Of Stack

PHP shopping site payment paypal usage method

  • 2020-03-31 21:18:25
  • OfStack

Detailed reference:

(link: https://cms.paypal.com/us/cgi-bin/? CMD = and _render - content&content _ID = developer/e_howto_html_Appx_websitestandard_htmlvariables)

Define the constant paypalurl

Const PAYPAL_URL = 'https://www.sandbox.paypal.com/'.

The data to be transmitted is recorded as an array

$paypalData = array (
                                  'add'                         = > 1,
                                    'CMD'                             = > '_ext - enter,
                                    'redirect_cmd     = > '_xclick',
                                    'business'                       = > $paypalAccount, --liangliangfeng211@gmail.com is the payee's paypal account
                                    'item_name'           = > 51 customimprint 'shopping cart',
                                    'item_number     = > $order - > Id,
                                    'first_name'               = > $address - > The first_name,
                                    "Last_name"                 = > $address - > Last_name,
                                    'address1'                     = > $address - > Address1,
                                    'city'                                         = > $address - > City,
                                    'state'                                   = > $address - > State_or_province,
                                    'zip'                                           = > $address - > Zip_code,
                                    'the amount                       = > $order - > Subtotal,
                                    'shipping                   = > $order - > Shipping_fee,
                                    'no_note                       = > 1,
                                    'currency_code       = > A '$',
                                    'lc                                           = > 'US'
                        );

Converts this array to a url address

$paypalArguments = array ();
                              The foreach ($paypalData as $k = > {$v)
                                      Array_push ($paypalArguments, $k. '='. Urlencode ($v));
                              }
                              $paypalUrl = self::PAYPAL_URL. '? 'the implode (' &' $paypalArguments);
                              $this - > _redirect ($paypalUrl);

Next, we should set the address of the Paypal interface to:

(link: https://www.sandbox.paypal.com/cgi-bin/webscr)

Basic flow
When the customer pays you, PayPal sends a notification to the server at the specified URL (type = "hidden" name = "notify_url" value = ""). This notification will include all payment information for your customer (for example, customer name, amount), as well as an encryption code. When the server receives the notification, it then sends the information, including the encryption code, back to the secure PayPal URL. PayPal authenticates transactions by checking the encrypted string. This operation of sending IPN data back to PayPal prevents "spoofing," so you can ensure that the IPN comes from PayPal. PayPal sends a confirmation of its validity back to your server when you verify it.

prompt : to enable instant payment notifications, you will need to enter a URL through which you can receive notifications from your user information.

With instant payment notifications enabled, your server will receive a notification each time you receive payment, which will be sent to the specified URL in a hidden "FORM POST" and will include all payment information. The FORM variables for notifications are listed at the bottom of the page.

Each time you receive an IPN from PayPal, you must complete the notification confirmation process described below before you can execute the order. Confirming the information listed will ensure that the transaction is legal.

Notification confirmation IPN
To ensure that payments are made to your PayPal account, you must verify that the email address used as "receiver_email" is registered and confirmed in your PayPal account.

Once the server receives an instant payment notice, you will need to confirm it by building an HTTP POST to be sent to PayPal. Your POST should be sent to (link: https://www.paypal.com/cgi-bin/webscr)

You must send all received form variables exactly as they were when you received them. You also need to append a variable named "CMD" with a value of "_notify-validate" (for example, CMD =_notify-validate) to the POST string.

PayPal replies to the POST with a word "VERIFIED" or "INVALID" in the body of the reply. When you receive a VERIFIED reply, you need to perform several checks before executing the order:

Verify that "payment_status" is "Completed" because the system also sends IPN for other results, such as "Pending" or "Failed".
Check that "txn_id" is not duplicated to prevent fraudsters from reusing old completed transactions.
Verify that "receiver_email" is an email address that has been registered in your PayPal account to prevent payments from being sent to the fraudster's account.
After completing the above check, you can use IPN data to update your database and process the purchase.
If an "invalid" notice is received, it should be considered suspicious and investigated.

Related articles: