• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 433
  • Last Modified:

PayPal Recurring Payments API

Hi all,

I am creating an IPNhandler which will handle all subscription requests to my site from the following link;


I am looking to create a tester aspx page for invoking the handler (i.e. from my admin I will have a page where I will send the page the variables to mimic an IPN).

I have the following questions hopefully someone can clarify;

1. From looking at the link obviously there are many fields some of which seem to be unique to the IPNs sent. Should I capture and store all information or just some relevant fields and a dump of the entire querystring?

2. Could you let me know if I am missing any steps out here.

     a. When I create my listener obviously I need to verify it comes from paypal (which I will simply ignore for my test). I verify by appending '&cmd=_notify-validate' and returning the string back to paypal.
    b. I then need to verify that the IPN is meant for myself using the receiver_email field. (or should I use the receiver_id??).
    c. If it is verfied and meant for myself I will then process the IPN And save to my database. (should I link to my table using the payer_id as the unique reference?).

4. Can anyone recommend how I should handle non-verified request? i.e. should I hold a seperate invalid table for storing these requests?

5. Can anyone recommend how I should handle request that are verified but not for myself (i.e. the receive_email is not mine).

Thanks for all the help in advance.

1 Solution
flynnyAuthor Commented:
just to add I have the following table.

txn_id      nchar(13)      Unchecked
recurring_payment_id      nchar(13)      Unchecked
UserId      uniqueidentifier      Checked
payer_id      nchar(13)      Checked
resend      bit      Checked
residence_country      nchar(2)      Checked
test_ipn      bit      Checked
verify_sign      nchar(10)      Checked
invoice      nchar(127)      Checked
next_payment_date      datetime      Checked
time_created      datetime      Checked
profile_status      nchar(100)      Checked
rp_invoice_id      nchar(127)      Checked
oustanding_balance      decimal(5, 2)      Checked
initial_payment_amount      decimal(5, 2)      Checked
payment_status      nchar(10)      Checked
payment_type      nchar(10)      Checked
payment_date      datetime      Checked
txn_type      nchar(100)      Checked
mc_gross      decimal(5, 2)      Checked
mc_fee      decimal(5, 2)      Checked
mc_currency      nchar(10)      Checked
payment_gross       decimal(5, 2)      Checked
currency_code      nchar(3)      Checked
payment decimal(5, 2)      Checked
amount      decimal(5, 2)      Checked
payer_email      nchar(100)      Checked
return_dump      text      Checked

Could anyone also give me the difference between the following fields (I am struggling to find this on the Paypal website).

amount, payment and payment_gross and mc_gross? are these all the same?
Gary DavisDir Internet SvcsCommented:
You can grab the IPN message received or from the IPN in the IPN History on PayPal's site and re-POST it to your IPN handler to test it. Use the same IPN over and over if you want. It actually works pretty good. The first thing you do in the IPN handler it so verify the IPN message by calling back to PayPal and this will succeed using the copied IPN message.

When I test my IPN handler on my localhost, it is impossible for PayPal to get the IPN to me since it is localhost so I have the IPN actually sent to a "dummy" IPN handler that just logs the received IPN messages to a database.

I can then get that IPN Message and post it (simply copy/paste) with a small utility to my localhost IPN Handler and it works just as if PayPal had sent it to my handler. The "small utility" is actually a web page on my localhost that has a textbox to accept the pasted message and with a button, does an ajax post to the localhost IPN handler.

1. Capture and log the entire querystring so you can re-submit it if needed
2b. Use receiver_email
2c. Use the PayPal transaction ID as your reference, not payer ID
4. If the IPN does not verify, something is wrong with the IPN so don't trust it. Send yourself an email. This should virtually never happen. Make sure you get your IPN using a binary read so foreign characters don't cause a problem.
5. If it verifies, and not for you, again, it should virtually never happen so email/log it.

Gary Davis
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now