Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2749
  • Last Modified:

How to Post Shopping Cart Data to PayPal from VB.NET

I have a VB.NET application that allows users to add items to a data table shopping cart within the program. When they are reday to checkout, I take them to PayPal to perform the actual payment procedure.

The method I have is VERY crude and primitive. I tried several others ways, including UploadData and such, with no luck. I was never able to open/access the cart with the POSTED contents in the web browser.

I am trying to make certain the user never sees the entire cart item URL string so they cannot be tempted to change the price before paying.

Below is my current "cheat" code. Lets see who can come up with the cleanest "true" solution. I would prefer a true POST in a fashion I can use the "hidden" directives used by PayPal. I have searched the web high and low without finding a good solid free solution.


        Dim httpString As String
        For Each oCartItem As DataRow In dtShoppingCart.Rows
            httpString = "&item_number=" & URLEncode(oCartItem(0)) & _
                         "&item_name=" & URLEncode(oCartItem(1)) & _
                         "&amount=" & oCartItem(2) & _
                         "&quantity=" & oCartItem(3) & _
                         "&shipping=5.00" & _
                         "&shipping2=5.00" & _
                         "&on0=" & URLEncode("Added Info") & _
                         "&os0=" & URLEncode(oCartItem(4))
            System.Diagnostics.Process.Start("https://www.paypal.com/cgi-bin/webscr?cmd=_cart&business=test@company.com&add=1&invoice=VBAPP&undefined_quantity=1¤cy_code=USD" & httpString)
        Next

        System.Diagnostics.Process.Start("https://www.paypal.com/cgi-bin/webscr?cmd=_cart&business=test@company.com&display=1")


The URLEncode function simply reformats the data to an acceptable URL format. In a true POST method, this should no longer be needed.

The dtShoppingCart data table is defined as follows:
            dtShoppingCart = New DataTable("ShoppingCart")
            dtShoppingCart.Columns.Add("Item Number", GetType(String))     ' 0
            dtShoppingCart.Columns.Add("Item Name", GetType(String))       ' 1
            dtShoppingCart.Columns.Add("Price Each", GetType(String))      ' 2
            dtShoppingCart.Columns.Add("Quantity", GetType(Integer))       ' 3
            dtShoppingCart.Columns.Add("Added Info", GetType(String))    ' 4
            dtShoppingCart.PrimaryKey = New DataColumn() {dtShoppingCart.Columns("Item Number")}

Thanks,
maknight
0
maknight
Asked:
maknight
  • 4
  • 2
1 Solution
 
LacutahCommented:
I think you're problem lays in part in using: System.Diagnostics.Process.Start, where you have no other alternative other than using URL string data.  By using System.Diagnostics.Process.Start, Windows decides what browser to open (be it Internet Explorer, Firefox, Netscape, etc.), and you would have no way to "hide" the data.

Does paypal offer a webservice interface to create a session ahead of time and upload the contents of the cart, then redirect the user to paypal using a unique ID?
0
 
prakash_prkCommented:
Try this ...
Use the HTTPWeb Request and response to post and get the data
----------------------------------------------------------------------------
        Dim objHTTPRequest As Net.HttpWebRequest
        Dim objRequestStream As IO.Stream
        Dim objHttpResponse As Net.HttpWebResponse
        objHTTPRequest = Net.HttpWebRequest.Create("https://www.paypal.com/cgi-bin/webscr")
       
        Dim httpString As String
        For Each oCartItem As DataRow In dtShoppingCart.Rows
            httpString = "cmd=_cart&business=test@company.com&display=1" & _
                        "&item_number=" & URLEncode(oCartItem(0)) & _
                         "&item_name=" & URLEncode(oCartItem(1)) & _
                         "&amount=" & oCartItem(2) & _
                         "&quantity=" & oCartItem(3) & _
                         "&shipping=5.00" & _
                         "&shipping2=5.00" & _
                         "&on0=" & URLEncode("Added Info") & _
                         "&os0=" & URLEncode(oCartItem(4))
        Next
        Dim ContentData As Byte() = System.Text.Encoding.UTF8.GetBytes(httpString)


        objRequestStream = objHTTPRequest.GetRequestStream()
        objHTTPRequest.Method = "POST"
        objHTTPRequest.ContentType = "application/x-www-form-urlencoded"
        objHTTPRequest.ContentLength = ContentData.Length
        objRequestStream.Write(ContentData, 0, ContentData.Length)
        objRequestStream.Close()
        objHttpResponse = objHTTPRequest.GetResponse()
        Dim objReader As System.IO.StreamReader = New IO.StreamReader(objHttpResponse.GetResponseStream())
        MsgBox(objReader.ReadToEnd())
--------------------------------------------------------------------------------------------------------------

Regards
PRakash
0
 
prakash_prkCommented:
See this article also..
http://www.netomatix.com/HttpPostData.aspx
regards
prakash
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
maknightAuthor Commented:
Thanks for the quick responses.

I found that it must be done in this order or an exception is generated.
        objHTTPRequest.Method = "POST"
        objHTTPRequest.ContentType = "application/x-www-form-urlencoded"
        objHTTPRequest.ContentLength = ContentData.Length
        objRequestStream = objHTTPRequest.GetRequestStream()
        objRequestStream.Write(ContentData, 0, ContentData.Length)
        objHttpResponse = objHTTPRequest.GetResponse()
        Dim objReader As System.IO.StreamReader = New IO.StreamReader(objHttpResponse.GetResponseStream())
         objRequestStream.Close()

This is basically what I had tried with UploadData (although this is a bit cleaner than what I had), but it is not persistent. I cannot do anything with the cart after the post because it doesn't exist any longer after the response data is returned. If I try to do anything with the returned cart, PayPal just returns that the cart is empty. The returned (response) data shows a properly filled cart, however.

For example, if you create a PayPal cart with the full URL, or through a normal HTML request, you can close your browser, and use "https://www.paypal.com/cgi-bin/webscr?cmd=_cart&business=test@company.com&display=1" to redisplay it until the cart expires after a few days.

How do I maintain persistence? I tried making the stream variable global and keeping it open while I tested it.

maknight
0
 
prakash_prkCommented:
U couldn't maintian the session state with your application and an external Internet Explorer Application.
Instead of using extrenel browser applicaiton u can try the web browser control in your form.

after u complete the process then navigate the web browser in your form to the paypal site..

Add a web browser control to your Form
then try this...

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  Dim httpString As String
        For Each oCartItem As DataRow In dtShoppingCart.Rows
            httpString = "cmd=_cart&business=test@company.com&display=1" & _
                        "&item_number=" & URLEncode(oCartItem(0)) & _
                         "&item_name=" & URLEncode(oCartItem(1)) & _
                         "&amount=" & oCartItem(2) & _
                         "&quantity=" & oCartItem(3) & _
                         "&shipping=5.00" & _
                         "&shipping2=5.00" & _
                         "&on0=" & URLEncode("Added Info") & _
                         "&os0=" & URLEncode(oCartItem(4))
        Next
       
        Dim DataToPOST As Byte()
        Dim objMissingValue As Object = System.Reflection.Missing.Value

        DataToPOST = System.Text.Encoding.UTF8.GetBytes(httpString)

        Me.AxWebBrowser1.Navigate2("https://www.paypal.com/cgi-bin/webscr", objMissingValue, objMissingValue, DataToPOST, objMissingValue)
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
regards
prakash
0
 
maknightAuthor Commented:
That's what I was trying to figure out! I don't know why that was eluding me so. It was a VERY clean solution. Thank you.

I do have a couple more questions, but they really require a seperate question, I feel, and I may be able to muddle my way through them myself having this much.

Regards,
maknight
0
 
prakash_prkCommented:
Thank u maknight..

Regards
prakash
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now