Integrating PayPal Payments in Your Website with Buy Now Buttons – Top 5 Reviews
Menu

Integrating PayPal Payments in Your Website with Buy Now Buttons

Integrating PayPal Payments in Your Website with Buy Now Buttons

There are many ways to use PayPal as a payment method on your website. In this article I will cover one technique that I’m using on one of my websites. In this technique I use PayPal Buy Now buttons where each button is set to a fixed price. If you use some sort of shopping cart where there could be countless different prices, this guide might not be of assistance to you.

I will guide you through the entire process: integrating the buttons in your website, what needs to be done in your PayPal account and securing the payment process to make sure you are not scammed. For an in-depth guide on all payment methods, check PayPal’s guide.

What do you need to know before you begin? The most important thing to know is PHP. If you don’t have any experience with PHP, I recommend you don’t go through this process without help of someone who does.

PayPals Buy Now buttons allows customers to pay with their PayPal account and with credit cards (MasterCard, VISA, American Express and Discover). This is great because your customers don’t necessarily have to own a PayPal account to purchase your product and you don’t have to deal with merchant banks and gateways.

PayPal Settings

Before we begin, you need to open a PayPal business account in order to be able to receive payments. Go to PayPal.com and click “Sign Up”. Important note: ‘Business Name’ will be the name customers will see once they pay for your product (via PayPal).

Important settings: (Auto Return for Website Payments, Instant Payment Notification, Creating Buy Now Buttons)

  • Auto Return for Website Payments:
    Once the customer has made the payment you can redirect him automatically to any page on your website. I’m pretty sure you’re going to want to use this option.
    The reasons for this are:
      1. You can redirect your customer to a “Thank You” page.
    2. Update your database with important information.
    3. Run some checks to make sure it’s a real sale, and not a fraud.Here is where you choose your return page: Go to Profile →Website Payment Preferences. Check “Auto Return” to On and in the “Return URL” just insert the full URL of your return page.
    Note: This will be applied to all of your auto return payments. If you want each Buy Now button to redirect your customers to a different page, you can do so in the button’s code. In that case, it will override the settings we just made.
  • Instant Payment Notification:
    After PayPal verifies a customer’s payment and before he is redirected back to your website, you will want to run some background checks (and database updates) to make sure the sale is valid.If you choose not to use this option you leave yourself open to scams. Imagine if you choose not to use this options and a user is just redirected back to your website. He could copy PayPal’s temporary URL (the one that appears in the address bar after the payment was made and before the redirection) and enter it again and again with a different sale ID. He could change details in that URL (like amounts). Without verification the user can create all sorts of trouble for you this way. In order to prevent problems you need to have a ‘listener’ page. This page opens while the user is waiting to be redirected to your website. Usually it’s a 10-15 seconds wait (It says something like “in 15 seconds you will be redirected…”). This page will just run PHP code to verify the sale.Later on I will go over some coding to prevent the problems and trouble I wrote about in the previous paragraph, but in the meanwhile here is what you should do in your PayPal account: Go to Profile → Instant Payment Notification. Turn on IPN, and edit the settings with the URL of your listener page. More info on IPN.
  • Creating Buy Now Buttons:
    Go to Merchant Services tab in the main menu tabs. Then click Buy Now Buttons.
    Step 1: Fill out the correct information. Price, Currency, Customize buttons and Merchant account IDs are most important. Under Merchant account IDs check ” Use my secure merchant account ID”. This is for security reasons. You can read about it under “Learn More”.Step 2: Check “Save button at PayPal”. The other two are not necessary. If you are interested in Tracking make sure you read about both options before checking them.Step 3: Nothing special needs to be added. Feel free to check what you need.Finally, click create button. If you created the same buttons as I mentioned above, each one’s code should be identical except the hosted_button_id. This means that when you insert the code to your web pages you can set PHP variables to be those ids and paste each one in the buttons’ code (according to your needs), instead of pasting all of the buttons’ codes.

 

Security Checks and More Coding

  • The listener page:
    In order to make a web page into a listener page you need to insert some pretty complicated and unusual PHP code. Fortunately, PayPal provided you with all the code you need. Click here to view it. I’ve used the exact same code and it worked perfectly.
    Here is what I’ve added on my own:
    1. In this if statement,   if (strcmp ($res,“VERIFIED”)==0)   I’ve added a test which pulls out of my database all sales with our current “txn_id”. It is not possible there were previous sales with that txn_id:

    This test prevents users from clicking enter repeatedly on the PayPal’s URL, trying getting many sales.To test this, create a temporary sale in your database with some basic details (with the txn_id of course) and mark this sale as uncompleted. Later on, when the user is redirected back to your website, compare this sale with the details transferred back with the user. After the comparison, update the sale with more details and mark it as completed. I will elaborate on this more when we deal with the redirect page.

    2. Paypal’s guide mentioned some checks needing to be done. Write the code for them.
    3. Email yourself if any check failed. I numbered each test, so I will know what was exactly the problem was.
    4. If this   elseif (strcmp ($res,“INVALID”)==0) {  is true, you can email yourself again.

  • The Redirected Page:
    This part is a bit tricky. When creating the Buy Now buttons, you can add only one POST field to the button’s HTML code. The contents of this field will be transferred with the user to PayPal’s website, and it will return once the user is redirected back. So if you need to pass any information (and you probably need to) like the user’s database ID, amount of money, the database ID of the products he purchased, etc. to your database you will need this information. The only way to retrieve this information is to add it to the button’s code, and pull it back later on.Because you have just one field for all the information, you will need to create a string divided by some kind of symbol, like  | .When the user is redirected the information will appear in the GET super global variable.
    Here is the code I used to do so:
    My raw information was transferred like this: (example)
    name=david|id=5|amount=140

    Now we have an array that looks like:

    As always, it’s a good idea to test your code.

    Tests I’ve written:

    1. First thing you have to do is pull the sale from your database, so we can check it and update it. There might be a problem with pulling out the sale. The listener page could still be running, so we have to make sure it’s finished. In order to do so, insert a sleep command – like sleep(100). Run some tests on that, to make sure it’s working.
    If the sale was not found, redirect the user to a “failed” page.

    2. Amount of sale: The amount of the sale appears in three places. The sale you pulled from the data base, the custom text (‘cm’) we already handled and in the Super Global $GET[‘amt’]. Compare all three to make sure the amount was not maliciously changed.
    If you have other amounts, check them as well.

    Note: The amount is represented with a decimal point (xx.yy), so you might need to break it and cast it to integer – (int)$amount.

    3. Sale is still uncompleted: Make sure the sale is still marked as uncompleted.

    4. Update the sale: After all tests were passed successfully and you have added your own tests, you can update the sale with relevant information and mark it as completed.

  • Buy Now buttons:
    Once your customer has clicked the Buy Now button, he will be transferred to PayPal’s payment page. If he/she decides to pay with their credit card, they will have to fill out some basic details. If you have some of those basic details you can make sure it’s already filled out for them.
    Simply add some hidden fields to the button:

    Make sure you get the “name” attribute written correctly. For more similar attributes, check PayPal’s guide.
    You can also notice the “custom” attribute. This is the $GET[‘cm’] Super Global you can pull out later.

 

Final Word

Like I said, there are many ways to use PayPal’s paying system; this is just one of them. I hope you find this guide helpful and I hope it saved you time. I’d be happy to answer questions so please feel free to post anything you are wondering about. I’d also be glad if you have any other comments about this guide.

 

We will be happy to see your thoughts

Leave a reply

Search