How to create a PayPal button with rewritable variables

Question

How to create a PayPal button with rewritable variables

Hello, I would like to create a Paypal purchase button that has a dynamic amount set. I would like to pass the amount to the input text field on the form and item_number using a hidden field.

The problem is that ever I get an encrypted s-xclick button from paypal. This button does not allow you to put hidden variables in the form.

I think I need an xclick button. My goal is to allow users to increase their internal credit on my site.

EDIT (by moving the appendix to the question from the answer to the question) (from here @tokam:

To add this to the discussion, I would like to show my current solution to the problem:

Here we have some Javascript validation that helps the user with input. Admit it opens lightbox with success

function validatePaypalForm() { var val = $('#paypalPaymentAmount').val().replace(/\s*$/, "").replace(/,/ , ".").replace(/€$/, ""); var errormsg = ''; var ret, amountField; if( val==='' || isNaN( parseFloat(val) ) || !isFinite(val) ) { errormsg = 'Bitte geben Sie einen g&uuml;ltigen Betrag an'; }else if( parseFloat( val ) < <?php echo $this->minimum?> ) { errormsg = 'Das Einzahlungsminimum betr&auml;gt <?php echo $this->minimum?>&euro;'; } ret = ( errormsg === '' ); amountField = $( '#paypalAmountField' ); if( ret ) { amountField.removeClass( 'error' ); $('#paypalAmountErrorMessage').html( '&nbsp;' ); $('#paypalPaymentAmount').val( val ); fb.start( '<p><strong>Sie werden in kürze zur Seite von Paypal weitergeleitet.</strong></p>', 'width:700 showPrint:false modal:true showClose:false showOuterClose:true showItemNumber:false closeOnNewWindow:false outsideClickCloses:true innerBorder:0 imageClickCloses:false scrolling: no' ); }else{ amountField.addClass( 'error' ); $('#paypalAmountErrorMessage').html( errormsg ); } return ret;

} Now comes my button. The problems that I encounter are, for example, that it is easy for a user to set a different currency code. I could handle this in my IPN listener by refunding the payment. Are there other problems with unencrypted button changes?

 <form onsubmit="return validatePaypalForm();" class="stn-form" action="https://www.paypal.com/cgi-bin/webscr" method="post"> <fieldset id="fieldset-p"><legend><span>2.</span>myproject Guthaben aufladen per Paypal Zahlung</legend> <div id='paypalAmountField' class="field"> <label for='paypalPaymentAmount' >Betrag &euro;:</label> <input id='paypalPaymentAmount' type="text" name='amount' value='' /> <span style='display:block;' id='paypalAmountErrorMessage' class='errorText'>'&nbsp;</span> </div> <input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="business" value="THE_ID_OF_MY_CLIENT"> <input type="hidden" name="lc" value="DE"> <input type="hidden" name="item_name" value="myproject Advertiser Vorkasse"> <input type="hidden" name='item_number' value="11500"> <input type="hidden" name="currency_code" value="EUR"> <input type="hidden" name="button_subtype" value="services"> <input type="hidden" name="no_note" value="1"> <input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="bn" value="PP-BuyNowBF:btn_paynowCC_LG.gif:NonHosted"> <input type="hidden" name="rm" value="1"> <input type="hidden" name='cbt' value="Zu myproject.de zur&uuml;ckkehren"> <input type="hidden" name="currency_code" value="EUR"> <input type="hidden" name="return" value="http://myproject.somedomain.net/advertiser/guthaben-aufladen/ret/success" /> <input type="hidden" name="cancel_ return" value="http://myproject.somedomain.net/advertiser/guthaben-aufladen/ret/canceled" /> <div class="actionrow"> <input type="image" src="https://www.paypalobjects.com/de_DE/DE/i/btn/btn_paynowCC_LG.gif" border="0" name="submit" alt="Jetzt einfach, schnell und sicher online bezahlen – mit PayPal."> <img alt="" border="0" src="https://www.paypalobjects.com/de_DE/i/scr/pixel.gif" width="1" height="1"> </div> </fieldset> </form>

+6

html php paypal

Jakob alexander eichler Nov 20 '11 at 18:51

source share

3 answers

you should not use xclick, which is not encrypted. how I decided to use this paypal button api - with some kind of caching in the client, so that you do not execute the entire HTTP request every time.

note that paypal uses 2 types of api - NVP , which is kind of calm (also not very) and SOAP (I used the NVP method)

you can also generate an encrypted button on your server using openssl - but I ran into unsolvable problems with this method and could not get any help for this either here or in the scary paypal developer forums.

edit: The problem with unencrypted buttons is that anyone using firebug (not to mention more advanced tools) can intercept the payment and change the cost, etc.

If you insist in this direction, you can follow the simple html form from PayPal to create this button. you do this on the paypal site and create an unencrypted button, and then just edit the html and change the desired field to <?php $variable?> . I would strongly advise this way.

+2

alonisser Nov 20 '11 at 19:01

source share

I think this might work for you if you update ... " you@yoursite.com " ... it is not encrypted and still seems to be hosted on the PayPal site for cleaning

drop: value = "my_default_price" if you want the user to enter it in an empty text box ... for my page, the prices were tied to the price of gold, so I need to dynamically update the variable "quantity", and I just leave value =

 <form action="https://www.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="business" value=" you@yoursite.com "> <input type="hidden" name="item_name" value="example description"> <input type="hidden" name="item_number" value=""> <input type="text" name="amount" value="my_default_price"> <input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="return" value="http://www.yoursite.com/returnpage.php"> <input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="lc" value="US"> <input type="hidden" name="bn" value="PP-BuyNowBF"> <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but02.gif" border="0" name="submit" alt="Make your payments with PayPal. It is free, secure, effective."> <img alt="" border="0" src="https://www.paypal.com/it_IT/i/scr/pixel.gif" width="1" height="1"> </form>

0

James Andrews Jan 6 '13 at 5:21

source share

Robert · Accepted Answer · 2011-11-20T21:46:25+0000

The reason you can’t redefine the amount dynamically is because you have the so-called “PayPal placement button”.
When the button is placed, the amount is saved on the PayPal side and cannot be overwritten with the variable "amount". You want to either use the button without hosting, or use the BMUpdateButton call to dynamically update the button amount.
To use the button without hosting, just find "Step 2" in the button creation tool and release the "Host" button using PayPal.

Option 2: Still use the hosted button and use the BMUpdateButton API to update the amount. An example query for BMUpdateButton would look like this:

 USER=Your API username PWD=Your API password SIGNATURE=Your API signature VERSION=82.0 HOSTEDUBTTONID=The value of <input type="hidden" name="hosted_button_id" value=""> BUTTONTYPE=The type of button. Eg BUYNOW BUTTONCODE=The type of code you want to get back. Eg HOSTED L_BUTTONVAR0=amount=The new amount with a period as separator L_BUTTONVAR1=item_name=Optional: a new item name if you wish

Similary, you can also use the BMCreateButton API to create a new button or use the BMButtonSearch API to search the list of all stored hosted buttons (for example, to find the host_button_id of your button automatically)

The reason for using a hosted button is that it is more secure. An unplaced, unencrypted button will basically leave the amounts open for manipulation. Fraudulent transactions are expected.

How to create a PayPal button with rewritable variables

More articles: