centenial Posted October 9, 2006 Share Posted October 9, 2006 Hi,Is there a way to pass 'additional' information to PayPal? (for example, a 'username' or 'password' that the customer filled out before clicking the 'add to cart' button?)I've heard of something called PayPal IPN.... would that do it?Any help would be appreciated. Quote Link to comment https://forums.phpfreaks.com/topic/23464-paypal-ipn/ Share on other sites More sharing options...
obsidian Posted October 9, 2006 Share Posted October 9, 2006 yes, paypal's IPN (Instant Payment Notification) would allow you to send additional information (limited number of fields, i believe) through to the paypal server which would then be sent back to your script. now, keep in mind that if you're passing name and password, you're really opening yourself up to some security issues. you never want to pass username/password combinations across servers if at all possible. you can come up with some sort of hash that you can pass and then compare when a user purchase is sent back, though. that's typically a bit safer.good luck! Quote Link to comment https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106478 Share on other sites More sharing options...
centenial Posted October 10, 2006 Author Share Posted October 10, 2006 Thanks,I've been able to get the IPN working (sort of) - It passes everything through fine except for the custom fields. [code]<?php// Read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate';foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value";} // Post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30); // Assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $amount_paid = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $pp_account = $_POST['receiver_email']; $email = $_POST['payer_email']; $username = $_POST['username']; $password = $_POST['password']; $num_days = $_POST['num_days']; $order_date = time(); /* if ($item_name == "Internet Access - 1 Day") { $num_days = "1"; } elseif ($item_name == "Internet Access - 7 Days") { $num_days = "7"; } elseif ($item_name == "Internet Access - 30 Days") { $num_days = "30"; } */ if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { // check the payment_status is Completed // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment // Insert into DB include 'includes/common.php'; dbconn(); // Connect to the database $sql = "SELECT * FROM accounts WHERE pp_account = '$pp_account'"; $res = mysql_query($sql); while ($row = mysql_fetch_array($res)) { $business = $row['id']; } $sql = "INSERT INTO user ( business, username, password, email, order_date, txn_id, amount_paid, num_days, mac_addr ) VALUES ( '$business', '$username', '$password', '$email', '$order_date', '$txn_id', '$amount_paid', '$num_days', '' )"; $res = mysql_query($sql); } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation } } fclose ($fp); }?>[/code]Can anyone see anything wrong here? The custom fields are 'username', 'password', and 'num_days'.Thanks. Quote Link to comment https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106589 Share on other sites More sharing options...
obsidian Posted October 10, 2006 Share Posted October 10, 2006 it's hard to know exactly what to tell you without knowing how your form is set up, but additional information you are passing should be done so through a "custom" field. [url=http://www.paypaldev.org/topic.asp?TOPIC_ID=13376]here is a discussion[/url] on passing multiple values through a single custom field that should help. Quote Link to comment https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106765 Share on other sites More sharing options...
Ninjakreborn Posted October 10, 2006 Share Posted October 10, 2006 ah yes, paypal, the epitome of all evil. This was my biggest challenge, there are a few way's to do this.One way I started doing, was using sessions, I simply register a bunch of sessions on the last page before payment, then do all my data work on the thankyou page, and leave a note they have to come back to the site, or they don't get what they pay for. WHen it comes to the actual ipn, I couldn't get it to work, It was easy setting up ipn, but fighting with there optional parameters, really isn't worth it. Quote Link to comment https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106771 Share on other sites More sharing options...
HuggieBear Posted October 10, 2006 Share Posted October 10, 2006 Can you not insert all the data into your database first, including a uniqueID of some kind, then pass the unique ID to PayPal in the optional field. When PayPal returns that field, along with the notification of APPROVED or whatever it is they do, then you can use the uniqueID to get all the information that you need back from the database?Why not just process it first, why post the information to PayPal at all?RegardsHuggie Quote Link to comment https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106775 Share on other sites More sharing options...
Daniel0 Posted October 10, 2006 Share Posted October 10, 2006 If you need to test your application without dealing with real money, you can use the [url=https://developer.paypal.com/]PayPal Developer Central[/url]. Quote Link to comment https://forums.phpfreaks.com/topic/23464-paypal-ipn/#findComment-106781 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.