Solved

PayPal IPN with subscription option

Posted on 2009-04-05
6
566 Views
Last Modified: 2013-11-29
Hi,

I am developing a member site (PHP) where we will be taking subscription payments from users. For this, we are using PayPal - to which I am new to. Have set up the sandbox test accounts, and have set the IPN option and specifiied a url.

Now I want to test the IPN and set up tables in my database to save information each order/subscription.

Am finding the PayPal documentation is lacking, and have looked into various classes which can handle the IPN posts. All without success! I see there have been some posts here on the subject, but am still struggling.

If I am using a IPN script do I need to set the IPN url in the sandbox at all?

We would also need to deal with unsubscribes in any IPN script.

Many thanks,

Daisy
0
Comment
Question by:daisydoos
  • 3
  • 2
6 Comments
 
LVL 14

Accepted Solution

by:
EMB01 earned 250 total points
ID: 24071221
To use the PayPal IPN, try following these steps:
1.) Use the code sample located at the following link (also attached):
http://www.paypal.com/cgi-bin/webscr?cmd=p/pdn/ipn-codesamples-pop-outside#php
2.) Modify the code to connect to your database and retrieve your variables.
3.) Utilize the following link's list of IPN variables; specifically, the "txn_type" variable as this will determine whether your product is a subscription or not:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_admin_IPNReference
4.) Update your database according to the information PayPal sends you via the IPN.

If you have any questions about these steps, let me know and I can help you in greater detail. This is the general process, however. Good luck!
// read the post from PayPal system and add 'cmd'

$req = 'cmd=_notify-validate';
 

foreach ($_POST as $key => $value) {

$value = urlencode(stripslashes($value));

$req .= "&$key=$value";

}
 

// post back to PayPal system to validate

$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";

$header .= "Content-Type: application/x-www-form-urlencoded\r\n";

$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";

$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
 

// assign posted variables to local variables

$item_name = $_POST['item_name'];

$item_number = $_POST['item_number'];

$payment_status = $_POST['payment_status'];

$payment_amount = $_POST['mc_gross'];

$payment_currency = $_POST['mc_currency'];

$txn_id = $_POST['txn_id'];

$receiver_email = $_POST['receiver_email'];

$payer_email = $_POST['payer_email'];
 

if (!$fp) {

// HTTP ERROR

} else {

fputs ($fp, $header . $req);

while (!feof($fp)) {

$res = fgets ($fp, 1024);

if (strcmp ($res, "VERIFIED") == 0) {

// check the payment_status is Completed

// check that txn_id has not been previously processed

// check that receiver_email is your Primary PayPal email

// check that payment_amount/payment_currency are correct

// process payment

}

else if (strcmp ($res, "INVALID") == 0) {

// log for manual investigation

}

}

fclose ($fp);

}

Open in new window

0
 
LVL 108

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 24072467
Daisy: You might want to check something carefully before you go too far down this path.  I looked into this about two years ago and it may have changed since that time, but I think I should mention it to you now anyway.  

At that time the ONLY way you could make a recurring subscription payment with PayPal was if you had a PayPal account - in other words, you could not subscribe with a credit card.  That was a deal-breaker for us, since we had many credit card clients but far fewer PayPal clients.

In the end, we chose to take a one-time payment and manage the requirement for recurring subscription payments ourselves, sending notes to remind clients of the need to renew the subscription.  It was a nuisance, but it was one of the key items in the decision tree.  

Good luck with it, ~Ray
0
 

Author Comment

by:daisydoos
ID: 24075504
Hi guys,

Many thanks for your comments - i have loads on but will let you know how I get on.

Ray - the option is there to pay by credit card in the sandbox with the subscription option - but I don't know yet if it does work. Will confirm this with them... if it doesn't, hope they will remove the link to pay by cc!

Cheers,

Daisy
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 108

Expert Comment

by:Ray Paseur
ID: 24110273
Hi, Daisy, and thanks for your post.  When you have a chance, please post a link to the example of subscription payment by credit card.  It would be VERY USEFUL to see this in action!

Many thanks, ~Ray
0
 

Author Comment

by:daisydoos
ID: 24113605
Hi Ray and EMB01,

I have got the IPN working - using the script provided by PayPal as a basis - discovered yesterday that the reason why there was no success when testing from the website in the sandbox, was due to the fact it was down for IPN testing! Great! Anyway, appreciate your help.  

Ray, when I spoke to them about this (subs by cc), was told that the user IS asked to provide a password when they use their card - effectively forcing them to create an account. Havent had a chance to test this out given the issues I've been describing. Not great I know, but for the time being it'll have to do.

Cheers,

Daisy
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 24115541
Thanks, Daisy!  Good luck with it, ~Ray
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
The viewer will learn how to dynamically set the form action using jQuery.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now