I have already discussed the issues of Paypal Security and why you need an IPN script if you are selling items that you want to make available for your visitors to download (after they pay). On that page I mentioned how I have created an IPN script that allows me to have the purchased script automatically emailed to the buyer once their payment is accepted.
Well, now you can purchase a copy of that script to secure your own Paypal sales.
The script uses code from my Advanced Form to Email Script to send the purchased item so your server will need to support the use of that script. The free version of my email script has the same requirements so if my free email script will run on your site then the Paypal IPN script will as well.
This script consists of nine files called paypal1.php (or paypal.php), paypal2.php, paypal3.php, payconf.php, payinc.php, payprod.php, paycust, ptop.php, and pbottom.php. The first three of these call the fourth which defines how you want the script to work. To configure the script to work on your site you just update the values in payconf.php to suit your requirements and customize the ptop.php and pbottom.php files to give the thankyou page a similar appearance to the other pages on your site. There is no need to alter the first three files or payinc.php and payprod (which are used by the first three files to apply any valid discounts). You may modify paycust.php as required to add your own custom processing. An example paycust that logs purchases to a database is also included.
The payconf.php file defines the following fields which control how your IPN script will work:
The paycust.php file defines the following four functions that you can use to add your own custom processing at the indicated places in the processing sequence.
First customize the ptop.php and pbottom.php files to give the thankyou page a similar appearance to the other pages on your site. What you place in these two files will "wrap" around the custom message produced for the thankyou page that will advise the purchaser of the status of their purchase (as defined in the $pc array). Update the payconf.php and paycust.php files to configure for your requirements (as described above) and then upload all of the supplied php files to your site.
Next you need to logon to your Paypal Account and update your paypal configuration to use the paypal2.php file as an IPN script. To do this for a Business or Premier Account go to My Account and select the Profile tab. The Instant Payment Notification Preferences link is in the Selling Preferences column. Alternatively, go to the Merchant Tools page and scroll down to the Other Paypal Tools section where you will find Instant Payment Notification as the first option. (this way works for any type of account). Set IPN on and supply the URL of the paypal2.php file on your site. You should also go into the Website Payment Preferences and make sure that Auto Return is turned off.
Finally you need to change all of your calls to paypal from your web pages to replace them with calls to paypal1.php?prod=product (where product identifies what is being purchased). Alternatively you can set up checkboxes for the products and pass an array of product codes that will be concatenated together to build the product code - this allows you the opportunity to offer multiple product purchases in the one form. If the product code is in the $pa array then the appropriate parameters will be generated from the table to generate a call to Paypal to purchase that product for the specified price. If the product is not in the table then appropriate parameters will be passed to Paypal to allow a donation for the specified product to be made.
Alternative codes for offering discounts and for calling the Paypal Shopping Cart are provided in buy.htm. You just need to copy the required version and paste it code into your page and change "product1" to the product code defined in the arrays for this product.
You can offer a discount price (eg. $1.00 off) in specific advertising by supplying a special discount code that readers of that advertising can enter into the form in order to obtain the discount. Anyone not seeing the ad will not know the discount code and will therefore have to pay the full price for the product. Discount codes are date sensitive so that you don't have to keep updating the discount array in payconf.php every time that you want to end a discount offer.
When your visitor selects the link on your page that calls paypal1.php (or paypal.php) the passed product code is looked up in the $pa array and the parameters for the Paypal call are generated. If a discount array is supplied and a discount code is entered then that code and product code are also looked up in the $ds array to see if there is a valid discount that is applicable on the current date, if so then the discount amount will be deducted from the price. The parameters will display in the address bar of the Paypal screen giving paypal3.php as the thank you page.
After the visitor enters their payment details in Paypal the paypal2.php script will be called to validate the payment. If the page is called from somewhere other than Paypal or if the receiver_email doesn't match then the payment is invalid. If the payment amount is below that specified then insufficient payment has been made. If sufficient valid payment has been made and cleared and a file is specified in the $pa array for this product then that file will be emailed to the purchaser.
Finally Paypal will call the paypal3.php page to display an appropriate thank you page depending on what type of payment was being made and whether it was successful or not. (If this page doesn't look the way that you want, you can customize it completely by updating ptop.php, pbottom.php and the $pc array in payconf.php).
If at any time during the process the purchase is cancelled then the page specified as the last field in the $pa entry will be displayed or if there is no $pa entry for this purchase then your home page will display.
Unfortunately, I have to try to fund the running of this web site somehow and so I have decided to charge a nominal amount for server side scripts such as this one. Use the following form to purchase this script for just $41.70 USD (Australian residents price is $41.70 AUD including GST). All purchases include 12 months free support including all updates to the script released during that time. If you have a valid discount code then enter it to purchase this script at an even lower price otherwise just leave the discount field blank, select the currency to make your payment and then press the buy now button. The script will be automatically emailed to you as soon as Paypal verifies your payment
Before you purchase this script you should reread the above information to ensure that the script will work on your server. If you cancel at any point during the payment process, you will be returned to this page.
Please make sure that the email account that you supply to Paypal will accept emails with attached zip files from addresses at felgall.com as otherwise your spam filtering may delete your purchase.
The liability of Felgall Pty Ltd for any theft of files by anyone managing to successfully bypass this script is limited to the original purchase price of the script. As purchases are emailed to the purchaser (with a blind copy to you) in the unlikely event that someone manages to successfully bypass the security of this script you will receive this blind copy that lets you know that your file has been stolen as well as providing you with the email address of the thief allowing you to take appropriate action against them.
Felgall Pty Ltd accept no responsibility for any theft of files not directly related to this script.
This article written by Stephen Chapman, Felgall Pty Ltd.