As all we know there is a custom param that allow us to retrieve custom data when an ipn notification come from paypal.
But also, I am using a couple of params in the notify_url, and those params sometimes get lost, and when paypal send to me the ipn notification, it comes without one of those params. The strange thing is that one of the param come correctly.
So, first question is: Can I use custom params in the notify_url like:
notify_url = "www.mydomain.com/paypal/ipn/?param1=one¶m2=two"
I suppose that I can do it, because it fails 1 in 20 times on my application, so I do not know if it is because it is not supported by some browsers or something like that, or maybe it is a bad habit I should quit.
And sometimes paypal send the ipn notification to:
notify_url = "www.mydomain.com/paypal/ipn/?param1=one"
Without the second param...
And if I can do it, do you have any clue about what it is happening here...
Thanks!
I always avoid sending data to IPN as URL parameters. There are various reasons it may not come through, which means there's no guarantee it'll work correctly every single time.
Instead, use the CUSTOM parameter like you said. If you need to pass more than a single value you can send it as an NVP string just like you would on your URL. Then just parse those values back out of the CUSTOM value within your IPN script.
Alternatively, you could save all of the data you're going to need in your database and then send the record ID in the CUSTOM parameter over to PayPal. Or you could use the INVNUM parameter if that makes sense for you.
Then in your IPN script you pull that data back out of the database based on that record ID. This way you're always sure you'll have it available and won't have to worry about losing URL params along the way.
Related
I'm adding very simple membership renewal functionality to a web site using PayPal Payments Standard buttons. We only have 300 or so members, so a simple e-comm solution like this should work fine.
I'd like to capture some sort of confirmation that I can then capture on my end so that I can insert it into the database. I've seen the IPN listener method, but it seems more complex than I really need - all I really need is to pass the confirmation code via a URL variable in the return URL, i.e. http://www.example.com/landing?transactionid=abc123. Is this possible? Also, is there a way to pass my own dynamic variable (for instance, a membership ID) into the form and have that be a part of the return string?
Thanks
An alternative is to use express checkout which is a two step process requiring pre-authorization and then charging a customer. If you are accepting echecks you will eventually need to use IPN to update the original transaction. You can pass a dynamic variable using the custom field in Paypal.
Either way one of the two methods is required to process a transaction securely - what is stopping someone from typing the URL you are suggesting?
I read that I need to send a confirmation to paypal with the fields in the same order plus the cmd=_notify-validate field. I know that for certains event the fields will be different, but for example for a notification of paid using paypal buttons, will the params will always be in the same order?
Due some limitations I can't get the whole POST fields array (I can only get them by explicitely calling the key) so an option is to set each field in the confirmation request to paypal.
Whether it's always the same order is irrelevant. You're supposed to send them back in the same order they arrived in, whatever that was.
BUT I don't believe that observing the same order in the validation request is necessary, and in some languages, e.g. Java, it isn't even possible, as the order isn't preserved. I've been running IPN for several years without observing this constraint, and I've only ever had one validation failure, from Turkey, which remains unexplained but could have been say a character set issue.
Note that PayPal provide sample code for Java somewhere which therefore doesn't observe the constraint either. One assumes it was tested and passed a review ...
I am trying to add a Note to the transaction, so when I receive the payment email I see something in the Notes/Message section. Does anyone know what object it should get attached to?
Both the API and HTML systems support the CUSTOM field. This value is accepted and passed back to you in the same fashion you sent. So if you need a message that is the field to use.
My notification script is launched twice first is VERIFIED and second INVALID.
I've tried different ipn validation scripts and always get it twice.
I'm using sandbox maybe seller account settings are not right? I've set IPN on with notify url and auto return. Also in form there is return and notify_url set
I remember in the documentation it states that duplicates are possible -- that's just the nature of the internet. That's why it gives you a unique transaction ID. You're supposed to use that to prevent bad things from happening if you get notified twice.
A better question might be: why does it say Verified and then Invalid? Or is that ok?
EDIT
The docs say "PayPal sends a single word back, which is either VERIFIED if the message originated with PayPal or INVALID if there is any discrepancy with what was originally sent". I'm going to guess that YOUR code accidentally sends the "echo" back to PayPak twice and one of them is malformed. Maybe they're both identical but PayPal responds with INVALID if it gets it twice. But no matter, for a particular transaction Id, once you get VERIFIED, you're good. Simply ignore all subsequent responses.
EDIT 2
The return url is simply used by PayPal to redirect the user back to your site. Use this page to thank them for their purchase and inform them they will be notified once processing is complete. You can even set this to an empty string if you don't want this feature. When Payment is actually complete (or some problem was identified), PayPal will invoke the script referenced by the notify url. This is where you make sure everything looks right, handle duplicate notifications, update your database, send an email to the user saying their payment was processed, etc.
before inserting or updating your mysql query Check if the returned Transaction id '$_POST['txn_id']' already exists in your db table, if it doesnt exists so insert it with other $_POST data, because paypal calls the notify url many times.
From PayPal's documentation:
"PayPal returns related variables for each kind of IPN message. Not all variables are returned for each type of transaction."
I was initially planning to create a table in the database with the message fields but now after I read this it doesn't seem like a good a idea anymore (esp. that I see a lot of fields in their IPN documentation).
I have a few ideas (e.g. using tabs and new lines character separate fields and values. Or, saving the the whole thing in XML in the database) but just wondering how you handle logging IPN messages?
What I do is save it to a database table with columns for information that is important to me along with a "raw" column. I take the form parameters collection and serialize it like a query string and push it in. That way all of the original information is available if I should need it but my database schema remains simple and reflects the information that is important to me.
I'd agree with the previous comment. IPN messages can be quite variable, and can be about 40-50 fields per submission. Just pull the few fields you need for your application (amount, customer info, etc) and drop the rest into an XML or TEXT field just in case you need it later.
I faced the same challenges when I integrate PayPal adaptive Payment. The fastest way I did is to store the IPN details (when PayPal calls the IPN handler that I did) to static variable so that the values can be shown regardless of browsers I used.