Web Technology Experts Notes

Showing posts with label paypal. Show all posts

Saturday, 9 November 2019

Paypal Mass Payment - Pay with email Address

Mass Pay. Merchants can use the Mass Pay API to send money instantly to multiple recipients at once.

Question: Can I pay someone with their email address (Manual Transaction)?
Yes, you can pay.

Question: When money will deduct from sender account(Manual Transaction)?
As soon as you pay, money will be deducted from the sender account.

Question: When money will be credited to the receiver account(Manual Transaction)?
When you pay with email address and that email is already register with paypal.
Money will be credited immediately.

If email address is not registered, then receiver will get an email from paypal and he need to follow the steps in email to received.

Question: When money will deduct from sender account(Manual Transaction)?
As soon as you pay, money will be deducted from the sender account.

Question: What are transaction charges (Manual Transaction)?
If you are paying to your friend/family member and they are within same country - Its Free.
If you are paying for commerical purpose, No transaction charges for Sender/Buyer and (2.3% +.30 USD) will be deducted from seller/reciever.

Question: Can I can Cancel the payment after sending?
You can cancel only if he has not accept the payment.
but receiver can refund money to you.

Question: Is there any API available to pay with email address?

You can use MassPay API OR Adaptive Payments API. Question: What is Mass Paypal?
In this case, One Merchant can send the money to his partner's paypal email address (Paypal email address), mean each merchant must have paypal account. https://developer.paypal.com/docs/classic/mass-pay/integration-guide/MassPayOverview/

Question: What are keys of Mass Paypal through API?

When we send payment with email address PayPal takes the payment amounts from your account and attempts to put them into the recipients' PayPal account.
If the recipients do not have PayPal accounts, PayPal notifies them that a payment is available and they must create a PayPal account to receive the payment.
Payments processing can take from a couple of minutes to several hours.
PayPal will temporarily hold the total monetary value of the mass payment, plus associated fees, until processing is completed.
If a payment is sent to a recipient who does not have a PayPal account, and it remains unclaimed for 30 days from the payment date, the money is returned to your PayPal account.
Mass Payments need to enable for PayPal.
You can only cancel payments that have an unclaimed payment.

Question: What is Mass Paypal Request parameter?

Array
(
    [METHOD] => MassPay
    [USER] => testname_api1.no-spam.ws
    [PWD] => 55555526677
    [SIGNATURE] => Alsdfdsfafdsfs.zYsROoDYkL2AigOq
    [VERSION] => 95
    [RECEIVERTYPE] => EmailAddress
    [CURRENCYCODE] => USD
    [L_EMAIL0] => testnamel@no-spam.ws
    [L_AMT0] => 10.00
    [L_EMAIL1] => testname2@no-spam.ws
    [L_AMT1] => 10.00
)

Thursday, 7 April 2016

Paypal IPN Validation in PHP

Question: How to IPN? How to set IPN in Paypal?
http://www.web-technology-experts-notes.in/2016/03/instant-payment-notification-paypal.html

Question: Why we need to validate the IPN?
To make sure, all data sent in our server is from Paypal.

Question: What are benefits of validating the IPN?

Protect our transaction from SPAM OR robots OR from hackers.
Protect from dmmmy entires in our database.
If protection is ON, We will always sure for transaction record in database.

Question: What does paypal do with valiation?
It will validate all the data, sent to paypal.

Question: What is name of parameter which is send to paypal for validation?
cmd.
For Example:

cmd=_notify-validate

Question: What does paypal return if validation failed?
INVALID

Question: How does paypal return, if validation passed?
VERIFIED

Question: How to validate IPN Response in Sandbox Mode?

$ipnData=$_POST;
$ipnData['cmd']='_notify-validate';
$verify= file_get_contents('https://www.sandbox.paypal.com/cgi-bin/webscr', false, stream_context_create(array(
            'http' => array(
                'header'  => "Content-type: application/x-www-form-urlencoded\r\nUser-Agent: MyAPP 1.0\r\n",
                'method'  => 'POST',
                'content' => http_build_query($ipnData)
            )
        )));  
if($verify=='VERIFIED'){
/** Your data is valid and it is return from paypal */

}

Question: How to validate Paypal IPN Response in LIVE Mode ?

$ipnData=$_POST;
$ipnData['cmd']='_notify-validate';
$verify= file_get_contents('https://www.paypal.com/cgi-bin/webscr', false, stream_context_create(array(
            'http' => array(
                'header'  => "Content-type: application/x-www-form-urlencoded\r\nUser-Agent: MyAPP 1.0\r\n",
                'method'  => 'POST',
                'content' => http_build_query($ipnData)
            )
        )));  
if($verify=='VERIFIED'){
/** Your data is valid and it is return from paypal */

}

Question: How to validate IPN Validate with curl?

$ipnData=$_POST;
$ipnData['cmd']='_notify-validate';

$validateURL='https://www.paypal.com/cgi-bin/webscr';//for paypal
//$validateURL='https://www.sandbox.paypal.com/cgi-bin/webscr'; //for sandbox paypal
   
$ch = curl_init($validateURL);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($ipnData));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
if ( !($verify = curl_exec($ch)) ) {          
 curl_close($ch);
 die('Some Error');
}
curl_close($ch); 
var_dump($verify );//IF VERIFIED, then validate

Thursday, 31 March 2016

Instant Payment Notification paypal

Question: What is IPN?
IPN is a message service by paypal that notifies you regarding PayPal transactions.

Question: What is full form of IPN?
Full form of IPN is Instant Payment Notification.

Question: For what type of transactions, paypal send notification?

Instant payments (including Express Checkout payments, direct credit card payments, and calls made to the Adaptive Payments API)
eCheck payments (status pending, completed, and denied)
Pending payments
Authorizations
Recurring payments and subscription payment actions
Chargebacks, disputes, reversals, and refunds associated with different transactions

Question: From where I can send IPN online?
https://developer.paypal.com/developer/ipnSimulator/
(for this, First you MUST set IPN URL in your account)

Question: Give me URL of IPN Simulator?
https://developer.paypal.com/developer/ipnSimulator/
(for this, First you MUST set IPN URL in your account and that must be https URL)

Question: Can I test IPN Simulator in local system?
No, You can't.

Question: Where I can set IPN URL?
Login to Merchant Account => Merchant Services => Instant payment notifications (click on link)
Direct Link for Sandbox: https://www.sandbox.paypal.com/cgi-bin/customerprofileweb?cmd=_profile-ipn-notify
Direct Link for Paypal: https://www.paypal.com/cgi-bin/customerprofileweb?cmd=_profile-ipn-notify

Question: In PayNow Form, Can i set IPN URL? If yes, how?
Yes, you can set.

<input name="notify_url" type="hidden" value="http://example.com/ipn-url.php" />

Question: What is Full form of PDT?
Full form of PDT is PayPal Payment Data Transfers.

Question: What is PDT? and What is use of PDT?
PDT is for notification similar to IPN.

Question: How PDT is different from IPN?
With PDT you get the notification instantly and can do any additional processing required and show the user a confirmation page.
Whereas IPN you are guaranteed to be notified that the payment was received even computer get crash after payments.

Question: From where i can view the IPN History?
https://www.paypal.com/us/cgi-bin/webscr?cmd=_display-ipns-history

Tuesday, 29 March 2016

Paypal Buynow button with Dynamic Fields

DEMO - (Please Don't do Payment).

Sandbox Custom Button

<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input name="cmd" type="hidden" value="_xclick" />
    <input name="business" type="hidden" value="business_a@no-spam.ws" />
    <input name="no_shipping" type="hidden" value="1" />    
    <input name="item_name" type="hidden" value="Product Name" />
    <input name="item_number" type="hidden" value="123456" />
    <input name="amount" type="hidden" value="10.25" />
    <input name="currency_code" type="hidden" value="USD" />
    <input alt="PayPal - The safer, easier way to pay online!" border="0" name="submit" src="https://www.sandbox.paypal.com/en_US/i/btn/btn_buynowCC_LG.gif" type="image" />
    <input name="return" type="hidden" value="http://example.com/ohio-university/success/tour_type/private" />
    <input name="cancel_return" type="hidden" value="http://example.com/ohio-university/cancelled/order_id/00010" />        
    <input name="notify_url" type="hidden" value="http://example.com/ohio-university/ipn/order_id/00010" />        
    <input name="button_subtype" type="hidden" value="services" />
</form>

Paypal Custom Button

<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input name="cmd" type="hidden" value="_xclick" />
    <input name="business" type="hidden" value="business_a@no-spam.ws" />
    <input name="no_shipping" type="hidden" value="1" />
    <input name="item_name" type="hidden" value="Product Name" />
    <input name="item_number" type="hidden" value="123456" />
    <input name="amount" type="hidden" value="10.25" />
    <input name="currency_code" type="hidden" value="USD" />
    <input alt="PayPal - The safer, easier way to pay online!" border="0" name="submit" src="https://www.paypal.com/en_US/i/btn/btn_buynowCC_LG.gif" type="image" />
    <input name="return" type="hidden" value="http://example.com/ohio-university/success/tour_type/private" />
    <input name="cancel_return" type="hidden" value="http://example.com/ohio-university/cancelled/order_id/00010" />        
    <input name="notify_url" type="hidden" value="http://example.com/ohio-university/ipn/order_id/00010" />        
    <input name="button_subtype" type="hidden" value="services" />
</form>

Understand the Hidden variables

cmd:value is _xclick, means this is Buy Now page.
business: paypal email address where you will received the payment.
no_shipping: Show the shipping details in paypal checckout page, 0-Hide, 1-Show.
item_name: Product Name display in paypal cart page.
item_number: this is order number and should be always unique.
amount: Amount of order.
currency_code: Currency code of order amount.
return: After order complete, user will return to this URL.
cancel_return: If user cancel the payment in paypal checkout page, he will return to this URL.
notify_url: This is notify URL for developer, where developer update the details after payment success/failed/onHold etc.

Saturday, 28 November 2015

PayPal Express Checkout Working Flow - In Simple Steps with Clean Example

PayPal Express Checkout is a powerful API-based solution that can be integrated into any merchant website. With PayPal Express Checkout API, customer leave the website and complete the transaction in http://paypal.com, where customer can pay with paypal.com account OR with credit card / Debit card. When start processing, Paypal gives a TOKEN key which is used to charge money from customer OR get the Payment Details OR Customer Shipping/Billing details. Developer should save this token key for future use.

Express Checkout have Simple Seven Steps. Start from initializing the token and end with success page after payment.

Customer makes their payment and completes their order on your website. This enables tighter integration with your website and order management processes. It can be more efficient for PayPal users and may facilitate sales.

Following are 7 Steps of express Checkout

Step 1: Get Token API In this case we need to send an API call to Paypal Server with item detail, receiver email etc.
Request Parameter Example

Array
(
    [USER] => PAYPAL_API_EMAIL
    [PWD] => PAYPAL_API_PASSWORD
    [SIGNATURE] => PAYPAL_API_SIGNATURE
    [VERSION] => 95
    [ip] => 127.0.0.1
    [METHOD] => SetExpressCheckout
    [returnUrl] => http://example.com/order/success //customer will return this URL, if paid
    [cancelUrl] => http://example.com/order/failed //customer will return this URL, if not paid
    [L_PAYMENTREQUEST_0_NAME0] => Om Belt - Black
    [L_PAYMENTREQUEST_0_DESC0] => Obscure Belts
    [L_PAYMENTREQUEST_0_AMT0] => 82.92
    [L_PAYMENTREQUEST_0_QTY0] => 1
    [PAYMENTREQUEST_0_CURRENCYCODE] => USD
    [PAYMENTREQUEST_0_SHIPPINGAMT] => 5.15
    [PAYMENTREQUEST_0_AMT] => 88.07
    [PAYMENTREQUEST_0_ITEMAMT] => 82.92
    [PAYMENTREQUEST_0_PAYMENTACTION] => Order
    [PAYMENTREQUEST_0_SELLERPAYPALACCOUNTID] => receiver_email_address;//payment will receive by this paypal email
    [PAYMENTREQUEST_0_PAYMENTREQUESTID] => ORDER_UNIQUE_ID
)

Step 2: Get Token From API Response After calling above API, we will get below response

Array
(
    [TOKEN] => EC-06N33746DC1035058
    [TIMESTAMP] => 2014-08-11T11:40:52Z
    [CORRELATIONID] => dcda5dabca4a7
    [ACK] => Success
    [VERSION] => 95
    [BUILD] => 12301660
)

Now, Store the TOKEN will be used in future

Step 3: Send Customer to Paypal After getting success, we will send customer to following URL with appending token key
https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&useraction=commit&token=EC-06N33746DC1035058
Here User will see Cart detail and can pay after login.

Step 4: Order Confirmation Page After login successfully, Customer will move to Order Confirmation page with "Pay Now" Button
(Here user will see the cart detail and can pay)

Step 5: Get Order Detail When Customer paid successfully, customer will return to returnUrl (see step1), In return URL, TOKEN and PayerID will be appended automatically.
From TOKEN, we will get to know for what order user return.
From PayerID, We will get to know user is ready to pay us and also we used this Id to charge him.

Call following API, to get the Order Detail From Paypal

Array
(
    [USER] => PAYPAL_API_EMAIL
    [PWD] => PAYPAL_API_PASSWORD
    [SIGNATURE] => PAYPAL_API_SIGNATURE
    [VERSION] => 95
    [url] => https://api-3t.sandbox.paypal.com/nvp
    [METHOD] => GetExpressCheckoutDetails
    [TOKEN] => EC-06N33746DC1035058
)

After calling above API, response will be return

Step 6: Charge Money From Customer We need to a new paypal method to charge the customer i.e DoExpressCheckoutPayment
Request Params Example

Array
(
    [USER] => PAYPAL_API_EMAIL
    [PWD] => PAYPAL_API_PASSWORD
    [SIGNATURE] => PAYPAL_API_SIGNATURE
    [VERSION] => 95
    [url] => https://api-3t.sandbox.paypal.com/nvp
    [METHOD] => DoExpressCheckoutPayment
    [TOKEN] => EC-06N33746DC1035058
    [PAYERID] => HS5JSKPGX4T2G
    [L_PAYMENTREQUEST_0_NAME0] => Om Belt - Black
    [L_PAYMENTREQUEST_0_DESC0] => Obscure Belts
    [L_PAYMENTREQUEST_0_AMT0] => 82.92
    [L_PAYMENTREQUEST_0_QTY0] => 1
    [PAYMENTREQUEST_0_CURRENCYCODE] => USD
    [PAYMENTREQUEST_0_SHIPPINGAMT] => 5.15
    [PAYMENTREQUEST_0_AMT] => 88.07
    [PAYMENTREQUEST_0_ITEMAMT] => 82.92
    [PAYMENTREQUEST_0_SELLERPAYPALACCOUNTID] => receiver_email_address//payment will receive by this paypal email
   
)

When we call DoExpressCheckoutPayment, We will charge the payment from customer Account and an email will be sent to customer and receiver.

Step 7: Check Resonse

Array
(
    [TOKEN] => EC-06N33746DC1035058
    [SUCCESSPAGEREDIRECTREQUESTED] => false
    [TIMESTAMP] => 2014-08-11T12:41:32Z
    [CORRELATIONID] => e5d0b3a5e674a
    [ACK] => Success
    [VERSION] => 95
    [BUILD] => 12301660
    [INSURANCEOPTIONSELECTED] => false
    [SHIPPINGOPTIONISDEFAULT] => false
    [PAYMENTINFO_0_TRANSACTIONID] => 6HD429843V086060C
    [PAYMENTINFO_0_TRANSACTIONTYPE] => cart
    [PAYMENTINFO_0_PAYMENTTYPE] => instant
    [PAYMENTINFO_0_ORDERTIME] => 2014-08-11T12:41:32Z
    [PAYMENTINFO_0_AMT] => 88.07
    [PAYMENTINFO_0_FEEAMT] => 2.85
    [PAYMENTINFO_0_TAXAMT] => 0.00
    [PAYMENTINFO_0_CURRENCYCODE] => USD
    [PAYMENTINFO_0_PAYMENTSTATUS] => Completed
    [PAYMENTINFO_0_PENDINGREASON] => None
    [PAYMENTINFO_0_REASONCODE] => None
    [PAYMENTINFO_0_PROTECTIONELIGIBILITY] => Eligible
    [PAYMENTINFO_0_PROTECTIONELIGIBILITYTYPE] => ItemNotReceivedEligible,UnauthorizedPaymentEligible
    [PAYMENTINFO_0_SELLERPAYPALACCOUNTID] => receiver_email_address
    [PAYMENTINFO_0_SECUREMERCHANTACCOUNTID] => UFBX24KTUHJKU
    [PAYMENTINFO_0_ERRORCODE] => 0
    [PAYMENTINFO_0_ACK] => Success
)

Customer can pay with Credit card without Paypal Account

Login to Paypal
Go to Profile subtab
Click on Website Payment Preferences under the Selling Preferences column
Check the yes box under PayPal Account Optional

Thursday, 25 June 2015

Braintree Questions and Answers - Javascript+PHP

Question: What is use of custom fields? How to use custom fields to save the customer details?
When we create/update the customer details, you might need to add extra fields which are not supported by braintree APIs. In that case, you can use braintree custom fields, with use of custom fields you can save extra customer details like nick name, personal meeting date etc.
When you start save custom fields you will get following error:
Customer ID has already been taken.

Then means, you must have to set the custom fields name in cpanel of your account.
Following are simple instruction to set the custom fields in cpanel of merchant account.
01) Log into the Control Panel in braintree.
02) Go to Settings > Processing > Custom Fields.
03) Click on "New".
04) Fill the form. (Use API Name variable in custom field ).
05) Click Save.

Question: How to get the client token?
"Client token" are generated by Server, use following function to do the same.

$clientToken = Braintree_ClientToken::generate();

This token is used by braintree js and compulsory to process the transaction.

   braintree.setup(clientToken, "custom", {
        . 
        .
        .
      });

Question: How to get "noune payment method"?
When customer fill the credit card details and submit the form, Request goes to "Braintree".
All details are saved in "Braintree" Server.
and you get an unique string that is know as "noune payment method".
With use of this "noune payment method", you can charge the customer.

$result = Braintree_Transaction::sale(array(
    'amount' => '1.00',
    'paymentMethodNonce' => '699dc252-6388-464a-9712-5dd8fa2bb656',
    'options' => array(
      'submitForSettlement' => True
    )
  ));
$transactionId = $result->transaction->id;

noune payment method will expired in 24 Hours.

Question: I am getting error "Unknown payment_method_nonce.". Why?
If you are getting above error message, It might have any of below Reason.
a) paymentMethodNonce is invalid.
b) paymentMethodNonce is already expired OR used.

Question: Give some test credit card numbers for braintree?

378282246310005
371449635398431
6011111111111117
3530111333300000
4111111111111111
4500600000000061

Use any CVV Number and Expiry date (Must future date)

Question: How to get Client Token from server using for Customer.

/** Include Library and set configuration**/
require_once '/braintree-php301/lib/Braintree.php';
Braintree_Configuration::environment('sandbox');
Braintree_Configuration::merchantId('xxxxxxxx');//update merchantId
Braintree_Configuration::publicKey('xxxxxxxxxx');//update public key
Braintree_Configuration::privateKey('xxxxxxxxxxxxxxxxxxxxxx'); //Private key
 
//Get the Client Token
$clientToken = Braintree_ClientToken::generate();

//Get the Client Token for Customer 
$clientToken = Braintree_ClientToken::generate(array('customerId'=>464654654));

Question: How to get Custom details using customerId?

/** Include Library and set configuration**/
.
.
.       
/** Include Library and set configuration**/
$customerId = 67222186;  
   try{
       $result = Braintree_Customer::find($customerId); 
      echo $result->id; echo "\n";
      echo $result->firstName; echo "\n";
      echo $result->lastName; echo "\n";
      echo $result->email; echo "\n";
      echo $result->phone; echo "\n";
   }  catch (Exception $e){
    echo $e->getMessage();die;
  }

Question: How to connect a customer with nonce (payment method)?

$customer = 66082493; //CustomerId of customer
$result = Braintree_PaymentMethod::create(array(
    'customerId' => $customer,
    'paymentMethodNonce' => 'be2d6271-c71f-46ae-96c4-3b1e471cc575'
));

Question: How to charge from Customer with customer_id?

$result = Braintree_Transaction::sale(
  array(
    'customerId' => 'the_customer_id',
    'amount' => '100.00'
  )
);

Question: How to charge from Customer with nonce token?

$result = Braintree_Transaction::sale(array(
  'amount' => '100.00',
  'paymentMethodNonce' => nonceFromTheClient
]));

Tuesday, 23 June 2015

Hosted Field Integration - Braintree

Question:What is Hosted Field in Braintree?
Hosted Fields are fields which are in another websites but displaying on your own website. It gives such a look, Customer will think its on your website but in actual its on braintree website. Payment Form files are in Iframe.
Following are the fields which can display in your website.
Credit card Number
Expiry Date
CVV Number

Question: What is purpose of hosted Fields?
If you want to accept the credit card/debit card in your website to charge from customer. You have to take the PCI compliance.
With using hosted field of braintree, you need not to worry about PCI Compliance.
Basically, Hosted Fields are developed to Solved the PCI 3.0..

Question: How hosted fields helps to solve the issue PCI Compliance?
Suppose you have payment page, where customer can fill credit card information.

Braintree create a payment-form dynamically in your website with use of java-script. This form is in iframe but and you can do lot of styling customization.

In this way, customer add the credit card info in your website but in actual its on braintree. that's why you need not to worry about PCI Compliance. Also when user submit the form, credit card information goes on braintree and use them & you will get a "nonce" variable.

Question:Explain Hosted Field in single line?
Hosted Fields are small, transparent iframes that replace the sensitive credit card inputs in your checkout flow/payment-form.

Question: What are two different ways to integrate the Hosted Fields?
Following are two different way.
1) Drop-in: It is quick way to integrate with braintree, In this payment form is pre-formated.
2) Custom with Hosted Fields: In this, you can do lot of styling customization.

Question: Which browser support the Hosted fields of braintree?
On web, Hosted Fields supports IE 8+ and Safari (OS X and iOS), Firefox, and Chrome (desktop, Android, and iOS).

Question: What is YOUR_CLIENT_TOKEN?
To process anything in client side like create transaction, create customer, update details etc you need a new YOUR_CLIENT_TOKEN.
YOUR_CLIENT_TOKEN is unique random token created from server side(in your application). Following function generate the token?

Braintree_ClientToken::generate();

Wednesday, 17 June 2015

Braintree payment gateway integration

Braintree is an American company which helps online business by processing credit card for merchants. They have payment gateway which support normal payment, recurring billing and credit card storage. It is a Level 1 PCI-DSS(Payment Card Industry Data Security Standard) compliant service provider. Braintree was founded in 2007 by Bryan Johnson. Latter on it was acquired by eBay.

Following are characteristics of Braintree.
01. Online payment with Web AND mobile application.
02. Streamlining the onboarding process for US merchants.
03. Venmo Touch which checkout with one touch across multiple mobile applications.
04. Marketplace product which manages the payouts, taxes, compliance and chargebacks.
05. Credit Card Data Portability.
06. Fast deposits to bank account.
07. Support over 40 countries and 130 currencies.
08. Sophisticated sales analytics.
09. No fees for failed transactions.
10. No inactivity fees.
11. Consistent pricing for all card brands.
12. 2.9% + $.30 per transaction.

What is Braintree Marketplace
Braintree Marketplace is part of Braintree that enable to split payment between seller and marketplace.

Following are characteristics of Braintree Marketplace.
01. Easy Compliance.
02. No Extra Fees.
03. Flexibility.
04. Splitting payments.
05. Works for both Web and Mobile.
06. No escrow is required, charge when you need.
07. Its free for merchants and charge only on transactions i.e (2.9% + $.30).
08. Braintree generate 1099-K tax forms required by the IRS.

How Braintree works?
01. Your web requests a "client token" from your server in order to initialize the JS SDK.
02. Your server generates a token and sends back to your client.
03. Once the JS SDK is initialized, it communicates with Braintree, which returns a "payment method nonce" to your client code.
04. You then send the payment nonce to your server.
05. Your server code receives the "payment method nonce" from your client and then uses the PHP SDK to create a transaction.

Question: What are Payment Methods available in Braintree?
01. Paypal
02.Credit Cards
03. Venmo (With on touch)
04. Apple Pay

Question: What is Payment method nonce?
Payment method nonce: It is string returned by the client SDK (javascript) to represent a payment method.
It is reference to the customer payment method details that were provided in your payment form and used by PHP Server.
Note: Expired in 24 Hour

Question: How to get paymentMethodNonce?
1. Create an account in braintree.
2. Get the merchantId, PublicKey and private Key.
3. Update the merchantId, PublicKey and private Key in following code snippet.
4. Run the code.

A. First get the clientToken from your server

/** Include Library and set configuration**/
require_once '/braintree-php301/lib/Braintree.php';
Braintree_Configuration::environment('sandbox');
Braintree_Configuration::merchantId('xxxxxxxx');//update merchantId
Braintree_Configuration::publicKey('xxxxxxxxxx');//update public key
Braintree_Configuration::privateKey('xxxxxxxxxxxxxxxxxxxxxx'); //Private key

//Get the Client Token
$clientToken = Braintree_ClientToken::generate();

B. Add following following HTML Code.

<script src="https://js.braintreegateway.com/js/beta/braintree-hosted-fields-beta.17.js"></script>
<form action="/payment.php" id="my-sample-form" method="POST">
<label for="card-number">Card Number</label>
      <br />
<div id="card-number">
</div>
<label for="cvv">CVV</label>
      <br />
<div id="cvv">
</div>
<label for="expiration-date">Expiration Date</label>
      <br />
<div id="expiration-date">
</div>
<input type="submit" value="Pay" />
</form>

C. Update the clientToken in following javascript code.

braintree.setup(clientToken, "custom", {
        id: "my-sample-form",
        hostedFields: {
          number: {
            selector: "#card-number"
          },
          cvv: {
            selector: "#cvv"
          },
          expirationDate: {
            selector: "#expiration-date"
          }
        }
      });

OR - Custom Form with Custom URL to get payments

braintree.setup(clientToken, "custom", {
        id: "my-sample-form",
        hostedFields: {
          number: {
            selector: "#card-number",
            placeholder: "Card Number"
          },
          cvv: {
            selector: "#cvv",
            placeholder: "CVV"
          },
          expirationMonth: {
            selector: "#expiration-month",
            placeholder: "Expiration Month"
          },
          expirationYear: {
            selector: "#expiration-year",
            placeholder: "Expiration Year"
          }
        },onPaymentMethodReceived:function(response){
             $.ajax({
                url:'/ajax/braintree-nonce',
                data:'payment_method_nonce='+response.nonce+'&card_digits='+response.details.lastTwo+'&card_type='+response.details.cardType+'&user_id=',
                type:'POST',
                dataType:'json',
                success: function(response) {
                    
                    if(response.success == 1){
                        //write here Code
                    }else{
                       $('#mainSubmitBtn-help').html('Some payment method input fields are invalid. Please try again.').show();
                    }
                },
                error: function(xhr, ajaxOptions, thrownError) {
                    //Error Handling
                }
            });
            return false;
            
        },onError:function(response){
              //Error Handling
            
        }
        });

Collect above code (A,B and C), In single page and click on "Pay" after filling the cc details

When customer add the credit card detail and submit the form, First request goes to braintree server they do the process and return an unique string with name "payment_method_nonce" to payment.php.
Once get the "payment_method_nonce" from payment.php. Use this token to charge the customer. It is valid upto 24 Hour

Question: How to charge the customer with use of payment_method_nonce token?

/** Include Library and set configuration**/
require_once '/braintree-php301/lib/Braintree.php';
Braintree_Configuration::environment('sandbox');
Braintree_Configuration::merchantId('xxxxxxxxxxxxxxxx');
Braintree_Configuration::publicKey('xxxxxxxxxxxxxxxxx');
Braintree_Configuration::privateKey('xxxxxxxxxxxxxxxxxxxxxxxxxxxx');
/** Include Library and set configuration**/


$paymentMethodNonce ='699dc252-6388-464a-9712-5dd8fa2bb656';
try{ 
          $result = Braintree_Transaction::sale(array(
               'amount' => '1.00',
               'paymentMethodNonce' => paymentMethodNonce,
               'options' => array(
                 'submitForSettlement' => True
               )
             ));
          $transactionId = $result->transaction->id;
          echo "Transaction Id".$transactionId;die;

       }  catch (Exception $e){
           echo $e->getMessage();die;

       }

Thursday, 21 May 2015

Paypal Reference Transaction with do direct payments in Zend Framework

In Paypal reference transaction,
We do first payment with customer credit card details.
and then stored the transaction id (Its also reference id for next payment)
For Next payment we use transaction id to charge the customer for next payment without asking Credit card details.

Reference Transaction have following two parts.
1. Do Direct payment
In Do Direct payment, We ask the customer to fill credit card details and customer details.

Based on this details we process the request and charge the payment from customer account.
Following are request parameter required for Do Direct payment.

Endpoint URL: https://api-3t.sandbox.paypal.com/nvp
HTTP method: POST
POST data:
USER=insert_merchant_user_name_here
&PWD=insert_merchant_password_here
&SIGNATURE=insert_merchant_signature_value_here
&METHOD=DoDirectPayment
&VERSION=86
&PAYMENTACTION=Sale     
&AMT=10    
&ACCT=4641631486853053    #The credit card number
&CREDITCARDTYPE=VISA    #The type of credit card i.e visa/mastercard/disover
&CVV2=123    #The CVV2 number
&FIRSTNAME=James
&LASTNAME=Smith
&STREET=FirstStreet
&CITY=SanJose
&STATE=CA
&ZIP=95131
&COUNTRYCODE=US
&CURRENCYCODE=USD    #The currency
&EXPDATE=052018    #expiry date of the credit card i.e mm-yyyy

When we execute the above details we get following output:

ACK=Success
&AMT=10%2e00
&CURRENCYCODE=USD
&AVSCODE=X
&CVV2MATCH=M
&TRANSACTIONID=9KK85084958471234    #An ID on which to base a DoReferenceTransaction call

Now TRANSACTIONID should be stored safely in database.
This TRANSACTIONID will be used as reference Id from next payments.

We need not to stored the credit card details at our end.

Zend Framework Code for DoDirect Payment

        $postData = array(
            'METHOD' => 'DoDirectPayment',
            'USER' => 'API_USERNAME',
            'PWD' => 'API_PASSWORD',
            'SIGNATURE' => 'API_SIGNATURE',
            'VERSION' => 'API_VERSION',
            'PAYMENTACTION' => 'Sale',
            'IPADDRESS' => '127.0.0.1',
            'CREDITCARDTYPE' => 'Visa',
            'ACCT' => '4032037747991558',
            'EXPDATE' => '032020',
            'CVV2' => '123',
            'FIRSTNAME' => 'Web technology',
            'LASTNAME' => 'Experts Team',
            'STREET' => 'Your street',
            'CITY' => 'Your city',
            'STATE' => 'state',
            'COUNTRYCODE' => 'US',
            'ZIP' => '160055',
            'AMT' => '10',
            'CURRENCYCODE' => 'USD',
        );
        
        $postData = array_filter($postData);                
        try {
            $client = new Zend_Http_Client('https://api-3t.sandbox.paypal.com/nvp');
            $postData = array_map('urlencode', $postData);
            pr($postData);
            $client->setParameterPost($postData);
            $response = $client->request('POST');
            $body = $response->getRawBody();
            parse_str($body, $nvpResponseArray);
            print_r($nvpResponseArray);
        } catch (Exception $e) {
            echo $e->getMessage();
            die;
        }

2. Reference Transaction Payment.
We do reference payment on the behalf of reference Id (transaction id in above payment).
We require following details.

Endpoint URL: https://api-3t.sandbox.paypal.com/nvp
HTTP method: POST
POST data:
USER=insert_merchant_user_name_here
&PWD=insert_merchant_password_here
&SIGNATURE=insert_merchant_signature_value_here
&METHOD=DoReferenceTransaction
&VERSION=86
&AMT=2    #The amount of payment
&CURRENCYCODE=USD    #The currency, e.g. US dollars
&PAYMENTACTION=SALE     #Indicates that a payment will be processed
&REFERENCEID=9KK85084958471234     #transaction ID from a DoDirectPayment response

When we execute the above details we get following output:

AVSCODE=X
&CVV2MATCH=M
&ACK=Success
&TRANSACTIONID=7TX32596U93391234     #Transaction ID 
&AMT=2%2e00
&CURRENCYCODE=USD

Zend Framework Code for DoDirect Payment

        $postData = array(
            'METHOD' => 'DoReferenceTransaction',
            'USER' => 'API_USERNAME',
            'PWD' => 'API_PASSWORD',
            'SIGNATURE' => 'API_SIGNATURE',
            'VERSION' => 'API_VERSION',
            'PAYMENTACTION' => 'Sale',
            'IPADDRESS' => '127.0.0.1',
            'REFERENCEID' => '75G187189W046790W',            
            'AMT' => '10',
            'CURRENCYCODE' => 'USD',
        );
        
        $postData = array_filter($postData);                
        try {
            $client = new Zend_Http_Client('https://api-3t.sandbox.paypal.com/nvp');
            $postData = array_map('urlencode', $postData);
            pr($postData);
            $client->setParameterPost($postData);
            $response = $client->request('POST');
            $body = $response->getRawBody();
            parse_str($body, $nvpResponseArray);
            print_r($nvpResponseArray);
        } catch (Exception $e) {
            echo $e->getMessage();
            die;
        }

Please note following regarding Reference Transaction.
1) Business Pro Account Required for Reference Transaction.
2) No need to save the credit card details for next payment.

Friday, 15 May 2015

Paypal Rest API Integration with Zend Framework

Paypal vault API with Do Direct Payment: It use the paypal REST API.
In this process, website process the credit card at their end and stored the credit card at paypal end. When we save credit card at paypal then credit_card_id is return for same credit card.

Now, when we need to charge the customer from their account. we need not to ask for same credit card details. Just use the credit_card_id to charge them.

Please get clientId and secretKey from https://developer.paypal.com/developer/applications, If you have not.

How to Store a credit card with vault API (Zend Framework)
For this you need to two API call.
1. Get the Access token from paypal (In REST API, for every call you need to get a valid Access token).
2. Store the Credit card in paypal and save the returned credit_card_id in your database. (returned credit_card_id will be used to charge the money from customer credit cards).

class PaypalController extends Zend_Controller_Action {
    protected $_clientId='XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
    protected $_secretKey='XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'; 


    /** Get Access Token Valut API **/
    protected function _getAccessKey($clientId, $clientSecret) {
        $accessToken = '';
        $url = "https://api.sandbox.paypal.com/v1/oauth2/token";
        try {

            $config = array(
                'adapter' => 'Zend_Http_Client_Adapter_Curl',
                'curloptions' => array(
                    CURLOPT_FOLLOWLOCATION => TRUE,
                    CURLOPT_SSL_VERIFYPEER => FALSE,
                    CURLOPT_USERPWD => "{$clientId}:{$clientSecret}"
                ),
            );
            $client = new Zend_Http_Client($url, $config);
            $postArray = array('grant_type' => 'client_credentials');
            $client->setParameterPost($postArray);

            $response = $client->request('POST');
            $response = json_decode($response->getBody());
            $accessToken = $response->access_token;
        } catch (Exception $e) {
            $e->getMessage();
            die;
        }
        return $accessToken;
    }


    protected function _storedCCDetails($clientId, $clientSecret,$accessToken,$creditCardDtls){
        $url = "https://api.sandbox.paypal.com/v1/vault/credit-cards";
        $config = array(
            'adapter' => 'Zend_Http_Client_Adapter_Curl',
            'curloptions' => array(
                CURLOPT_FOLLOWLOCATION => TRUE,
                CURLOPT_SSL_VERIFYPEER => FALSE,
                CURLOPT_USERPWD => "{$clientId}:{$clientSecret}"
            ),
        );
        $client = new Zend_Http_Client($url, $config);
        
        
        $client->setHeaders('Content-Type', 'application/json');
        $client->setHeaders('Authorization', "Bearer $accessToken");
        $response = $client->setRawData(json_encode($creditCardDtls), 'application/json')->request('POST');
        $data = json_decode($response->getBody());
        return $data;
    }

    function storecreditcardAction(){
        /** Get Access Token **/
        $accessToken = $this->_getAccessKey($this->clientId, $this->secretKey);
        /** Get Access Token **/

        //store credit card details
        $creditCardDtls = array(
        "payer_id" => "user1234567",
        "type" => "visa",
        "number" => "4417119669820331",
        "expire_month" => "11",
        "expire_year" => "2018",
        "first_name" => "Betsy",
        "last_name" => "Buyer",
        "billing_address" => array(
            "line1" => "111 First Street",
            "city" => "Mohali",
            "country_code" => "IN",
            "state" => "punjab",
            "postal_code" => "4252"
        )
        );

        $details = $this->_storedCCDetails($this->clientId, $this->secretKey,$accessToken, $creditCardDtls);

        //This is payer Account ID
        echo $payerId = $details->payer_id; echo '\n';
        //this is credit card Id used for pyament
        echo $creditCardId= $details->id;die;
    }

}

When we call /paypal/store-storecreditcard It will save the credit card detail and return the credit_card_id and payer_id.
Both (credit_card_id and payer_id) will be used for charge the payment from customer Account.

If we print_r the variable of $details, It will return following output.

 stdClass Object
(
    [id] => CARD-1FV197973J134115GKVKZMYQ //This is credit card Id
    [state] => ok
    [payer_id] => user12345 //This is userId
    [type] => visa
    [number] => xxxxxxxxxxxx0331
    [expire_month] => 11
    [expire_year] => 2018
    [first_name] => Betsy
    [last_name] => Buyer
    [billing_address] => stdClass Object
        (
            [line1] => 111 First Street
            [city] => Mohali
            [state] => punjab
            [postal_code] => 4252
            [country_code] => IN
        )

    [valid_until] => 2018-05-14T00:00:00Z
    [create_time] => 2015-05-15T06:46:58Z
    [update_time] => 2015-05-15T06:46:58Z
    [links] => Array
        (
            [0] => stdClass Object
                (
                    [href] => https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-1FV197973J134115GKVKZMYQ
                    [rel] => self
                    [method] => GET
                )

            [1] => stdClass Object
                (
                    [href] => https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-1FV197973J134115GKVKZMYQ
                    [rel] => delete
                    [method] => DELETE
                )

            [2] => stdClass Object
                (
                    [href] => https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-1FV197973J134115GKVKZMYQ
                    [rel] => patch
                    [method] => PATCH
                )

        )

)

To charge the money from customer, you need to add below function in about class.

    function restSaleAction(){

        /** Get Access Token **/
        $accessToken = $this->_getAccessKey($this->clientId, $this->secretKey);
        /** Get Access Token **/
        
        
        $postData = new stdClass();
        $postData->intent ='sale';
        $postData->payer->payment_method ='credit_card';
        $postData->payer->funding_instruments[0]->credit_card_token->credit_card_id='CREDIT_CARD_ID_STORED_IN_PAYPAL';
        $postData->payer->funding_instruments[0]->credit_card_token->payer_id ='PAYER_ID';        
        $postData->transactions[0]->amount->total='15';
        $postData->transactions[0]->amount->currency='USD';
        $postData->transactions[0]->description='15 dollar Payment';
        $json = json_encode($postData); 

        $url = "https://api.sandbox.paypal.com/v1/payments/payment";
        $config = array(
            'adapter' => 'Zend_Http_Client_Adapter_Curl',
            'curloptions' => array(
                CURLOPT_FOLLOWLOCATION => TRUE,
                CURLOPT_SSL_VERIFYPEER => FALSE,
                CURLOPT_USERPWD => "{$this->clientId}:{$this->secretKey}"
            ),
        );
        $client = new Zend_Http_Client($url, $config);
     
        
        $client->setHeaders('Content-Type', 'application/json');
        $client->setHeaders('Authorization', "Bearer $accessToken");
        $response = $client->setRawData($json, 'application/json')->request('POST');
        $data = json_decode($response->getBody());
        print_r($data ); 
    }

To charge the payment from customer account,call below URL /payment/rest-sale
If we print_r($data), It will give following details.

Look up a stored credit card This API is used to look up details of a credit card.

    function lookupAction(){
        /** Test Account **/         
        $clientId = 'ATuptMp3UudN3gLlbnBlZU3WTCecGskG6igWX1BhqNT-J4u333fIorUupt4QFHWsgeFdTGbO9oYMMU0f';
        $clientSecret = 'EGmdEqOEE2Xv6OH9fEfNw_OTg-0Zx72PqDab8y3JvGjx9TBY1KyeHN_V2CMX5WVmaeoKnwEvLykta-4v';
        /** Test Account **/ 
        
        /** Get Access Token **/
        $accessToken = $this->_getAccessKey($clientId, $clientSecret);
        /** Get Access Token **/
        
        $creditCardId='CARD-7P651358M81515745KVOB4MY';
        $url = "https://api.sandbox.paypal.com/v1/vault/credit-cards/".$creditCardId;
        
        
        
        $config = array(
            'adapter' => 'Zend_Http_Client_Adapter_Curl',
            'curloptions' => array(
                CURLOPT_FOLLOWLOCATION => TRUE,
                CURLOPT_SSL_VERIFYPEER => FALSE,
                CURLOPT_USERPWD => "{$clientId}:{$clientSecret}"
            ),
        );
        $client = new Zend_Http_Client($url, $config);
        
        
        $client->setHeaders('Content-Type', 'application/json');
        $client->setHeaders('Authorization', "Bearer $accessToken");
        $response = $client->setRawData(json_encode(array()), 'application/json')->request('GET');
        $body= $response->getBody();
        pr(json_decode($body));        die;
        // 
    }

When we call paypal/lookup, it will give following output:

stdClass Object
(
    [id] => CARD-7P651358M81515745KVOB4MY
    [state] => ok
    [payer_id] => arunkumar10
    [type] => visa
    [number] => xxxxxxxxxxxx0331
    [expire_month] => 11
    [expire_year] => 2018
    [first_name] => Arun
    [last_name] => Kumar
    [billing_address] => stdClass Object
        (
            [line1] => Sector 70
            [city] => Mohali
            [state] => punjab
            [postal_code] => 160055
            [country_code] => IN
        )

    [valid_until] => 2018-05-19T00:00:00Z
    [create_time] => 2015-05-20T05:40:03Z
    [update_time] => 2015-05-20T05:40:03Z
    [links] => Array
        (
            [0] => stdClass Object
                (
                    [href] => https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-7P651358M81515745KVOB4MY
                    [rel] => self
                    [method] => GET
                )

            [1] => stdClass Object
                (
                    [href] => https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-7P651358M81515745KVOB4MY
                    [rel] => delete
                    [method] => DELETE
                )

            [2] => stdClass Object
                (
                    [href] => https://api.sandbox.paypal.com/v1/vault/credit-cards/CARD-7P651358M81515745KVOB4MY
                    [rel] => patch
                    [method] => PATCH
                )

        )

)

Delete the credit card from paypal which is stored with vault API.
Use DELETE method to delete the credit card from paypal, for this you need only credit card_id

    function deleteAction(){
        /** Test Account **/ 
        $clientId = 'ATuptMp3UudN3gLlbnBlZU3WTCecGskG6igWX1BhqNT-J4u333fIorUupt4QFHWsgeFdTGbO9oYMMU0f';
        $clientSecret = 'EGmdEqOEE2Xv6OH9fEfNw_OTg-0Zx72PqDab8y3JvGjx9TBY1KyeHN_V2CMX5WVmaeoKnwEvLykta-4v';
        /** Test Account **/ 
         
        
        /** Get Access Token **/
        $accessToken = $this->_getAccessKey($clientId, $clientSecret);
        /** Get Access Token **/
        
       $creditCardId='CARD-7P651358M81515745KVOB4MY';
        $url = "https://api.sandbox.paypal.com/v1/vault/credit-cards/".$creditCardId;
        $config = array(
            'adapter' => 'Zend_Http_Client_Adapter_Curl',
            'curloptions' => array(
                CURLOPT_FOLLOWLOCATION => TRUE,
                CURLOPT_SSL_VERIFYPEER => FALSE,
                CURLOPT_USERPWD => "{$clientId}:{$clientSecret}"
            ),
        );
        $client = new Zend_Http_Client($url, $config); 
        
        $client->setHeaders('Content-Type', 'application/json');
        $client->setHeaders('Authorization', "Bearer $accessToken");
        $response = $client->setRawData(json_encode(array()), 'application/json')->request('DELETE');
        echo $response->getBody();die; 
    }

Note:
1. I have test with paypal sandbox account .
2. For vault API, you need an business account. (No need for Business Pro Account)
2. As you are processing credit card in your website, you must apply for PCI compliance.

Friday, 24 April 2015

To whom does PCI compliance need to apply?

Question: To whom does PCI compliance need to apply? If I am only processing the Credit card detail, do i need still to apply for PCI Compliance?

If you are accept credit card/debit card on your website, you need PCI compliance.
If your customer is entering card/debit card on your website, you need PCI compliance.
Because you are processing the credit card, whether you are storing OR not, but you need PCI compliance.

Full form of PCI is Payment Card Industry Data Security Standards (PCI DSS).

Reading PCI Compliance.
Link 1: https://www.pcicomplianceguide.org/pci-faqs-2/#2
Search with : "To whom does PCI apply"

Link 2: https://developer.paypal.com/docs/integration/direct/accept-credit-cards/
Search with "All merchants who accept, store, transmit"

If you are using "embed code"/"mini browser"/"redirect to third party" where customer entered the credit card details (its not your website), means customer is not entering cc details on your website, then you don't need PCI Compliance.