locked
paypal secure button RRS feed

  • Question

  • User-2146352328 posted

    Hi.

    I've created a paypal button with the standard <input type="hidden" name="cmd" value="_xclick"/>   etx style.

    The problem of course is that everything is shown to the source.

    So i need a guide on how to create a paypal button with data not shown to the code.

    Also i want to use IPN so i can't just use the button creator from paypal site.

    Also another question.

    I've set the return value in something like

    <input type="hidden" name="return" value="http://mysite.com/ppalreturnpage.aspx"/>

    The problem is that it will not return to the page.

    Here is my complete form


       <form id="form1" method="post" runat="server" action= "https://www.sandbox.paypal.com/cgi-bin/webscr">
       <input type="hidden" name="cmd" value="_xclick"/>
       <input type="hidden" name="business" value="myemail@yahoo.com"/>
       <input type="hidden" name="item_name" value="Service"/>
       <input type="hidden" name="item_number" value="1234"/>
       <input type="hidden" name="amount" value="19.95"/>
       <input type="hidden" name="no_shipping" value="0"/>
       <input type="hidden" name="currency_code" value="EUR" />
       <input type="hidden" name="return" value="http://mysite.com/ppalreturnpage.aspx"/>
       <input type="hidden" name="rm" value="2" />
       <input type="hidden" name="notify_url" value="http://mysite.com/ppalIPN.aspx" />
       <input type="image" src="https://www.paypal.com/en_US/i/btn/btn_buynow_SM.gif"  name="submit" /> <img height="1" alt="" src="https://www.paypal.com/en_US/i/btn/btn_buynow_SM.gif" width="1" border="0"/>   
       <div>
       Paypal 19.95 subscription..
       </div>
        </form>



    Saturday, August 7, 2010 10:27 PM

Answers

  • User2117486576 posted

    Hi,

    Have you seen this article?

    http://www.west-wind.com/presentations/PayPalIntegration/PayPalIntegration.asp

    It seems to be a well thought out solution. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, August 8, 2010 6:15 AM
  • User2117486576 posted

    I think that if you want to automatically handle payment confirmations from PayPal the process outlined by Rick in the West-wind article is the way to go.

    What I think you mean by the "post" method won't work from an aspx page without a work around.  See this forum thread and the threads referenced therein:

    http://forums.asp.net/t/1507831.aspx

    Good luck. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, August 8, 2010 10:17 PM
  • User2117486576 posted

    Also you can only have one <form> tag in the page so one button(i know there is a workaround but i cannot understand it, it sais something about iframes, that i'm totally unaware of what they are).
     

     

    If you place your PayPal button (form tag as documented by PayPal) in an iframe in an aspx page it will work as expected.

    Have you ever tried the examples on that link?

     

    Yes.  smcoxon is the source for the solution that I chose for my requirements.  The following is the code in my code behind which accomplishes the "post" to paypal's site.

     protected void btnSubmitPaypal_Click(object sender, EventArgs e)
        {
            // write order info to table
            WriteOrderInfo();
            //Generate the form to post to PayPal    
            Response.Write(PayPalPostForm());
            //Post the form to PayPal    
            this.PayPalPostScript(Page);
            SendConfirmation("hccc_paypal"); // sends confirmation email using System.Net.Mail
        }
    public string PayPalPostForm()
        {
            //PayPal buy now version    
            string PostUrl = "https://www.paypal.com/cgi-bin/webscr";
            string Cmd = "_cart";
            string Upload = "1";
            string BusinessEmail = "info@";
            string Currency = "USD";
            string Method = "post";
            string ShipAmount = "0";
            string itemNumber = "101";
            string itemName = "Item Name";
            string itemAmount = "100";
            string itemQty = "1";
    
            //Create the Form to write to the page with PayPal parameters    
            StringBuilder ppForm = new StringBuilder();
            ppForm.AppendFormat("<Form name='frmPP' id='frmPP' action='{0}' method='{1}'>", PostUrl, Method);
            ppForm.AppendFormat("<input type='hidden' name='shipping' value='{0}'>", ShipAmount);
            ppForm.AppendFormat("<input type='hidden' name='cmd' value='{0}'>", Cmd);
            ppForm.AppendFormat("<input type='hidden' name='upload' value='{0}'>", Upload);
            ppForm.AppendFormat("<input type='hidden' name='business' value='{0}'>", BusinessEmail);
            ppForm.AppendFormat("<input type='hidden' name='currency_code' value='{0}'>", Currency);
            ppForm.AppendFormat("<input type='hidden' name='item_number_1' value='{0}'>", itemNumber);
            ppForm.AppendFormat("<input type='hidden' name='item_name_1' value='{0}'>", itemName);
            ppForm.AppendFormat("<input type='hidden' name='amount_1' value='{0}'>", itemAmount);
            ppForm.AppendFormat("<input type='hidden' name='quantity_1' value='{0}'>", itemQty);
            ppForm.Append("</form>");
            return ppForm.ToString();
        }
    
        private void PayPalPostScript(System.Web.UI.Page Page)
        {
            //This registers Javascript to the page which is used to post the PayPal Form details    
            StringBuilder strScript = new StringBuilder();
            strScript.Append("<script language='javascript'>");
            strScript.Append("var ctlForm = document.getElementById('frmPP');");
            strScript.Append("ctlForm.submit();");
            strScript.Append("</script>");
            ClientScript.RegisterClientScriptBlock(this.GetType(), "PPSubmit", strScript.ToString());
        }


     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, August 9, 2010 10:55 AM
  • User2117486576 posted

    I'm glad it helped.

    I copy pasted your code(well conveted to vb) and now i'm able to work this out!
     

     

    To be fair, it was smcoxon's code.

    The paypal type notify_url is used for IPN to post to the page you specify.If i ommit this and add the return url inside the sandbox will it work?Even more if i don't have a bussiness account in paypal and use the notify_url will it work?

     

    It might be better to ask these questions of PayPal.  I do not know the answers.  As I said earlier if I really wanted to receive payment confirmation back from Paypal automatically I would use the "west-wind" solution provided by Rick Strahl.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 10, 2010 8:39 AM

All replies

  • User2117486576 posted

    Hi,

    Have you seen this article?

    http://www.west-wind.com/presentations/PayPalIntegration/PayPalIntegration.asp

    It seems to be a well thought out solution. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, August 8, 2010 6:15 AM
  • User-2146352328 posted

    Hi.

    I'm aware of this article but i think this s not a "post" method.

    If i cannot find any help on post method then i migt as well use this...?


    Sunday, August 8, 2010 9:47 PM
  • User2117486576 posted

    I think that if you want to automatically handle payment confirmations from PayPal the process outlined by Rick in the West-wind article is the way to go.

    What I think you mean by the "post" method won't work from an aspx page without a work around.  See this forum thread and the threads referenced therein:

    http://forums.asp.net/t/1507831.aspx

    Good luck. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, August 8, 2010 10:17 PM
  • User-2146352328 posted

    Hey.By "post" i mean what also the example you gave me do (  Dim Method As String = "post"  )

    Thanks again.The post method work if you use input's (as i mentioned in the first example).The real problem is that you can see everything on the source code, even if i specify the values as hidden.Also you can only have one <form> tag in the page so one button(i know there is a workaround but i cannot understand it, it sais something about iframes, that i'm totally unaware of what they are).

    I have thried 2-3 days ago the examples on this page you link above but while i got redirected to sandbox it actually just did this.

    Redirect me.It did not provided my values, just told me to log in.

    Have you ever tried the examples on that link?

    Also now that i think of it, i don't mind to use redirect intead of post as long as the values are not visible to page source.So is Rick's example ok to go?I see he does some urlencoding but does it really "hide" the values?

    Thanks for trying to help me.It's really amazing that a so widely used feature as paypal get so little attention on asp developers and paypal still insist on using an old 1.1 framework method for IPN that i don't know if it really does the job (streambuilders etc).But that is my next problem as soon as i can take care the simple button problem.


    Monday, August 9, 2010 10:26 AM
  • User2117486576 posted

    Also you can only have one <form> tag in the page so one button(i know there is a workaround but i cannot understand it, it sais something about iframes, that i'm totally unaware of what they are).
     

     

    If you place your PayPal button (form tag as documented by PayPal) in an iframe in an aspx page it will work as expected.

    Have you ever tried the examples on that link?

     

    Yes.  smcoxon is the source for the solution that I chose for my requirements.  The following is the code in my code behind which accomplishes the "post" to paypal's site.

     protected void btnSubmitPaypal_Click(object sender, EventArgs e)
        {
            // write order info to table
            WriteOrderInfo();
            //Generate the form to post to PayPal    
            Response.Write(PayPalPostForm());
            //Post the form to PayPal    
            this.PayPalPostScript(Page);
            SendConfirmation("hccc_paypal"); // sends confirmation email using System.Net.Mail
        }
    public string PayPalPostForm()
        {
            //PayPal buy now version    
            string PostUrl = "https://www.paypal.com/cgi-bin/webscr";
            string Cmd = "_cart";
            string Upload = "1";
            string BusinessEmail = "info@";
            string Currency = "USD";
            string Method = "post";
            string ShipAmount = "0";
            string itemNumber = "101";
            string itemName = "Item Name";
            string itemAmount = "100";
            string itemQty = "1";
    
            //Create the Form to write to the page with PayPal parameters    
            StringBuilder ppForm = new StringBuilder();
            ppForm.AppendFormat("<Form name='frmPP' id='frmPP' action='{0}' method='{1}'>", PostUrl, Method);
            ppForm.AppendFormat("<input type='hidden' name='shipping' value='{0}'>", ShipAmount);
            ppForm.AppendFormat("<input type='hidden' name='cmd' value='{0}'>", Cmd);
            ppForm.AppendFormat("<input type='hidden' name='upload' value='{0}'>", Upload);
            ppForm.AppendFormat("<input type='hidden' name='business' value='{0}'>", BusinessEmail);
            ppForm.AppendFormat("<input type='hidden' name='currency_code' value='{0}'>", Currency);
            ppForm.AppendFormat("<input type='hidden' name='item_number_1' value='{0}'>", itemNumber);
            ppForm.AppendFormat("<input type='hidden' name='item_name_1' value='{0}'>", itemName);
            ppForm.AppendFormat("<input type='hidden' name='amount_1' value='{0}'>", itemAmount);
            ppForm.AppendFormat("<input type='hidden' name='quantity_1' value='{0}'>", itemQty);
            ppForm.Append("</form>");
            return ppForm.ToString();
        }
    
        private void PayPalPostScript(System.Web.UI.Page Page)
        {
            //This registers Javascript to the page which is used to post the PayPal Form details    
            StringBuilder strScript = new StringBuilder();
            strScript.Append("<script language='javascript'>");
            strScript.Append("var ctlForm = document.getElementById('frmPP');");
            strScript.Append("ctlForm.submit();");
            strScript.Append("</script>");
            ClientScript.RegisterClientScriptBlock(this.GetType(), "PPSubmit", strScript.ToString());
        }


     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, August 9, 2010 10:55 AM
  • User-2146352328 posted

    Hm.

    I've done something similar and it did not work.

    I copy pasted your code(well conveted to vb) and now i'm able to work this out!

    So thanks!!

    One last question if you know it.

    The paypal type notify_url is used for IPN to post to the page you specify.If i ommit this and add the return url inside the sandbox will it work?Even more if i don't have a bussiness account in paypal and use the notify_url will it work?

    If you know.

    Thanks again.

    Monday, August 9, 2010 10:00 PM
  • User2117486576 posted

    I'm glad it helped.

    I copy pasted your code(well conveted to vb) and now i'm able to work this out!
     

     

    To be fair, it was smcoxon's code.

    The paypal type notify_url is used for IPN to post to the page you specify.If i ommit this and add the return url inside the sandbox will it work?Even more if i don't have a bussiness account in paypal and use the notify_url will it work?

     

    It might be better to ask these questions of PayPal.  I do not know the answers.  As I said earlier if I really wanted to receive payment confirmation back from Paypal automatically I would use the "west-wind" solution provided by Rick Strahl.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 10, 2010 8:39 AM
  • User-2146352328 posted

    Hm.

    Rick's solution if i remember correctly involves getting a querystring up on th URL.To be fair he encodes everything and his sample is the most famous of the solutions but i would prefer going with post methods.

    Alright, i'll see what i can do.

    Thanks again.Some rep for ya.


    Tuesday, August 10, 2010 12:15 PM