Gossamer Forum: General: Perl Programming: Paypal sale validation?

Feb 6, 2002, 12:43 PM

Andy

Veteran / Moderator (18441 posts)

Feb 6, 2002, 12:43 PM

Post #1 of 24

Shortcut

Paypal sale validation?

At the moment I am trying to make a PHP (or Perl) shopping cart for one of my sites (http://www.wwwtemplates.com). What I am trying to work out though is how to make it so people can make a purchase through PayPal, and then my script validate that they were refered correctly. The annoying thing is that because paypal do their sales stuff on a HTTPS server, no HTTP_REFERER is passed along. This is annoying as otherwise it would just be a case of doing a regex search to see if the refering domain was paypal.com.

Basically I was just wondering if anyone had any ideas on how to do this, or if you have even done this before yourself. I know it is possible as 4templates.com have done it. I'm just confused as to how to do it Frown

Thanks

Andy (mod)
andy@ultranerds.co.uk

Feb 6, 2002, 12:57 PM

Andy

Veteran / Moderator (18441 posts)

Feb 6, 2002, 12:57 PM

Post #2 of 24

Shortcut

Re: [AndyNewby] Paypal sale validation? In reply to

Never mind...just found a cool developers page for PHP and Perl programmers with PayPal. Got the following code now;

Code:
#!/usr/local/bin/perl 

# read post from PayPal system and add 'cmd' 
read (STDIN, $query, $ENV{'CONTENT_LENGTH'}); 
$query .= '&cmd=_notify-validate'; 

# post back to PayPal system to validate 
use LWP::UserAgent; 
$ua = new LWP::UserAgent; 
$req = new HTTP::Request 'POST','https://www.paypal.com/cgi-bin/webscr'; 
$req->content_type('application/x-www-form-urlencoded'); 
$req->content($query); 
$res = $ua->request($req); 

# split posted variables into pairs 
@pairs = split(/&/, $query); 
$count = 0; 
foreach $pair (@pairs) { 
($name, $value) = split(/=/, $pair); 
$value =~ tr/+/ /; 
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; 
$variable{$name} = $value; 
$count++; 
} 

# assign posted variables to local variables 
$receiver_email = $variable{'receiver_email'}; 
$item_number = $variable{'item_number'}; 
$invoice = $variable{'invoice'}; 
$payment_status = $variable{'payment_status'}; 
$payment_gross = $variable{'payment_gross'}; 
$txn_id = $variable{'txn_id'}; 
$payer_email = $variable{'payer_email'}; 

if ($res->is_error) { 
# HTTP error 
} 
elsif ($res->content eq 'VERIFIED') { 
# check the payment_status=Completed 
# check that txn_id has not been previously processed 
# check that receiver_email is an email address in your PayPal account 
# process payment 
} 
elsif ($res->content eq 'INVALID') { 
# log for manual investigation 
} 
else { 
# error 
} 
print "content-type: text/plain\n\nOK\n";

Thanks anyway Smile

Andy (mod)
andy@ultranerds.co.uk

Feb 6, 2002, 1:10 PM

Paul

Veteran (19537 posts)

Feb 6, 2002, 1:10 PM

Post #3 of 24

Shortcut

Re: [AndyNewby] Paypal sale validation? In reply to

Thats for making payments isn't it?

Last edited by:

RedRum: Feb 6, 2002, 1:11 PM

Feb 6, 2002, 1:45 PM

Andy

Veteran / Moderator (18441 posts)

Feb 6, 2002, 1:45 PM

Post #4 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

Dont think so. Its for receiving them. Its a way to validate if someone has actually made a purchase, and it will also let you get other info such as invoice number etc. Quite a cool tool Smile

You should use it for your hosting packages Wink

Andy (mod)
andy@ultranerds.co.uk

Feb 8, 2002, 7:29 PM

Evoken

User (64 posts)

Feb 8, 2002, 7:29 PM

Post #5 of 24

Shortcut

Re: [AndyNewby] Paypal sale validation? In reply to

Having a script to varify PayPal sales certainly sounds like a great idea. I use PayPal myself, on my website and thought this feature would come in handy. I don't know anything about PHP, so I did a search for a script that might do the same using Perl. No luck, but I did find a website that may interest anyone who uses PayPal for large transactions:

http://www.paypalwarning.com/WallOfShame/Default.htm

There are literally dozens of posts from people who have been ripped off by PayPal, and who will probably never see their money again.

Sorry for the off-topic post, but I had no idea PayPal were so dodgy until I came across the website above and thought it may be useful information for someone here.

Feb 9, 2002, 2:45 AM

Andy

Veteran / Moderator (18441 posts)

Feb 9, 2002, 2:45 AM

Post #6 of 24

Shortcut

Re: [Evoken] Paypal sale validation? In reply to

I see your point about that, but I think its just an excuse for lawyers to try and sue someone Wink

PayPal have been very good to me, and I have never noticed any money dissapearing.

Anyway, back to that thing for PayPal would you want it just to validate payments, and then show a confirmation/declining page? If so, have a look under (not definate on the wording) Sell > Instant Payment Notification (then follow the link at the bottom of the page for Perl coding samples).

Hope that helps Smile

Andy (mod)
andy@ultranerds.co.uk

Feb 9, 2002, 2:46 AM

Paul

Veteran (19537 posts)

Feb 9, 2002, 2:46 AM

Post #7 of 24

Shortcut

Re: [Evoken] Paypal sale validation? In reply to

>>
There are literally dozens of posts from people who have been ripped off by PayPal, and who will probably never see their money again.
<<

Funny you should mention that, I've just emailed a complaint to PayPal as I had about $1000 ready to withdraw from my account and before I did so I used their corrency convertor. It showed that $1000 converted to £650.

So, I went to Yahoo's live exchange rate page and using their live rate it converted to just under £700 so around $80 has disappeared.

I emailed them about 5 days ago but have had no reply.

They claim to charge $1.50 for wire transfers but I have a sneaky feeling that they are hiding the charge in the conversion rate (but it still shouldn't be $80).

Obviously this doesn't happen with smaller amounts as it is harder to hide the charge but there is certainly something dodgy going on with larger amounts.

Feb 9, 2002, 3:01 AM

Paul

Veteran (19537 posts)

Feb 9, 2002, 3:01 AM

Post #8 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

Sorry, just to add to that, it is IMPOSSIBLE to contact paypal. They force you to select from that stupid select list what kind of support you require and then it just displays a few possible answers so where it says "does this help" I click "No" and it takes me to a page where I can only enter 700 characters in the support form and also tells me I won't get a reply.

"If you want a reply click here" ....so I click there and it takes me back to the select lists.

Does anyone know of an email address to use?

Last edited by:

RedRum: Feb 9, 2002, 3:01 AM

Feb 9, 2002, 3:02 AM

Evoken

User (64 posts)

Feb 9, 2002, 3:02 AM

Post #9 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

I believe the exchange rate they use is only a 'guess-timate' ( Smile

) as to what the correct rate is at the time. I've made several withdrawals over the past few months and the amount PayPal said I would receive was much less than the actual amount that ended up in my bank account - a good thing! This probably means they are sending the amount you withdrew (minus the $1.50 fee) to your bank and letting them do the conversion at the time of receipt/deposit into your account.

Feb 9, 2002, 3:15 AM

Paul

Veteran (19537 posts)

Feb 9, 2002, 3:15 AM

Post #10 of 24

Shortcut

Re: [Evoken] Paypal sale validation? In reply to

I just found out that they have their "own" rate for their conversion script.

The current PayPal exchange rate is:
1 USD = 0.6797 GBP

I just withdrew $1240 and got £840 for it. I'll have to wait and see what I actually get.

Also support@paypal.com seems to work as I got an autoresponse.

Sorry Andy for that brief diversion.

Feb 9, 2002, 3:40 AM

Andy

Veteran / Moderator (18441 posts)

Feb 9, 2002, 3:40 AM

Post #11 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

Quote:

Sorry Andy for that brief diversion.

No prob. Its good to get this kinda stuff out, it helps other users. Also, my post was answered by me anyway..so I had no further need for this thread Smile

Andy (mod)
andy@ultranerds.co.uk

Feb 9, 2002, 3:42 AM

Paul

Veteran (19537 posts)

Feb 9, 2002, 3:42 AM

Post #12 of 24

Shortcut

Re: [AndyNewby] Paypal sale validation? In reply to

Hmm s'pose I better go and work on my Links SQL add spider Smile

Feb 9, 2002, 4:00 AM

Michael_Bray

User (378 posts)

Feb 9, 2002, 4:00 AM

Post #13 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

Quick note: Most companies do edit the conversion rate to make a profit. Banks do this. When I cash an U.S. check into an aussie account, if the conversion rate is 1 US Dollar: 2 Aus Dollars, they will give me about $1.94 to the US dollar. This is something that really pisses me off. It isn't just Paypal that does it.
Cheers,
Michael Bray

Feb 9, 2002, 4:49 AM

Paul

Veteran (19537 posts)

Feb 9, 2002, 4:49 AM

Post #14 of 24

Shortcut

Re: [Michael_Bray] Paypal sale validation? In reply to

You are right there, it sucks :(

I don't see the point of the exchange rate if companies are just going to alter it to suit them.

It should be made illegal. The actual exchange rate should be the _only_ rate allowed to be used by companies.

Feb 9, 2002, 5:05 AM

Andy

Veteran / Moderator (18441 posts)

Feb 9, 2002, 5:05 AM

Post #15 of 24

Shortcut

Re: [Michael_Bray] Paypal sale validation? In reply to

Quote:

When I cash an U.S. check into an aussie account, if the conversion rate is 1 US Dollar: 2 Aus Dollars, they will give me about $1.94 to the US dollar.

At least you don't get charge £10 (about $15US) to change over USD cheques in GB £'s! It also takes about 10 days to clear! I much prefer using PayPal, as it is fast and easy to get money sent to me.

If I use ClickBank, I have;
+ Cheques are sent out every 2 weeks
+ Takes 2 weeks to get to me
+ Then pay it into the bank, they take £10.
+ Takes 10 days to clear!

This is why I prefer PayPal. I don't mind them taking a bit more money, but as Paul said, we wouldn't mind if they were a bit more honest about it.

Just my 2 cents Tongue

Andy (mod)
andy@ultranerds.co.uk

Feb 9, 2002, 6:51 AM

Michael_Bray

User (378 posts)

Feb 9, 2002, 6:51 AM

Post #16 of 24

Shortcut

Re: [AndyNewby] Paypal sale validation? In reply to

I get a $3.50US fee and it takes 10 working days to clear. The exchange rate difference has to do with the difference between the rate for "selling" and "buying" currencies which is slightly different. I don't understand how it works, but it is nessecary for some reason.
Cheers,
Michael Bray

Feb 9, 2002, 9:01 AM

BeaverheadRiver

User (283 posts)

Feb 9, 2002, 9:01 AM

Post #17 of 24

Shortcut

Re: [Michael_Bray] Paypal sale validation? In reply to

The difference between selling and buying rates are theoretically where the bank or exchange makes its money. The buy low, sell high concept now modified with some added fees and surcharges.

These buy/sell rates are fairly common in trading financial instruments likes bonds and smaller stocks.
--
Rob

SW Montana's Online Community
Modular Model Railroading

Feb 10, 2002, 3:34 PM

edpak

User (108 posts)

Feb 10, 2002, 3:34 PM

Post #18 of 24

Shortcut

Re: [vanderen] Paypal sale validation? In reply to

Just a suggestion but why don't you folks set up your accounts so that your paid in US dollars... Bank conversion rates are usually less than private companies.

If you watch your respective country's currency values you might even end up making more... Wink

ed

Less Talk More Action: www.9o9o.com

Feb 11, 2002, 2:28 AM

Andy

Veteran / Moderator (18441 posts)

Feb 11, 2002, 2:28 AM

Post #19 of 24

Shortcut

Re: [edpak] Paypal sale validation? In reply to

Don't have time. Also, most of the time i need the money right in my bank account for spending on stuff (specially at the moment, driving lessons are costing me a bomb!).

I was looking at setting up a US account, but the cons looked much more than the pros Wink

Thanks anyway.

Andy (mod)
andy@ultranerds.co.uk

Feb 11, 2002, 8:59 AM

Paul

Veteran (19537 posts)

Feb 11, 2002, 8:59 AM

Post #20 of 24

Shortcut

Re: [AndyNewby] Paypal sale validation? In reply to

Lame:

Quote:

Dear Paul,

Thank you for contacting PayPal. We apologize for the delay in responding
to your service request.

The conversion rate is a variable rate, and is updated on PayPal daily.
The global currency markets fluctuate daily. The rate PayPal presents to
users includes a small risk factor, as well as a currency conversion fee in
order to compensate for these fluctuations and costs associated with
executing these transactions. Published foreign exchange rates are often
interbank rates, which banks charge each other for transactions valued at
U.S. $1,000,000.00 or more. PayPal's rate is competitive in comparison to
transaction services that are similar to PayPal. At the time you request a
withdrawal to your local bank, you are able to view the conversion rate
that applies for that transaction. You then have the option to either
continue with the withdrawal request or wait to withdraw your funds at
another time.

To view the current conversion rate, simply follow the steps below:

1. Log into your account at http://www.paypal.com by entering your email
address and password into the Member Login box. This will take you to the
"My Account" page.

2. Click the "Withdraw" subtab.

3. Click the "Transfer Funds to your bank account" link.

4. Enter the amount you want to withdraw. (The minimum amount you may
withdraw is $25.00.)

5. Click the "Continue" button.

6. A confirmation form will appear for you to review.

The confirmation page includes the following information for you:

1. Amount of the withdrawal in U.S. Dollars.

2. Withdrawal fee.

3. Current conversion rate.

4. Amount of the withdrawal in Sterling Pounds.

If you have any further questions, please feel free to contact us again.

Sincerely,
Amy
PayPal Finance Department

Feb 12, 2002, 1:06 PM

Andy

Veteran / Moderator (18441 posts)

Feb 12, 2002, 1:06 PM

Post #21 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

Just to hopefully save someone 3 days work. Remember to activate the IPN URL option in your account! I was spending ages talking to PayPal and editing the code and doing other stuff, turned out to be I didn't have the option turned on Frown

Just thought I may help someone else not make the same stupid mistake.

Andy (mod)
andy@ultranerds.co.uk

Feb 15, 2002, 10:19 AM

Andy

Veteran / Moderator (18441 posts)

Feb 15, 2002, 10:19 AM

Post #22 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

Damn. Just as I thought it was all working ok Tongue

Just did a real test, and its coming up with the last 'else' message (wrong referer). Anyoe who has programmed Perl for PayPal, could you have a look please? Even better would be a PHP alternative Smile

The code I have so far is;

Code:
#!/usr/bin/perl 

eval { 
use CGI::Carp qw(fatalsToBrowser); 
use CGI qw(:standard); 
use LWP::UserAgent; 
}; 

if ($@) { &error("$@"); } 

$input = new CGI; 

################################################### 

# read the post from PayPal system and add 'cmd' 
read (STDIN, $query, $ENV{'CONTENT_LENGTH'}); 
$query .= '&cmd=_notify-validate'; 

# post back to PayPal system to validate 

$ua = new LWP::UserAgent; 
$req = new HTTP::Request 'POST','https://www.paypal.com/cgi-bin/webscr'; 
$req->content_type('application/x-www-form-urlencoded'); 
$req->content($query); 
$res = $ua->request($req); 

# split posted variables into pairs 
@pairs = split(/&/, $query);						 
$count = 0; 
foreach $pair (@pairs) { 
($name, $value) = split(/=/, $pair); 
$value =~ tr/+/ /; 
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; 
$variable{$name} = $value; 
$count++; 
} 

# assign posted variables to local variables 
$receiver_email = $variable{'receiver_email'}; 
$item_name = $variable{'item_name'}; 
$item_number = $variable{'item_number'}; 
$payment_status = $variable{'payment_status'}; 
$payment_date = $variable{'payment_date'}; 
$payment_gross = $variable{'payment_gross'}; 
$payment_fee = $variable{'payment_fee'}; 
$txn_id = $variable{'txn_id'}; 
$first_name = $variable{'first_name'}; 
$last_name = $variable{'last_name'}; 
$address_street = $variable{'address_street'}; 
$address_city = $variable{'address_city'}; 
$address_state = $variable{'address_state'}; 
$address_zip = $variable{'address_zip'}; 
$address_country = $variable{'address_country'}; 
$payer_email = $variable{'payer_email'}; 

if ($res->content eq 'VERIFIED') { 
# check transaction for uniqueness 
$vars  = "receiver_email=$receiver_email"; 
$vars .= "&item_name=$item_name"; 
$vars .= "&item_number=$item_number"; 
$vars .= "&custom=$custom"; 
$vars .= "&payment_status=$payment_status"; 
$vars .= "&payment_date=$payment_date"; 
$vars .= "&payment_gross=$payment_gross"; 
$vars .= "&payment_fee=$payment_fee"; 
$vars .= "&txn_id=$txn_id"; 
$vars .= "&first_name=$first_name"; 
$vars .= "&last_name=$last_name"; 
$vars .= "&address_country=$address_country"; 
$vars .= "&payer_email=$payer_email"; 
$urlredirect = "buy.php?" . $vars; 
print "Content-type: text/html \n\n"; 
print "Would have sent to $urltest"; 
#print "Location: $urlredirect \n\n"; 

} 
elsif ($res->content eq 'INVALID') {  
# possible fraud... 
print "Content-type: text/html \n\n"; 
print "You don't appear to have been sent from a valied URL. If you feel this is an error please feel free to email webmaster\@wwwtemplates.com if you feel this is an error."; 
} 
else { 
# error 
print "Content-type: text/html \n\n"; 
print "You don't appear to have been sent from a valied URL.<BR> If you feel this is an error please feel free to<BR>email webmaster\@wwwtemplates.com if you feel this is an error."; 

} 

##################################################

Anyone? Please?

Thanks

Andy

Feb 15, 2002, 10:43 AM

Paul

Veteran (19537 posts)

Feb 15, 2002, 10:43 AM

Post #23 of 24

Shortcut

Re: [AndyNewby] Paypal sale validation? In reply to

"use"ing modules inside eval won't work.You need to require them otherwise eval won't catch the errors.

You are still putting perl code inside " " ....Im going to stop you doing that if it kills me :)

Have you tried printing $res->content ?

Feb 15, 2002, 10:50 AM

Andy

Veteran / Moderator (18441 posts)

Feb 15, 2002, 10:50 AM

Post #24 of 24

Shortcut

Re: [RedRum] Paypal sale validation? In reply to

Lol, yup, as I said before, old habits die hard Wink

Quote:

Have you tried printing $res->content ?

Yup, it prints out the PayPal page :( (with loads of dead images etc).

Thanks

Andy (mod)
andy@ultranerds.co.uk