I don't know what the Rails community would be without you, Ryan. Ughf, what a scary thought..
Awesome mate... can't wait for the Merchant stuff and hopefully how to manage recurring payments?? please! maybe even automatic invoicing? awww gone to far!
It looks difficult,
anyway thanks,
and waiting for Merchant railscast!
I agree with guys above. I wouldn't have started programming in rails if it wasn't for your video casts and your help in forums.
This is really great Ryan. I am also waiting for Merchant railscasts as well.
Thanks you very much!
Thanks Ryan great cast! As someone mentioned above I would really love to see an episode coming up that handles recurring payments/subscriptions with active merchant.
Have heard Trust Commerce has a good service for this? Not sure though.
Many thanks,
Brian
www.UniversityTutor.com
Thanks for this very helpful Railscast.
Anyone availing of a paypal subscription instead of a cart should make sure to have a hidden form 'cmd' field with value of '_s-xclick', and an encrypted 'cmd' field with value '_xclick-subscriptions'.
Othewise you'll face the dreaded "We cannot process this transaction because there is a problem with the PayPal email address supplied by the seller."
See this thread for help: http://www.pdncommunity.com/pdn/board/message?board.id=ewp&thread.id=1033
Steve Q
Ryan,
Thanks for the great series! It has really helped me to understand Paypal processing much better.
Following your screen cast this morning, I run into a Paypal error that reads "There was a problem with the decryption of your secure order. Please contact your merchant."
The form looks right and I followed your command line entries to the letter. Is there an OpenSSL dependency that's not included in Rails or a certain version requirement? Also, do you know of a way to further debug errors in Paypal?
Thanks again for your great screencasts!
Bryce
Dear Ryan, thanks a lot for your work it is really amazing.
I am still trying to digest all the information on this number.
The first question I have, maybe it is a very stupid question, is how I should management all this secret information on a project that suppose to be open-source?
The repository will be very uncompleted with all these file-keys, secrets, and private information.
The deployment will be not as simple as an a normal project.
Maybe it will be just as the database.yml .. I don't know maybe I just thinking on loud.
Thanks again for your job :)
f.
Wow, spammers are starting to get good, they can post comments that are almost related to the website's topic.
@Edgar
thanks to Ryan, soon they will know Rails better then we are
<B-)
If the PaymentNotification.create method shall be secure you rely on a ssl/https-connection, right? Or is there another secure way where I don't have the https-overhead for my webserver? Or did I missed something?
Ryan, thanks for this one. This is very useful, not only for Rails developers, because the Paypal transaction processes are walked through in detail!
Totally awesome. Railscasts is becoming a seriously awesome resource. I Hope they keep on going!
has anyone else had problems with the Paypal Sandbox IPN? It never seems to work (reliably) for me. It seems like I get a ping from it about 20% of the time.
@Logansbro,
I haven't used Paypal, but I did create an app using Authorize.net a little bit ago to do reoccurring billing and I wouldn't be too surprised to find out the sandbox wasn't perfectly reliable since it is just for testing. Obviously when you are dealing with money you have to be careful, and that made me really nervous. I turned my app live and tested it over a period of time with my own credit cards (and reduced amounts) to make absolutely sure. It worked perfectly and the way I expected. The only thing I hate is the fact these places all seem to nickel and dime you to death, rather than telling you what the fees (all of them I mean) will really be up front. They aren't all that large, but every time I turned around there seemed to be another one.
Is it okay that paypal send back data using plain text? Shouldn't the return URL be https://mysite.com/payment_notification ?
Great screencast! Many thanks. I'm still at loss regarding the SSL/HTTPS IPN callback from Paypal. Can't figure out how to get it right. After all /payment_notification is plain unencrypted HTTP.. Help? Anybody? THx!
Nice!
But i have a big question, when paypal returns to the return_url (return to the store) comes with a big url with a lot of variables, how could i make that invisible???
i fix the issue with the return_url, to put the method on the side of paypal, just in the return_url add the field rm with value 2 and this will convert the form of return to the store xxxxx to method POST. if you put value 1 will be GET.
Hey - quick question about the SSL cert
I noticed that in this tutorial, the SSL cert is only valid for 365 days.
What happens after the 365? Does PayPal send a reminder or do transactions fail silently?
What's the longest period a certificate can be valid for?
Thanks
Awesome. I tried to figure this out several months back and hit a brick wall. Thanks!
Ryan, regarding app_config - plz have a look at http://github.com/eugenebolshakov/app_config/tree/master - very useful plugin :)
Ryan, as always, an extremely helpful railscast. A couple of small points.
The paypal public key is different for the sandbox than it is for the production site. So you need to download them separately and name them differently (if you are going to store both in the same folder). I then needed to add another entry to the app_config.yml file called paypal_cert_name and use it when loading the pem files.
Speaking of app_config. I found it helpful to add an "all" section at the top of the file, and modify the load_app_config.rb file to merge the "all" with the environment specific settings. (i.e APP_CONFIG = YAML.load(raw_config)["all"].symbolize_keys.merge(YAML.load(raw_config)[RAILS_ENV].symbolize_keys))
This allows me to have some settings which span all environments, and can be overwritten in any of them if needed.
Once again, thank you for your great contribution to improving life for rails developers.
Hello Ryan,
First, thanks for all the webcasts.
I am trying to implement paypal and I followed your previous webscast and it is working well.
Note that I did not do a link to paypal in the form but I integrated a
redirect_to(@order.paypal(r_url,not_url))
in my controller.
I was wondering if I needed to encrypt as the url was built in my controller?
Thanks
I think Second Life should be considered Commercial/RW, at least you must pay something even to upload a file in SL.. While in Youtube it is free….
DES3 algorithm is not supported under jruby_openssl (v. 0.6) so I cannot use PayPal transactions...
Do you know if I can use a different cipher algorithm under jruby ?
Before considering PayPal, consider this:
http://blog.apparentsoft.com/business/124/is-paypal-good-for-your-microisv-business-a-short-paypal-horror-story/
I've just been having a play with PayPal and your RailsCasts are as usual extremely good and a massive help. Thankyou.
I would like to ask if it is feasable to use ActiveResource to communicate with sites like this? The new api's in PayPal X certainly seem quite happy to return nicely formatted XML.
If it is then it would be great to see a Railscast on this particularly as all the documentation deals with communicating with other Rails sites.
Hello,
First, thanks for posting this video it has helped me much.
However, I am stuck at the point where I can´t seem to get the APP_CONFIG[:paypal_secret] to get returned to the application and can´t figure out why.
I downloaded the source code and tested the app... but the problem remains.. I cant validate the transaction with the secret.
Hope you can help me.
Thanks.
Do you have any recommendations for how to mock the OpenSSL methods so that paypal_encrypted can be tested? They produce different output with repeated invocations with identical input.
On a whim I tried mocking Kernel.rand, Kernal#rand, and Time.now, but that didn't help. I suppose I could dive head first into the OpenSSL code but wanted to first check if you had any pointers on how todo this.
Thanks for the fantastic and helpful episode, as usual.
John
Dear Ryan,
many thanks for this very, very helpful episode(s).
There is only one problem left, I am struggling with:
While working in the sandbox, I seem to have the same problem as "ariel" in post 19 and 20.
When I hit the "return to the shop" button, I get the whole data from paypal in the browsers comman_line.
I have tried to set the variable rm yet to "1" (then it should be a get instead of a post request according to the paypal api). But I still see all the data in the browser being submitted.
Either, this is a Sandbox problem, or I am passing the variable rm in the wrong "place":
Should I pass this variable in the cart.rb (paypal_encrypted method) along with all the other parameters to paypal?
Or must this value ne passed as a parameter directly with the return_url in the checkout_form (similar to thme secret parameter)?
Or is there another mistake?
And: Should the values of the variable rm be passed as an integer or a "string"?
By the way: the return parameter is set, so this cannot be the problem...
Many thanks!
I have a security question which isn't rails specific but very relevant to this episode..
Why do I have to encrypt the data if I send it to a paypal secure https ? isn't the https take care of encrypting the data before sending the form?
Ryan I couldn't get to where I am today without your excellent work!
Thanks!
Thanks for the info. I was directed here from Yahoo Answers
Smart Credit Choices is an online resource where you get the best credit card offers and can apply for the best credit card applications.
If anybody else has the "There was a problem with the decryption of your secure order" issue on PayPal, this fixed it for me:
https://www.x.com/message/161715#161715
From that post:
******************************
The 'cmd' parameter must be "_s-xclick" in the non-encrypted form, but it must also be included in the encrypted blob, as "_xclick" (or, presumably, any of the other values except "_s-xclick".)
Paypal appears to decrypt the form when it's told to handle the s-xclick, and then forwards the unencrypted details to a separate controller, which needs to know the cmd as well.
Thank you share
http://www.louisvuittonbagmall.com/Damier-Canvas-category-12-b0.html Damier Canvas
Constantly seeking new cooperative partners, we invite companies interested in our products to contact us with their detailed correspondences. Looking forward to having the opportunity of working together with you, we hope to receive your inquiry soon.
Offering products with high quality, stylish designs and reasonable prices, we are now supplying a range of companies from Europe, Australia, United States, Russia and the Middle East countries. Having built up a wide-ranging product development capability, we can also custom design and produce new series according to buyers' ideas and drawings.
As a branch factory of China Peteresa Group, Peteresa Fitness Equipment Co.,LTD was established in the year 2008, which is dedicated to design and manufacturer high quality home fitness equipments and machines. Our factory mainly supply:
Abdominal exercise equipments such as AB Rocket, AB circle, AB coaster, AB lounge, AB flyer, Total core, Balance power;
Our best selling electric kettle! Boil water more quickly than a microwave for tea, coffee, hot chocolate or instant soup. An electric kettle is the best way to boil water for home and office use. It makes hot beverages like tea fast and easy to prepare.
Our Roller Blinds Fabrics collection ranged from Plain fabrics, Black out fabrics, Jacquard fabrics , Print fabrics, Embroidery Fabrics. Sunscreen Fabrics, PVC fabrics,Sunshade fabrics etc.
Foil numbers is an ideal products to decorate your parties and events, 0-9 numbers is avaliable.
specializing in production of plastic injection molding machine.Such as vertical injection molding machine, plastic forming machine, horizontal injection press,rotary table injection molding machine,etc.
Thanks for the great series! It has really helped me to understand Paypal processing much better. I have a security question which isn't rails specific but very relevant to this episode.
Really helpful for me.I have learned a lot about asp.net from this.
Generally I do not post on blogs, but I would like to say that this post really forced me to do so, Excellent post!
Thanks for sharing your article. I really enjoyed it. I put a link to my site to here so other people can read it. My readers have about the same interets
Discount Wholesale Electronics, Wholesale Cell Phones, Electronic Gadgets and More from the Best Dropship Wholesaler
This is really great Ryan. I am also waiting for Merchant railscasts as well.
Thanks for sharing your article. I really enjoyed it. I put a link to my site to here so other people can read it. My readers have about the same interets
on iTunes
