PageRenderTime 46ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 0ms

/Code/RSS/PayPal_Mobile_Checkout_PHP/mobile-checkout.php

https://github.com/MIT-EPROM/EPROM
PHP | 161 lines | 25 code | 22 blank | 114 comment | 3 complexity | 4b48d305903d9002294612cead663d70 MD5 | raw file
    

  1. <?php

    2. 

  2. 

    3. 

  3. /* PayPal Mobile Checkout Sample PHP - http://www.paypal.com/mobile/

    4. 

  4. 

    5. 

  5. Those who don't have an existing PayPal account:

    6. 

  6. Go to https://www.paypal.com/uk/mrb/pal=GV8A6PH9C6XVG

    7. 

  7. Click Sign Up Today.

    8. 

  8. Set up an account for Business Owners.

    9. 

  9. Follow the instructions on the PayPal site.

    10. 

  10. 

    11. 

  11. Those who already have a Personal or Premier account:

    12. 

  12. 

    13. 

  13. Go to https://www.paypal.com/uk/mrb/pal=GV8A6PH9C6XVG

    14. 

  14. Click the Upgrade your Account link.

    15. 

  15. Click the Upgrade Now button.

    16. 

  16. Choose to upgrade to a Business account and follow instructions to complete the upgrade.

    17. 

  17. If you haven't already, add a bank account to become a Verified member. Follow the instructions on the PayPal site. This process may take 2-3 business days.

    18. 

  18. 

    19. 

  19. -- 

    20. 

  20. 

    21. 

  21. step 1 - configure your account for mobile checkout - paypal > profile > api access > edit / create > tick SetMobileCheckout and DoMobileCheckoutPayment

    22. 

  22. step 2 - configure your api username, password and signature in constants.php

    23. 

  23. step 3 - upload, test and integrate with your mobile site - when you want to go live comment out the sandbox value below

    24. 

  24. 

    25. 

  25. mobile checkout is pretty simple, you submit some variables to paypal and they return a token

    26. 

  26. you use this token when you direct your customer to paypal to confirm the payment

    27. 

  27. once the customer has paid they're sent back to you with the same token attached

    28. 

  28. 

    29. 

  29. mobile checkout developer guide - https://www.paypal.com/en_US/pdf/PP_MobileCheckout.pdf

    30. 

  30. integration center - http://www.paypal.com/IntegrationCenter/ic_mobile-checkout.html

    31. 

  31. paypal mobile forum - http://www.pdncommunity.com/pdn/board?board.id=mobile

    32. 

  32. 

    33. 

  33. this script was originally based on ReviewOrder.php from the paypal php nvp sdk

    34. 

  34. CallerService.php and constants.php are from the sdk though constants has been changed to switch sandbox on and off and use the mobile urls

    35. 

  35. original unaltered copies can be downloaded from http://www.paypal.com/sdk/

    36. 

  36. the latest version of this script can be found at http://www.andymoore.info/paypal-mobile-checkout-php/

    37. 

  37. 

    38. 

  38. Andy Moore

    39. 

  39. dotMobi Certified Mobile Web Developer

    40. 

  40. http://www.andymoore.info/

    41. 

  41. */

    42. 

  42. 

    43. 

  43. // do you want to test on the sandbox? set to yes or comment this line to go live

    44. 

  44. $sandbox = 'yes';

    45. 

  45. 

    46. 

  46. // initialise the session

    47. 

  47. session_start();

    48. 

  48. 

    49. 

  49. // include the file with the api functions (which subsequently includes constants.php)

    50. 

  50. include('CallerService.php');

    51. 

  51. 

    52. 

  52. // if token is not set or is empty we perform SetMobileCheckout - otherwise we're processing DoMobileCheckoutPayment

    53. 

  53. if(!isset($_REQUEST['token'])||$_REQUEST['token']==''){

    54. 

  54. 

    55. 

  55.   // build up the values we will submit for this order

    56. 

  56.   // in the most basic form this only needs AMT CURRENCYCODE DESC RETURNURL AND CANCELURL paramaters passing - everything else is optional

    57. 

  57. 

    58. 

  58.   $submit_string .= '&AMT=1.00'; // REQUIRED - Cost of the item before tax and shipping. Must not exceed $1,000 USD in any currency. No currency symbol, decimal seperator must be a point '.'  optional thousands seperator ','

    59. 

  59.   $submit_string .= '&CURRENCYCODE=GBP'; // REQUIRED - three character currency code. Accepts the following values: AUD / CAD / EUR / GBP / JPY / USD

    60. 

  60.   $submit_string .= '&DESC=Product+Description'; // REQUIRED - the name of the item being offered <127 characters

    61. 

  61.   $submit_string .= '&RETURNURL='.urlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); // REQUIRED - urlencoded value - where the customer is directed to post paypal - ?token=123456789 will be added - it's suggested to make it the final review page prior to ordering

    62. 

  62.   $submit_string .= '&CANCELURL='.urlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); // REQUIRED - urlencoded value - where the customer is directed to if they click the cancel or return to merchant links at paypal

    63. 

  63. 

    64. 

  64.   // $submit_string = '&PHONENUM='; // OPTIONAL - Localized phone number used by the buyer to submit their payment request. If the phone number is activated for mobile checkout PayPal will use it to pre-propagate the login page - 9 to 13 numeric characters

    65. 

  65.   // $submit_string .= '&TAXAMT='; // OPTIONAL - tax on item purchased

    66. 

  66.   // $submit_string .= '&SHIPPINGAMT='; // OPTIONAL - the shipping cost for this transaction

    67. 

  67.   // $submit_string .= '&NUMBER='; // OPTIONAL - pass through value, returned verbatin on DoMobileCheckoutPayment - for values like stock keeping units <127 single byte characters

    68. 

  68.   // $submit_string .= '&CUSTOM='; // OPTIONAL - pass through value, returned verbatin on DoMobileCheckoutPayment - store session IDs and other values here <256 characters

    69. 

  69.   // $submit_string .= '&INVNUM='.time(); // OPTIONAL - Your own invoice number of ID used to identify the transaction. <127 single byte characters - must be unique

    70. 

  70.   // $submit_string .= '&ADDRESSDISPLAY=1'; // OPTIONAL - 0 = shipping address not required or 1 = an address is required, address displayed by default - must be 1 for physical goods - users can't edit the address though they can select from other addresses on file at paypal

    71. 

  71.   // $submit_string .= '&SHAREPHONENUM=0'; // OPTIONAL - indicates if the customer's phone number is to be returned to the merchant. The customer will be notified during the flow and given the opportunity to override this

    72. 

  72.   // $submit_string .= '&EMAIL='; // OPTIONAL - email address of the buyer as entered during checkout. If the phone number is not mobile activated this is used to pre-fill the login form <127 single byte characters

    73. 

  73. 

    74. 

  74.   // these values let you set the customer's shipping address, if an address is specified it is displayed during checkout, if not the customers default shipping address will be shown

    75. 

  75.   // these values are only applicable if ADDRESSDISPLAY=1

    76. 

  76.   // $submit_string .= '&SHIPTOCITY=';// REQUIRED - name of the city <120 single byte characters

    77. 

  77.   // $submit_string .= '&SHIPTOSTATE=';// OPTIONAL - name of the state or province <120 single byte characters

    78. 

  78.   // $submit_string .= '&SHIPTOCOUNTRY=';// REQUIRED - iso 3166 country code - examples US CA UK - two single byte characters

    79. 

  79.   // $submit_string .= '&SHIPTOZIP=';// OPTIONAL - us zip code or other country specific postal code <20 single byte characters

    80. 

  80. 

    81. 

  81.   // perform the api callback for SetMobileCheckout with those values 

    82. 

  82.   $resArray = hash_call('SetMobileCheckout',$submit_string);

    83. 

  83. 

    84. 

  84.   // if we get an acknowledgement of SUCCESS there should also be a valid token

    85. 

  85.   if(strtoupper($resArray['ACK'])=='SUCCESS'){

    86. 

  86.     // redirect the customer to paypal to confirm the payment, pass the token value in the url - tokens expire after three hours (20 single byte characters)

    87. 

  87.     header('Location: '.PAYPAL_URL.urldecode($resArray['TOKEN']));

    88. 

  88.   }else{

    89. 

  89.     // SetMobileCheckout failed

    90. 

  90.     echo 'SetMobileCheckout failed: '.$resArray['L_SHORTMESSAGE0'].' '.$resArray['L_ERRORCODE0'].' '.$resArray['L_LONGMESSAGE0'];

    91. 

  91.   }

    92. 

  92. 

    93. 

  93. // ends no token or empty token value / ends performing SetMobileCheckout

    94. 

  94. }else{

    95. 

  95. // starts processing token to call DoMobileCheckOutPayment to complete the transaction and collect the users details 

    96. 

  96. // if you don't do DoMobileCheckoutPayment you don't get the funds

    97. 

  97. 

    98. 

  98.   // submit the token value to paypal with the DoMobileCheckoutPayment callback

    99. 

  99.   $resArray = hash_call('DoMobileCheckoutPayment','&token='.$_REQUEST['token']);

    100. 

  100. 

    101. 

  101.   // run an if against the ACK value - it'll return either SUCCESS or FAILURE

    102. 

  102.   if(strtoupper($resArray['ACK'])=='SUCCESS'){

    103. 

  103.     echo 'DoMobileCheckoutPayment success: '.$resArray['CURRENCYCODE'].' '.$resArray['AMT'].' from '.$resArray['EMAIL'].' ('.$resArray['FIRSTNAME'].' '.$resArray['LASTNAME'].')';

    104. 

  104. 

    105. 

  105.     // values to read are: (if you have instant payment notification running paypal will post you these values to your regular ipn handler)

    106. 

  106. 

    107. 

  107.     // CUSTOM - pass through value returned from SetMobileCheckout

    108. 

  108.     // INVNUM - pass through value return from SetMobileCheckout

    109. 

  109.     // TRANSACTIONID - unique transaction ID for this order, 19 single byte characters

    110. 

  110.     // PARENTTRANSACTIONID - (should always be empty) parent or related TRANSACTIONID - processed for the following transaction types: Reversal, Capture of an authorised transaction, Reauthorisation of a transaction, Capture of an order, Authorisation of an order (in both those cases the PARENTTRANSACTION is the original order id) Capture of an order authorisation, void of an order. - 16 single byte characters in xxxx-xxxx-xxxx-xxxxm format

    111. 

  111.     // RECEIPTID - receipt indentification 16 single byte numbers in xxxx-xxxx-xxxx-xxxx format

    112. 

  112.     // TRANSACTIONTYPE - the type of transaction, with PPMC only send-money will be passed

    113. 

  113.     // PAYMENTTYPE - indicates if the payment is instant or delayed, values are none and instant

    114. 

  114.     // ORDERTIME - the time and date of the order

    115. 

  115.     // AMT - the full order ammount before transaction fees are deducted - <$1000 USD in any currency

    116. 

  116.     // CURRENCYCODE - the currency passed in SetMobileCheckout - this is oddly listed in the spec four times.......

    117. 

  117.     // FEEAMT - the ammount PayPal charged to process this transaction

    118. 

  118.     // SETTLEAMT - how much from the transaction will be deposited into your PayPal account

    119. 

  119.     // TAXAMT - the tax charged on the transaction as specified in SetMobileCheckout

    120. 

  120.     // EXCHANGERATE - exchange rate if any currency conversion occured 

    121. 

  121.     // PAYMENTSTATUS - status of the order with PayPal will be either Completed or Pending - if pending see PENDINGREASON below - can also be Reversed tho not listed in the docs

    122. 

  122.     // PENDINGREASON - the reason the payment is pending: none, address, intl, multi-currency, verify, unilateral, upgrade, other - see the docs for a full breakdown of each

    123. 

  123.     // REASONCODE - only applicable if the transaction has been reversed (PAYMENTSTATUS is Reversed)

    124. 

  124.     // EMAIL - the buyers email address

    125. 

  125. 

    126. 

  126.     // PayerInfo values:

    127. 

  127.     // PAYERID - unique customer account number for that customer

    128. 

  128.     // PAYERSTATUS - status of the payer's email address

    129. 

  129.     // COUNTRYCODE - iso 3166 country code

    130. 

  130.     // BUSINESS - payer's business name

    131. 

  131.     // PHONENUM - phone number shared by the customer with the merchant, see notes above about how the customer can deny this

    132. 

  132. 

    133. 

  133.     // PayerName values:

    134. 

  134.     // SALUTATION - the payer's salutation

    135. 

  135.     // FIRSTNAME - first name

    136. 

  136.     // MIDDLENAME - middle name

    137. 

  137.     // LASTNAME - surname

    138. 

  138.     // SUFFIX - suffix

    139. 

  139. 

    140. 

  140.     // AddressType values - only if DISPLAYADDRESS=1

    141. 

  141.     // NAME - the persons name associated with that shipping address

    142. 

  142.     // SHIPTOSTREET - street address line 1 

    143. 

  143.     // SHIPTOSTREET2 - street address line 2 

    144. 

  144.     // SHIPTOCITY - name of city

    145. 

  145.     // SHIPTOSTATE - name of state or province

    146. 

  146.     // SHIPTOCOUNTRY - ISO 3166 country code

    147. 

  147.     // SHIPTOZIP - us zip code or other country specific postal code

    148. 

  148.     // SHIPTOPHONENUM - the phone number associated with this address

    149. 

  149.     // ADDRESSOWNER - ebay company which maintains this address, either eBay or PayPal

    150. 

  150.     // ADDRESSSTATUS - status of the address on file with PayPal - either None, Confirmed or Unconfirmed

    151. 

  151.   

    152. 

  152.   // ends SUCCESS 

    153. 

  153.   }else{

    154. 

  154.     // DoMobileCheckoutPayment failed

    155. 

  155.     echo 'DoMobileCheckoutPayment failed '.$resArray['L_SHORTMESSAGE0'].' '.$resArray['L_ERRORCODE0'].' '.$resArray['L_LONGMESSAGE0'];

    156. 

  156.   }

    157. 

  157. 

    158. 

  158. // ends processing the DoMobileCheckoutPayment callback

    159. 

  159. }

    160. 

  160. 

    161. 

  161. ?>

    162. 

  162.