Want to accept PayPal payments in PHP and also verify the payment and run actions after purchase is compleat automatically in PHP? Lets get started, we will be showing the full code at the bottom so you can easily get going out of the box.

Setup a PayPal button
Login to PayPal and under the tools tab visit all tools and open PayPal buttons. Now we just simply create a new button with the type Buy Now and enter all the details you want. The Third step is the part that sets what happens after a user actually pays for something, you want to add Take customers to this URL when they finish checkout and Take customers to this URL when they cancel their checkout urls on your site and enter them. Now just under Advanced variables we enter the following code, replace the URL with the url of the PHP file we create below.

notify_url=https://example.com/update_paypal.php

You can also change the name of the file to make it harder to find like example.com/fj82fn790YNU2-88NF20N/f2m890byp2hjnf968n7fjo23.php.

Add custom variable to the button code
When you get the code for your site enter the following code before </form> and you can use PHP to enter a value in like a username.

<input type="hidden" name="custom" value="maybeausername">

PHP File to get request and validate requests
This part is easy and below is the entire code you need, and remember edit how you want.

Code for update_paypal.php or what you name the file (same file as we linked above).

<?php

$custom = $_POST['custom'];
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

//check if it's really sent to me
if ($receiver_email!="myemail@example.com"){
die("I should not be talking to you");
}

//Generate request we will send to paypal
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

//Post back to PayPal system to validate
$ch = curl_init('https://ipnpb.paypal.com/cgi-bin/webscr'); //Change to this for sandbox mode: https://ipnpb.sandbox.paypal.com/cgi-bin/webscr
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));

$res = curl_exec($ch);

//If error log to the sever error log for the site
if(curl_error($ch)){
error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}

if (strcmp ($res, "VERIFIED") == 0) {

//It worked, do what you want with the info, under $custom is the custom data sent in (like username)

}

// PAYMENT INVALID so we log to the server error log for the site, you want to save this in a way after that you can access, as the payment was a fraud request.
if (strcmp ($res, "INVALID") == 0) {
error_log("The response from IPN was: <b>" .$res ."</b>");
//record the failure in database and maybe message the user.
}

curl_close($ch);
echo "Thank you, Paypal! :)";

?>


I hope this was easy to understand, post a reply if you have questions. This is a basic guide and you should edit the code to your needs. Filter content how you need before saving into a database by entering the functions you want to run the content into before saving in the makesafe function.
Was this article helpful?
Cancel
Thank you!