Mechanism to store a session variable during Paypal IPN transaction - paypal

I've looked for hours for an workable answer to this without any luck so here is my question/issue:
I have a page with a form that has a Paypal generated Pay Now button with a drop down with 3 choices. The user clicks on one of the three choices which are priced $7, $14 and $20. The user is paying for a service and after paying on the Paypal site they will be uploading 1, 2 or 3 files depending on their choice.
I need a way to capture the choice so I can send them to one of 3 pages. I think I understand the the normal $_SESSION variable won't work when using Paypal according to this answer: Get information from PayPal after a transaction
I still don't understand what the proper way to do this is. What method is recommended? Should I use a DB to store the transaction data and then in the return page read back the data?
Any advice will be greatly appreciated.

You don't need to capture session information to accomplish this. You can just set the return_url variable accordingly in the form. You can also add arguments to the URL to transmit context.

Related

Roadblocks with using PayPal Recurring Payment Subscription with ASP.Net Membership?

I'm using ASP.Net Membership Provider for logging into the premium content of this web site. The content isn't downloads, it's web pages of information and discounts, etc. That part is done. We want them to also have a PayPal Subscription annual payment to see the premium content. I would like ASP Membership and PayPal Subscription to work together as much as possible, but for the minimum I am thinking they will have to create a MemberId before they pay. Then I will send that MemberId to PayPal to associate the two.
I think I can do that like this:
Set "Auto Return" on in the interface so that it will redirect to return URL when payment is made.
Set "return URL" query string to MemberId. This requires not using the precompiled "Saved" buttons. I'll have to set it in Code Behind with Name Value Pairs, "NVP" to PayPal. I was hoping to just paste the stupid button.
But then, there were those "Advanced Variables" in the Button maker. Problem was they are compiled into the Saved button, so I can't change them for each person. But maybe that one parameter could be separate from the compiled parameters? Is this better than hacking the return URL? Are "Advanced Variables" good for anything?
All the details about the transaction will be POSTed to the return URL if I put in the right code, which might be rm=2. (Right?) Then I can record it.
This process is said to be unreliable, though, and PayPal recommends using a secondary system that they have, "IPN". PayPal sends the transaction details to me. I send them back http 200 code. Then I send it back to them in the same order I got it. Then they send me http 200. Then we all know it's good. This sounds like a few hours research to me, but if you've already done it once, it sounds like copy and paste. I hate reinventing the wheel. Is there a .Net sample of this IPN handshake/dance?
Also, if I do the IPN thing, maybe I don't need Auto Return. Maybe I add MemberId to "notify" URL instead of "return" URL. Then PayPal can handle the confirmation page, email, etc. Is that better?
Assuming we get the Subscription paid for and recorded with the MemberId, at least once per user session, after they log in, I have to check if they have paid their PayPal subscription and if it's up to date. "GetRecurringPaymentsProfileDetails" does this, but it is an API operation. That makes sense, but I was hoping to avoid learning their REST API. (Is there a "NVP" version?)
REST API OAUTH tokens expire every few minutes, but the only way it tells to get one is by using "Bash" to "cURL" some Linux commands. Again, this seems like the kind of thing that would only ever have to be written once. Does this already exist as a sample code somewhere?
(I don't want to use the API to do the Subscribe, because I don't want the Credit Card numbers to ever go to our site. Too much liability. That's why I wanted PayPal.)
Will this even work? I know PayPal has 18 ways to do everything and they all exclude each other, and I'm just getting the feeling that I'm creating a patchwork of unrelated ideas to fool myself into believing there's a light at the end of the tunnel. I've already been researching and experimenting for 10 hours or so. I really thought, going in, I'd just be pasting a stupid button.
If you want to just "copy the stupid button" then you'll have to stick to Payments Standard, and then you'll be limited with what you can do. For example, you won't be able to use GetRecurringPaymentsProfileDetails for a standard subscription.
Instead, you'll need to use Express Checkout and / or Payments Pro. There is indeed an NVP API available for these, and there is also a SOAP/XML version. Details on those can be found here: https://developer.paypal.com/docs/classic/api/
Specifically, for Express Checkout, you'll want SetExpressCheckout, GetExpressCheckoutDetails, DoExpressCheckoutPayment, and CreateRecurringPaymentsProfile. Some of those calls are optional depending on how exactly you're configuring things with the checkout flow.
For Payments Pro you'll use either DoDirectPayment / CreateRecurringPaymentsProfile or PayFlow depending on what version they put you on.
In any case, IPN is definitely the way to go for post-transaction processing.
.NET IPN Sample - https://github.com/paypal/ipn-code-samples/blob/master/paypal_ipn.asp

PayPal payment to issue activation code

I have just created my first PayPal button and it is working correctly within sand box. I would like to know the best way (if possible) to issue a unique activation code on my return url ensuring that the user has definitely paid before they receive the code. I could manually email the code but wondered if the was any way of automating this using some sort of return value? Possibly returning to an aspx page which then reads from my database to get the next activation key and displays it?
Thanks
Garry
As you already know that PayPal doesn't provide such facility for delivering activation instantly but it does offer the Instant Payment Notification API (PayPal IPN) which can be used to build such a platform.
Here is a great article for that purpose only. https://www.codeproject.com/Articles/383207/Selling-software-using-PayPal-IPN-as-an-eCommerceenter link description here
The best way to handle that would be to use Instant Payment Notification (IPN).
Any time a transaction happens on your site (whether it's a payment, refund, cleared pending payment, dispute, etc.) the PayPal server will POST details about that transaction to a script you have sitting on your server.
This script can receive the data and process it accordingly allowing you to automate things like updating a database, generating email notifications, hitting 3rd party web services, delivering e-goods, etc.
If you want the activation code to be visible on the return URL you can look at Payment Data Transfer (PDT), which is just like IPN except that it's made for use with the return URL. It is not recommended to use this, though, for post-transaction processing because there is no guarantee the user will make it back to the return URL, for one, and also it wouldn't handle things like e-checks correctly.

Implementing PayPal discounts - what if the user cancels?

Alright, I got my Paypal shopping cart set up and working, now I'd like to be able to add discount coupons.
I know I can simply implement the 'discount_amount_cart' variable in my form, but I'm still a little lost when it comes to handling the deactivation of a coupon code.
Let's say A activates the code. Now in my database it will be marked as 'reserved', meaning no one else can use it. Once A completes his transaction, the IPN will mark the code as 'used' and it becomes useless.
But what if A decides to activate the code, but never actually buys anything on my website?
I'm using the $_SESSION variable to save my shopping cart, so once the user returns to my website, the code might still be shown as activated for him. When exactly would I mark it back as 'not reserved & not used' in my database?
I could do this based on time, but this doesn't really feel safe either. Let's say the user puts everything into his basket, goes to Paypal, waits for an hour and then decides to finish his checkout. The discount would still be activated, but in the meantime, it could've already been 'unreserved' in the database and used by another person!?
How would I go about this?
Thanks in advance!
IMHO, this has little to do with PayPal and more about your business rules. If your coupon is single use (globally), then you will be faced with the same issue regardless of any payment flow.
Simply putting it in "cart" and/or any event where a user "activates" said coupon, then just navigating elsewhere in your site, doesn't do anything, [whatever], creates that lag
it could be Paypal, Amazon, your own gateway - it really doesn't matter...but there will be a lag between activation and payment (beyond your control)
I think it's just best to be explicit with your customers and handle it appropriately technically (based on what that explicit messaging is).
You'll see some implementation of "timed purchase" at ticketing sites (e.g. buying a ticket to a game, movie, etc.) - they will have a "timer" for the user to do something (otherwise, the "reservation" is lost).
Hth...
Put an expiry date on coupon use - such as must be used within 10 days of activation. It gives the user urgency to use the coupon and gives you a timeframe to invalidate it.

Make payment at PayPal before SubmitOrder

This question is based on a project done through the MvcMusicStore tutorial.
Same technologies are also implemented in my site e.g. (MVC3, Sql Server 2008 SSMS & EF Code First)
I have implemented PayPal Web Standards payment at my project. Thanks to #Arun, i have referred to his site here http://www.arunrana.net/2012/01/paypal-integration-in-mvc3-and-razor.html
Situation at MvcMusicStore:
My project is similar to the data flow of MvcMusicStore. As you can see in this link, http://www.asp.net/mvc/tutorials/mvc-music-store/mvc-music-store-part-9
In this tutorial, Jon Galloway has inserted a Payment field in the AddressAndPayment.cshtml page (but for simplicity purposes he made all products to be purchased for free by typing the keyword 'Free' - which would allow the user to checkout by clicking SubmitOrder and saving the Order in database)
Situation at My Project:
My question is about the workflow that i intend to apply.
When user adds items to shopping cart and reviews items in the Cart.
I want to:
Redirect user to PayPal to make payment upon clicking Checkout
After User make payment, return the user to AddressAndPayment.cshtml page
User then enters information and submit order
Is this work flow even right to begin with?
If yes, how do i convert these variables from my project;
Product.Title
Product.Quantity
Product.UnitPrice
to match these PayPal variables?
Item_Name
Amount
Quantity
Well i figured it out myself.
My first question, "Is this work flow even right to begin with?"
I have implemented it successfully. I cant say it is 100% right way of implementing it. It depends on your own system workflow. As for MvcMusicStudio, i cannot think of any other methods than this.
As for the second question, all i did was call a foreach loop and looped the PayPal variables. You will see it in more detail on Arun's website (link provided in the question thread above).
Thank you.

How do you log PayPal IPN messages?

From PayPal's documentation:
"PayPal returns related variables for each kind of IPN message. Not all variables are returned for each type of transaction."
I was initially planning to create a table in the database with the message fields but now after I read this it doesn't seem like a good a idea anymore (esp. that I see a lot of fields in their IPN documentation).
I have a few ideas (e.g. using tabs and new lines character separate fields and values. Or, saving the the whole thing in XML in the database) but just wondering how you handle logging IPN messages?
What I do is save it to a database table with columns for information that is important to me along with a "raw" column. I take the form parameters collection and serialize it like a query string and push it in. That way all of the original information is available if I should need it but my database schema remains simple and reflects the information that is important to me.
I'd agree with the previous comment. IPN messages can be quite variable, and can be about 40-50 fields per submission. Just pull the few fields you need for your application (amount, customer info, etc) and drop the rest into an XML or TEXT field just in case you need it later.
I faced the same challenges when I integrate PayPal adaptive Payment. The fastest way I did is to store the IPN details (when PayPal calls the IPN handler that I did) to static variable so that the values can be shown regardless of browsers I used.