[ic] RE: PayPal working with IC (changed to pleeeaaase make a
PayPal mod)?
Julia Jacobs
interchange-users@interchange.redhat.com
Thu Feb 21 14:32:01 2002
On 2/21/02 1:49 PM, "Jim Balcom" <jim@idk-enterprises.com> wrote:
> Maybe it's just me, but I find that to be highly objectionable. I do have
> some customers that will submit an order and then go back and place another
> order of stuff that they forgot on the first order.
>
> I am afraid that if they had to go to PayPal's site that they might find a
> different source for the items that they forgot.
>
> -= Jim =-
With PayPal's perl/ASP/VB validation code in their .PDF is this really
necessary? Can't this be integrated into the checkout form somehow? If the
validation is taken care of within Interchange, why should the user have to
go to PayPal's site? PayPal even give's you the code to pre-populate the
customer's PayPal account info into the form so again - no reason to leave
the Interchange Shopping Cart web site. I've included some info if you
don't already have it. And please, forgive my lack of knowledge if I sound
like a total numskull. I just really want to see this thing happen.
PayPal's validation code:
perl:
#!/usr/local/bin/perl
# read the post from PayPal system and add 'cmd'
read (STDIN, $query, $ENV{'CONTENT_LENGTH'});
$query .= '&cmd=_notify-validate';
# post back to PayPal system to validate
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$req = new HTTP::Request 'POST','https://www.paypal.com/cgi-bin/webscr';
$req->content_type('application/x-www-form-urlencoded');
$req->content($query);
$res = $ua->request($req);
# split posted variables into pairs
@pairs = split(/&/, $query);
$count = 0;
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$variable{$name} = $value;
$count++;
}
# assign posted variables to local variables
$receiver_email = $variable{'receiver_email'};
$item_name = $variable{'item_name'};
$item_number = $variable{'item_number'};
$custom = $variable{'custom'};
$payment_status = $variable{'payment_status'};
$payment_date = $variable{'payment_date'};
$payment_gross = $variable{'payment_gross'};
$payment_fee = $variable{'payment_fee'};
$txn_id = $variable{'txn_id'};
$first_name = $variable{'first_name'};
$last_name = $variable{'last_name'};
$address_street = $variable{'address_street'};
$address_city = $variable{'address_city'};
$address_state = $variable{'address_state'};
$address_zip = $variable{'address_zip'};
$address_country = $variable{'address_country'};
$payer_email = $variable{'payer_email'};
if ($res->content eq 'VERIFIED') {
# check transaction for uniqueness
# process payment
}
elsif ($res->content eq 'INVALID') {
# possible fraud
} else {
# error
}
ASP/VB:
<%@LANGUAGE="VBScript"%>
<%
Dim str, OrderID, Txn_id, Payment_status
Dim objHttp
str = Request.Form
OrderID = Request.Form("item_number")
Txn_id = Request.Form("txn_id") Payment_status =
Request.Form("payment_status")
' post back to PayPal system to validate
str = str & "&cmd=_notify-validate"
set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
objHttp.open "POST", "https://www.paypal.com/cgi-bin/webscr", false
objHttp.Send str
' Check notification validation
if (objHttp.status <> 200 ) then
' HTTP error handling
elseif (objHttp.responseText = "VERIFIED") then
' process payment
elseif (objHttp.responseText = "INVALID") then
' possible fraud
else ' error
endif
%>
Here's PayPal's form variable info:
<form action=" https://www.paypal.com/cgi-bin/webscr " method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="nora@paypal.com">
<input type="hidden" name="return"
value="http://www.yoursite.com/thankyou.htm">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Baseball Hat">
<input type="hidden" name="item_number" value="123">
<input type="hidden" name="amount" value="5.95">
<input type="hidden" name="shipping" value="1.00">
<input type="hidden" name="shipping2" value="0.50">
<input type="hidden" name="handling" value="2.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="image_url"
value="https://www.yoursite.com/logo.gif">
<input type="hidden" name="cancel_return"
value="http://www.yoursite.com/cancel.htm">
<input type="hidden" name=" no_note" value="1">
<input type="image" src="http://images.paypal.com/images/x-click-but01.gif"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
Web Accept Form Variables:
³post² action [required] Must be set to
"https://www.paypal.com/cgi-bin/webscr".
cmd [required] Must be set to "_xclick".
business [required] This is your PayPal ID, or email address, where payments
will be sent. This email address must be confirmed and linked to your
Verified Business or Premier account. return An internet URL where the user
will be returned after completing the payment. For example, a URL on your
site which hosts a ³Thank you for shopping² page. This item is optional, if
omitted, users will be taken to the PayPal site.
undefined_quantity If set to "1", the user will be able to edit the
quantity. This means your customer will see a field next to quantity which
they must complete. This is optional: if omitted or set to "0", the quantity
will not be editable by the user. Instead, it will default to 1
item_name Description of item being sold (maximum 127 characters). If you
are collecting aggregate payments, this can include a summary of all items
purchased, a tracking number, or a generic terms such as ³shopping cart.²
This is optional: if omitted, customer will see a field in which they have
the option of entering an Item Name.
item_number Pass-through variable for you to keep track of purchases made of
this item. It will not be displayed to your customer, but will get passed
back to you at the completion of payment (maximum 127 characters). This is
optional: if omitted, no variable will be passed back to you.
amount Item price. This will be multiplied by the quantity to get the final
payment amount. If the quantity is ³one², this will be the payment amount.
This is optional: if omitted, your customer will be prompted to enter the
item price.
shipping Base or flat shipping amount regardless of quantity. This is
optional: if omitted, no shipping charge will be added.
shipping2 Additional shipping amount for each additional item. This is
optional: if omitted, shipping will equal the amount entered for the
³shipping² variable above.
handling Handling amount regardless of quantity; it is a flat charge. This
is optional: if omitted, no handling charge will be added.
no_shipping Shipping address. If set to ³1,² your customer will not be
prompted for a shipping address. This is optional: if omitted or set to ³0²
your customer will be prompted to include a shipping address.
image_url The internet URL of the 150 by 50 pixel image you would like to
use as your logo. This is optional: if omitted, your customer will see your
Business Name (if you have a Business account) or email address (if you have
a Premier account).
cancel_return An internet URL where the user will be returned if payment is
canceled. For example, a URL on your site which hosts a ³Payment Canceled²
page. This item is optional, if omitted, users will be taken to the PayPal
site.
no_note Including a note with payment. If set to ³1,² your customer will not
be prompted to include a note. This is optional: if omitted or set to ³0²
your customer will be prompted to include.
image [required] The internet URL of the PayPal Web Accept button which
appears on your site. If you decide to create your own button, insert the
URL here. Otherwise, keep the URL you got from the Button Factory.
Notes:
€ If you would like to remove the values for a variable (i.e., leave the
amount blank for your customer to define), you should remove the entire
variable not just the value. For example, you should remove this entire line
from the code <input type="hidden" name="amount" value="5.95"> rather than
just the value of ³5.95².
€ If you are using Web Accept buttons to sell multiple items, the
³item_number² field should be used for inventory tracking numbers.
_______________________________________________________
Web Accept Buttons:
Standard Web Accept Form:
<form action=" https://www.paypal.com/cgi-bin/webscr " method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="nora@paypal.com">
<input type="hidden" name="return"
value="http://www.yoursite.com/thankyou.htm">
<input type="hidden" name="undefined_quantity" value="1">
<input type="hidden" name="item_name" value="Baseball Hat">
<input type="hidden" name="item_number" value="123">
<input type="hidden" name="amount" value="5.95">
<input type="hidden" name="shipping" value="1.00">
<input type="hidden" name="shipping2" value="0.50">
<input type="hidden" name="handling" value="2.00">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="image_url"
value="https://www.yoursite.com/logo.gif">
<input type="hidden" name="cancel_return"
value="http://www.yoursite.com/cancel.htm">
<input type="hidden" name=" no_note" value="1">
<input type="image" src="http://images.paypal.com/images/x-click-but01.gif"
name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
Web Accept Hyperlinks:
The same inputs would generate the hyperlink below:
https://www.paypal.com/cgi-bin/webscr?handling=2.00&amount=5.95&no_shipping=
1&image_url=https%3A//www.yoursite.com/logo.gif&return=http%3A//www.yoursite
.com/thankyou.htm&shipping=1.00&item_name=Baseball+Hat&submit.x=34&submit.y=
15&business=nora%40paypal.com&item_number=123&undefined_quantity=1&cancel_re
turn=http%3A//www.yoursite.com/cancel.htm&cmd=_xclick&shipping2=0.50&no_note
=1
Web Accept Form and Hyperlink Variables:
³post² action [required] Must be set to
"https://www.paypal.com/cgi-bin/webscr".
cmd [required] Must be set to "_xclick".
business [required] This is your PayPal ID, or email address, where payments
will be sent. This email address must be confirmed and linked to your
Verified Business or Premier account.
return An internet URL where the user will be returned after completing the
payment. For example, a URL on your site which hosts a ³Thank you for
shopping² page. This item is optional, if omitted, users will be taken to
the PayPal site.
undefined_quantity If set to "1", the user will be able to edit the
quantity. This means your customer will see a field next to quantity which
they must complete. This is optional: if omitted or set to "0", the quantity
will not be editable by the user. Instead, it will default to 1
item_name Description of item being sold (maximum 127 characters). If you
are collecting aggregate payments, this can include a summary of all items
purchased, a tracking number, or a generic terms such as ³shopping cart.²
This is optional: if omitted, customer will see a field in which they have
the option of entering an Item Name.
item_number Pass-through variable for you to keep track of purchases made of
this item. It will not be displayed to your customer, but will get passed
back to you at the completion of payment (maximum 127 characters). This is
optional: if omitted, no variable will be passed back to you.
amount Item price. This will be multiplied by the quantity to get the final
payment amount. If the quantity is ³one², this will be the payment amount.
This is optional: if omitted, your customer will be prompted to enter the
item price.
shipping Base or flat shipping amount regardless of quantity. This is
optional: if omitted, no shipping charge will be added.
shipping2 Additional shipping amount for each additional item. This is
optional: if omitted, shipping will equal the amount entered for the
³shipping² variable above. handling Handling amount regardless of quantity;
it is a flat charge. This is optional: if omitted, no handling charge will
be added.
no_shipping Shipping address. If set to ³1,² your customer will not be
prompted for a shipping address. This is optional: if omitted or set to ³0²
your customer will be prompted to include a shipping address.
image_url The internet URL of the 150 by 50 pixel image you would like to
use as your logo. This is optional: if omitted, your customer will see your
Business Name (if you have a Business account) or email address (if you have
a Premier account).
cancel_return An internet URL where the user will be returned if payment is
canceled. For example, a URL on your site which hosts a ³Payment Canceled²
page. This item is optional, if omitted, users will be taken to the PayPal
site.
no_note Including a note with payment. If set to ³1,² your customer will not
be prompted to include a note. This is optional: if omitted or set to ³0²
your customer will be prompted to include.
Notes:
€ If you would like to remove the values for a variable (i.e., leave the
amount blank for your customer to define), you should remove the entire
variable not just the value. For example, you should remove this entire line
from the code <input type="hidden" name="amount" value="5.95"> rather than
just the value of ³5.95².
€ If you are using Web Accept buttons to sell multiple items, the
³item_number² field should be used for inventory tracking numbers.
Pre Populate Your Customer¹s PayPal Sign-Up
Increase your sales by pre-populating your customer's PayPal payment pages.
If you have already collected your customer's information, you can pass this
information to PayPal to pre-populate the first page of a new customer's
sign-up. The fields and parameters are listed below. You can pass all or
none of this data. While your customer's sign-up page will be pre-populated,
it will still be editable.
Note: Pre-Population works with all PayPal Payment types except Shopping
Cart.
To pass this information to the PayPal payment pages, post the variable name
and the associated data to PayPal in the HTML in the form of "variable name
= value". You will also need to change your cmd value to '_ext-enter' and
add a new variable, 'redirect_cmd', whose value should be '_xclick'. Please
see the sample code below for an example.
Variable Value Requirements
first_name First name Alpha characters only.
Maximum length = 32
last_name Last name Alpha characters only.
Maximum length = 64
address1 Street Alpha-Numeric characters only.
(1 of 2 fields) Maximum length = 100
address2 Street Alpha-Numeric characters only.
(2 of 2 fields) Maximum length = 100
city City Alpha characters only.
(1 of 2 fields) Maximum length = 100
state State Must be 2 character official
abbreviation
zip Zip Numeric characters only.
Maximum length = 32 characters
night_phone_a Home phone Numeric characters only.
(1 of 3 fields) Maximum length = 3 characters
night_phone_b Home phone Numeric characters only.
(2 of 3 fields) Maximum length = 3 characters
night_phone_c Home phone Numeric characters only.
(3 of 3 fields) Maximum length = 3 characters
day_phone_a Work phone Numeric characters only.
(1 of 3 fields) Maximum length = 3 characters
day_phone_b Work phone Numeric characters only.
(2 of 3 fields) Maximum length = 3 characters
day_phone_c Work phone Numeric characters only.
(3 of 3 fields) Maximum length = 3 characters
___________________________________________________________________
The following sample HTML code shows how the optional pre-population fields
would be included in your payment buttons. The field entries would need to
be dynamically generated by your website and included in the URL to which
your customers are sent when they try to make a PayPal payment.
The fields shown in <!--- ---!> are the optional pre-population fields.
The fields listed above would generate this HTML link, which would
pre-populate your customer's PayPal payment pages. (again, the optional
pre-population fields are shown in red) pass this information to the PayPal
payment pages, post the variable name and the associated data to PayPal in
the HTML in the form of "variable name = value".
FORM ACTION="https://www.paypal.com/cgi-bin/webscr" METHOD="POST"
<!--- INPUT TYPE="hidden" NAME="cmd" VALUE="_ext-enter" ---!>
<!--- INPUT TYPE="hidden" NAME="redirect_cmd" VALUE="_xclick" ---!>
INPUT TYPE="hidden" NAME="cmd" VALUE="_xclick"
INPUT TYPE="hidden" NAME="business" VALUE="amyrowe@x.com"
INPUT TYPE="hidden" NAME="undefined_quantity" VALUE="1"
INPUT TYPE="hidden" NAME="item_name" VALUE="hat"
INPUT TYPE="hidden" NAME="item_number" VALUE="123"
INPUT TYPE="hidden" NAME="amount" VALUE="15.00"
INPUT TYPE="hidden" NAME="shipping" VALUE="1.00"
INPUT TYPE="hidden" NAME="shipping2" VALUE="0.50"
<!--- INPUT TYPE="hidden" NAME="first_name" VALUE="John" ---!>
<!--- INPUT TYPE="hidden" NAME="last_name" VALUE="Doe" ---!>
<!--- INPUT TYPE="hidden" NAME="address1" VALUE="9 Elm Street" ---!>
<!--- INPUT TYPE="hidden" NAME="address2" VALUE="Apt 5" ---!>
<!--- INPUT TYPE="hidden" NAME="city" VALUE="Berwyn" ---!>
<!--- INPUT TYPE="hidden" NAME="state" VALUE="PA" ---!>
<!--- INPUT TYPE="hidden" NAME="zip" VALUE="19312" ---!>
<!--- INPUT TYPE="hidden" NAME="night_phone_a" VALUE="610" ---!>
<!--- INPUT TYPE="hidden" NAME="night_phone_b" VALUE="555" ---!>
<!--- INPUT TYPE="hidden" NAME="night_phone_c" VALUE="1234" ---!>
<!--- INPUT TYPE="hidden" NAME="day_phone_a" VALUE="610" ---!>
<!--- INPUT TYPE="hidden" NAME="day_phone_b" VALUE="555" ---!>
<!--- INPUT TYPE="hidden" NAME="day_phone_c" VALUE="1222" ---!>
INPUT TYPE="image" SRC="http://images.paypal.com/images/x-click-but01.gif"
BORDER="0" NAME="submit" ALT="Make payments with PayPal - it's fast, free
and secure!"
__________________________________________________________________
Instant Payment Notification
Instant Payment Notification allows you to integrate your PayPal payments
with your website's back-end operations, so you get immediate notification
and authentication of the PayPal payments you receive.
How It Works
When a customer makes a payment to you, PayPal will post a notification to
your server at a URL you specify. Included in this notification will be all
of your customer's payment information (e.g. customer name, amount) as well
as a piece of encrypted code. When your server receives a notification, it
will then post the information, including the encrypted code, back to a
secure PayPal URL. PayPal will authenticate the transaction and send
confirmation of its validity back to your server.
Note: To activate Instant Payment Notification, you will need to enter the
URL at which you would like to receive the notification posts from the
Profile of your PayPal account.
After you have activated Instant Payment Notification, your server will be
sent a notification every time you receive a payment, this notification will
be sent as a hidden "FORM POST" to the URL you specified, and will include
all of the payment information. The FORM variables for the notification are
listed below:
Variable Value
receiver_email Email address of the payment recipient
(i.e., the merchant; essentially an echo of
"business").
item_name Echoed
item_number Echoed
quantity Echoed
invoice Echoed
custom Echoed
payment_status "completed", "pending", "failed"
Note: for "pending" payments, payment notification
to
"notify_url" will occur again when the payment
becomes
"completed" or "failed".
pending_reason "echeck", "intl", "verify", "address", "other"
payment_date Time/Date stamp generated by PayPal system
[format: "18:30:30 Jan 1, 2000 PST"].
payment_gross Full amount of the customer's payment.
payment_fee The transaction fee associated with the payment.
"payment_gross" minus "payment_fee" will equal the
amount deposited into the merchant's PayPal
account.
txn_id A unique transaction ID generated by the PayPal
system.
txn_type "web_accept", "send_money"
first_name Customer information
last_name Customer information
address_street Customer information
address_city Customer information
address_state Customer information
address_zip Customer information
address_country Customer information
address_status "confirmed", "unconfirmed"
payer_email Primary email address of payer. Any crediting of
funds
back to the customer should be directed to this
email
address.
payer_status "verified", "unverified", "intl_verified",
"intl_unverified"
payment_method "cc", "non_cc"
notify_version "1.1"
verify_sign An encrypted string used to validate the
authenticity
of the transaction (see below).
Notification Validation
Once your server has received the Instant Payment Notification, you will
need to confirm it by constructing an HTTP POST to PayPal. Your POST should
be sent to "https://www.paypal.com/cgi-bin/webscr"
You must post all of the form variables you received exactly as you received
them. You will also need to append a variable named "cmd" with the value
"_notify-validate" (e.g. cmd=_notify-validate) to the POST string.
--
Julia Jacobs
Currant Media
407-977-4523
Fax 407-261-0176
http://www.currantmedia.com
Members of The Better Business Bureau
* Multimedia Producers
* Web Design & Development
* 2D/3D Graphics/Animation
* Hosting, domain and e-mail
* E-Commerce check, credit card validation