Jump to content


This topic is now archived and is closed to further replies.


PayPal IPN??

Recommended Posts


Is there a way to pass 'additional' information to PayPal? (for example, a 'username' or 'password' that the customer filled out before clicking the 'add to cart' button?)

I've heard of something called PayPal IPN.... would that do it?

Any help would be appreciated.

Share this post

Link to post
Share on other sites
yes, paypal's IPN (Instant Payment Notification) would allow you to send additional information (limited number of fields, i believe) through to the paypal server which would then be sent back to your script. now, keep in mind that if you're passing name and password, you're really opening yourself up to some security issues. you never want to pass username/password combinations across servers if at all possible. you can come up with some sort of hash that you can pass and then compare when a user purchase is sent back, though. that's typically a bit safer.

good luck!

Share this post

Link to post
Share on other sites

I've been able to get the IPN working (sort of) - It passes everything through fine except for the custom fields.


// Read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req   .= "&$key=$value";

// Post back to PayPal system to validate
$header   .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header   .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header   .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);

// Assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$amount_paid = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$pp_account = $_POST['receiver_email'];
$email = $_POST['payer_email'];
$username = $_POST['username'];
$password = $_POST['password'];
$num_days = $_POST['num_days'];
$order_date = time();

if ($item_name == "Internet Access - 1 Day") {
$num_days = "1";
} elseif ($item_name == "Internet Access - 7 Days") {
$num_days = "7";
} elseif ($item_name == "Internet Access - 30 Days") {
$num_days = "30";

if (!$fp) {
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
// check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment

// Insert into DB

include 'includes/common.php';
dbconn(); // Connect to the database

$sql = "SELECT * FROM accounts WHERE pp_account = '$pp_account'";
$res = mysql_query($sql);

while ($row = mysql_fetch_array($res)) {
$business = $row['id'];

$sql = "INSERT INTO user (
$res = mysql_query($sql);
} else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
fclose ($fp);

Can anyone see anything wrong here? The custom fields are 'username', 'password', and 'num_days'.


Share this post

Link to post
Share on other sites
it's hard to know exactly what to tell you without knowing how your form is set up, but additional information you are passing should be done so through a "custom" field. [url=http://www.paypaldev.org/topic.asp?TOPIC_ID=13376]here is a discussion[/url] on passing multiple values through a single custom field that should help.

Share this post

Link to post
Share on other sites
ah yes, paypal, the epitome of all evil.  This was my biggest challenge, there are a few way's to do this.

One way I started doing, was using sessions, I simply register a bunch of sessions on the last page before payment, then do all my data work on the thankyou page, and leave a note they have to come back to the site, or they don't get what they pay for.  WHen it comes to the actual ipn, I couldn't get it to work, It was easy setting up ipn, but fighting with there optional parameters, really isn't worth it.

Share this post

Link to post
Share on other sites
Can you not insert all the data into your database first, including a uniqueID of some kind, then pass the unique ID to PayPal in the optional field.  When PayPal returns that field, along with the notification of APPROVED or whatever it is they do, then you can use the uniqueID to get all the information that you need back from the database?

Why not just process it first, why post the information to PayPal at all?


Share this post

Link to post
Share on other sites
If you need to test your application without dealing with real money, you can use the [url=https://developer.paypal.com/]PayPal Developer Central[/url].

Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.