tags:

views:

469

answers:

4
+2  Q: 

paypal returnurl is loggedin page

Hello,

I have a question about using paypal on a page where the user is logged into

It is with php

How can you have the user still authorised for that page if paypal is redirecting back to that page.

I read something about giving the session_id to the custom variable with PDT What about, if you have multiple session variables. Can you also pass an array to the custom variable?

How is it done, codingwise

any insights are good

edit:

Is the PDT custom variable just some self invented name that you stick behind the other obligated variables.

like so:

$req = "tx=$tx&at=$token&cmd=$cmd";

$req .= "&somevariablename=".session_id();

thanks, Richard

+2  A: 

So if I understand correctly:

  1. The user is logged in on your page.
  2. They click on a paypal button / Submit a form
  3. Now they're at www.paypal.com completing their transaction.
  4. Once finished, they are redirected back to your page.

You could use cookies, but they're not fail-safe since the user may have them disabled.

A possible method is making a unique identification string that would be sent to paypal so they are redirected to a custom URL with the string. In that page you validate it, and authorize the user.

Daniel S  2009-09-29 15:49:48
+1  A: 

Just pass the current session id (get it with $id = session_id(); ) to Paypal, and once you get the user, and the session id, back from Paypal just set the session id to the one Paypal sent you using session_id($idPaypalSent);

code_burgar  2009-09-29 15:58:39
A: 

You have a wrong concept of session id: The session id is not just another session variable, but the id of the session, so that you can assign the user to the session variables. You can get the session id via $sess_id = session_id(); and attach that to the custom return variable as "&ppsessid=" . $sessid. You can then set the session id via session_id($_GET['ppsessid']);.

Residuum  2009-09-29 16:05:30
ok, so I don't have to pass the whole session arrayjust the session id and then I have access to all off the session variables again. Thanks, I wasn't sure off that.
Richard  2009-09-29 16:38:07
+1  A: 

May be i am missing something.

So your user logs in .. clicks on buy now button or whatever and goes to paypal site, when finished comes back to your site on a page which lies inside the user area.

This should work seamlessly without u having to do anything. UNLESS the user spends too much time on the paypal site and the session expire time is reached on the server OR the user closes the browser and goes directly to your paypal payment page.

The session will stay alive for its live and the user can move back and forth between your site and some other seamlessly as long as the session timeout allows.

Sabeen Malik  2009-09-29 18:46:36
If paypal is going to do a http request to my hostingserver with the returnurl, how in the world is the server to know how to react in that request. How is it going to know if it has to display a loggedin page or a standard page and also link them to that specific user. I am just saying. Maybe that's what you missed.
Richard  2009-09-30 08:16:37
return urls are browser based .. ipn requests are server to server .. so when u click on that "continue to the site" button or when paypal automatically redirects the user back to your site .. for ur browser, u are already authenticated on that site .. for the server, as long as ur browser is sending the right session id via cookie.. everything is good.
Sabeen Malik  2009-09-30 09:20:06
its just like ..... u are logged into ur site and are looking at http://www.abc.com/hello.phpnow in the address bar type paypal.com and visit a few pages there.. now from history or from the address bar directly type http://www.abc.com/hello.php .. u should see the page as a logged in user. return urls will work pretty much the same.. cause returnurls DONT generate a http request in the background, they just send the users browser to that page, thats it.
Sabeen Malik  2009-09-30 09:22:42

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases