I have site with a members area that I've set up and want to make it so when people register, they need to subscribe to paypal, and only then the user is created in the database.
I don't know much how paypal works. Does anyone have any pointers? How or where do I start?
Basically I need to somehow redirect the visitor to paypal after he presses the "Register" button, make the payment, and then make Paypal return to my site and tell it that the payment was processed, so the user can be created...
Paypal IPN is the Paypal deployment for this kind of requirement.
IPN (Instant Payment Notification) allows you to delegate an endpoint URL that the payment gateway will send postdata to when a payment is completed successfully.
Most of the time this requires utilizing some kind of database to save the registration state while the user is forwarded over to Paypal for the payment process, making use of their SSL encryption and payment logic. When the process is completed, your application is notified with post data containing a unique identitfier generated by your app and passed with the original redirect in order to identify the user's session that has completed payment.
You will want to generate a unique id either using PHP uniqueid() function or by hashing a timestamp. This will be passed along to paypal in your redirect, and paypal will send it along with success/fail flags when the payment is processed. When the user fills out their form and is redirected to Paypal, save a boolean value for IsPaid in your database associated with their ID (i'd recommend using both a primary key as well as this unique transaction id mentioned earlier.) Your IPN script can then listen for the post data, parse it out and change the false IsPaid boolean for that id to true.
There are numerous good tutorials available. I've only used this in MVC deployments, so if you're doing procedural, googling around will help a great deal. Paypal's documentation has the most up to date parameter guides but there are other great, if a bit old, tutorials available independent of them.
http://www.web-development-blog.com/archives/easy-payments-using-paypal-ipn/
http://net.tutsplus.com/tutorials/php/using-paypals-instant-payment-notification-with-php/
Look at the Paypal IPN API, this is used in most paid membership scripts:
https://cms.paypal.com/uk/cgi-bin/?cmd=_render-content&content_ID=developer/library_code
Related
On my website, I want to set up a "pay to remove ads" feature, and I want to collect payments for it through PayPal. The setup that I want for this is quite simple:
User pays
Payment is verified
The entry in the MySQL database containing the user's information is updated to disable ads on the site for that user
To do this, I want to use PayPal's IPN service. I understand the basics of it, but I am not quite sure how to implement it, nor do I understand how I can trigger the script to update the database for the correct user. I would imagine that to do this, I need to include some means of user identification whenever they begin the payment process, but I am not sure how to do that either. I am trying to implement this in PHP.
The process would be:
The user has an ID
When he pays, you attach this ID as the custom parameter in the PayPal request
You also define what url you want to call for the IPN
Once the payment is complete, PayPal sends the IPN
You verify that the actual status of the payment is "Completed"
You retrieve the user'ID from the custom parameter
You update your table
I hope it's clear :)
I have already done a small e-commerce with Paypal and it works, but I feel like it is done wrongly.
Because the page that handles the IPN response from Paypal can't read $_SESSION variables, before the user submits the form and is redirected to Paypal, I get all the cart items and store them in a table in the database and also I register a new order with the user information but with the status 0 ( not completed ).
Then, after the user pays and I get the IPN response, I check if the status is completed, check if the amount paid is correct, currency and the usual checks to make sure the payment is successful.
The problem with this approach is that if the user once redirected to Paypal, decide to leave/close the browser/Paypal tab, I will have a failed order registered in the database and I can't delete it but manually.
How can I handle this kind of situation, and is it correct to register the order/cart before the user pays ?
Thank you and sorry for the long post.
If you want to check if the transaction occurs rely on the IPN messages. Depending on which api you are using you have several way to customize the IPN message with useful information for you, ie:
using paypal custom field
define dynamically the IPN url with extra parameter ie www.yoursite.com/ipn?myvar=myval
That way you can have a hook between the payment and the actual user in your application.
Obiusly the php session attributes of the user is not available when the http post comes from paypal.
I have an option on my phpBB forum to add a Paypal Buy Now button to enable users to sell and purchase items. I would like to have the ability to automatically close a topic once a user makes a purchase through paypal to avoid multiple users from purchasing the same item.
Is it possible to get the user's session data from paypal once they make a transaction? Then incorperate session data into a variable like:
$paypal = (isset($_POST['purchased'])) ? true : false;
Not sure if I need to download the Paypal SDK for this or not.
Any suggestions would be great, thanks.
Is it possible to get the user's session data from paypal once they
make a transaction?
You really want to trust the user's session data? I am sure you can read the session data, you don't want to do that, would be trivial task to alter it. Even if you can you really shouldn't read the session data for another website.
Not sure if I need to download the Paypal SDK for this or not.
This would be the correct way to do it.
When I last used it, Paypal Standard allowed you to specify a return URL (where to send the user) for failures and for successes. Dynamically generate some secret hashes to facilitate when the user is finally redirected.
Or you can use IPN.
Don't rely on the return URL. Buyers can (and will) close their browser / tab after completing a payment.
Instead, use PayPal Instant Payment Notifications to receive a server-to-server notification from PayPal which you can subsequently verify and use to update your database with the appropriate flag for a phpBB closed thread.
IPN works as follows:
You create the PayPal and incude a "notify_url". The value for this parameter will be the full URL to a script on your server, called the 'IPN script' or 'IPN handler'.
You can specify an IPN handler as follows for Website Payments Standard
<input type="hidden" name="notify_url" value="http://blah.com/ipn.php
For Express Checkout or Website Payments Pro, simply include the following in your SetExpressCheckout/DoExpressCheckoutPayment or DoDirectPayment API call respectively.
NOTIFYURL=http://blah.com/ipn.php
A buyer completes a transaction via PayPal
Once the buyer completes the transaction, he/she may close the browser, or return to your website
Once the transaction is accepted and processed by PayPal, PayPal will send out a notification to http://blah.com/ipn.php
You need to take all POST data that was sent to this script, and POST it back to https://www.paypal.com/cgi-bin/webscr?cmd=_notify-validate
If the data you send back matches the data PayPal sent you, a 'VERIFIED' response is returned.
If the response is VERIFIED, it's at this point that you would look up the matching transaction/buyer on your end, and update the phpBB thread status appropriately.
Some sample code and documentation for PayPal IPN is available at https://www.paypal.com/ipn/
In addition, some tips on making a secure IPN script are available at https://www.x.com/developers/community/blogs/ppmtsrobertg/securing-your-instant-payment-notification-ipn-script
Note: If you want to include any custom data along with the transaction which you can read out later, use 'custom'.
<input type="hidden" name="custom" value="xxxxx">
This will also be returned in the IPN POST data sent from PayPal.
I've implemented a paypal transaction before but this one has a twist that I'm not quite sure what's the best way to handle it.
The basic idea is I want to create an account for the user when he provides some details and makes a payment via PayPal. Until BOTH the user details are filled out correctly AND the payment is made correctly, I shouldn't create an account for the user.
The setup I've done before was simply a paypal button that the user clicks, makes a payment, and gets forwarded back to just a generic page "your order will be processed and shipped" so there was no pre-order form involved.
This one is different though because
before PayPal, I need to collect initial user data
after PayPal, I need to create the new user account and use in it the user data collected from the pre-paypal form
I'm sure there's a logical way to implement this, but I'm not quite sure what's the flow I should follow to do it.
I use the Zend framework by the way, which shouldn't matter but just in case Zend has an easier way to help me with what I'm trying to do.
I do the following (though I do this in ASP.NET):
User fills out form
Info is saved in Order table in db with a unique invoice number
Invoice number is passed to PayPal, along with the IPN Notify URL, when you do the redirect
User is sent to Paypal to pay and then comes back to a generic Success page
Behind the scenes, Paypal makes a call to the IPN Notify url once processing is complete. This page receives your invoice number which PP returns with its call, and then does the account creation processing for that order after retrieving the details from the db. [This is a page with no UI, since only PP is hitting it.]
An email is sent from that process which notifies the customer that their account has been created and gives them the details.
This is a simplified version of the process, but hits the highlights. You can check out PayPal's page about IPN, and do a search on google for IPN integration with PHP.
Im planning to allow people to create premium accounts on a site. There is a simple registration form, at the end of which I want to direct people to paypal where they will make a payment, and then be sent back to my site with their newly created account now activated (if transaction went thru).
I dont want a fully hosted solution ("Website Payments Pro"), but something where you leave the site, and then come back to it after payment.
Everything you need to get started
View sample code
View all tech docs
Download SDKs
API Reference
Using the PayPal API, you'll be able to send users to PayPal to handle payments. Once the transaction has been completed it will then send a response to a script on your site, which you can then act on accordingly. For example, update a particular user's status as 'Paid' or 'Unpaid' in your members database table.
You want to look at PayPal IPN. With that, you can send these pages URLs as hidden fields and PayPal will then return the user to the page you submitted for success, failed, IPN handler etc.
Yes that's possible, look into the "Buy now"-method on PayPal, they have an off-site payment possibility and they have on-site payment. It's up to you how much you want to spend on both time and percentage on each sale.