How to use paypal for payment on php shopping website_PHP tutorial

详细参考：

https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_Appx_websitestandard_htmlvariables

定义常量paypalurl

const PAYPAL_URL = 'https://www.sandbox.paypal.com/';

将要传送的数据记录为一个数组

$paypalData = array(
                   'add'                => 1,
                    'cmd'               => '_ext-enter',
                    'redirect_cmd'    => '_xclick',
                    'business'            => $paypalAccount, --------liangliangfeng211@gmail.com这个是收款人的paypal账号
                    'item_name'       => '51customimprint shopping cart',
                    'item_number'   => $order->id,
                    'first_name'        => $address->first_name,
                    'last_name'         => $address->last_name,
                    'address1'           => $address->address1,
                    'city'                     => $address->city,
                    'state'                  => $address->state_or_province,
                    'zip'                      => $address->zip_code,
                    'amount'            => $order->subtotal,
                    'shipping'          => $order->shipping_fee,
                    'no_note'            => 1,
                    'currency_code'    => 'USD',
                    'lc'                      => 'US'
                );

将这个数组转化为一个url地址

$paypalArguments = array();
                foreach($paypalData as $k => $v){
                    array_push($paypalArguments, $k . '=' . urlencode($v));
                }
                $paypalUrl = self::PAYPAL_URL . '?' . implode('&', $paypalArguments);
                $this->_redirect($paypalUrl);

Next, when we test, we should set the address of the Paypal interface to:

https://www.sandbox.paypal.com/cgi-bin/webscr

Basic Process
When a customer pays you, PayPal will send a notification to the server at the specified URL (type=”hidden” name=”notify_url” value=” “). This notification will include all of your customer's payment information (for example, customer name, amount), as well as an encrypted code. When the server is notified, it then sends that information, including the encryption code, back to the secure PayPal URL. PayPal will authenticate the transaction by checking the encrypted string. This transfer of IPN data back to PayPal prevents "spoofing" so you can be sure that the IPN is coming from PayPal. When verifying, PayPal sends confirmation of its legitimacy back to your server.

Tip: To enable instant payment notifications, you will need to enter a URL through which you can receive notifications from your user information.

With instant payment notification enabled, your server will receive a notification every time you receive a payment. This notification will be sent to the specified URL in a hidden "FORM POST" and will include all payment information. . The notification's FORM variables are listed at the bottom of this page.

Each time you receive an IPN from PayPal, you must complete the notification confirmation process described below before implementing your order. Confirming the listed information will ensure the transaction is legitimate.

Notification Confirmation IPN
To ensure that the payment has entered your PayPal account, you must verify that the email address used as "receiver_email" is registered and confirmed in your PayPal account.

Once the server receives the instant payment notification, you will need to confirm it by constructing an HTTP POST to PayPal. Your POST should be sent to https://www.paypal.com/cgi-bin/webscr

You must send all form variables received exactly as they are received. You also need to append a variable named "cmd" with a value of "_notify-validate" (for example, cmd=_notify-validate) to the POST string.

PayPal will reply to this POST and include the word "VERIFIED" or "INVALID" in the body of the reply. When you receive a VERIFIED response, there are several checks you need to perform before implementing your order:

Confirm the 'payment_status' is 'Completed' as the IPN will also be sent for other results such as 'Pending' or 'Failed'.
Check that "txn_id" is not duplicated to prevent fraudsters from reusing old completed transactions.
Verify that "receiver_email" is the email address registered in your PayPal account to prevent payments from being sent to a fraudster's account.
Check other transaction details (such as item number and price) to confirm that the price has not changed. Once you have completed the above checks, you can update your database with the IPN data and process the purchase.
If you receive an "invalid" notification, it should be considered a suspicious notification and should be investigated.

http://www.bkjia.com/PHPjc/322638.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/322638.htmlTechArticleDetailed reference: https://cms.paypal.com/us/cgi-bin/?cmd=_render- content records the data to be transmitted as an array $paypalData = array( 'add' = 1, 'cmd' = '_ext-enter', 'redirect_cm...