Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: buckworks
I have a client that wants to offer a paid membership area using paypal.
So far I have set up a website payment standard button.
Buy button -> User pays -> User redirected to account registration page and fills in their email & password -> user database is updated with email,password & paid=yes.
How can I carry a variable to the registration page so I can insert into the database that the user has paid?
What I don't want is people to get hold of the registration url so they can bypass the payment stage.
Is it possible? i've been reading the paypal library forever and can't find anything.
Verifying this data is a lot more advanced than creating a standard button. It's part of the PayPal API, documentation and examples are on PayPal
You have to read the IPN docs, but it works like this.
You go into payPal and enable IPN, enter the URL to the "listener" script described below. Whenever a payment is made, it sends a token to the listener script.
You create some script, let's call it a "listener" script. All it does is "listen" for a message sent from paypal. What payPal sends is a transaction id when a payment is complete. This is particularly cool if someone pays via eCheck, which can take up to three days to clear - three days later, the payment clears and the IPN token is sent to your listener script.
Within the listener script you have to post back to payPal using curl and append the token with "&cmd=_notify-validate." Note: this SHOULD be done over https, and there's a thread around here about non-https IPN functions failing, don't know if this is temporary or permanent.
Within your listener script, if the response is VERIFIED, you update your database.
This allows you to eliminate a lot of user error. In your scenario, the user is making a payment and you are "hoping" they click the link to "return to merchant." If they don't, the whole thing falls down.
With IPN, they enter all their info FIRST, and you add it to the database, but your database has, say, a "transaction_complete" field that is set to 0. Then they are sent on to make the payment.
If they don't use the "return to merchant" link, the IPN completes the process for them, and your listener script sets "transaction_complete" to 1, eliminating user error.