When I click the cancel link in PayPal and am redirected to my cancel_url, it is passed the following parameters (some values removed).
cmd=_flow&
myAllTextSubmitID=&
miniPager=&
currentSession=&
pageState=login&
currentDispatch=&
email_recovery=false&
password_recovery=false&
login_email=&
login_password=&
private_device_checkbox_flag=on&
SESSION=&
CONTEXT=&
cmd=_flow&
id=&
close_external_flow=false&
external_close_account_payment_flow=payment_flow&
cancel_return=&
auth=&
form_charset=UTF-8&
external_remember_me_read_cookie_ids=&
flow_name=xpt%2FCheckout%2Fwps%2FLogin&
fso=
Is there any way to verify that this is a legitimate cancelation similar to how IPN verify works?
None of this looks like PayPal data. It looks like you're passing that stuff to yourself in the cancel URL, or via your original form. In which case you can pass yourself a ticket that only you can generate and verify. There's no need from Paypal's point of view to provide a verification, as no transaction has occurred.
Related
My PaypalIPN.php has this line:
const VERIFY_URI = 'https://ipnpb.paypal.com/cgi-bin/webscr';
My Buy Now button says different:
"https://www.paypal.com/cgi-bin/webscr"
Is that correct with one going to ipnpb. and one going to www.paypal.com
Orders are scarce, there's something wrong somewhere, I'm doing a process of illimintation, can anyone verify the above?
If yours is working OK, can you take a look por favor?
Either URL can work, but the ipnpb one is newer and preferred, per the current IPN documentation.
In rare cases I'm getting IPN notifications with the parameters renamed. For example, rather receiving a message containing the expected parameter:
option_name1=<my value here>
instead I receive a message with:
option_name1_1=<my value here>
And quite obviously my code does not look for a parameter with the extra _1 on the end.
Why does this happen and can I get PayPal to retry the IPN notification with the correct parameter name?
Thanks!
Thanks to #EJP - looks like PayPal is mistakenly treating the transaction like it is a shopping cart with multiple items.
I've added checks in my IPN handler code to deal with the extra fields with the _1 appended to them (even though I'd never expect them to be there).
I've extended the User model in my loopback application, and added phone number as a login method, I use the username field to do this, the only deal is that on login I get the 'email not verified' error, I have my own phoneNumberVerified field, and have overwritten the confirm method to validate the token against the emailVerificationToken and against the phoneNumberVerificationToken and update the corresponding flag, I thought of overwriting the original login method to not allow login only if both emailVerified and phoneNumberVerified fields are false (not just the email) but I don't know how to actually do the login the way loopback does it (I believe it creates an AccessToken or something), and I'm asking for some help on how to do this, thanks XD. I can do the overwriting and validations myself I just need to know how to do the actual login without using the original login method, since I'll be rewriting it.
So I figured out that I actually don't need email or phone number verified validation at all on login (later on the workflow will be required, but that'll be another use case, so it's irrelevant on login to me now XD). So when I was looking on how to overwrite the login method I realized that all the models code it's on the node_modules folder xD
node_modules/loopback/common/models/user.js
And found there in the login method a flag that validates if should check email verified or not, so on my startup script I just put this:
app.models.MyUser.settings.emailVerificationRequired = false;
That stops the email verified validation on login.
And maybe if some of you would like to override the login method I believe copying the whole method from the original user model up there and attaching it to your model and doing some modifications might work xD, it invokes the createAccessToken from the user model (itself) and that's what I believe creates the 'login', what I came to understand is that there is no "session" data, it creates an accesstoken when you successfully login, and as I've been doing just sending the token id to every request 'authenticates' your logged user.
Thanks for reading, have a nice day :)
PayPal is ignoring the response to my instant update callback.
I'm on sandbox
I'm getting the callback
I'm returning the exact example result in the documentation
...and PayPal continues to show my default shipping fee
Here's what I return from the callback (the example response at the end of this page):
METHOD=CallbackResponse&OFFERINSURANCEOPTION=true&L_SHIPPINGOPTIONNAME0=UPS Next Day Air&L_SHIPPINGOPTIONAMOUNT0=20.00&L_TAXAMT0=2.20&L_INSURANCEAMOUNT0=1.51&L_SHIPPINGOPTIONISDEFAULT0=false&L_SHIPPINGOPTIONNAME1=UPS Express 2 Days&L_SHIPPINGOPTIONAMOUNT1=10.00&L_TAXAMT1=2.00&L_INSURANCEAMOUNT1=1.35&L_SHIPPINGOPTIONISDEFAULT1=true&L_SHIPPINGOPTIONNAME2=UPS Ground2 to 7 Days&L_SHIPPINGOPTIONAMOUNT2=9.99&L_TAXAMT2=1.99&L_INSURANCEAMOUNT2=1.28&L_SHIPPINGOPTIONISDEFAULT2=false
I've also tried a much simpler response with no change in effect:
L_SHIPPINGOPTIONAMOUNT0=20.00&OFFERINSURANCEOPTION=false&L_SHIPPINGOPTIONISDEFAULT0=true&L_SHIPPINGOPTIONNAME0=Standard+Domestic&METHOD=CallbackResponse
What could I possibly be doing wrong? I see the callback in my server log. This is baffling.
It seems like in the response from the above url one parameter is missing which is "L_SHIPPINGOPTIONLABEL0=somenamehere" .
Try updating your callback script to send the above variable also in the response to the PayPal and see if that works for you .
For everyone interested, here is the documentation of the "Callback Response Message". I was also searching for the documentation because of a missing parameter.
https://developer.paypal.com/docs/classic/api/merchant/Callback_API_Operation_NVP/
I am hoping someone can help me with the following. I have a Buy Now button on a child dialog. Buy Now button displays PayPal page correctly. Now I am trying to do I cannot find info on it. I would like PayPal to return to the child dialog with a variable that will indicate success (payment made) or failure (payment cancelled by buyer). Is this possible?
The flow works like this:
Member logs in to my site
Member makes purchase via paypal
Member is added to a raffle prize.
The child window (dialog) remains open as PayPal is opened in another page. Regardless of whether the payment is successful or cancelled/ failed I would like to return to the child window with a value indicating the result of the payment. If the result is a success then some code is performed. If not then nothing is done and the child window remains open.
Bruno
You need to add a return url input <INPUT TYPE="hidden" NAME="return" value="URLspecificToThisTransaction">, look here https://cms.paypal.com/uk/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_formbasics under Setting The Return URL on Individual Transaction heading
You also need Instant Payment Notification – notify_url
Instant Payment Notification comprises three parts:
Someone pays you.
PayPal POSTs FORM variables to a URL you specify that runs a program to process the variables.
You validate the notification.
look here https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/ipnguide.pdf