0

I need to implement Website Payment Pro hosted page solution for my UK client.

After the discussion with the PayPal team and looking through the tech guide I did the following:

  1. Call BMCreateButton API (end point url -https://api-3t.sandbox.paypal.com/nvp) to get the EMAILLINK
  2. Redirect user to EMAILINK(securepayments.sandbox.paypal.com/webapps/HostedSoleSolutionApp/webflow/sparta/hostedSoleSolutionProcess?hosted_button_id=HSSS-jsCeH.xi9R3Q........) for the PP hosted page
  3. User completes the payment at the hosted page
  4. After the payment completion user is redirected back to my confirmation page.

In the response I only see 'tx' (TransactionId) and CSCMATCH(=M).

There is no PNREF or other status param which tells me if payment is 'AUTHORIZED', 'DECLINE' , 'CANCELLED' or any error message'.

I am comparing this solution with the payflow gateway hosted page solution (which is not available in UK) wherein i receive enough of the response params to make proper decision at my end after receiving the response.

Please advise.

hairboat
  • 650
  • 19
  • 29
user3727441
  • 3
  • 3

1 Answers1

0

PayPal's Website Payments Pro has ways for you to get this information, but they look very different from the Payflow product.

(The Payflow product was built by a different company that was later acquired by PayPal, which is why the two products look entirely different.)

The "PayPal way" to get this information is to use IPNs to securely verify the payment information. Some PayPal products also support PDT (https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/paymentdatatransfer/), which is basically the same as IPN except that you post to PayPal to get the verification rather than waiting for PayPal to post to you.

See also this integration guide, specifically chapter 7 "order processing", which explains how to do this:

https://www.paypalobjects.com/webstatic/en_GB/developer/docs/pdf/hostedsolution_uk.pdf

The separate round-trip to PayPal is to prevent someone from constructing a false transaction ID (and status information) and posting to your return URL to try to convince you they made a payment when they had not in fact done so.

geewiz
  • 2,206
  • 1
  • 10
  • 16
  • Thanks a lot geewiz...I'll explore GetTransactionDetails API in detail. – user3727441 Jan 07 '15 at 15:34
  • This api return a bunch of params. Which param to check to ensure payment is authorized?is it PAYMENTSTATUS?But its value say 'In-Progress'can i assume payment is 'AUTHORIZED'?Actually our application doesnot sell anything but we ask for some fees to be paid when you perform some specific operation.So once the authorization is done we are suppose to allow the user to proceed.in the case if we get PAYMENTSTATUS as 'None' what does that mean? considering the above behavior of my application i dont know what can be done? – user3727441 Jan 07 '15 at 21:31