Here's some simple code I'm using to test the Paypal Website Payments Standard upload thingy.
My return URL is http://mysite/index.php?module=store&show=order_confirm
I go through the payment process, and when I get to the end and it returns me to the page, it instead just returns me to index.php (i.e. without the extra parameters).
Anyone know what the deal with this is
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart" />
<input type="hidden" name="upload" value="1">
<input type="hidden" name="return" value="http://mysite/index.php?module=store&show=order_confirm" />
<input type="hidden" name="currency_code" value="EUR" />
<input type="hidden" name="business" value="b.coug_1277121937_biz#gmail.com">
<input type="hidden" name="item_name_1" value="adaddada" />
<input type="hidden" name="amount_1" value="30.00" />
<input type="hidden" name="quantity_1" value="1" />
<input type="hidden" name="item_name_2" value="wuiui" />
<input type="hidden" name="amount_2" value="50.00" />
<input type="hidden" name="quantity_2" value="1" />
<input type="hidden" name="custom" value="19" />
<input type="image" name="submit" border="0" src="https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif" alt="PayPal - The safer, easier way to pay online">
</form>
I'm not sure why Paypal is doing what it's doing, but I suspect their desire to add their own GET parameters is wiping out your own. You might want to try something like this, if mod_rewrite or something similar is available to you:
write a rule that changes this:
http://mysite/store/order_confirm/?merchant_return_link=Test+Store
to this
http://mysite/index.php?merchant_return_link=Test+Store&module=store&show=order_confirm
Try escaping the ? and & in the return URL; change them to %3F and %26.
An alternative answer is to set the paypal 'rm' [return method] variable to "2", so that paypal would POST all its own return variables, rather than sending them as GET variables
Related
I'm having a weird problem that is very intermittent. In fact, I've never been able to reproduce it on my end, but a variety of customers have experienced it. Typically, it's with mobile IOS - new and old. Basically, when the customer reaches checkout, they click Check Out and they end up on PayPal's login page. No values from the form are passed, as if they just went to PayPal.com. We do get a lot of sales via PayPal, so not sure what percentage has this issues, but want to make sure we capture those sales. Doing a Google, I have seen people mention this, but not seeing any solid solutions.
Here is my form code:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
<input type="hidden" name="item_name_1" value="Product Test 1" />
<input type="hidden" name="amount_1" value='10.00' />
<input type="hidden" name="quantity_1" value="1" />
<input type='hidden' name='item_number_1' value='' />
<input type="hidden" name="shipping_1" value='8.00' />
<input type="hidden" name="no_shipping" value="2" />
<input type="image" id="PayPalButton" src="https://www.paypalobjects.com/webstatic/en_US/i/buttons/checkout-logo-large.png" name="submit" class="wp_cart_checkout_button" alt="Make payments with PayPal - it's fast, free and secure!" />
<input type="hidden" name="return" value="https://www.example.com/thankyou/?a=1" />
<input type="hidden" name="notify_url" value="https://www.example.com/paypal/" />
<input type="hidden" name="business" value="paypal#example.com" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="cmd" value="_cart" />
<input type="hidden" name="upload" value="1" />
<input type="hidden" name="rm" value="2" />
<input type="hidden" name="charset" value="utf-8" />
<input type="hidden" name="mrb" value="3FWGC6LFTMTUG" />
<input type="hidden" name="custom" value="cart=58597ef8bdd56c789946533a9c1d0d1c&x=337917&email=test#example.com&ip=6xxx.xxx.xxx.xxx" />
</form>
I've seen people remove target="paypal" and use target="_self". I've only used target="_blank". I don't want to use GET method since I could have lot of variables depending on how large the cart is. Every time I test (desktop, table, phone), the paypal process works. So not sure what is stopping some of the users.
I'm currently developing a website that uses PayPal for order processing..
This is the html form I'm using so far for testing purpose
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<select name="amount">
<option value="3.99">6 Months ($3.99)</option>
<option value="5.99">12 Months ($5.99)</option>
</select>
<br>
<input name="currency_code" type="hidden" value="USD">
<input name="shipping" type="hidden" value="0.00">
<input name="tax" type="hidden" value="0.00">
<input name="return" type="hidden" value="urlOnValidPayment">
<input name="cancel_return" type="hidden" value="UrlOnCancelPayment">
<input name="notify_url" type="hidden" value="URLForValidationPayement">
<input name="cmd" type="hidden" value="_xclick">
<input name="business" type="hidden" value="your e-mail">
<input name="item_name" type="hidden" value="name of the object">
<input name="no_note" type="hidden" value="1">
<input type="hidden" name="no_shipping" value="1">
<input name="lc" type="hidden" value="EN">
<input name="bn" type="hidden" value="PP-BuyNowBF">
<input name="custom" type="hidden" value="custom data">
<input type="image" src="https://www.paypalobjects.com/en_US/CH/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/fr_FR/i/scr/pixel.gif" width="1" height="1">
</form>
But, I've noticed that, this method is not secure for ordering purpose. it can be only used for donation purpose. Because, user may return to the url in "notify_url" field without paying. blah blah..
Am I right? Or is there any way to make it secure?
You can reconcile the item amount within an IPN script, but this can be more trouble than its worth in my opinion. Since you're already working with PHP I'd recommend using the Express Checkout API instead of standard payment buttons. This makes everything much more secure and allows you to fully integrate without any limitations.
You can take a look at my PHP class library for PayPal if you want. It'll make the API calls very simple for you. Specifically, you'd be looking at SetExpressCheckout, GetExpressCheckoutDetails, and DoExpressCheckoutPayment.
The checkout function on my client's site works by passing data to PayPal based on the following form:
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="rm" value="2" />
<input type="hidden" name="cbt" value="Confirm your payment" />
<input type="hidden" name="business" value="blah" />
<input type="hidden" name="item_name" value="blah" />
<input type="hidden" name="amount" value="blah" />
<input type="hidden" name="shipping" value="blah" />
<input type="hidden" name="button_subtype" value="products" />
<input type="hidden" name="no_shipping" value="2" />
<input type="hidden" name="return" value="blah" />
<input type="hidden" name="notify_url" value="blah" />
<input type="hidden" name="cancel_return" value="blah" />
<input type="hidden" name="currency_code" value="blah" />
<input type="hidden" name="image_url" value="" />
<input type="hidden" name="lc" value="AU" />
<input type="hidden" id="custom" name="custom" value="blah" />
<input type="hidden" class="btn btn-primary" style="width:100%" alt="PayPal - The safer, easier way to pay online!"/>
When checkout is complete, and annoyingly after the customer presses 'Confirm your payment'; PayPal passes post information to 'return'.
This works in some cases. However, when a user pays via a mobile device such as an Android phone or an iPad, occasionally there is no data passed back to the 'return' URL in $_POST which causes a 'Payment Failed' email to be sent out to me with an empty $_POST variable.
Am I doing something wrong? How can I get the data to pass back correctly?
I have the items pulled from a database based on "custom", but my client is unhappy that all of the data (especially the address) is not sent conveniently in one email.
I want to recommend not building your clients buttons that way. Any person who can edit html, can simply change the value of amount to $1 and if the merchant doesn't catch it, will ship a product that was only charged a buck.
You may want to complete this task with a api's instead of using $_post
Just seen it happen before.
I am using html form to integrate Paypal and my form is as
<form name="_xclick" action="https://www.paypal.com/cgi-bin/webscr" method="POST">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="hosted_button_id" value="XXXXXXXXXX">
<input type="hidden" name="business" value="admin#domain.com" />
<input type="hidden" name="item_name" value="Item Name" />
<input type="hidden" name="quantity" value="1" />
<input type="hidden" name="amount" value="100.00" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="return" value="http://domain.com/success" />
<input type="hidden" name="cancel_return" value="http://domain.com/fail/" />
<input type="hidden" name="cbt" value="Please Click here to Complete Your Order" />
</form>
When I am testing this Website code on desktop browsers this is posting paypal data back on return url perfectly. But when I am testing same website code on my Mobile browser payapl is not posting back any data on return url. It just get back on return url without any data.
Please help me.
do you get ANY kind of request on callback on mobile? You should log every POST request on callback page and review them
also try with notify_url as well, IPN should be sent here
Please set "no_note"
Please see following links
Link: http://www.paypalobjects.com/en_US/ebook/subscriptions/html.html
I'm pretty sure your problem is that you need to add this line to your code:
<input type="hidden" name="no_note" value="1">
Hope this helps.
My client wants the ability to put PayPal add-to-cart buttons anywhere on a page, with potentially multiple buttons on a single page. He will use a shortcode like [price MONKEY] to have a PaylPal button replace that text, with the price and description for "monkey".
So every time we find a [price] shortcode on the page, I need to query the database to get value, insert then into the following PayPal button code, and display the button at that place on the page. Then move to the next replacement, if any.
Here's the PayPal button code:
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" value="_cart" name="cmd" />
<input type="hidden" value="me#mydomain.com" name="business" />
<input type="hidden" value="1" name="add" />
<input type="hidden" value="MONKEY" name="item_name" />
<input type="hidden" value="" name="item_number" />
<input type="hidden" value="17.00" name="amount" />
<input type="hidden" value="2" name="no_shipping" />
<input type="hidden" value="USD" name="currency_code" />
<input border="0" type="image" name="submit" src="https://www.paypal.com/en_US/i/btn/x-click-but22.gif" alt="Make payments with PayPal - it's fast, free and secure!" />
</form>
I've been trying to do this with a preg_replace_callback() function, but having problems inserting all the HTML for the button, and then with looking for more shortcode instances on the page and replacing them.
Appreciate any help on this! It's so simple in Wordpress where all this code is already written (but where?) -- this is an application that I created from scratch and now needs some enhancement. Thanks!
Here's my regex:
$pattern = '/\[price (.*?)\]/';
You can just use a basic preg_replace to accomplish this task using your pattern. something like so:
<?php
function myexamplefunction($html){
$pattern = '/\[price (.*?)\]/';
$replace = '<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" value="_cart" name="cmd" />
<input type="hidden" value="me#mydomain.com" name="business" />
<input type="hidden" value="1" name="add" />
<input type="hidden" value="$1" name="item_name" />
<input type="hidden" value="" name="item_number" />
<input type="hidden" value="17.00" name="amount" />
<input type="hidden" value="2" name="no_shipping" />
<input type="hidden" value="USD" name="currency_code" />
<input border="0" type="image" name="submit" src="https://www.paypal.com/en_US/i/btn/x-click-but22.gif" alt="Make payments with PayPal - it\'s fast, free and secure!" />
</form>';
return preg_replace($pattern,$replace,$html);
}