Solved

Paypal Payment Methods

Posted on 2016-09-06
9
33 Views
Last Modified: 2016-09-07
What is a paypal payment method that allows payment with a credit card.

Apparently buttons do NOT allow that.

Please provide a link to docs that explain how to set up such a method from a developer viewpoint.

That is, I want to control the programming PRIOR to going to PayPal to pay & get control BACK afterwards with a code or passed parameter or ??? to tell me what has happened.

It seems like (maybe) IPN is what I want to do.

I see a whole bunch of samples, etc., about all the backend code, but NOTHING about the form page where the user specified the credit card info, where the $ amount is expected to be., etc.

Need that too. Hello!!
0
Comment
Question by:Richard Korts
  • 6
  • 3
9 Comments
 
LVL 11

Accepted Solution

by:
Andrew Angell earned 500 total points
Comment Utility
Payments Standard (buttons) allow for what they call "guest checkout" which is where people can enter a credit card without creating or logging into an account, however, it's not always very obvious to users that this is an option.

Express Checkout allows you to force the guest checkout so that it's more obvious to users, but the payment process still takes place at PayPal's checkout pages.

If you want to process credit cards directly on your site without any redirect to PayPal then you'll need to use Payments Pro or the REST APIs with direct credit card enabled.

Express Checkout, Payments Pro, and REST all use APIs, so they would require back-end coding as opposed to simple HTML forms.

I typically recommend using IPN regardless of how you're integrating payments, or in the case of the REST API they call it Webhooks.  It's just a good way to automate different tasks based on different types of transactions that hit your account (ie. payments, refunds, disputes, etc.)
0
 

Author Comment

by:Richard Korts
Comment Utility
Andrew,

Where can I find DETAILED documentation on how to set up IPN & how to correctly interface with it from a custom php site?

It's amazing how difficult it is to find this information.
0
 

Author Comment

by:Richard Korts
Comment Utility
I must be completely looking at this in the wrong way.

I fond this: https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNandPDTVariables/

NOWHERE in there is there a variable that specifies the credit card number.

That's NUTS!!!
0
 
LVL 11

Expert Comment

by:Andrew Angell
Comment Utility
IPN is a post transaction processing solution.  It's not going to include any sensitive credit card details for security purposes.  There's no reason for you to ever be handling or saving credit card details at that point.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:Richard Korts
Comment Utility
So let's assume I have a form with a button (I have NO CLUE) if this is a PayPal button or my own. Or if it matters.

The rest of the fields are hidden, containing the item, the amount, & other things. I think I have figured out enough to get started.

Based on your last response, I'm guessing if I interface with PayPal correctly, they will get the credit card # from the customer.

What I am not clear on is if the action page on the form is the so called "listener" page (sample in code) or some other page that I cannot find a sample of ANYWHERE.

Still amazed that PayPal can be Sooooooooooooo hard to interact with.

<?php

// CONFIG: Enable debug mode. This means we'll log requests into 'ipn.log' in the same directory.
// Especially useful if you encounter network errors or other intermittent problems with IPN (validation).
// Set this to 0 once you go live or don't require logging.
define("DEBUG", 1);

// Set to 0 once you're ready to go live
define("USE_SANDBOX", 1);


define("LOG_FILE", "./ipn.log");


// Read POST data
// reading posted data directly from $_POST causes serialization
// issues with array data in POST. Reading raw POST data from input stream instead.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
	$keyval = explode ('=', $keyval);
	if (count($keyval) == 2)
		$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
	$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
	if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
		$value = urlencode(stripslashes($value));
	} else {
		$value = urlencode($value);
	}
	$req .= "&$key=$value";
}

// Post IPN data back to PayPal to validate the IPN data is genuine
// Without this step anyone can fake IPN data

if(USE_SANDBOX == true) {
	$paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
	$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
}

$ch = curl_init($paypal_url);
if ($ch == FALSE) {
	return FALSE;
}

curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);

if(DEBUG == true) {
	curl_setopt($ch, CURLOPT_HEADER, 1);
	curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
}

// CONFIG: Optional proxy configuration
//curl_setopt($ch, CURLOPT_PROXY, $proxy);
//curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);

// Set TCP timeout to 30 seconds
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));

// CONFIG: Please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path
// of the certificate as shown below. Ensure the file is readable by the webserver.
// This is mandatory for some environments.

//$cert = __DIR__ . "./cacert.pem";
//curl_setopt($ch, CURLOPT_CAINFO, $cert);

$res = curl_exec($ch);
if (curl_errno($ch) != 0) // cURL error
	{
	if(DEBUG == true) {	
		error_log(date('[Y-m-d H:i e] '). "Can't connect to PayPal to validate IPN message: " . curl_error($ch) . PHP_EOL, 3, LOG_FILE);
	}
	curl_close($ch);
	exit;

} else {
		// Log the entire HTTP response if debug is switched on.
		if(DEBUG == true) {
			error_log(date('[Y-m-d H:i e] '). "HTTP request of validation request:". curl_getinfo($ch, CURLINFO_HEADER_OUT) ." for IPN payload: $req" . PHP_EOL, 3, LOG_FILE);
			error_log(date('[Y-m-d H:i e] '). "HTTP response of validation request: $res" . PHP_EOL, 3, LOG_FILE);
		}
		curl_close($ch);
}

// Inspect IPN validation result and act accordingly

// Split response headers and payload, a better way for strcmp
$tokens = explode("\r\n\r\n", trim($res));
$res = trim(end($tokens));

if (strcmp ($res, "VERIFIED") == 0) {
	// check whether the payment_status is Completed
	// check that txn_id has not been previously processed
	// check that receiver_email is your PayPal email
	// check that payment_amount/payment_currency are correct
	// process payment and mark item as paid.

	// assign posted variables to local variables
	//$item_name = $_POST['item_name'];
	//$item_number = $_POST['item_number'];
	//$payment_status = $_POST['payment_status'];
	//$payment_amount = $_POST['mc_gross'];
	//$payment_currency = $_POST['mc_currency'];
	//$txn_id = $_POST['txn_id'];
	//$receiver_email = $_POST['receiver_email'];
	//$payer_email = $_POST['payer_email'];
	
	if(DEBUG == true) {
		error_log(date('[Y-m-d H:i e] '). "Verified IPN: $req ". PHP_EOL, 3, LOG_FILE);
	}
} else if (strcmp ($res, "INVALID") == 0) {
	// log for manual investigation
	// Add business logic here which deals with invalid IPN messages
	if(DEBUG == true) {
		error_log(date('[Y-m-d H:i e] '). "Invalid IPN: $req" . PHP_EOL, 3, LOG_FILE);
	}
}

?>

Open in new window

0
 
LVL 11

Expert Comment

by:Andrew Angell
Comment Utility
The HTML form based payment you are talking about is called Payments Standard.  As I mentioned in my original answer, this does support credit card payments through a PayPal account or with guest checkout, but guest checkout is not obvious to buyers so it's not ideal.

PayPal offers other products to process credit cards directly and make it obvious to buyers that they can pay that way, but these all involve some sort of API integration as opposed to simple HTML forms.

For example, Payments Pro, Payments Advanced, Payments Plus, and REST would all allow you to process credit cards directly, but each would do it in a slightly different way.  You would need to figure out which way best suits your needs, which is a little hard for me to do for you in this broad thread.

I always prefer going with Express Checkout and Payments Pro, so that is what I would recommend.  Again, though, that's going to require API integration.  Not just HTML forms.

IPN is an entirely separate thing.  It does not have anything to do with the payment itself at all.  You would NOT set the action of your HTML form button to the IPN listener.  No matter what payment product you choose you could use IPN to handle the post-transaction data processing automatically.  It's a very powerful tool, but it comes after you have the payments themselves working the way you want.
0
 

Author Comment

by:Richard Korts
Comment Utility
All right, forget IPN.

If I am using a STANDARD button (I just found out from a test), it does allow me to use a credit card; as you say, doesn't make it easy.

I gave it a "return" form value; it returns to the page I specified, but only after a rigamarole.

(1) Can I force it to return automatically?

(2) How can I tell if payment succeeded or not?
0
 

Author Comment

by:Richard Korts
Comment Utility
I figured out the force auto return
0
 

Author Closing Comment

by:Richard Korts
Comment Utility
I am awarding points because of your effort. The question as I posed it was NOT answered.

Richard
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Marketing can be an uncomfortable undertaking, especially if your material is technology based. Luckily, we’ve compiled some simple and (relatively) painless tips to put an end to your trepidation and start your path to success.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now