Create Paypal Button And Supplying Return Https Urls

[Necuima]

Hi Larry,

 

I am trying to adapt your classic PayPal guidance to make a simple one-time payment from a website.

 

First, PayPal seems to have changed its button creating directions as I can't see any "Merchant Services" tab as per your guidance on page 157. In fact I cannot log in at all to the sandbox using the test business account that I set up.

 

The website owner has a production PayPal business account and it was via that that I was able to create the test business and personal accounts as per page 156-157.

 

I was however able to create a production button via "My Selling Tools" and then change the code to direct to the sandbox as per your advice on page 159.

 

However, I have a specific question re point 10 on page 159, re the cancel and thanks URLs. In the website to which I want to add the simple one-off payment capability, I have used your site design as per your PHP Advanced book where all accesses to modules go through the index.php module (page 44 onwards of that book).

 

So can I simply use "HTTPS://www...etc/index.php?p=thanks and ....?p=cancel where they will be redirected to the appropriate thanks and cancel modules? All other accesses to modules go through HTTP://www...etc/index.php(i.e., without the "S" of the required HTTPS for these PayPal redirections)?

 

Sadly I cannot use Stripe for this website owner:-(

 

I do not have a security certificate for this website.

 

Thankyou in anticipation, and Cheers from Oz.

[Necuima]

Re 'Creating a Button' on page 157...

 

The following worked for me (PayPal Australia):

 

As per step 1 - log in to the sandbox using the test business account.

. click the "Sell" option

. Click the "Get Paid on Your Website" option

. Add a checkout button

and in my case - "create HTML form".

 

PayPal have obviously changed their 'create button' dialogues.

 

Cheers.

[Necuima]

Hi Larry,

 

Re point 10 on page 159, I've done some more PayPal sandbox testing and have found that the button will accept and function with an HTTP:// URL rather than an HTTPS:// URL. As far as I can see, no 'sensitive' data are being transferred and the website owner does not have a certificate anyway.

 

Further, the ...index.php?p=thanks URL works OK too as per my query above.

 

I am still in testing with the sandbox - can you see any issues re continuing the development without acquiring a certificate and using the HTTP:// URL approach?

 

Thanks in anticipation for your advice.

 

Cheers.

[Larry]

For testing purposes, I don't see a problem using HTTP as testing PayPal requires fake data (I believe). But for the live site, HTTPS is obligatory, not just for actual security but also for the perception of security. Not having a certificate will cost the business money in time. 

[Necuima]

Hi Larry,

 

Thanks for the reply. The request to PayPal certainly goes via https and it remains there while the customer makes the payment - it's the 'thanks' reply that I'm concerned with - it doesn't seem to have any sensitive data associated with it, and it only causes a "thank you" screen to show. There are no database updates needed in this application/context.

 

The owner will receive an email and the customer will also receive an email from PayPal re the payments, as I understand it.

 

The owner would only expect about half a dozen transactions in total - the payments would be for a course she is running and once that's organised, there won't be any need for the payment feature until she (maybe) runs another course next year. No products get shipped and no subscription type data are involved.

 

I very much appreciate your advice.

 

Cheers.