CF IPN Resource for purchases and subs
Posted 15 January 2003 - 01:43 PM
I found the following resource
and wanted to post this to maybe help others in a similar situation.
Posted 21 February 2003 - 07:48 AM
I use Jasons script now how ever I have heavly modified it to fit my needs. the reason is because paypal's password doesnt get un-hashed when its inserted in to the database. What this means is the paypal password that is supplied by paypal is usless to me because the clients who subscrib their password will not work.
I've worked with Jason and gave him the changes I dont know if he updated his code. But he code is a good starting point.
Posted 21 February 2003 - 07:45 PM
I'm using Jason's script too - now that I see it, I'm glad I didn't try it on my own. It was a good investment so far.
But now I'm testing it, and I'm running into that hashed password issue that you mentioned. Paypal issue a password like "red-car" but it gets written to my database like "Ee^3dff5#zQ1" I'm even able to authenticate new users, but they have to log in with this jumbled "Ee^3dff5#zQ1" password, not "red-car".
Now I don't know what to do. Any suggestions? Thanks.
Posted 23 February 2003 - 12:34 PM
I have been over this password issue several times and I always suggest that users will have to create some sort of system to generate passwords on there own. The reason is that the passwords that are passed by paypal have been encrypted using a unix hash and there is no way to undo them. The only know use (that I know of) is to insert these encrypted passwords directly in to a .htpassword file and allow a webserver that runs on unix\linux to use them in this fashion and sense most of us who use ColdFusion use windows servers running IIS this feature is not useful. Now I have heard that there are ways to get .htpassword functionality on a windows IIS server but this would be up to the person running the server if what I have heard is correct and it is even possible.
So what this all means is that the passwords from paypal are useless. I have emailed a person I know at paypal and asked about getting it changed to have an option to send it either way encrypted/unencrypted and he said it was the way it is going to stay for now.
I do remember a person who sent me some info on a password generator but I cannot seem to find the code. When I developed the paypal ipn tag for cf I decided on a stopping point with the code. The reason was that the next step from where I stopped was in to thousands of options for custom code and not everyone could possibly use all the options.
What I would like to do and I will have it setup in a few days is have and area where users can download the custom code snippets that users are sending me. I will send out and email to all when it is ready.
Now for the password one. For the life of me I cannot find the email or the code you sent me if you could please send it to me again so I can include it that would be great.
Posted 24 February 2003 - 12:51 PM
It's possible but not trivial to use the hashed passwords in a non-Unix environment. ASP users would need a module such as ASPCrypt from serverobjects.com
Dev Net: https://www.paypal.com/pdn
Posted 28 February 2003 - 03:17 PM
I have been writing CF applications for over 5 years and has extensive knowledge of the PayPal system. I have developed several custom shopping carts for PayPal, and others, and would be happy to assist in the development in any application you may need.
Please contact me to get started.
Posted 28 February 2003 - 03:34 PM
One thing I should add about using paypal for your transactions. It is possible for a user to over-ride the price you set and get paypal to charge a lower price, and then process as normal. This means that automated IPN scripts that are not tied into the shopping cart, or "front-end", can't check the post-transaction price against the original.
This should not cause a problem for most people, but could really cause some undue stress to others. A worthy note that you can read more about here http://commons.somew...tons.-.Set.html and many other places.
Hope this helps.
Posted 28 February 2003 - 07:21 PM
Posted 01 March 2003 - 05:06 PM
Snippet from original post:
"This means that automated IPN scripts that are not tied into the shopping cart, or "front-end", can't check the post-transaction price against the original."
So, if someone were to just have a link on a website, then used a prefab IPN module (cold fusion or otherwise) to grant access, there would be no way for the script to check.
Regardless, I have setup a Cold Fusion forum for PayPal developers. It is exactly like this one, but is all Cold Fusion. The link is http://www.dcs1000.c...hpBB2/index.php
I am happy to answer all questions I can on this forum, so please dont hesitate to post.
Hope this helps.
Posted 02 March 2003 - 08:45 AM
Posted 16 May 2003 - 01:34 PM
this link doesnt work http://jshop.homeip...._paypal_ipn.cfm
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users