Solved

Paypal Testing a page

Posted on 2007-12-01
6
575 Views
Last Modified: 2013-11-29
I wish to test a PayPal form I am creating
I cannot send the payment to myself as this is not allowed.
I have tried changing the paypal send address from
  <form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
  To:
<form target="paypal" action="https://www.test-payflow.verisign.com" method="post">
But this brings the error Page cannot be displayed
I am taking instruction from https://www.paypal.com/en_US/pdf/PayflowPro_Simulator_Guide.pdf
Any further ideas welcome
Thanks John
The code I have so far is
 <p class="list" >Please enter the following details:</p>
  <input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="info@xxxx.co.uk">
<input type="hidden" name="amount" value="0.10">
<input type="hidden" name="currency_code" value="GBP">
<input type="hidden" name="item_name" value="Details ">
<input type="hidden" name="item_number" id="item_number" value=""></p></td>
  </tr>
  <tr>
    <td valign="top">&nbsp;</td>
    <td width="26%" valign="top" class="list">First Name</td>
    <td width="61%" valign="top" class="list"><label>
      <input type="text" name="FIRSTNAME" id="FIRSTNAME">
    </label></td>
  </tr>
  <tr>
    <td valign="top">&nbsp;</td>
    <td valign="top" class="list">Last Name</td>
    <td valign="top" class="list"><input type="text" name="LASTNAME" id="LASTNAME"></td>
  </tr>
  <tr>
    <td valign="top">&nbsp;</td>
    <td valign="top" class="list">Email</td>
    <td valign="top" class="list"><label>
    <input type="text" name="EMAIL" id="EMAIL">
    </label></td>
  </tr>
  <tr>
    <td valign="top">&nbsp;</td>
    <td valign="top" class="list">Number from email</td>
    <td valign="top" class="list"><input type="text" name="Comment1" id="Comment1"></td>
  </tr>
  <tr>
0
Comment
Question by:johnhardy
  • 4
  • 2
6 Comments
 

Author Comment

by:johnhardy
ID: 20387931
I managed to get a little further by using
<form target="paypal" action="https://www.sandbox.paypal.com/uk/cgi-bin/webscr" method="post"> but cannot get
FirstName
LastName
email
or Comment1 appearing on the incoming email?
0
 
LVL 1

Expert Comment

by:manchester_info_services
ID: 20419052
Hi,

In real time implementation you need to set the following in your paypal business account profile area.
You need to set the notify url on and a custom url to send notifications for processing your data (for database and site log.)
You need to set a a return url on to take your customer after payment( thanks for paying etc)

You can set both urls in the program itself for changing the default urls.

Paypal is providing standard ipn (instant payment notification) kit for you to develop the so discussed part.

Again if you have a paypal sandbox account in developer area, you can create demo sender and receiver accounts.

If you want to get custom data you need to pass vaiables to the paypal server via curl post etc.
Its 3 level process.

One you are reditecting your user to paypal site with filled form data as simple http post method. Paypal process that data and sends your server with status mesassage , your server again need to curl post with same data, for security purpose.
Paypal finally sending you a data verified. If you are getting such a data in your notify url , , same time you will get all posted values as well.

You can easily trach the data as paypal verified that transaction as genuine.

I'm happy to give more clarification.

Regards,
Najeem M Illyas
0
 
LVL 1

Accepted Solution

by:
manchester_info_services earned 500 total points
ID: 20419127
Hi further to my last post:

1) paypal payment form
[code]

<form  action="https://www.paypal.com/cgi-bin/webscr" method="post" name="paypalform">
<div class="panel">
      <div class="inner"><span class="corners-top"><span></span></span>
      <fieldset class="fields2">
      <!-- IF ERROR --><dl><dd class="error">{ERROR}</dd></dl><!-- ENDIF -->
      <dl>
            <dt><label for="username">Processing...</label></dt>
            <dd>
      
            <input type="hidden" name="business" value="seena83uk@yahoo.co.uk">
            <input type="hidden" name="cmd" value="_xclick">
            <input type="hidden" name="return" value="http://192.168.0.1/newweb/cpanel.php?i=accounts&mode=deposit&status=wsuccess">
            <input type="hidden" name="cancel_return" value="http://192.168.0.1/newweb/cpanel.php?i=accounts&mode=deposit&status=wcancelled">
            <input type="hidden" name="notify_url" value="http://192.168.0.1/newweb/fwrite.php?userid={USER_ID}&trans={CUSTOM}">
            <input type="hidden" name="rm" value="2">
            <input type="hidden" name="userid" value="{USER_ID}">
            <input type="hidden" name="no_shipping" value="0">
            <input type="hidden" name="no_note" value="1">
            <input type="hidden" name="currency_code" value="USD">
            <input type="hidden" name="lc" value="IN">
            <input type="hidden" name="item_name" value="{ITEMNAME}">
            <input type="hidden" name="item_number" value="{ITEMNUMBER}">      
            <input type="hidden" name="amount" size="15" value="{AMOUNT}" />
            <input type="hidden" name="custom" value="{CUSTOM}">
            <input type="hidden" name="bn" value="PP-BuyNowBF">
</dd>
      </dl>
      
      
      </fieldset>

            <fieldset class="submit-buttons">
            
      </fieldset>

      <span class="corners-bottom"><span></span></span></div>
      </div>
      
</form>


[/code]

2 cancelled url:

[code]

<div class="panel">
      <div class="inner"><span class="corners-top"><span></span></span>
      <fieldset class="fields2">
      <dl>
            <dt>&nbsp;</dt>
            <dd>INVALID TRANSACTION
      <br /><br /><br /><br /><br /><br /><br />
            
</dd>
      </dl>
      
      
      </fieldset>

            
      <span class="corners-bottom"><span></span></span></div>
      </div>

[/code]

3) return url (Success url:)

same as above with success message (your custom message)

4) notify url (exactly as in my application)

[code]

$postdata="";



//your database parameters goes here

//posts transaction data using libCurl

function libCurlPost($url,$data)  
{

//build post string

foreach($data as $i=>$v)
      {
      
      $postdata.= $i . "=" . urlencode($v) . "&";
      
      }

$postdata.="cmd=_notify-validate";

$ch=curl_init();

curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,FALSE);
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_POSTFIELDS,$postdata);

//Start ob to prevent curl_exec from displaying stuff.
ob_start();
curl_exec($ch);

//Get contents of output buffer
$info=ob_get_contents();
curl_close($ch);

//End ob and erase contents.
ob_end_clean();

return $info;

}
$paypal['post_method']="libCurl";
$paypal['url']="https://www.paypal.com/cgi-bin/webscr";
//
function postedvalues($data)
{
foreach($data as $i=>$v)
      {
      
      $postdata.= $i . "=" . urlencode($v) . "&";
      
      }
      return $postdata;
}

switch($paypal['post_method'])
{
case "libCurl": //php compiled with libCurl support
$result=libCurlPost($paypal['url'],$_POST);
break;
}
if(eregi("VERIFIED",$result))
{
$mylog = " success  :: \r\n";
$mylog.= " userid: ".$_GET['userid']."\r\n";
$mylog.= " Amount: ";
$mylog.= $_POST['mc_currency']." ".$_POST['mc_gross']."\r\n";
$mylog.= " paypal fee: ".$_POST['mc_fee']."\r";
$mylog.= " payment status: ".$_POST['payment_status']."\r\n";
$mylog.= " business Email: ".$_POST['business']."\r\n";
$mylog.= " payer email: ".$_POST['payer_email']."\r\n";
$mylog.= " transaction id: ".$_GET['trans']."\r\n";
$mylog.= " payment status: ".$_POST['payment_status']."\r\n";
$mylog.= " address country: ".$_POST['address_country']."\r\n";
$mylog.= " address city: ".$_POST['address_city']."\r\n";
$mylog.= " payment date: ".$_POST['payment_date']."\r\n";
$mylog.= " Custom ID: ".$_GET['trans']."\r\n";
$mylog.= "----------------------------------------------\r\n";

$fp = fopen('paypallog.log','a+');
fwrite($fp,$mylog,4096);
fclose($fp);

            global $config, $smart_public_html, $phpEx;
            global $db, $user, $auth, $cache, $template;
            $trans = $_GET['trans'];
            //code for cross checking paypal posted data with original database data
            $sql = "SELECT COUNT(*) AS transcount FROM ".PAYPAL_DETAILS_TABLE." WHERE userid = ".$_GET['userid']." AND custom = '".$trans."'";
            $result = $db->sql_query($sql);
            $row = $db->sql_fetchrow($result);
            $db->sql_freeresult($result);
            
            if($row['transcount'] == 1)
            {
            
            $sql = "SELECT * FROM ".PAYPAL_DETAILS_TABLE." WHERE userid = ".$_GET['userid']." AND custom = '".$trans."'";
            $result = $db->sql_query($sql);
            $row2 = $db->sql_fetchrow($result);
            $db->sql_freeresult($result);
            
                  
                  if((trim($_GET['userid']) == trim($row2['userid'])) && trim(($_GET['trans']) == trim($row2['custom'])))
                  {
                  
                  if($_POST['payment_status'] == 'Completed')
                        {
                                                
                        $status = 'deposit';
                        }
                        elseif($_POST['payment_status'] == 'Refunded')
                        {
                        $status = 'Refunded';
                        }
                        else
                        {
                        $status = 'paypal_pending';
                        }
                        $sql = "INSERT INTO ".CASH_ACC_TABLE." ( user_id , amount_in , amount_out , date , mode , send_receive ) VALUES (".$_GET['userid'].", ".$_POST['mc_gross'].", '0', ".time().", '".$status."', '0' )";
                        $db->sql_query($sql);
                        
                  }
            }
            
}
elseif(eregi("INVALID",$result))
{
$mylog = "2 invalid :: \r";
$fp = fopen('paypallog.log','a+');
fwrite($fp,$mylog,4096);
fclose($fp);
      

}
else
{
$mylog = "failed :: \r";
$fp = fopen('paypallog.log','a+');
fwrite($fp,$mylog,4096);
fclose($fp);
}

[/code]

Again I will explain each in detail to get your code working.

Regards,
Najeem M Illyas
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 

Author Comment

by:johnhardy
ID: 20419234
Many thanks Najeem
I will have a go!
0
 

Author Comment

by:johnhardy
ID: 20476666
Sorry to be so long on this but I have corrupted a hard disc so problems!
0
 

Author Comment

by:johnhardy
ID: 20577966
Thanks manchester_info_services for the help.

I did get my page working satisfactorily eventually with your extensive help.
I used some parts and ideas in the build up which were very helpful to me.
Sorry to be so long in coming back but the hard disc failure rather set me back more than I wanted.
Regards
John
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setting up License Manager for WooCommerce 2 66
In BackOffice orders appears Bank Transfer instead Paypal 1 41
WEB Farm 6 64
contractual requirements for app hosting 3 80
Learn by example how to specify CSS selectors for Selenium WebDriver test automation software.
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now