I am trying to use Paypal sandbox API for testing a simple payment process. I created 2 accounts - merchant & buyer. Then I created a web app having the jsp as below -
<body onload="document.forms['paypalForm'].submit();">
<form name="paypalForm" action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="business" value=<API Username> />
<input type="hidden" name="password" value=<API Password> />
<input type="hidden" name="custom" value="1123" />
<input type="hidden" name="item_name" value="Computer-Laptop" />
<input type="hidden" name="amount" value="1"/>
<input type="hidden" name="rm" value="1" />
<input type="hidden" name="return" value="http://localhost:8084/DemoPaypalApi/paypalResponse.jsp" />
<input type="hidden" name="cancel_return" value="http://localhost:8084/DemoPaypalApi/paypalResponseCancel.jsp" />
<input type="hidden" name="cert_id" value=<Signature> />
</form>
</body>
API Username, API Password & Signature have been pasted from my account on https://developer.paypal.com
On running the app, i get redirected to the paypal sandbox UI. However on entering the buyer mail id & password I keep getting "Please make sure you have entered your email address correctly" and "Please re-enter your PayPal password" errors.
Need your help.
hmm not sure where you picked up the code but it's very insecure - please don't pass APIUsername/APIPassword/Signature through a Web Form in a browser.
If you can provide a little bit more info on what you are trying to do I can suggest the best way to implement it.
Related
I've integrated paypal payment in my online store.
When in sandbox mode and using a sandbox paypal account to make a payment, everything works.
When in production mode and using a REAL paypal account to make a payment, the user receives this error on paypal checkout page:
When I try to pay with the same real paypal account on another online store that uses the same paypal method for receiving payments, everything works.
I redirect users to paypal checkout with this code:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="business" value="here I insert our business email" />
<input type="hidden" name="amount" value="0.1" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="item_name" value="test" />
<input type="hidden" name="invoice" value="8514" />
<input type="hidden" name="email" value="here I insert customer email" />
<input type="hidden" name="no_shipping" value="1" />
<input type="hidden" name="charset" value="utf-8" />
<input type="hidden" name="return" value="https://www.ourdomain.com/success.php?orderid=210141&h=03e2f8258d" />
<input type="hidden" name="cancel_return" value="https://www.ourdomain.com/cancel.php?orderid=210141&h=03e2f8258d" />
<input type="hidden" name="notify_url" value="https://www.ourdomain.com/update_paypal.php?orderid=210141&h=03e2f8258d" />
<button class="btn rightSignBig black" type="submit"><span><em>Pay with paypal</em></span></button>
</form>
What should I do to be able to receive payments on my business account in production?
The LIVE transactions are being declined by PayPal, for business reasons. For certain types of businesses, credit card companies need certain agreements on file in order to process transactions.
So, the owner of the LIVE PayPal business account needs to contact PayPal's general business support via https://www.paypal.com/smarthelp/contact-us and explain that all customer credit card transactions are being declined due to the type of business, and ask what they can do to resolve the issue.
I use sandbox for simple pay, my form is:
<form method="post" action="https://www.sandbox.paypal.com/cgi-bin/webscr" name="paypal">
<input type="hidden" value="_cart" name="cmd">
<input type="hidden" value="1" name="upload">
<input type="hidden" value="1" name="no_note">
<input type="hidden" value="1" name="no_shipping">
<input type="hidden" value="USD" name="currency_code">
<input type="hidden" value="{{my external script here[http://example.com]}}" name="notify_url">
<input type="hidden" value="{{my email}}" name="business">
<input type="hidden" value="Eko " name="item_name_1">
<input type="hidden" value="107-372" name="item_number_1">
<input type="hidden" value="0.50" name="amount_1">
<input type="hidden" value="1" name="quantity_1">
<input type="hidden" value="E-mail" name="item_name_2">
<input type="hidden" value="Free Shipping" name="item_number_2">
<input type="hidden" value="0.00" name="amount_2">
<input type="hidden" value="1" name="quantity_2">
<input type="hidden" value="0.23" name="tax_cart">
<input type="hidden" value="0" name="discount_amount_cart">
<input type="hidden" value="http://test.t/put-log.php" name="return">
<input type="hidden" value="http://test.t/raw.html" name="cancel_return">
<input type="submit">
</form>
After submit this form I pay using another sandbox account. My payment is correct but Im not redirecting to notify_url, looks like my IPN is lost or not sending, maybe because sandbox mode or any other idea?
SOLVED
My sandbox account misconfiguration - added verfication (bank account) to sandbox account and now history logs looks ok
Thanks for help!!
notify_url is for IPN which is completely separate from the checkout flow. No redirection will take place with your notify_url. The redirect would be the "return" parameter and could be used with PDT, which is similar to IPN, however, the user is never guaranteed to make it back to your return URL so it's not recommended to handle any post-transaction processing with PDT.
IPN is what you want, but you have to remember it's separate from the checkout flow. Check the IPN History from the sandbox account you're using as the seller. Also check your web server logs. It could be that the IPN is getting triggered but you have an error in your script keeping it from running correctly. IPN History and your web server logs will help you track this down.
I'm trying to integrate Paypal payments on website and I got this form:
<form method="post" action="https://www.sandbox.paypal.com/cgi-bin/webscr" id="paypal_form">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="business" value="mail#mail.com" />
<input type="hidden" name="item_name" value="Test payment" />
<input type="hidden" name="item_number" value="777" />
<input type="hidden" name="amount" value="1.99" />
<input type="hidden" name="return" value="http://myhost.com//successpaypal.php" />
<input type="hidden" name="cancel_return" value="http://myhost.com/cancelpaypal.php" />
<input type="hidden" name="no_shipping" value="0" />
<input type="hidden" name="rm" value="2" />
<input type="hidden" name="currency_code" value="USD" />
<input type="submit" value="Go to PayPal" />
</form>
And payments goes fine until users needs to confirm payment. There is no e-mail sending. I was trying in the sandbox with couple e-mail from couple computers and a couple of days. Is there any way to remove confirmation of payment by e-mail or what can be wrong with my that form?
The sandbox environment doesn't send emails externally. Since anyone can open (and confirm) any email address on any account in sandbox, it would be total chaos.
Instead, you can find all relevant messages that otherwise would've been sent as emails under 'Dashboard' > 'Sandbox notifications' on https://developer.paypal.com/
I have just began working on a project processing paypal payment on a web site, which does not work fine in the sense that the email notification is sent if and only if the user goes back to the site. The fact is that I didn't code it and I even don't know what kind of api it uses. I read the doc which is quite obscure to me (It understood there is a token needs to be sent from the site by get request method but I am really not sure). I understand from the code that, in the following, the op=dodons uri is used to mange the response of paypal and to send an email notification to the user. Here is the only thing I can tell you about the page from which I want to fetch up how the payment is processed :
<form action="{$payPalURL}" method="post" class="payPalForm" id="frmpp">
<input type="hidden" name="cmd" value="_donations" id="typedon"/>
<input type="hidden" name="item_name" value="Donation" />
<input type="hidden" name="business" value="{$myPayPalEmail}" />
<input type="hidden" name="notify_url" value="{$url}/index.php?op=dodons&donation=1&tid={$randomID}&payment=1" />
<input type="hidden" name="return" value="{$url}index.php?page=campaign&op=dodons&campaign_id={$campaign->getId()}&don=ok" />
<input type="hidden" name="rm" value="2" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="cbt" value="Continue" />
<input type="hidden" name="no_shipping" value="1" />
<input type="hidden" name="lc" value="US" />
<input type="hidden" name="currency_code" value="EUR" />
<input type="hidden" name="txn_id" value="{$randomID}" />
<input type="hidden" name="tid" value="{$randomID}" />
{if $logged_user != null}
<input type="hidden" name="a_id" value="{$logged_user->getId()}" />
</form>
It looks like you're using Payments Standard in combination with Payment Data Transfer (PDT).
PDT only works if the user makes it back to the site which is never guaranteed, even with Auto-Return enabled.
Instead, use Instant Payment Notification (IPN). This is a simple POST of all transaction data to a listener script on your server, and this happens regardless of whether or not the user makes it back to your site or not. It's completely separate from the checkout flow.
what's the best way to simply get feedback from PayPal to confirm that your customer paid? It looks as if the answer is IPN - if so, my followup question is, can I enable IPN for only specific buttons? I don't want PayPal pinging my IPN listener for purchases that don't require any kind of IPN integration.
I'm all about Agile and YAGNI, and therefore I don't want to do anything that is unnecessary.
You should read the IPN Documentation that have provided by PayPal. To use IPN, the simple way is to have invoice id for a transaction that you want to track. In the IPN listener page, you will get ipn_data and one of the field is the invoice. Using this id, you should get the data from your own transaction database, then change the status to reflect the payment status in PayPal.
In my code, usually I set status to unpaid, direct the user to paypal to do payment, and in IPN listener I will set the status to paid.
PayPal provide sample code so you can start right away. You can also see other PayPal documentation in this page.
You can easily include which IPN listener to use for in a button's parameters.
If you don't have a default location set on PayPal's website, then your IPN listener will only get pinged for those buttons that do have one set.
The PayPal form variable in question is "notify_url".
Here's an example subscription button, same variable for anything else though.
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="image" src="https://www.paypal.com/en_GB/i/btn/x-click-butcc-subscribe.gif"
border="0" name="submit" alt="PayPal - The safer, easier way to pay online."
onclick="_gaq.push(['_trackEvent', 'Click', 'PayPalMonthSub', 'SubscribePage']);" />
<img alt="" border="0" src="https://www.paypal.com/en_GB/i/scr/pixel.gif" width="1"
height="1" />
<input type="hidden" name="cmd" value="_xclick-subscriptions" />
<input type="hidden" name="business" value="paypal#yourdomain.com" />
<input type="hidden" name="item_name" value=" Monthly Subscription" />
<input type="hidden" name="item_number" value="1" />
<input type="hidden" name="no_shipping" value="1" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="currency_code" value="GBP" />
<input type="hidden" name="lc" value="GB" />
<input type="hidden" name="bn" value="PP-SubscriptionsBF" />
<input type="hidden" name="a3" value="4.99" />
<input type="hidden" name="p3" value="1" />
<input type="hidden" name="t3" value="M" />
<input type="hidden" name="src" value="1" />
<input type="hidden" name="sra" value="1" />
<input type="hidden" name="return" value="http://yourdomain.com/subscribe/thanks.aspx" />
<input type="hidden" name="rm" value="2" />
<input type="hidden" name="cancel_return" value="http://yourdomain.com/subscribe" />
<input type="hidden" name="notify_url" value="/http://yourdomain.com/IPN.aspx" />
</form>
If you need the default notification url set on your account then you will only be able to stop your handler being pinged by including a different handler in buttons that don't need it. If PayPal doesn't get an HTTP200 from a handler though it will keep trying it so I wouldn't advise setting anything to a non existent URI.