I'm looking for a way to build a web application using paypal payments standard. I'd like the user to get redirected to paypal, then fill out their information, and upon completion, add a value in our database saying that they successfully paid. I haven't found a solution or answer to this.
I found this thread for RoR, but didn't find anything for PHP
Paypal Website Payments Standard with a Ruby/Rails application
You can see instructions for a Payment Data Transfer at PayPal's site. Basically, you post the transaction amount and an ID token to their site, the customer pays on paypal.com, and then they're sent back to a pre-defined URL on your site with the transaction details.
I used the NVP API to do that.
Related
I'm doing a project involving Paypal, more specifically with the NVP API in PHP. But I just can't seem to figure what to use the IPN feature for.
I mean, when the user has been redirected to Paypal to confirm the purchase, he is redirected back to my website's "Paypal-succes-page", when the transaction is complete. And just to be sure that he actually payed i could use the "PaymentDetails" operation.
Now where does IPN fit in this process? and what is the benefit of it?
Thanks
The integrate with PayPal's services you will notice there are three main channels (and IMO it's important to know this so you can decide the benefits for your application):
IPN: Instant Payment Notification
PDT: Payment Data Transfer
PayPal's API
To use PayPal's IPN you need to add a 'listener' script (example) and add the address to your PayPal account. Whenever an event occurs PayPal will send a message directly to your server via your listener and you then update your accounts appropriately. This is especially useful for running subscription services as events will occur in the background without user intervention and you can capture successful/failed recurring payments etc.
PayPal's PDT is a system for accepting data when a user is redirected back to your site from PayPal. For example, a user clicks 'Buy', they are directed to PayPal, enter information etc. Then, once the payment has been taken, they are redirected back to your site. PayPal can pass details about the transaction including whether it was successful or not so you can display the appropriate success/failed page from your site.
PayPal's API allows you to integrate more deeply with PayPal's services, and you would use this if you were managing payments directly from your site.
These services aren't mutually exclusive, so you can use any combination with your application.
I hope this helps
The IPN feature is a very useful feature which you should use to update your database in my opinion. Sure the user is redirected to your success-page after the purchase where you can validate the payment details.
But what if he closes (by accident or not) the browser before reaching your success page? You will never know the result of the transaction and you will never update your database or process his order accordingly.
When using the IPN you can be sure that the transaction result will always reach you because PayPal will keep on making an offline request to your IPN page until it has reached your servers.
Instant Payment Notification
The typical usage of the IPN is to validate the purchase and to let your script or management system know that the transaction is complete so your system can update any records you may have for your service.
But the most important part is that the transaction is validated.
IPN send all data about transaction to your server - price, items, contacts ... so you can check, if someone don't pay you only 1$ instead of 100$ and confirm your order. It prevets thiefs, cheaters, ... USE IT! ;)
Am trying to create a way to setup the following:
User sends donation to paypal with info from donation site (name, email)
Paypal receives the donation and using the 2 variables it received (name, email) it sends them back to the donation site
Donation site receives variables and donation amount and changes some variables in the website to show that the user has donated some amount.
The site shows a list of users that have donated and how much they have donated which shows as points. How can I do this with paypal and php and mysql.
I'd suggest looking into using PayPal Instant Payment Notifications (IPN).
PayPal IPN allows you to (asynchronously) process order information while not having to depend on the buyer to return to your website to complete the order (which would be the case with PDT).
You can use IPN by setting up a script which receives this (POST) data from PayPal. In addition, you must include the following code in your button and/or API call(s):
For Website Payments Standard (where "xxxxxxxx" is the full URL to your IPN script):
<input type="hidden" name="notify_url" value="xxxxxxxx">
For Express Checkout:
Include NOTIFYURL=xxxxxxxx in your SetExpressCheckout and DoExpressCheckoutPayment API call
For Website Payments Pro
Include NOTIFYURL=xxxxxxxx in your DoDirectPayment API call
Once set up, you will receive POST data from PayPal with every transaction.
Take this data, and send it back to https://www.paypal.com/cgi-bin/webscr?cmd=_notify-validate (Live) or https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_notify-validate (Sandbox) to validate the data. If PayPal responds with VERIFIED (in the body of the page), you're sure the data is genuine IPN data coming from PayPal.
You can find sample code, documentation and further information on PayPal IPN at https://www.paypal.com/ipn
See also some IPN security best practices at https://www.x.com/developers/community/blogs/ppmtsrobertg/securing-your-instant-payment-notification-ipn-script
I found this tutorial, looks like what you're after.
http://tutorialzine.com/2010/05/donation-center-php-mysql-paypal-api/
Your first step is to use a paypal payments pro account. If memory serves correctly, you can only callback on pro accounts. Otherwise your paypal donation is pretty much a one way trip.
Please understand your question is very involved and is not likely going to result in a full blown example.
The best suggestion I can give is to read up on the paypal API documentation and see if the PHP API fits your needs...
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_overview
The PHP / MySQL end of things is on you at this point. You must store user information that you would use to send and validate the successful transactions based on the paypal API results.
While this answer may not serve your situation exactly, it is at least a small point in the right direction. I would suggest taking care to consider refunds and cancelled payments. If there is anything at all to gain by accumulating these "points" you mention then you need to cover security well. Otherwise you will be gamed and could stand to lose something if this is not done correctly.
If you have anything specific to add to this question to narrow down the possible answers, let me know and I will try to update this answer with a better, more specific response.
Set up Payment Data Transfer with PayPal,
PayPal PDT How To
Then on the page that receives the payment details from PayPal, calculate the number of points the person gets based off of how much money they donated (using whatever multiplier or point scheme you decide on), then log the data in a points field in the user's row of your user table in mysql.
i have a client that provide a service on his website.he wants to automate the service orders.
the service has these steps:
1- user submit a form with request.
2- my client review the request, validate it and use the info in this request to :
3- login to another website
4- buy a product from this website using his paypal account.
5- downlad and send the product in email to the user.
i was able to automate all of this using curl.the only problem i have is the purchase process using papal.i didn't deal with paypal before.so i want to know if i can just submit the papal form on the purchase website using curl.or this will not work?
while searching i found something about papal IPN.but i don't know if my client have this IPN in his papal account or not? also, he does not want to give me his papal info. is there is anyway i can do this with fake paypal account to try it?
thank you so much.
First of all, sign up for a PayPal sandbox account: https://developer.paypal.com/devscr?cmd=_signup-run
It's a really slick system PayPal put together for developers to test out stuff.
Secondly, review the PayPal API's at:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/library_download_sdks
I believe all you need is the PHP Name-Value pair or Website Payments Standard interfaces.
IPN stands for Instant Payment Notification, it's a way for PayPal to tell you that a payment was made.
What you are looking for is either the PayPal NVP or SOAP interfaces.
I'm trying to link my 3rd party shopping cart to PayPal, and in the process I'm finding that my variables are extremely exposed, such that, if someone uses, say, Firebug, to manipulate the values of my variables, they can change the cost of the items in the transaction.
I'm very new to online carts and shopping, so my question is how do I keep this layer of exposure away from users and secure for the website?
The answer is in the Instant Payment Notification service.
Upon completing the transaction, PayPal notifies you, in a separate process, of the payment details for the last transaction.
You can check these details against the data you stored locally. If they match, all is fine. If they do not match, you will need to investigate the issue.
Never understood why PayPal does not allow the data to be signed with some sort of hash + shared secret... but that does not help you any further.
If you POST the variables to PayPal, you can encrypt the data. Unfortunately, this is not possible for a GET request, triggered from a redirect.
There is a way of getting PayPal to host the button variables on their side. Look out for PayPal Hosted Buttons in their documentation:
https://cms.paypal.com/uk/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_ButtonMgrAPIIntro#id093VD0JE0Y4
Otherwise verify with IPN as mentioned bu Jacco.
Use the PayPal NVP or SOAP API to create an encrypted button. Basically you set all the information using PHP and then the API gives you the HTML.
Alternatively if you only have a couple of products you can make custom buttons.
The API's are well documented and easy to use. Personally I used the NVP as it was recommended for less experienced programmers. You can also use both in with the IPN (Instant Payment Notification) system so that for example digital products can be automatically emailed.
Im planning to allow people to create premium accounts on a site. There is a simple registration form, at the end of which I want to direct people to paypal where they will make a payment, and then be sent back to my site with their newly created account now activated (if transaction went thru).
I dont want a fully hosted solution ("Website Payments Pro"), but something where you leave the site, and then come back to it after payment.
Everything you need to get started
View sample code
View all tech docs
Download SDKs
API Reference
Using the PayPal API, you'll be able to send users to PayPal to handle payments. Once the transaction has been completed it will then send a response to a script on your site, which you can then act on accordingly. For example, update a particular user's status as 'Paid' or 'Unpaid' in your members database table.
You want to look at PayPal IPN. With that, you can send these pages URLs as hidden fields and PayPal will then return the user to the page you submitted for success, failed, IPN handler etc.
Yes that's possible, look into the "Buy now"-method on PayPal, they have an off-site payment possibility and they have on-site payment. It's up to you how much you want to spend on both time and percentage on each sale.