I have implemented few payment websites using PayPal Standard, PayPal Website Pro, PayPal Express and Authorize.Net.
Now I'm implementing a website which requires recurring billing. My only problem is variable amount, since I do not store credit card information, and amount is not fixed in each cycle.
Can we use either PayPal or Authorize.Net for my project? If not, could you please recommend any reliable payment gateway ($US for payment, and gateway located in US please) for that matter?
You can use a service like Authorize.Net's Customer Information Manager (CIM) to store the credit card and billing information for you and then you create your own scheduling engine that charges against the payment method you have stored for them using CIM. CIM also allows you to make off-cycle payments at any time as well.
Well the variable amount to bill shouldn't be a problem if you can put together whatever formula would be used in code. However if you aren't storing the actual credit card info (and I can understand why), then I don't see how you'd be able to charge the customer every month. Normally you need a credit card or bank information to do a direct transfer.
If you absolutely cannot store the information, then the only thing I can imagine is putting together an automated calculation and notification system that can send the customer an email with a link that brings them to a form so they can enter the information as simply as possible. Otherwise you'll need to save their credit card info somewhere secure and simply bill them every month, which isn't uncommon.
Have you looked into PayPal's IPN variables?
https://www.paypal.com/cgi-bin/webscr?cmd=p/acc/ipn-subscriptions-outside
Typically you have to cancel then reapprove a new subscription... but perhaps you can use the variables some how to do that programmatically.
I found a solution. PayPal calls ProcessReferencePayment.
At first, I need to charge the credit card using DoDirectPayment, and store the successful transaction number.
After that, I just call DoReferenceTransaction along with OrderTotal and ReferenceID (the previous transaction number).
DoReferenceTransactionRequestDetailsType
DoReferenceTransactionReq
Related
I want 2 functions in woocomerce:
1. Click and collect: This is where the customers puts in an order and comes to the store to collect it. The customer should be able to set approx time they want order to be ready for. The store should be able to set minimum time to have order ready.
With click and collect they have 16 stores so person should be able to choose store to collect and then receive a receipt for pick up at the store. They pay for goods on the website.
Each store needs to be able to receive the order either by having a dashboard or by email system.
Delivery: They will also have a delivery service where people can order larger quantities for delivery to their home or their business or event. this is more conventional eCommerce transaction.
Your best bet to add multiple locations for collection is a plugin like Local Pickup Plus. While it's certainly possible to add this functionality in yourself I'd recommend just buying a plugin. Having built something similar I came to the conclusion that -- accounting for my hourly rate -- I had saved myself no money whatsoever by building it from scratch.
i have created a advanced local delivery plugin, check this out a link
Running NopCommerce 3.40
I think i read somewhere that NopCommerce's Shopping cart is PCI compliant. It also looks like NopCommerce's shopping cart stores Credit card data.
1.) So what does this PCI process do?
2.) Is it just a fashion of encryption of data as it passes to the database?
3.) Is it my fault if the hosted database say from GoDaddy gets hacked for a bunch of credit cards?
I don't know why NopCommerce is storing Credit Cards. I think I have to figure out how to disable that part. I mean if I don't then I need to purchase a PCI Certificate?
EDIT :
I did some more reading. It looks like if I use Stripe or another third party gateway no Credit card information gets stored. I think only Manual Payments credit card information gets stored. Is this right?
1) PCI-DSS stands for Payment Card Industry Data Security Standard. The standard guides you so you know what are you doing with the cards data and that it is secure enough, given your transaction volume, data collected and stored, etc.
2) It is not. Basically, it says that if the card data (CC number, CVV code) ever pass near your system (in a logical sense), then you are in the PCI scope, and have to comply or the acquirers (banks) won't talk to you.
3) I think you'd be liable, look into GoDaddy disclaimers.
I doubt there's anything like 'PCI compliant shopping cart'. This is how you process the payment, as in, can your javascript access the CC number input box, can your router see the unencrypted CC number, etc.
In your case, I assume a small e-commerce, I'd look to outsource the payment page. Be it Stripe, PayPal, Skrill, Neteller, whatever makes you never see the data except for the income amount.
After taking some online tutorials I am willing to create my own custom theme for my myself. This is going to be an online Contact Lense store! So far I have learned how to generate and use Custom Post Types, Custom Taxonamyies, Metaboxes , and Option pages.but there is still one confusing part left for me(hopefully not more! :-))
I need to get some user inputs through HTML Select Options like following image to finalize the users orders:
Now my question is:
1- Do I have to create some thing lik Metaboxes to manipulate these data from users?
2- can I handle these kind of data through simple Form ans Post function in PHP? If so where should I store these data? Do I have to create a table on my own to handle these things?
I really appreciate your time regrading this post,
What you're asking for carries a little more complexity than you think!
Let's break this down into its meaningful steps:
A user visits your shop, and decides that they like what they see and wants to make an order
The user fills out a form defining their exact eye requirements, quantity, as well as their contact information
Upon completing this form, a new order has been created
But wait.... how will you get paid? What happens if the user's computer explodes before the payment goes through? How will you know to send them their contacts without first knowing the payment even succeeded?
This is where things start to get tricky. You need to be able to keep a record of orders for the sake of your users, but you also need to look out for your own interests too. Your business is doomed to fail if you're sending out expensive products to people without the proper assurance that you're getting paid.
This is where you'll need to set up a Merchant Account with a service like PayPal or Google Checkout. As much as I despise PayPal, their Instant Payment Notification (IPN) System has been very reliable for me. What this does is automatically send a POST request to your server with all of the information you need to finalize the checkout process and alert your user that their payment has either succeeded or failed.
So with this in mind, how does this affect our step-by-step process?
A user visits your shop, and decides that they like what they see and wants to make an order
The user fills out a form defining their exact eye requirements, quantity, as well as their contact information
Upon completing this form, a new order has been created with a status of pending
The user is then sent to PayPal/Google Checkout to enter their Credit Card information to complete their purchase
PayPal/Google processes the payment
PayPal/Google sends your server the results of the processed payment
The corresponding order is updated with a status of Payment Received or Payment Failed for your own records
You send out the product to a very satisfied customer
So what will this mean from a Wordpress standpoint?
My first suggestion:
Check if a Plugin already exists that can handle this for you!!!
Seriously, this will make your life much easier. Handling people's money as well as your own stock is a nightmare all in itself, you don't want to be responsible for handling the code that drives it, or the possibility of security holes that you might not know about (that other plugins may have already addressed). WooCommerce is a popular one. See if that can handle what you need.
If a Plugin can't do it for you, then you'll need to:
Register a Custom Post Type for Orders
Create a new Order Post using wp_insert_post when a user submits the form with their POST data
Save the relevant POST data you need as metadata using update_post_meta
Send PayPal/Google/Whatever some Custom Information it needs to hang on to - in this case, the newly created Order Post ID - so that it can send it back to your own server
Set up a side-script to process the data sent by PayPal/Google Checkout/Whatever and send an email to the user detailing the status of their purchase and update the corresponding Order Post ID that was sent back by PayPal/Google Checkout/Whatever
(Optional) Set up a CRON Job to periodically scan all Pending orders in case a user's session was interrupted, or they bailed at the last second during checkout and send them an email notifying them about this and provide them a link to your website to reopen, reevaluate, and resend the order, or cancel and clear it from your database
Quite honestly, this would take even a seasoned Developer at least a few weeks worth of work just to get it in working condition. Presentation is a whole different animal.
Hopefully this will give you a step in the right direction. I doubt anybody here will give you the code to do what you need, because there's just too much to post. Entire libraries are built just for these kinds of things.
Good luck!
How do you pass a variable to PayPal which isn't a set amount. e.g send the 'GrandTotal' from the basket rather than just entering an amount such as 50.00 in asp.net.
Paypal offers a way to transfer data from third party carts:
https://www.paypal.com/cgi-bin/webscr?cmd=_pdn_howto_checkout_outside
Essentially your server will have to generate input fields with value and post to Paypal and Paypal will read the data and recreate the cart on their end.
If you want to stick with Payments Standard I would go with the Cart Upload Command method.
If you're comfortable with web service API's I'd recommend using Express Checkout. It gives you more direct access to the system and allows you to customize things however you need.
Either way you can accomplish your goal.
I am creating a Recurring payment profile using Direct payment(credit card details entered during registration are not stored in database). I want to update/change the bill amount for every bill cycle(because billing is done per user per month).
I am using UpdateRecurringPaymentsProfileDetails API method to change the amount, but the method needs credit card details again(for each time it is called). I am getting the credit card details using GetRecurringPaymentsProfileDetails, but this method just returns the last 4 digits of credit card(and does not return CVV2, but this is not major issue here).
Is there any other option to get the full credit card details(at least credit card number) using Paypal APIs or should I have to store credit card numbers in my database? Any help would be highly appreciated.
It's unlikely that you'll be able to get the full credit card number from PayPal; that's why people use PayPal.
Storing credit card information in your database is a huge liability, and should be avoided if at all possible. Once you start storing that information, your company is responsible for keeping that information secure (and that includes developers). Use another third party component if you must, but don't take on such an enormous liability.
I don't know what company you work for, but that's not a decision that a developer should be making on their own. Entire companies have been shut down for mishandling credit card information. The law around that stuff is extremely murky, and even the smallest mistake can result in massive fines.