Jan 2011
1 / 4
Jan 2011
Jan 2011
admin-GF
Jan '11

I have an existing script I use to generate e-mails, codes, etc.

I have Paypal IPN set to notify me of transactions and it posts the data to my script for every transaction.

The script performs whatever I need it to do depending on the data received from Paypal.



So If I use e-junkie, Paypal IPN won't post data to my script?

If I understand correctly, e-junkie sends a "notify URL" to Paypal with the transaction, and that URL is to e-junkies servers. So, Paypals IPN is sent to e-junkie. E-junkie then forwards this same (or similar) type of IPN to the URL I define in my account?

  • created

    Jan '11

  • last reply

    Jan '11
  • 3

    replies

  • 1.7k

    views

  • 2

    users

  • 4

    links

admin-GF
Jan '11

After reading some other topics and faq, it appears I will need to modify the IPN handler script so it would accept data from e-junkie instead of Paypal.



My current IPN handler verifies the data is coming from Paypal's servers without entering a user name/password in the script. In the e-junkie example, they show a handshake variable that includes a MD5 encypted user name & password verification. Is this a potential security risk having my e-junkie user name & password in the clear posted in the IPN handler script? The sample is shown in PHP, is there a Perl example?



Also, what is the best method to test my scripts? Can I use test coupons/discounts to offer 100% off an order so I can do internal tests? Can I assume that if everything works properly with a free e-junkie checkout, it will work live with Paypal?



Thank you for any help on this.

E-junkie_GuruWebmaster & Support Guru
Jan '11

This help page provides some tips for testing various aspects of your setup:

8http://www.e-junkie.com/ej/help.test.htm8



If your scripts test fine with Free Checkout, they should work just as well with live sales going through PayPal, so any problems in that case would be with your PayPal integration (rather than your scripts):

3http://www.e-junkie.com/ej/trouble.paypal.order-not-processed.htm3



The sample PHP we provided for the handshake is just a sample to convey how the hash is derived; it's presumed that you or a developer you'd hire would be skilled enough at programming to devise the best way to actually implement it, and in whatever programming language is required.



If you're not comfortable having login credentials in the script itself, you could just hard-code the final hash result into your script, but then you'd need to regenerate and replace that hash every time you'd change your E-junkie login email or password, vs. just updating those credentials in the script.



In any case, when properly set up on your server, it should not be possible for anyone to read the raw script itself unless they were logged into your hosting server as you, or as the server's root sysadmin, so if someone hacked into either of those accounts you'd have far bigger troubles at hand.



Instead of the handshake, you could just use .htaccess to restrict access to the subdirectory your script is running in, so only inbound connections from our domain would be accepted:

1http://www.e-junkie.com/bb/topic/4635#post154271



If you'd like some assistance with this, we can recommend the competent, E-junkie-experienced developers listed in our directory here:

1http://www.e-junkie.com/ej/developer-directory.htm1

admin-GF
Jan '11

Thank you so much for your help. Some slight modifications to my existing script and it appears to be working. Just need to make minor adjustments.



Is there anyway i can get a report of the full IPN variables that are sent to my script?



I tried free checkout method to test, and here is the list of variables that appear to be sent to me (I removed the real data) I don't see a separate variable for SKU ? is there one? its tagged to the product item number.



Instant Payment Notification Data

==========================



residence_country:

payer_business_name: My Store Inc.

first_name: John

last_name: Smith

payer_email: myemail@hotsmail.com

payer_phone: 555-1212

payer_street:

payer_city:

payer_state:

payer_zip:

payer_country_code:

address_name:

address_business_name:

address_phone:

address_street:

address_city:

address_state:

address_zip:

address_country_code: US

address_country: US

payment_date: 21:34:21 Jan 24, 2011 MST

custom:

mc_currency: USD

business: orders@myemail.com

mc_gross: 0

mc_shipping: 0

tax: 0

txn_type: ejgift

payment_type: Instant

invoice: 39xoddoldxbpls37sxpmy9r24gsso4co08os8wk

buyer_ip: 6x.xx.xx.xx

card_last_four:

card_type:

mailing_list_status: false

charset: utf-8

item_name1: Sample Product Name

item_number1: 55678-45||SKU1

mc_gross_1: 0

quantity1: 1

num_cart_items: 1

txn_id: jg-lfk3vleb9019f4a

payment_status: Completed

pending_reason:

item_name: Sample Product Name

item_number: 55678-45||SKU1

quantity: 1

option_name1:

option_selection1:

option_name2:

option_selection2:

option_name3:

option_selection3:

mc_handling: 0