PayPal Recurring Payments API

Posted on 2014-04-11
Last Modified: 2016-03-24
Hi all,

I am creating an IPNhandler which will handle all subscription requests to my site from the following link;

I am looking to create a tester aspx page for invoking the handler (i.e. from my admin I will have a page where I will send the page the variables to mimic an IPN).

I have the following questions hopefully someone can clarify;

1. From looking at the link obviously there are many fields some of which seem to be unique to the IPNs sent. Should I capture and store all information or just some relevant fields and a dump of the entire querystring?

2. Could you let me know if I am missing any steps out here.

     a. When I create my listener obviously I need to verify it comes from paypal (which I will simply ignore for my test). I verify by appending '&cmd=_notify-validate' and returning the string back to paypal.
    b. I then need to verify that the IPN is meant for myself using the receiver_email field. (or should I use the receiver_id??).
    c. If it is verfied and meant for myself I will then process the IPN And save to my database. (should I link to my table using the payer_id as the unique reference?).

4. Can anyone recommend how I should handle non-verified request? i.e. should I hold a seperate invalid table for storing these requests?

5. Can anyone recommend how I should handle request that are verified but not for myself (i.e. the receive_email is not mine).

Thanks for all the help in advance.

Question by:flynny

Author Comment

ID: 39994085
just to add I have the following table.

txn_id      nchar(13)      Unchecked
recurring_payment_id      nchar(13)      Unchecked
UserId      uniqueidentifier      Checked
payer_id      nchar(13)      Checked
resend      bit      Checked
residence_country      nchar(2)      Checked
test_ipn      bit      Checked
verify_sign      nchar(10)      Checked
invoice      nchar(127)      Checked
next_payment_date      datetime      Checked
time_created      datetime      Checked
profile_status      nchar(100)      Checked
rp_invoice_id      nchar(127)      Checked
oustanding_balance      decimal(5, 2)      Checked
initial_payment_amount      decimal(5, 2)      Checked
payment_status      nchar(10)      Checked
payment_type      nchar(10)      Checked
payment_date      datetime      Checked
txn_type      nchar(100)      Checked
mc_gross      decimal(5, 2)      Checked
mc_fee      decimal(5, 2)      Checked
mc_currency      nchar(10)      Checked
payment_gross       decimal(5, 2)      Checked
currency_code      nchar(3)      Checked
payment decimal(5, 2)      Checked
amount      decimal(5, 2)      Checked
payer_email      nchar(100)      Checked
return_dump      text      Checked

Could anyone also give me the difference between the following fields (I am struggling to find this on the Paypal website).

amount, payment and payment_gross and mc_gross? are these all the same?
LVL 18

Accepted Solution

Gary Davis earned 500 total points
ID: 39996704
You can grab the IPN message received or from the IPN in the IPN History on PayPal's site and re-POST it to your IPN handler to test it. Use the same IPN over and over if you want. It actually works pretty good. The first thing you do in the IPN handler it so verify the IPN message by calling back to PayPal and this will succeed using the copied IPN message.

When I test my IPN handler on my localhost, it is impossible for PayPal to get the IPN to me since it is localhost so I have the IPN actually sent to a "dummy" IPN handler that just logs the received IPN messages to a database.

I can then get that IPN Message and post it (simply copy/paste) with a small utility to my localhost IPN Handler and it works just as if PayPal had sent it to my handler. The "small utility" is actually a web page on my localhost that has a textbox to accept the pasted message and with a button, does an ajax post to the localhost IPN handler.

1. Capture and log the entire querystring so you can re-submit it if needed
2b. Use receiver_email
2c. Use the PayPal transaction ID as your reference, not payer ID
4. If the IPN does not verify, something is wrong with the IPN so don't trust it. Send yourself an email. This should virtually never happen. Make sure you get your IPN using a binary read so foreign characters don't cause a problem.
5. If it verifies, and not for you, again, it should virtually never happen so email/log it.

Gary Davis

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now