then the API gives you the HTML.
Alternatively if you only have a couple of products you can make custom buttons.
The API's are well documented and easy to use. Personally I used the NVP as it was recommended for less experienced programmers. You can also use both in with the IPN (Instant Payment Notification) system so that for example digital products can be automatically emailed.