Get paypal user information after sale creation - paypal

I am integrating Paypal into a shopping cart and I want to get the user's shipping information after creating a payment. I know there was a method to do so using the old api, but it seems that the api has changed when developer.paypal.com was launched. I do not see what url I need to use in order to get extended payer information.
So far, I am sending the user to paypal for creation and when the user comes back, I have a payer id and token. From previous call, I have an execution link, but no details link. Do I need to force the user to enter shipping information before reaching out to paypal? If that is the case, it just seems confusing that Paypal shows shipping information from their system and not mine.
How do I get a payer's shipping details from paypal once they have approved an amount?

Most merchants use PayPal Instant Payment Notification (IPN) to receive payment details including the shipping address. This allows you to receive real time notifications from PayPal rather than pinging us once you believe a payment is made. Below is a simple PHP script that will take the IPN and validate it to ensure it wasn't a spoof attempt. Once validated you can update your database, send an email or whatever task is needed once you know payment has been made.
// Validate with curl
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "&" . $key . "=" . $value;
}
$curl_result=$curl_err='';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,'www.paypal.com');//Change URL to sandbox.paypal.com if testing in our developer environment
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", "Content-Length: " . strlen($req)));
curl_setopt($ch, CURLOPT_HEADER , 0);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$curl_result = #curl_exec($ch);
$curl_err = curl_error($ch);
curl_close($ch);
//Set validation flag
if (strpos($curl_result, "VERIFIED")!==false)
$valid = true;
else
$valid = false;
This method is much more reliable than Payment Data Transfer (PDT) as it doesn't rely on the consumer to return to your site for payment to be made.

Related

Yahoo oauth2 - getting access token from code

I am trying to integrate my application with Yahoo oauth2 login. I am not using any external libraries and following the instructions in https://developer.yahoo.com/oauth2/guide/
I generated authorization URL, redirected user to the login page of yahoo and got the code (completed steps 1-3 in the Yahoo guide).
Now I have to pass this code and get the access token. (Step 4: Exchange authorization code for Access Token)
For that, I am using the code as given below
$fields_string = 'grant_type=authorization_code&redirect_uri='.$CALLBACK_URL.'&code='.$code;
$fieldCount=3;
$ch = curl_init();
$headers = array(Authorization: Basic '. base64_encode($CONSUMER_KEY.':'.$CONSUMER_SECRET),
'Content-Type:x-www-form-urlencoded'
);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, $fieldCount);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
curl_exec($ch);
result = curl_exec($ch);
But this is not working and I am not getting any response from Yahoo. Any help is appreciated. Thanks.
Ok, solved it. Call was made similar to get_access_token method inside https://github.com/saurabhsahni/php-yahoo-oauth2/blob/master/YahooOAuth2.class.php

How can you use data from facebook's graph API without having to login?

I am creating a personal website about myself and i would like to have it pull images and wall posts from facebook and display them on the page, at the moment this all works fine.....for one hour which is how long an access token lasts for.
I dont want to use access_tokens because the posts and profile picture are public and the point of this website is that it updates itself as i update my facebook profile
Can the facebook API do what i ask of it (which is to allow the photos to be pulled all the time without fear of expiration or even having to log in), or does the facebook API not allow that and is only really used for people wanting to use thair facebook account on your website to comment or like?
I hope i was clear enough...
to summerize, i would like to my website to pull pictures of my profile when people visit the website and not have to deal with access_tokens
If you configure your "Facebook app" as a "web application" you will get an AppID and an AppSecret. Using these values you can dynamically request a new token every time your page loads and use that token for all of your requests. I believe facebook will return the same token if you continue to request a new token before the old one has expired.
Here is a PHP function to achieve this:
public static function GetNewAccessToken(){
try{
$url = "https://graph.facebook.com/oauth/access_token?client_id=" . \Core\Config::FB_APPID . "&client_secret=" . \Core\Config::FB_APPSECRET . "&grant_type=client_credentials";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //to suppress the curl output
$response = curl_exec($ch);
curl_close($ch);
//response will be access_code=<CODE> so we need to strip off the access_code part at the front/
$token = "";
if (isset($response) && $response !== FALSE && substr($response, 0, 13) === "access_token="){
$token = substr($response, 13);
}
return $token;
}
catch(\Exception $exc){
return "";
}
}

Questions regarding Going Live with PayPal

Im trying to get live with my webshop and do the steps necessary. I tried to ask the same question in the merchant support but it have taken over 10 days for them not to respond so I try here instead.
It says in the Going live Checklist:
- Make sure your PayPal API calls are directed at PayPal's production environment.
So where am I gonna put this https://api-3t.paypal.com/nvp ?
In the code where the buttons are created or in the PDT which is called? Those are the only placces I can think of that would do any difference
It also says:
- Get your live API credentials and use them wherever you call PayPal API operations.
I have generated them but where to use them? In my PDT which I redirect my customers to after a purchase or in the buttons?
Should the https://api-3t.paypal.com/nvp ? be somewhere there as well?
A final question. Do I have to "register" my "app" too? I tried to read but didnt understand. I have a website which Im gonna use your buttons in. Do I need to register that as well? How do I do this?
This is some of my pdt.php-code:
<?php
/*
update: 06/27/2011
- updated to use cURL for better security, assumes PHP version 5.3
*/
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-synch';
$tx_token = $_GET['tx'];
$pp_hostname = "www.sandbox.paypal.com";
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-synch';
$tx_token = $_GET['tx'];
$auth_token = "xxxxxxxxxxxxxxxxxxxxxxxxxx";
// real xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
$req .= "&tx=$tx_token&at=$auth_token";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://$pp_hostname/cgi-bin/webscr");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
//set cacert.pem verisign certificate path in curl using 'CURLOPT_CAINFO' field here,
//if your server does not bundled with default verisign certificates.
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: $pp_hostname"));
$res = curl_exec($ch);
curl_close($ch);
You're looking at a checklist for going live with PayPal API calls -- you're using PayPal buttons, so you don't need to worry about that.
For you, the only things you need to change are:
- The $pp_hostname for your PDT script
- The $pp_hostname for your IPN script (if you use it)
- The "action" part of your button (from https://www.sandbox.paypal.com/cgi-bin/webscr to https://www.paypal.com/cgi-bin/webscr)

Created album as a page but can't upload Photos using Graph API

I have searched intensively but I only can find similar topics but no one leads me to a working solution.
As my topic says i created an album as a page using following code.
$page_token = $facebook->api('/'.$page['id'],'GET',array('fields'=> 'access_token'));
$facebook->setAccessToken($page_token['access_token']);
$facebook->setFileUploadSupport(true);
$args = array(
'message'=> 'test album',
'name'=> 'Test Album'
);
$ch = curl_init();
$url = 'https://graph.facebook.com/'.$page['id'].'/albums?access_token='.$page_token['access_token'];//APP_ID.'|'.APP_SECRET;
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $args);
$data = curl_exec($ch);
$newAlbum =json_decode($data,true);
$newAlbumID = $newAlbum['id'];
Ok that works so far, I am receiving an album ID. but when I look into the JSON object or look up graph.facebook.com/ALBUM_ID i receive nothing even on the page there is no album.
I have manage_pages read_stream photo_upload publish_stream create_event rsvp_event permissions. Creating an event on the page works pretty fine. What I am doing wrong?
When I try to upload some pictures and create albums it only works for my own profile but I would need it for my page. I don't understand why I am receiving an ID which isn't working when I look it up.
I hope you can help me guys.
Hello everybody I think I have solved my problem. At first it's important to know I have tested nad tried some weeks to finally get the solution.
As I said I was able to create Events and Questionings on a page. Today I compared creating an album on my profile with creating one on a page and I got to know that this also works fine for both.
But when I tried to upload a photo into the album or on the page wall it failed with this lovely exception: "An unexpected error has occurred. Please retry your request later"
Today I tried to remove some permissions. as you can see below
OLD --> define('PERMISSIONS', 'offline_access read_stream photo_upload user_photos friends_photos user_photo_video_tags publish_stream read_friendlists ads_management create_event user_online_presence friends_online_presence rsvp_event manage_pages');
NEW --> define('PERMISSIONS', 'photo_upload user_photos friends_photos publish_stream create_event manage_pages');
and now it works!

Get Facebook user's profile picture prior to authenticating app

Summary:
I am working on a website that connects to Facebook through the Graph API. I was asked whether I can get a user's profile picture if they are already logged into Facebook, but prior to the user authenticating the app. Is this possible?
EDIT:
I know you can get people's profile picture by going to http://graph.facebook.com/USERNAME_OR_USERID/picture?type=large, but would I be able to get a user's username or ID if they are logged into Facebook, but have not authorized my app?
Details:
According to the Facebook API User documentation, you can get their Facebook ID without an access_token, and I know if you go directly to a user's /me URL you can see their basic information. With the Facebook ID, I can grab their profile pic.
However, when I try to call it from the website using the following code, I get an OAuthException error.
FB.api('/me', function(response) {
console.log(response);
});
I'm guessing that they have to authenticate the app, but I'm looking to see if I may have missed a way of getting their profile pic.
Thanks for your help!
You can get everyone's Facebook profile picture without authentication.
You just call http://graph.facebook.com/USERID/picture?type=large.
This URL redirects you to image URL.
Edit: Querying by username is not allowed anymore, so I updated USERNAME_OR_USERID as USERID.
yes you can get..
http://graph.facebook.com/naseer.panhwer/picture?type=normal
http://graph.facebook.com/naseer.panhwer/picture?type=small
http://graph.facebook.com/naseer.panhwer/picture?type=large
You can generate an access token using an application id and secret as follows:
https://graph.facebook.com/oauth/access_token?client_id={appID}&client_secret={appSecret}&grant_type=client_credentials
NOTE: Don't do this on the client side as you risk having your application getting hijacked.
The resulting token can be user to query users with the graph API without a login prompt.
How to get FB images w/o oauth or access tokens:
I was trying to get only images of few members but I was stuck then wrote this snippet and worked for me,
The HTML tag
<img src="getFbImage.php?id=<fbid_of_the_person>&type=[small|large]" />
The PHP code
<?php
$remoteImage = !isset($_GET['id']) ? "../images/default.png" : getImg($_GET['id']);
$imginfo = getimagesize($remoteImage);
header("Content-type: ".$imginfo['mime']);
readfile($remoteImage);
function getImg($id){
$dom = new DOMDocument;
$dom->loadHTML(getData($id));
$tags = $dom->getElementsByTagName('img');
$img = '';
foreach ($tags as $tag) {
$img =$tag->getAttribute('src');
if($img=='')
continue;
else if(isset($_GET['type']) && $_GET['type']=='large')
break;
}
//This iteration has a lot of images try your luck.
return $img;
}
function getData($id){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,'https://www.facebook.com/photo.php?fbid='.$id);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 Firefox/39.0');
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
?>
I only had to use a 30x30 image and I got what I wanted. Check out it also provides you a large image.
Cheers!
Joy