I've been using Paypal's payment standard with dynamically encrypted buttons for successfully for several years. It suddenly stopped working on 19/05/2022.
When a customer clicks on the payment button they're taken to Paypal and are shown the error page with the 'helpful' message "Things don't appear to be working at the moment. Please try again later.". The headers served by Paypal along with this page include code=CRYPTOSERV_SERVER_ERROR, which I've googled and there are no results. All certificates are still valid.
Does anyone have a clue what this error means?
The May 19th mysterious PayPal error solved by a combination of trimming white space and removing line breaks worked for me. No thanks to PayPal CS who never got back to me after a week of shop being down!
$encryptedButton = str_replace("\n", "", $encryptedButton);
$encryptedButton = trim($encryptedButton);
Same problem here. Still no resolution from PayPal after I reported that 5 days ago.
What I found in my page source is that the encrypted field's value was "split" with new lines, for better readability, like this:
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----
MIIIoQYJKoZIhvcNAQcDoIIIkjCCCI4CAQAxggEwMIIBLAIBADCBlDCBjjELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQw
EgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UE
...
I removed the new lines with this simple step:
$encryptedButton = str_replace("\n", "", $encryptedButton);
And now the button seems to work again.
<input type="hidden" name="encrypted" value="$encryptedText" />
Make sure to add: $encryptedText = str_replace("\n", "", $encryptedText); so that extra spaces are removed.
Related
We use fields called "item_name" and "item_number" in integration with PayPal to convey the details of the ordered product.
Recently I've been seeing PayPal transactions return "Shopping cart" in item_name, rather than the string that was posted to PayPal in that field.
This behavior is inconsistent, I have logs that show 5 transactions with 1, 4 and 5 having the missing item_name, and 2 and 3 having the old item_name without any issues whatsoever.
I've tried to find out whether item_name was deprecated but it appears to be still active, as per https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNandPDTVariables/
We are not using shopping cart, we're using PayPal Payments Standard. Our PayPal send code is:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" name="PayPal">
<input type="hidden" name="item_name" value="<?=$item_name; ?>">
<input type="hidden" name="item_number" value="<?=$item_number; ?>">
The item_name and item_number can be seen at the top of the PayPal pages the user sees next.
Could someone from PayPal please explain why is there this inconsistency in the behavior, and whether it's a problem with PayPal or a forerunner of change I wasn't aware of?
Thank you in advance for your help!
Maciek
We also starting experiencing this problem on 8/19/2017. Item_name = "Shopping Cart" Here are others reporting this problem:
https://www.paypal-community.com/t5/About-Payments/item-name-changed-to-quot-Shopping-Cart-quot-in-IPN/td-p/1290682
I've been trying to switch over our classic express checkout to in-context express checkout.
As instructed, I've switched the URL to https://www.paypal.com/checkoutnow/
This is the HTML snippet in the cart:
<div class="col-md-6">
<a id="paypalcheckout" href="paypal_checkout/PostToPaypal.cfm?orderidentifier=XXXX">
<img class="paypal-button-hidden" src="/img/paypal.png" alt="" class="img-responsive center-block"/>
</a>
</div>
<script>
window.paypalCheckoutReady = function() {
paypal.checkout.setup("ZZZZ", {locale: 'en_US', environment: 'sandbox', button: ['paypalcheckout']});
}
</script>
<script async src="//www.paypalobjects.com/api/checkout.js"></script>
PostToPaypal.cfm makes the necessary api requests and gets back the EC-code and then redirects to this link:
https://www.sandbox.paypal.com/checkoutnow/2?incontext=1&token=EC-YYYY
The click results in a pop up window with the main window going dark. But after a few seconds, the pop up window makes the main page go to classic checkout and closes. It's letting me continue and checkout successfully with the old method. So I know the EC number is correct. Can anyone help me understand what I need to do to make in-context checkout work? Thank you in advance.
I had the exact same problem.
The solution turned out to be in the server-side settings.
In the paypalfunctions.php file (which PayPal itself generated for me), there are a couple of lines that you need to remove, ones pertaining to it being a digital item.
Look for a similar line:
$nvpstr .= "&L_PAYMENTREQUEST_0_ITEMCATEGORY" . $index . "=Digital";
It might be repeated several times.
Basically, the Digital Goods are not allowed through the in-context checkout, which is why I was getting the redirect issue.
For me the issue was the CALLBACK param when getting transaction id. When I removed it, it worked.
I have the same issue with LANDINGPAGE set to Billing.
In that particular case sandbox reverts to classic express checkout version.
In production both Billing and Login values for LANDINGPAGE parameter result in a correct popup window.
I had to remove these parameters to get it to work
FlatRateShippingOptions
cppHeaderImage
CallbackURL
CallbackTimeout
I have a webshop: energyshop.se which I have successfully managed to setup a Sandbox account at PayPal and to create a Buyer and a Seller account, created a button which I implemented to my site (from the Seller account) and I manage to make a payment through my Buyer account and got redirection to work too, to energyshop.se/tack.
So far so good, now I wonder how do I reach the "product ID" that IPN/PDT sends when the user is redirected? How do I use that holder to display files for download or just for play/listening? And what are the holders/variable that holds the receipt information? I would like to say for example when returned to /tack to display the receipt and then the downloadable item.
Any help is very welcome I have worked n this site for ages now and just want it done, it is for a customer too.
I tried to do something like this (i use wordpress at my thankyoupage):
<div id="receiptform">
<form method=post action="https://www.paypal.com/cgi-bin/webscr">
<input type="hidden" name="cmd" value="_notify-synch">
<input type="hidden" name="tx" value="TransactionID">
<input type="hidden" name="at" value="P0d7_HmQSAuXh9r-7hG1Rzf_npI2LaFgYHQJyWUsjQHg7WhZARqs3sq6IW4">
<input type="submit" value="PDT">
</form>
</div>
But that just displays a button PDT that when clicked displyas FAIL ERROR: 4002
How do I edit this to just display the content nicely in tx?
Also, I can tell that "its" working because in the address field, when redirected to thank-you-page this reads: http://energyshop.se/tack/?tx=9LJ24270G46097059&st=Completed&amt=10.00&cc=USD&cm=&item_number=1 which leads me to think its A) completed and B) got the info I need. Now is the question how i present this data? What am I supposed to do? A php-script that I...? I cant seem to find any examples on it, just the defnition of the variables for IPN/PDT but that doesnt help me if I dont know where to put or do with it...
You would want to use PDT as you are. When you receive the tx variable and etc back, you have to do a post back to PayPal to verify all of the inforamtion. Then once you have varified the post, PayPal will then send all of the variables back to your script. You can find a bit more on how PDT works at https://www.x.com/developers/paypal/documentation-tools/ipn/integration-guide/IPNPDTAnAlternativetoIPN. There are also some sample scripts on that site as well at https://www.x.com/developers/PayPal/documentation-tools/code-sample/216627 and https://paypaltech.com/PDTGen/
I have a simple button created with Paypal's Website Payments Standard, and I'm using the feature "Take customers to this URL when they finish checkout".
On that page which users are being redirected to when the purchase is successful (on my site) I'd like to simply display the email associated with their paypal purchase, telling them something like "an invoice will be sent to this email address: xxx".
Is that possible without using the API or IPN (which I'd rather avoid because it seems like I can't set different IPN urls for deifferent buttons/products.)
Ended up using PDT, there's a great example of how to simply do this here:
http://www.geekality.net/2010/10/19/php-tutorial-paypal-payment-data-transfers-pdt/
Thanks PP_MTS_Chad, I wouldn't have found it if it wasn't for you pointing out that option.
You could use 1 of 2 ways to get information back to your return URL, without having to use IPN or an API. You could use PDT to return information back to your site, or you could use the return method which uses the variable "rm". You can find more out about IPN here, and there are also some sample scripts you can use on that site as well.
If you want to use the return method, this is a little different from PDT. With the return method you do not have to post the information back to PayPal to verify it. If you wanted PayPal to post the information over to your return page you would just simply enable auto return in your account under your profile. Then you would just include the following lines of code in your button code.
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="http://www.mysite.com/return.php">
The variable "rm", controls how you want the information sent back to you. You can set it to be a GET or a POST.
Allowable values are:
0 – all shopping cart payments use the GET method
1 – the buyer's browser is redirected to the return URL by using the GET method, but no payment variables are included
2 – the buyer's browser is redirected to the return URL by using the POST method, and all payment variables are included
The default is 0.
Note: The rm variable takes effect only if the return variable is set.
Ive been using express checkout API to convert people's accounts on my site to premium accounts after paying. The only problem with it is that it doesn't send the user back to the site until they click the button to return, and it updates their permission when that happens. About 40% of the users don't seem to do that.... so their accounts never get credited after payment.
Although paypal does an instant post-back upon the successful payment, I was never able to make it actually update the user's account right away, since I cant get it to send back some sort of informational that would identify the user that just completed the payment. I could only do that when you are sent back to the site, which sends the transaction ID, that I logged with a post-back. It searches for it, and grants permission if it was found int he DB.
Is there a way to submit some sort of a variable to paypal, that it will then post back to me? Something like &user_id=123, which would make it very handly to update the user's permission.
Iten_number hidden variable don't work in my application. But i found that custom hidden field works fine. Just add this field to the form, generated by paypal: <input type="hidden" name="custom" value="YOUR VALUE FROM DB"/>. After, you can read this value to identify, for example, what product have been purchased. (Java code): String custom = request.getParameter("custom");
Yes, if you send item_number, the IPN notification will include that when it posts back to you. I record a unique ID in the database when the user starts the payment process, and include that when sending them to PayPal. When the IPN comes in, that unique ID matches up with the record in the database, giving me all the info I need.
Edit Re your comment:
I expect there's a code example somewhere on the site linked above, but basically in my case I'm using a form that I POST to https://www.paypal.com/cgi-bin/webscr. Within that form are various hidden fields documented in the IPN stuff (cmd for what command to perform, business to specify your business ID, item_name for a nice description in the PayPal UI, item_number for the item number I mentioned above, etc., etc.). When IPN posts back to your IPN address, it includes various fields (such as payment_status — kind of important! &mdash and the item_number you fed in when posting to them).
Just to add to this old question...
There are option parameters that are commonly used for custom data sending through paypal.
These option tags are on0, on1, or on2 for the custom field names and os0, os1, and os2 for the custom field values.
I would send on0 with a value of "UserID" and os0 the actual ID.
These values will be represented in the IPN as follows:
os0 is represented as option_selection1
os1 is represented as option_selection2
os2 is represented as option_selection3
on0 is represented as option_name1
on1 is represented as option_name2
on2 is represented as option_name3
Here's the info on PayPal's HTML parameters
According to HTML Variables for PayPal Payments Standard you can send all the "Pass-through" variables:
item_number Pass-through variable for you to track product or service
purchased or the contribution made. The value you specify is passed
back to you upon payment completion. This variable is required if you
want PayPal to track inventory or track profit and loss for the item
the button sells.
custom Pass-through variable for your own tracking purposes, which buyers do not see. Default – No variable is passed back to you.
and
invoice Pass-through variable you can use to identify your invoice number for this purchase. Default – No variable is passed back to
you.
All these pass-through variables are sent back by the IPN in the payment response info.
You just have to render your HTML template server-side and write the fields back in the HTML code like
<input type="hidden" name="item_number" value="{{ productID }}">
<input type="hidden" name="invoice_id" value="{{ invoiceID }}">
<input type="hidden" name="custom" value="{{ jsonInfo }}">
Technically the field "custom" can be a JSON encoded string if you want to handle more data like
myItemObject = {
"customerEmail" : "john#doe.com
"customerID: "AAFF324"
}
jsonInfo = json.dumps( myItemObject )
return render_template(tmpl_name, jsonInfo=jsonInfo, productID=productID, invoiceID=invoiceID)
I finally get this answer, I want to share with all of you look:
on your HTML form put this code (this is Paypal sandbox):
form action="https://www.sandbox.paypal.com/cgi-bin/webscr?custom=YOUR_VAR" method="post"
On your PHP after the Paypal redirect to your page success: use the cm GET variable:
$example = $_GET["cm"];
I hope this URL solves your issue. As it solved mine as well. Add a custom variable to your form and then retrieve it on your success payment page.
Example :
<input type='hidden' name='custom' value='<?php echo $email; ?>'/>
and then retrieve it as :
$_POST['custom']
<input type="hidden" name="on0" value="Ajay Gadhavana">
<input type="hidden" name="on1" value="my_phone_number">
<input type="hidden" name="on2" value="my_third_extra_field">
Response from paypal would be
[option_name1] => Ajay Gadhavana
[option_name1] => my_phone_number
[option_name1] => my_third_extra_field
What worked for me in 2021 is passing "custom_id" (inside the "purchase_units" array) to PayPal in my client app and checking "custom" on my backend.
Yes, it looks like PayPal renames the parameter for some reason.