Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Using PayPal for membership signup


  • Please log in to reply
2 replies to this topic

#1 Wolfy87

Wolfy87

  • Members
  • 414 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England
  • Local time:03:44 AM

Posted 09 March 2010 - 12:59 PM

Hi, I am planning a web application that involves the user paying via paypal when signing up, I just wondered if anyone had any suggestions on how to go about this.

My first idea is for the user to input there user name, password and email etc. Then it will move to the next page where the user must pay a fee via paypal, after this is completed an email is sent from paypal to my in box describing the transaction.

From this I need to send an email back to the user (which is included in the one from paypal) which contains a 10 character code or something along those lines. Now there is the problem, I can generate the code with PHP no problem but the question is how do I make my email client request the script and send the code.

I hope you can get the idea of what I am trying to achieve from this but if you have any better suggestions that would be great. I do not need any help with the code (MySQL / PHP etc) its just the concept of how I get the code from my server into an email.

Is it possible that my server executes the mail script when it receives a email from paypal?

Thanks to anyone that can help, Wolfy87.

BC AdBot (Login to Remove)

 


#2 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:09:44 PM

Posted 09 March 2010 - 03:31 PM

Maybe it would just be easier to check out the examples in the API from Paypal and see what they have to offer first. It doesn't do you any good to try and use a service when you don't even know what capabilities it has. :thumbsup:

#3 Wolfy87

Wolfy87
  • Topic Starter

  • Members
  • 414 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England
  • Local time:03:44 AM

Posted 10 March 2010 - 12:14 PM

I have looked a bit deeper into the link code and have found a return variable. This means when a user is finished paying or has quit then it will automatically redirect to the page specified, I can also set a value so it uses $_POST to send the details of the transaction to the return page.

The problem with this by its self is that someone could imitate paypal and just send the right values. I feel the best way to overcome this would be to use PHP to check the referrer URL to see if it was sent from paypal.

If all is well and good there previously entered user-name, password, company name and email will be entered into the data base (MySQL) and they will be logged in with MD5 and salting etc, you get the idea...

Do you think I am on the right track?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users