Using PHP and Oracle to build an online Paypal payment system

Using PHP and Oracle to build an online Paypal payment system

By Nick bollweg

Help users buy products online instantly.

Download this article: Oracle Database 10GSpecial Edition Zend core for Oracle PayPal SDK

Published in June 2006

Many small enterprises and non-profit organizations are hesitant to enter the online market because they mistakenly believe that online payment processing is risky to users, expensive to implement, and has poor integration with existing systems. In fact, with the emergence and continuous development of web services, the efficiency of fund transfers has been greatly improved, which provides an ideal way for third-party suppliers to process any transaction volume. In the most well-known online payment method, eBay's PayPal provides a competitive rate and an effective php sdk to access its API.

This article introduces the above-mentioned service and the API-free method of PayPal, which helps to process and pay for applications more quickly.

Make us friends

To further discuss the example in this article, you need to install PhP5 with the correct configuration and connect the installation to the selected web server application. At the same time, you also need an Oracle database connected to PhP. Zend core for Oracle and Oracle Database 10GThe Special Edition (xe) is the best tool to do this. Due to the sensitivity of online payment processing, you may want to ensure server security and make powerful php. ini configuration a priority. In addition, to successfully install the PayPal SDK, you also need some extended features: pear, curl, and SSL. Although they can be loaded in PHP. ini, the best results can be obtained by compiling with PHP.

After fully setting the environment, you need to download the PayPal php sdk, including the service/PayPal pear package, PayPal Web Console, SDK documentation, and PDF documentation. (For more information, see important notes on the Web Console in the "cannot use Web Console" section below .) After downloading and extracting this file, you need to run some command line operations:

pear install --alldeps 
 
  /Services_PayPal/package.xml
  
cp -r 
  
   /WebConsole 
   
  
 

This command can install some other pear packages to provide you with a fully functional PayPal SDK. After accessing the http: // localhost/webconsole page in a browser, the PayPal configuration file management tool displays a greeting message, where you can check the validity of the PayPal SDK. Common problems include the loss of curl or SSL installation. You can fix these problems by modifying PHP. ini or re-compiling PHP and then running the pear command again. If you cannot install pear or some of the necessary extension features due to hosting restrictions or security issues, you can also use the standard checkout described below.

Adopt a secure approach ......

Using APIs through the SDK is a flexible and effective way to use the PayPal function. API supports the following two payment methods:

• Direct payment:By using this method, you can collect detailed bills on your website and charge fees from your credit card. All your work is done on your website. This method is suitable for large organizations with HTTPS security applications and infrastructure (used to store customer and shopping cart information.
• Quick checkout:This method allows you to use the PayPal account information and select the delivery method. You do not need to re-enter the information on the website, thus saving time. In addition, this method does not require applications to store local copies of purchaser information. Therefore, you only need the minimal additional security infrastructure.

Other API features (not fully covered in this article) include:

• Charity donation:Provides real-time information about charitable donations based on users' shopping conditions.
• Delivery:If you are selling a real product, you can select the shipping service provider, delivery method, insurance, and other attributes. Before the user purchases the goods, you can provide the cost of delivery to the user, or you can use this feature to provide more accurate prices on the product display page.
• Refund:Provides a refund Method to the user.
• Tax:Collect taxes based on each item or each shopping cart, and properly display the taxes on receipts and invoices.
• Subscription: flexible definition of the circular subscription of real and digital goods.

The SDK also provides extensive eBay support, although its value is beyond our scope.

...... Or use a simple method.

If the SDK features far exceed your needs, PayPal provides another solution. Standard checkout does not use soap. It only relies on passing HTML form values between the application and the PayPal security server. To use standard checkout, you only need to generate a form that can submit appropriate post variables, as shown in the following example:

<form action="https://sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="sales@widgetco.com">
<input type="hidden" name="item_name_1" value="Big Widget">
<input type="hidden" name="amount_1" value="100.00">
<input type="hidden" name="item_name_2" value="Little Widget">
<input type="hidden" name="amount_2" value="1.00">
<input type="submit" value="PayPal">
</form>

After submitting the form, the user enters the PayPal server and enters the billing information. After information verification and billing authorization are completed, the user will return a location defined on your website. If you just collect donations instead of selling items, your work has been completed! However, in other cases, you can use a large number of variables to customize features, currency, and display experience. (See the Reference Guide .)

When you use an instant payment notification (IPN) with the policy_url variable, once the user completes the payment at the specified location, your application will be notified-you can use custom links to provide a dedicated user identity, for example, allowing instant access to online content or triggering an order from a wholesaler. In addition, by using invoices and custom variables, you can create an organization that limits PayPal records to your own domain. If the application has saved the user name and address information, you can pass the information to PayPal through a set of variables (including address1, city, and country) to prefill the corresponding fields.

The basic standard Checkout Method also contains many features provided by the API to collect non-profit funds, such as the tax, processing, and shipping variables that can be applied to each shopping cart or each item.

CPP _ series variables (including cpp_header_image, cpp_headerback_color, cpp_headerborder_color, and CS) Allow you to precisely adjust the user experience on the PayPal server. These variables are used to set the background color of the payment page. If this method can meet application requirements, standard checkout is a very cost-effective solution. Unlike the API-based direct payment method, the standard checkout does not determine the monthly fee, and there is very little development work during implementation.

Prepare for payment

To use the PayPal API, you must first familiarize yourself with the Developer Center. You will create an account in the Developer Center to create the buyer and seller's sample account in sandbox. After the example account is created, using this account to log on to sandbox will display a valid PayPal account with funds. Your buyer can purchase items from other sandbox accounts, and your seller can refund the payment to other sandbox accounts, which do not require cash transfer or charge proxy. The integration center of PayPal provides an excellent step-by-step guide (note that step 1 is the installation process I described earlier), where I will provide an overview of this Guide.

First, you need to register an account at pai.paypal.com. This web page is the central point for accessing various developer resources and is used to create a sandbox account. ThenSandboxTab to create a buyer and a seller. This is a simple task. To make the created content meaningful, you only need enough creativity. For example, if you are prompted to enter the bank account information, we recommend that you use the virtual account number provided by the system as the name of the bank. In addition, you can use the same password for the buyer account and the seller account, because the risk of password leakage on this server is very low. The features learned in sandbox are exactly the same as those used in production, reducing training and testing time.

The last important step in sandbox is to create a test certificate, a small text file that contains the key that will be used with each API call. To create a certificate, log on to the seller's sandbox account and clickProfileAnd then selectAPI accessAndView or remove Credentials. Record the file and password, which will be used when you configure the application.

Return to pai.paypal.com. You can view the information of the test certificateTest CertificatesTo download the test certificate. The API password cannot be viewed here; to get this information, you must log on to the http://www.sandbox.paypal.com again and then access the above location.

Direct payment processing

The most flexible way to interact with Paypal is through the SDK, which abstracts soap-based requests into manageable information. Different calls have different targets, but the steps are basically the same: authentication, operation, and response processes. The first step, authentication, from the SDK example, also needs to be used in the quick Checkout Method below. Value displayed for sandbox testing: You need to create a new certificate with authentication details for production.

$certfile = dirname(__FILE__) . '/sdk-seller_cert.pem';
$apiusername = '
 
  ';
  
$apipassword = '
  
   ';
   
$subject = null;
   
$environment = 'Sandbox';
   

   
$handler =& ProfileHandler_Array::getInstance(array(
   
    'username' => $apiusername,
   
    'certificateFile' => $certfile,
   
    'subject' => $subject,
   
    'environment' => $environment));
   

   
$profile =& APIProfile::getInstance($apiusername, $handler);
   

   
$profile->setAPIPassword($apipassword);
   

   
$caller =& Services_PayPal::getCallerServices($profile);
   

  
 

After authentication, the application is ready to process API requests. In direct payment, your application must have the ability and responsibility to create and store the order status and create a receipt for the order: In the next example, we will assume that the application has stored all relevant information in the following table: customer, billing_method, order, and line_item. This example uses the PHP Data Object (PDO). In this case, the traditional oci8 method is also effective.

$db = new PDO('oci:', 'scott', 'tiger' 'HR', 'HR');

$dbcustomer = $dbh->query("SELECT* " .
"FROMcustomer " .
"WHEREcustomerid = '{$_SESSION[customerid]'}");
$dborder = $dbh->query("SELECT* " .
"FROMorder " .
"WHEREcustomerid = '{$_SESSION[customerid]}' " .
"AND orderid = '{$_SESSION[orderid]}'");
$dbbilling = $dbh->query("SELECT* " .
"FROMbilling_method " .
"WHEREbillingid = '{$dborder[billingid]}'");
$dblineitemtotals = $dbh->query("SELECT sum(amount) total " .
"FROM line_item  " .
"WHERE customerid = '{$_SESSION[customerid]}' " .
"AND orderid = '{$_SESSION[orderid]}'");

$name =& Services_PayPal::getType('PersonNameType');
$name->setFirstName($dbcustomer['fname']);
$name->setLastName($dbcustomer['lname']);

$address =& Services_PayPal::getType('AddressType');
$address->setStreet1($dbbilling['street1']);
$address->setCityName($dbbilling['city']);
$address->setStateOrProvince($dbbilling['state']);
$address->setCountry($dbbilling['country']);
$address->setPostalCode($dbbilling['zip']);

$payer =& Services_PayPal::getType('PayerInfoType');
$payer->setPayerName($name);
$payer->setPayerCountry('US');
$payer->setAddress($address);

$cc =& Services_PayPal::getType('CreditCardDetailsType');
$cc->setCreditCardType($dbbilling['cardtype']);
$cc->setCreditCardNumber($dbbilling['cardnumber']);
$cc->setExpMonth($dbbilling['expmonth']);
$cc->setExpYear($dbbilling['expyear']);
$cc->setCardOwner($payer);

$amount =& Services_PayPal::getType('BasicAmountType');
$amount->setval($dblineitemtotals['total']);
$amount->setattr('currencyID', 'USD');
$pdt =& Services_PayPal::getType('PaymentDetailsType');
$pdt->setOrderTotal($amount);

$details =& Services_PayPal::getType('DoDirectPaymentRequestDetailsType');
$details->setPaymentAction('Authorization');
$details->setPaymentDetails($pdt);
$details->setCreditCard($cc);
$details->setIPAddress('127.0.0.1');
$details->setMerchantSessionId('merchantId');
$ddp =& Services_PayPal::getType('DoDirectPaymentRequestType');
$ddp->setDoDirectPaymentRequestDetails($details);

In this case, PayPal executes the direct payment request. To understand what happened, the application now obtains the information in step 3: Response Processing.

$response = $caller->DoDirectPayment($ddp);

The fields returned in this response Provide information about the transaction success and the transaction ID. By storing this ID and providing it to subsequent API calls, the application can obtain detailed information about the transaction and generate another table based on the information.

$d =& Services_PayPal::getType('GetTransactionDetailsRequestType');
$d->setTransactionId('
 
  ');
  
$response = $caller->GetTransactionDetails($d);
  

 

You cannot use the Web console.

At the time of writing this article, the Web Console provided with the above SDK download stops working because of the loss of an important directory. However, you can download an archive that contains all necessary files. The console can test API calls and generate PHP code snippets to achieve your goal. Through some surveys in this article and SDK reference, you can easily view all API calls from sandbox through a browser.

Quick checkout Process

The quick Checkout Method is between a powerful direct payment method and a simple standard Checkout Method. Using quick checkout and API-based methods, you can complete the order creation process on your website, and then go to PayPal to process all bills and shipping information. When using quick checkout, users only need to enter account information for all items once, And your applications do not need to store this information-which has obvious advantages in security and development. The same as the direct payment method. By storing the transaction ID, the application can call other APIs to obtain the details of the transaction. Quick checkout can use the IPN described above to allow other real-time processing options. The following code snippet comes from the SDK example.

$amount =& Services_PayPal::getType('BasicAmountType');
$amount->setval();
$amount->setattr('currencyID', 'USD');

$ecd =& Services_PayPal::getType('SetExpressCheckoutRequestDetailsType');
$ecd->setOrderTotal($amount);
$ecd->setReturnURL('http://widgetco.com/return');
$ecd->setCancelURL('http://widgetco.com/cancel');
$ec =& Services_PayPal::getType('SetExpressCheckoutRequestType');

$ec->setSetExpressCheckoutRequestDetails($ecd);

$response = $caller->SetExpressCheckout($ec);

The result of this call provides a token that you can add to a link or redirect to PayPal on the website. Then, the user uses PayPal to process the business. After the operation succeeds or fails, the system redirects the user to your website. In this example, the following API calls are sent to your application:

$ecd =& Services_PayPal::getType('GetExpressCheckoutDetailsRequestType');
$ecd->setToken('
 
  ');
  

  
$response = $caller->GetExpressCheckoutDetails($ecd);
  

 

This includes all the transaction information you need, but does not include sensitive information such as credit card numbers. After the user confirms these values on your website, the final API is called to process the capital transactions:

$amount =& Services_PayPal::getType('BasicAmountType');
$amount->setval();
$amount->setattr('currencyID', 'USD');

$pdt =& Services_PayPal::getType('PaymentDetailsType');
$pdt->setOrderTotal($amount);

$details =& Services_PayPal::getType('DoExpressCheckoutPaymentRequestDetailsType');
$details->setPaymentAction('Sale');
$details->setToken('
 
  ');
  
$details->setPayerID('juser@jisp.com');
  
$details->setPaymentDetails($pdt);
  

  
$ecprt =& Services_PayPal::getType('DoExpressCheckoutPaymentRequestType');
  
$ecprt->setDoExpressCheckoutPaymentRequestDetails($details);
  

  
$response = $caller->DoExpressCheckoutPayment($ecprt);
  

 

Similarly, when you call updatechart consecutively, chartdata will trigger the onresult method:

_root.chartData.onResult = function() {
_root.chart.throbber._visible = false;
drawChart(this);
}

Quick checkout is almost the same as direct payment, while maintaining the confidentiality and security advantages of standard checkout.

Cheers, friend

Any form of Paypal payment processing provides an effective way to collect online payment. The implementers decide which method is more appropriate: Standard checkout provides small organizations with the ability to collect payments and does not require these organizations to invest in other security architectures; direct Payment is an ideal solution when integrated with the current enterprise application. Quick checkout is between the two and is suitable for changing it to a third-party product. Choosing the balance between flexibility, security, and ease of implementation will allow you to use your existing Oracle infrastructure for online payment.