Thanks Ryan,
Just what the doctor ordered for a fresh Monday morning! I think i mind control you over the week for the stuff i'll need at the end of it.
Cheers,
Aditya
Hi Ryan,
Thanks for the screencast.
You kept my trust on you by giving long screencast.
Now again I am waiting eagerly for next monday.
i recommend active_merchant for those kind of payment processing, makes life easier / more robust / secure
www.activemerchant.org
A little Active Support for your key-value mapping: "Object#to_query".
I build a websize like yours.
http://rubycnrails.cn
It just for Chinese.
I have many problems want to ask you?
Could you mail me?
BEWARE OF PAYPAL!
PLEASE read your amended Paypal User Agreement! Paypal (owned by ebay) can now withhold users funds for 21-180 days at Paypal's "sole discretion"!!! Users are being caught in this trap at alarming rates! We can all thank ex-ebay CEO, Whitman and current CEO, Donahoe, for their "Disruptive Innovation" SCHEME against users for many such detrimental changes.
To read what the users are REALLY experiencing, search the internet for
"Ebay Stockholders and Sellers Calling For Immediate Termination of John Donohoe CEO Petition" (at petitiononline).
To learn about their own employees experiences with such POOR management, go to glassdoor and type in ebay.
@grosser, an episode or two an ActiveMerchant is planned later on in this series.
@Stephen, thanks! I never knew about to_query. It looks like calling that on the hash will do just what we need (along with proper escaping). I'll update the code.
From this screencast it looks almost too easy to interface with PayPal. Actually, I think it does look too easy, as you're sending all the data in plain sight and unprotected.
You really should not send your customers purchase detail unencrypted over the wire. So, better use HTTPS.
The other way round, you don't want customers to be able to tamper with amounts without your app or PayPal noticing it. Therefore, don't forget to add hashes for integrity checking.
Then, when it comes to being notified by PayPal that the payment has been processed, you need to make sure that the notification has indeed been sent by PayPal and not been faked by someone else.
Also, anyone who tries to implement something like this ought to keep in mind all the possible failure conditions and how they affect the workflow.
I don't know the PayPal API, but I'm pretty sure that they support everything that's needed to make payment secure. It is not rocket science to write an equally secure client, however, it is rather more time consuming than pasting together a URL.
In general, if at all possible, I strongly recommend to use a solution (plugin, gem) that does the job and already has some traction in the community.
hi there!
Ryan!!! Couldn't you have done these series one month ago!? eheh... sorry, but I spend more than one week struggling with paypal to do a subscription system, at the beginning I thought using active merchant but they don’t have good documentation, so I started creating a gem to deal with paypal standard payments and IPN for subscriptions.
Funny thing when we get it working we changed our minds and we end up to use active merchant and checkout express, even so we had to extend AM because it doesn’t deal with subscriptions for default. Using that second API we don't have to rely on the IPN system and we have more controller over the user data and transactions, it applies better to our web site goal.
In any case if anyone want a simple solution you can use my code or gem created for subscription but easy adaptable to normal payments(you only have to delete code) answering Michael Schueri I use https and all the paypal security procedures to validate de IPN origin. So my code is rely simple, customizable and it has 10 times more lines of test code than the real one.. so I think it's well tested and secure to use! For a matter of fact I love railscasts and believe this is going a be a quality series that's why I'm frustrated, one month ago could have saved me lots of work. ;)
Thanks for this screencast, I'm all geared up now on my web site for next Christmas :)
To the PayPal basher above, you don't really know much about the internet do you?
When you submit a form, anyone submitting the form can change any of the values...its up to you as the merchant to make sure the order amount is correct before shipping it once you receive the payment in PayPal.
Clearly, only a fool would go ahead and ship $500 worth of stuff of which they only received $1.
@Ryan, sorry to even engage that guy...
Ryan,
Off topic, is there a way to download / clone just the episode-141 "tree" using git?
Learning git is almost as complex as Ruby / Rails :)
Otherwise a "git clone git://github.com/ryanb/railscasts-episodes.git" will clone all of the episodes.
Mike
Hi,
can you please give a quick tip on how to add make a current navigation menu link standout from the others. e.g. if i want to make the background color change by appling a class on the current link, how to do it. Is there a way to achieve this without overly complecating stuff, as i just have couple of static links.
This episode is useless as the data is sent over to Paypal using the unencrypted method.
@Edgar G (18), It doesn't matters, there's not sensitive information
@Memiux: yes it matters. If people start playing with the amount of money passed to Paypal, it will become a huge pain for the admin to track manually who has paid the correct amount and who didn't.
The potential cheaters can claim that they didn't do it on purpose.
Either use encrypted method or don't process online payment.
Great screencast, Ryan. :)
@Edgar G. You must have missed the part about this being an introduction to payment processing with PayPal. As an introduction, it does a good job of illustrating how the system works. I'm sure Ryan will address some of the security issues later on in the series.
This tutorial covers the basics. It is not meant to be a full, complete solution as mentioned in the beginning. I'm sure Ryan will add more in using Encrypted Payments and verifying things like Paypal IPN.
For those concerned about security and payment notification, I plan to address this in future episodes in this series. Stay tuned!
<a href="http://www.goodugg.co.uk/">nike shoes</a>,<a href="http://www.goodugg.co.uk/">men's nike shoes</a>,<a href="http://www.goodugg.co.uk/">women's nike shoes</a>,
<a href="http://www.goodugg.co.uk/">nike football shoes</a>,<a href="http://www.goodugg.co.uk/">nike shox shoes</a>, <a href="http://www.goodugg.co.uk/">men's nike shox</a>, <a href="http://www.goodugg.co.uk/">women's nike shox,</a> <a href="http://www.goodugg.co.uk/">nike airmax shoes</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 180</a>, <a href="http://www.goodugg.co.uk/">nike airmax 2003</a>, <a href="http://www.goodugg.co.uk/">nike airmax 2009</a>, <a href="http://www.goodugg.co.uk/">nike airmax 360</a>, <a href="http://www.goodugg.co.uk/">nike airmax 87</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 88</a>, <a href="http://www.goodugg.co.uk/">nike airmax 89</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 90</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 91</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 90</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 95</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 97</a>,<a href="http://www.goodugg.co.uk/"> nike airmax tn</a>, <a href="http://www.goodugg.co.uk/">nike air stab shoes</a>, <a href="http://www.goodugg.co.uk/">nike air yeezy shoes</a>, <a href="http://www.goodugg.co.uk/">nike airmax ltd</a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 1 ">Air Jordan 1 </a> , <a href="http://www.goodugg.co.uk/" title="Air Jordan 10 ">Air Jordan 10 </a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 11 ">Air Jordan 11 </a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 11.5">Air Jordan 11.5</a>, <a
<a href="http://www.goodugg.co.uk/">nike shoes</a>,<a href="http://www.goodugg.co.uk/">men's nike shoes</a>,<a href="http://www.goodugg.co.uk/">women's nike shoes</a>,
<a href="http://www.goodugg.co.uk/">nike football shoes</a>,<a href="http://www.goodugg.co.uk/">nike shox shoes</a>, <a href="http://www.goodugg.co.uk/">men's nike shox</a>, <a href="http://www.goodugg.co.uk/">women's nike shox,</a> <a href="http://www.goodugg.co.uk/">nike airmax shoes</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 180</a>, <a href="http://www.goodugg.co.uk/">nike airmax 2003</a>, <a href="http://www.goodugg.co.uk/">nike airmax 2009</a>, <a href="http://www.goodugg.co.uk/">nike airmax 360</a>, <a href="http://www.goodugg.co.uk/">nike airmax 87</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 88</a>, <a href="http://www.goodugg.co.uk/">nike airmax 89</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 90</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 91</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 90</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 95</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 97</a>,<a href="http://www.goodugg.co.uk/"> nike airmax tn</a>, <a href="http://www.goodugg.co.uk/">nike air stab shoes</a>, <a href="http://www.goodugg.co.uk/">nike air yeezy shoes</a>, <a href="http://www.goodugg.co.uk/">nike airmax ltd</a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 1 ">Air Jordan 1 </a> , <a href="http://www.goodugg.co.uk/" title="Air Jordan 10 ">Air Jordan 10 </a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 11 ">Air Jordan 11 </a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 11.5">Air Jordan 11.5</a>, <a
<a href="http://www.goodugg.co.uk/">nike shoes</a>,<a href="http://www.goodugg.co.uk/">men's nike shoes</a>,<a href="http://www.goodugg.co.uk/">women's nike shoes</a>,
<a href="http://www.goodugg.co.uk/">nike football shoes</a>,<a href="http://www.goodugg.co.uk/">nike shox shoes</a>, <a href="http://www.goodugg.co.uk/">men's nike shox</a>, <a href="http://www.goodugg.co.uk/">women's nike shox,</a> <a href="http://www.goodugg.co.uk/">nike airmax shoes</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 180</a>, <a href="http://www.goodugg.co.uk/">nike airmax 2003</a>, <a href="http://www.goodugg.co.uk/">nike airmax 2009</a>, <a href="http://www.goodugg.co.uk/">nike airmax 360</a>, <a href="http://www.goodugg.co.uk/">nike airmax 87</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 88</a>, <a href="http://www.goodugg.co.uk/">nike airmax 89</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 90</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 91</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 90</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 95</a>,<a href="http://www.goodugg.co.uk/"> nike airmax 97</a>,<a href="http://www.goodugg.co.uk/"> nike airmax tn</a>, <a href="http://www.goodugg.co.uk/">nike air stab shoes</a>, <a href="http://www.goodugg.co.uk/">nike air yeezy shoes</a>, <a href="http://www.goodugg.co.uk/">nike airmax ltd</a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 1 ">Air Jordan 1 </a> , <a href="http://www.goodugg.co.uk/" title="Air Jordan 10 ">Air Jordan 10 </a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 11 ">Air Jordan 11 </a>, <a href="http://www.goodugg.co.uk/" title="Air Jordan 11.5">Air Jordan 11.5</a>, <a
on iTunes
