I've made a form. Currently this form does the following operations: customer fills up the form (creates an order) clicks on "Submit" button all form entries are entered into a database. I'd like to change it to do the following operations: customer fills up the form in the end of the form there is a text box showing much this

submitting the form after successful paypal money transaction using php

I’ve made a form. Currently this form does the following operations:

customer fills up the form (creates an order)
clicks on “Submit” button
all form entries are entered into a database.

I’d like to change it to do the following operations:

customer fills up the form
in the end of the form there is a text box showing much this order will cost him.
clicks on “Submit” button (if accepts the price)
redirected to paypal
if the payment is successful -> all form entries are entered into a database. Else -> echo “transaction failed”.

Here is what I’ve done so far:

“form.php” contents

<html><head><title>Title</title></head><body>
<form action="php-form-processor.php" method="post">
    <table border="0" cellspacing="5" width = "500">
        <tr>
            <td align="right" width="160">Choose an Item:</td>
            <td align="left">
            <select name="formItem" value="<?=$varItem;?>" class="input_full" >
                <option value="1">Cheese</option>
            </select>
            </td>
        </tr>
        <tr bgcolor="#D0E8F5">
            <td align="right" >Item count:</td>
            <td align="left">
                <input type="text" name="formItemCount" maxlength="50" value="<?=$varItemCount = 1;?>"  class="input_full" />
            </td>
        </tr>
    </table>
    <p align="center">
    <input type="submit" name="formSubmit" align = "center" value="Submit" />
    </p>
</form></body></html>

“php-form-processor.php” contents

<?php
if($_POST['formSubmit'] == "Submit")
{
    $varItem = $_POST['formItem'];
    $varItemCount = $_POST['formItemCount'];

    //database stuff
    $username = "...";
    $password = "...";
    $hostname = "..."; 
 // connect and add to the database varItem and varItemCount
    mysql_query($sql);
    mysql_close($dbhandle);
}
?>

The form is much bigger but i’ve simplified the stackoverflow’s version of it. The price of an order must change according to “varItem” and “varItemCount” value. Basically I want to add “Pay with PayPal” option before writing an order into the database. P.S. I’ve already registered paypal Sandbox account and added “Buyer” and a “Seller”.

what should I do next?

EDIT: ok, so here is a small guide how to solve the problem. Here are some advises:

first, download paypal IPN listener wrapper: https://github.com/Quixotix/PHP-PayPal-IPN
then register SandBox account plus 1 buyer and 1 seller acc
login as a seller and create a form (with non-hosted button!)
place the form into your page and parse the ID or any other necessary information via “custom” input (some helpful advises can be found here: http://www.devshed.com/c/a/PHP/Creating-a-Paypal-IPN-System-in-PHP-Part-Two/)
now place redirect to this page after Form submit
don’t forget to enable IPN at paypal Seller account and enter IPNlistener link into a necessary address field
submit a paypal form and wait for response on listener
done

Whole proccess looks like this:

customer fills up the form
after submitting the form – all entries are written into the database + ID + 1 additional field called “payed” which represents: 1 – if customer payed for an order and 0 – if not
use header(“Location: URL”) to redirect from Form_Processing to Paypal_Form
use the “session” to write order ID into a session or use POST message
submit the PaypalForm and use “custom” field as a carier for our order ID
set up the listener to update the database as following: if transaction was successful -> update the database column “payed” to 1 (done). Use the ID from “custom” field to select needed order i.e.:

$sql = “UPDATE paypal_test SET payed = ‘1’ WHERE id = ‘”.$_POST[‘custom’].”‘”;

Now we have a database with completed and non-completed forms. Additionaly you can write a logic which will remove “old” uncompleted orders. For this reason you can create additional column called “date” and then compare: if (current_date.days – old_date.days > 7) -> remove from DB. That’s it!

Answer

I would not accept what the PayPal post back is giving you, it’s a sloppy way of checking the authentication of the user and expects the user to click the “go back to website” button. Instead use the IPN (https://www.paypal.com/ipn/) and make sure you post the response back to PayPal for verification.

Checkout this PHP example from PayPal: https://cms.paypal.com/uk/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_admin_IPNImplementation

Advertisement

Answer