steva
asked on
PHP interface with PayPal Express
I have a textbox on my page where a user can enter URLs that they would like QR codes for.The format is one URL per line. The HTML separates the URLs nicely for me with a \r\ after each one. The problem is getting these in the return_url that PayPal calls to get back to may site after approving the transaction. I build a return URL for PayPal to use that has the contents of the textara as one parameter called "instructions" and I can see the %0D%0A in the characters so I know I'm sending these to PayPal. But when PayPal calls me back with the return_url the \r\n characters are gone and I'm not able to separate out the URLs in the instructions parameter., other than looking for 'www' etc.
A normal software solution would be to save the URLs away before the transfer to another piece of software and get them back from there when you're called back, but with web programing, there's no place to store them away, other than a database or a file. Cookies aren't going to work when it's PayPal your communicating with.
Just wondering if someone else has run into this and has some thoughts on it.
Thanks.
A normal software solution would be to save the URLs away before the transfer to another piece of software and get them back from there when you're called back, but with web programing, there's no place to store them away, other than a database or a file. Cookies aren't going to work when it's PayPal your communicating with.
Just wondering if someone else has run into this and has some thoughts on it.
Thanks.
Dave Baldwin
Almost everyone uses a database for these things. Is there a reason you don't want to?
It sounds like several questions.
You need QR codes, right? I can give you an answer here. Please copy the code and install your own version (not sure how much load the church servers can handle).
http://nationalpres.org/qr_code.php
You need to get several lines from a textarea. You can use explode(PHP_EOL, $textarea) to get the lines separated. Use trim() to get rid of the unwanted whitespace characters. Feed the QR code requests to Google one at a time.
Not sure where PayPal fits into this... You can get the QR codes free from Google as the script shows.
You need QR codes, right? I can give you an answer here. Please copy the code and install your own version (not sure how much load the church servers can handle).
http://nationalpres.org/qr_code.php
You need to get several lines from a textarea. You can use explode(PHP_EOL, $textarea) to get the lines separated. Use trim() to get rid of the unwanted whitespace characters. Feed the QR code requests to Google one at a time.
Not sure where PayPal fits into this... You can get the QR codes free from Google as the script shows.
<?php // qr_code.php
error_reporting(E_ALL);
// GENERATE QR CODE IMAGES
// SEE http://code.google.com/apis/chart/infographics/docs/qr_codes.html
// SEE http://www.mediapost.com/publications/article/160932/qr-malware-surfaces-on-apps.html
// THE DIRECTORY FOR THE QR CODES
$dir = 'qr_codes';
$s = "144";
if (!empty($_GET["size"]))
{
$s = strtoupper(trim($_GET["size"]));
switch($s)
{
case "S" : $s = 72; break;
case "M" : $s = 144; break;
case "L" : $s = 288; break;
case "G" : $s = 547; break; // LARGEST FROM TESTS ON 2011-10-20
}
}
$chs = $s . 'x' . $s;
// IF THERE IS DATA
$q = NULL;
if (!empty($_GET["q"]))
{
$q = $_GET["q"];
// MAKE A FILE NAME
$f = $q;
$f = preg_replace('#[^ A-Z0-9/:?&\+\.]#i', NULL, $f);
$f = str_replace(' ', '_', $f);
$f = preg_replace('#[^A-Z0-9]#i', '_', $f);
$f = preg_replace('#_+#', '_', $f);
// CALL THE QR CODER
$url
= 'https://chart.googleapis.com/chart?'
. 'cht=qr' // CREATE A QR CODE
. '&'
. "chs=$chs" // PIXEL DIMENSIONS (SQUARE)
. '&'
. 'chld=Q' // QUALITY ERROR RECOVERY MEANS UP TO 67 ALPHA-NUMERICS
. '&'
. 'chl=' // THE URLENCODED STRING
. urlencode($q);
;
$qrc = file_get_contents($url);
// WRITE THE IMAGE
$lnk = $dir . DIRECTORY_SEPARATOR . "QR_CODE_$f" . '.png';
file_put_contents($lnk, $qrc);
// CONSTRUCT THE RESPONSE
$txt = htmlentities($q);
$out = <<<OUT
<p>Voila! Here is the QR code for <b>$txt</b></p>
<p><img src="$lnk" title="$f" /></p>
<p>Right-click and save the image, or use this: <a target="_blank" href="$lnk">$f.png</a></p>
OUT;
echo $out;
}
$form = <<<FORM
Enter up to 67 characters to see the QR code (maybe a URL?)
<form>
<input type="text" name="q" value="$q" size="67" style="font-family:Courier;" /><br/>
<input type="radio" name="size" value="S" />Small (probably too small)<br/>
<input type="radio" name="size" value="M" />Medium (probably just right)<br/>
<input type="radio" name="size" value="L" />Large<br/>
<input type="radio" name="size" value="G" />Gigantic<br/>
<input type="submit" value="Get QR code" />
</form>
FORM;
echo $form;ASKER
Dave,
No, there's no reason not to use a database. I have one already set up for the site so another table would be easy. .But one difficulty I see with using a database is that it's common to the site. The URLs someone enters into in the HTML textarea are specific to one of possibly many people using the site concurrently, each entering a different set of URLs into their textarea for me to encode, so the $instructions variable I save in a database would have to be somehow tagged as belonging to this particular user. While, if I could just get the $instructions to come back from PayPal with the \r\n in tact I could use them directly and I would know they're for this particular user.
I think I'll just rebuild the $instructions with \r\n by exploding the $instructions returned by PayPal at 'www' and then add back in 'http://www' before each array element and add "\r\n" after it. Something like below:
Ray,
Yes, I know you can get QR codes on the web for free, but the client I program for has an established bar code business and business people (i.e., non technical) who already trust him for bar codes are glad to pay a small fee for QR codes, rather than strike out on their own to try to find something cheaper on the web. That's where PayPal comes in.
My problem isn't generating the QR codes from a URL. I already have PHP software that does that fine. My problem is getting the URL list back from PayPal with the \r\n separators in tact.
No, there's no reason not to use a database. I have one already set up for the site so another table would be easy. .But one difficulty I see with using a database is that it's common to the site. The URLs someone enters into in the HTML textarea are specific to one of possibly many people using the site concurrently, each entering a different set of URLs into their textarea for me to encode, so the $instructions variable I save in a database would have to be somehow tagged as belonging to this particular user. While, if I could just get the $instructions to come back from PayPal with the \r\n in tact I could use them directly and I would know they're for this particular user.
I think I'll just rebuild the $instructions with \r\n by exploding the $instructions returned by PayPal at 'www' and then add back in 'http://www' before each array element and add "\r\n" after it. Something like below:
$urlArr = explode('www', $instructions);
$instructions = NULL;
for($i=1; $i<count($urlArr); $i++) {
$instructions .= ('http://www' . $urlArr[$i] . "\r\n");
}Ray,
Yes, I know you can get QR codes on the web for free, but the client I program for has an established bar code business and business people (i.e., non technical) who already trust him for bar codes are glad to pay a small fee for QR codes, rather than strike out on their own to try to find something cheaper on the web. That's where PayPal comes in.
My problem isn't generating the QR codes from a URL. I already have PHP software that does that fine. My problem is getting the URL list back from PayPal with the \r\n separators in tact.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for responding guys. I always learn something from your posts.
Dave,
Yes, you're right, of course. And I already have a record for this customer. I could put the textarea string, while it still has the CRLFs between each URL, in a VARCHAR. and just pass the customer's database index ('orderId') to PayPal, which should come back fine. But theoretically, the list of URL is unlimited, so how long do I make the VARCHAR? It still seems cleaner if I can just pass the list to PayPal and get it back without corruption.
I wasn't aware of PHP's serialize functions. These seem to be provided to serialize complex objects like arrays and objects so you can store them anywhere as a string. I'm already starting with a string. It's not obvious what serializing it would do for me.
Ray,
No, I don't think so. I think \r\n is an HTML thing. Hitting Enter while you're typing into a textarea inserts \r\n. Or are you saying that HTML may act differently depending on what machine it's running on? That would be a pain, if Windows users sent me \r\n while Mac and Linux users sent me \n.
Yes, that's it exactly.
Yes,all true, but it seems like it's a bit messy putting an unlimited list of items (the URLs) into a database record. Would you use a big VARCHAR? Would you create a separate table and have a row for each URL? It's seems much cleaner if I can just send the list off to PayPal and get it back in good shape.
Almost. I generate png images of the QR codes and attach them to an email to the customer.
We sell the QR codes. The pay form has a place for credit card information and has the textarea element to enter the URLs to encode. When I get the form I process the card before I generate and send the QR codes.
I assume you're talking about the PayPal type buttons. I'm using the PayPal Pro API, which doesn't use PayPal buttons. With this interface the user can use a credit card to pay without ever knowing that PayPal is processing the card. Or the user can pay with their PayPal account. The backend PHP communicates with PayPal via cURL.
Dave,
"Virtually all eCommerce databases are common to their site. You always have to identify the customer that goes with the data."
Yes, you're right, of course. And I already have a record for this customer. I could put the textarea string, while it still has the CRLFs between each URL, in a VARCHAR. and just pass the customer's database index ('orderId') to PayPal, which should come back fine. But theoretically, the list of URL is unlimited, so how long do I make the VARCHAR? It still seems cleaner if I can just pass the list to PayPal and get it back without corruption.
I wasn't aware of PHP's serialize functions. These seem to be provided to serialize complex objects like arrays and objects so you can store them anywhere as a string. I'm already starting with a string. It's not obvious what serializing it would do for me.
Ray,
"You do not want to assume that http://www is something your programming can find and mess with. "Yes, you're probably right. Not every URL has 'www' and it's conceivable that some URL could use 'www' again in the text.
"The \r\n construct is, IIRC, a windows-only thing."
No, I don't think so. I think \r\n is an HTML thing. Hitting Enter while you're typing into a textarea inserts \r\n. Or are you saying that HTML may act differently depending on what machine it's running on? That would be a pain, if Windows users sent me \r\n while Mac and Linux users sent me \n.
"If I understand your application correctly, a client will put several URLs into a textarea and submit them to your application. The URLS will be separated by whitespace (blanks, tabs, or newline characters) They will get several QR codes back - one for each of the URLs. Is my thinking clear so far?"
Yes, that's it exactly.
"It's my sense that you can take the list of URLs from the textarea, put them into a data base table and get back a key after inserting the row. You can use this key in the call to PayPal. It might make a good "Item Number" field. Once your script has received the payment-complete signal from PayPal, you can look up the list of URLs in the data base using the key that you passed in the Item Number."
Yes,all true, but it seems like it's a bit messy putting an unlimited list of items (the URLs) into a database record. Would you use a big VARCHAR? Would you create a separate table and have a row for each URL? It's seems much cleaner if I can just send the list off to PayPal and get it back in good shape.
"You can convert them to QR-codes and present a page with the URLs and the QR codes, or you can email links to the QR codes. Is that set of assumptions correct?"
Almost. I generate png images of the QR codes and attach them to an email to the customer.
"If that part is right, please tell me where you fit PayPal into the mix. My guess is that you would have a page that acquires the URLs, then a page with a "buy now" button, but that is only a guess. "
We sell the QR codes. The pay form has a place for credit card information and has the textarea element to enter the URLs to encode. When I get the form I process the card before I generate and send the QR codes.
"Let us know if you are using dynamic or encrypted buttons."
I assume you're talking about the PayPal type buttons. I'm using the PayPal Pro API, which doesn't use PayPal buttons. With this interface the user can use a credit card to pay without ever knowing that PayPal is processing the card. Or the user can pay with their PayPal account. The backend PHP communicates with PayPal via cURL.
"I think \r\n is an HTML thing." Nope, OS thing. Windows uses '\r\n', Unix/Linux uses '\n', and Mac uses '\r' and that will be shown in most things done on those machines. That's the reason for the PHP_EOL constant.
Getting rid of the line endings and replacing them with a delimiter will prevent the Paypal code from splitting up the data you send them. You will then get it back the way you sent it. Maybe.
If you were posting it to some of my sites, any active URLs have at least the 'http://' stripped off to prevent them from being active links. That's a defensive measure to keep my customers from accidentally clicking on spam URLs that people post at times.
I limit the number of characters in a textarea both on entry and when POSTed as another spam defense. A VARCHAR in your database only needs to be as large as your customers will legitimately enter or ask for. In practical terms, it's not unlimited.
Getting rid of the line endings and replacing them with a delimiter will prevent the Paypal code from splitting up the data you send them. You will then get it back the way you sent it. Maybe.
If you were posting it to some of my sites, any active URLs have at least the 'http://' stripped off to prevent them from being active links. That's a defensive measure to keep my customers from accidentally clicking on spam URLs that people post at times.
I limit the number of characters in a textarea both on entry and when POSTed as another spam defense. A VARCHAR in your database only needs to be as large as your customers will legitimately enter or ask for. In practical terms, it's not unlimited.
Hmm.. Seems we have morphed from a question to an application development requirement. But a big "varchar" makes sense to me. So does putting a limit on the size of the QR code URLs and the URL list (the length matters -- it affects the error recovery, etc.)
Suggest you post the URL of this web application here so we can look at it in action and but a QR code from it. We may have some suggestions to make the best of it.
Suggest you post the URL of this web application here so we can look at it in action and but a QR code from it. We may have some suggestions to make the best of it.
We 'morph' a lot around here....
Yeah, Dave. Me especially!
Merry Christmas, ~Ray
Merry Christmas, ~Ray
ASKER
'Sorry. I didn't mean to morph, but Ray, you asked for more detail so I provided it. I'm going to move on with a delimiter that PayPal doesn't swallow up: 'http://' I'll make sure this is in front of every URL and use it to explode on when the string comes back from PayPal.
Before wrapping this up, though, I would like try to get a bit more clarification on the textarea EOL questiion. Dave, when I said I thought it was an HTML thing you said, " Nope, OS thing: Windows uses '\r\n', Unix/Linux uses '\n', and Mac uses '\r' and that will be shown in most things done on those machines. That's the reason for the PHP_EOL constant."
First, the PHP_EOL constant only applies to servers, since that's the only place PHP is executed. I'm dealing with people sitting at their desktop or laptop at home, hitting Enter as they put in multiple URLs for me to encode. What is THAT EOL going to look like? That's the question. I can say with certainty that when a Mac fills in the textarea in the form and hits the return key to enter multiple URLs, I receive the characrters 13 10 at the end of each URL, exactly the same as i receive when a Windows machine fills in the textarea. That's why I say it's an HTML thing. The browsers have standardized this, independent of what the host OS running the browser might want to do.
Before wrapping this up, though, I would like try to get a bit more clarification on the textarea EOL questiion. Dave, when I said I thought it was an HTML thing you said, " Nope, OS thing: Windows uses '\r\n', Unix/Linux uses '\n', and Mac uses '\r' and that will be shown in most things done on those machines. That's the reason for the PHP_EOL constant."
First, the PHP_EOL constant only applies to servers, since that's the only place PHP is executed. I'm dealing with people sitting at their desktop or laptop at home, hitting Enter as they put in multiple URLs for me to encode. What is THAT EOL going to look like? That's the question. I can say with certainty that when a Mac fills in the textarea in the form and hits the return key to enter multiple URLs, I receive the characrters 13 10 at the end of each URL, exactly the same as i receive when a Windows machine fills in the textarea. That's why I say it's an HTML thing. The browsers have standardized this, independent of what the host OS running the browser might want to do.
You may be right. I can't find anything definitive.
ASKER
OK. That's it. Thanks to both of you for the interesting discussion. I split the points.
Merry Christmas!
Merry Christmas!