0

I've been trying to piece around information, but I am just ending up confused.

I need to setup a donation page on a site, it needs to have the option for recurring and one-time. That should be simple enough, but where things get complicated is returning the total amount of donations in a one month period.

I don't want to return the account balance, but the total of the transactions for the month.

Is it safe to do this over http, not https? Is there any major risk if someone gets the Paypal API info?

I've been through multiple sites that seem to deal with this through the local end - a database stores the donations after Paypal returns a complete - but they don't deal with recurring, as if someone cancels, the total would be off and require manual intervention.

Thanks for any of your time!

The Britain
  • 3
  • 1

1 Answers1

0

I'm not entirely I sure I understand what you're asking here, but I do think that what you need is Instant Payment Notification (IPN).

Any time a profile is created, canceled, payments are made, etc. an HTTP POST of that transaction data will be sent to a URL/script you have setup. This script can receive that data and process it accordingly.

This will allow you to update your database with payments as they occur, and when payments no longer occur you simply won't get IPNs so no more payments would be added.

If a profile is canceled you would get an IPN for that, too, so you could update your system accordingly.

Drew Angell
  • 25,968
  • 5
  • 32
  • 51
  • Hey, that worked great. The instructions are hell, but for anyone that gets stuck doing something similar. You need to create an ipn php file that "catches" the transaction, then store it in the database after you do a transaction ID dupe check. You will need your own table, but it's not super complicated. A nice way of handling things if you don't have an ssl certificate. – The Britain Oct 08 '15 at 02:28
  • IPN is a very powerful tool regardless of whether you have an SSL certificate or not. It's a great way to automate all sorts of procedures based on various transaction types, payment status, etc. Also, rather than simply check for a duplicate, I like to make sure and update the existing record if it finds one so that the payment status will update accordingly. – Drew Angell Oct 08 '15 at 06:11