This version will work with 1.4.8 through 1.4.9.4. 1.4.9.5-1.4.9.6 already have this fix.
The current version is NEWER than the one in v1.4.9.4
DO NOT USE if using an OpenCart version newer than v1.4.9.4 as it likely has this change and additional changes
Read the Paypal Configuration Documentation for info on how to setup your Paypal Account the preferred way.
New features:
- Itemized product list with options support
- Support for Discounts, Taxes, Shipping. Even coupons with itemized mode works correctly now
- PDT Support for browser-side validation (backup protection if IPN isn't working)
- Some new methods for IPN verification
- Multiple status support for different paypal states with automatic update for changes via ipn. (echeck, refund, dispute, etc)
- Many additional validation steps to cut down on scammers (price match, email match, referrer, etc)
- IPN and PDT work together for additional security and reliability
- Supported currency check (Paypal supports 18 currencies). If using a non-supported currency, it converts to USD.
Other Features:
There are numerous debug points in the code. Considering how many people have problems with paypal, not only in opencart, but everywhere, I figured it would be best to log as much as possible when the debug mode is enabled. You can see debug messages in the OpenCart System log.
There are validation checks in place for security reasons. Some crafty people know how to fake the ipn callback with the old version, allowing them to change the price for a $50 piece of software and change it to 0.10 and trick the system. Now I have added additional checks
- Reciever email matches the opencart paypal email.
- Additional ones can be added easily to the validate function to do postcode checks, etc.
The script will also send out alert emails if any of the following occur:
- Validation failure (price mismatch, wrong email, etc)
- Unsolicited Status changes (from disputes, refunds, etc)
- Any order that doesn't end up in the 'Completed' state after IPN has been received
The comments will also log the status of the order after IPN has been received.
PDT and IPN are both fully supported in this version. IPN is triggered in the background, PDT is triggered when you click "Return to merchant" on the paypal site. Both callbacks will do validation checks and update the order in case the other one doesn't. They are designed to back eachother up so that orders are more reliably stored and validated.
TIPS & NOTES
- IF YOU ARE NOT SEEING IPN MESSAGES IN THE SYSTEM LOG WHEN DEBUG MODE IS ENABLED, THEN YOUR SITE IS NOT RECEIVING THEM. CHECK YOUR SERVER LOGS AND THE PAYPAL IPN HISTORY TO GET MORE INFORMATION.
- IF YOU ARE TESTING ON A LOCALHOST, YOU WILL NOT SEE IPN MESSAGES BECAUSE THEY CAN'T BE SENT TO A LOCALHOST. HOWEVER, PDT WILL STILL WORK WHEN YOU CLICK "RETURN TO MERCHANT"
- ENABLE PDT IN YOUR PAYPAL ACCOUNT. IT IS NOT REQUIRED, BUT RECOMMENDED. Google "Paypal PDT" for more help
- YOU CAN USE AUTO-RETURN IN YOUR PAYPAL ACCOUNT AND IT IS RECOMMENDED
- FOR THE PAYPAL IPN URL IN YOUR PAYPAL ACCOUNT, USE ANY URL. EVEN GOOGLE.COM. IT WILL BE OVERRIDDEN BY THE SCRIPT.
- THIS VERSION ONLY USES CURL BECAUSE FSOCK IS BEING SUPPORTED LESS OFTEN. YOU MUST HAVE CURL ON YOUR SERVER. 99% OF HOSTS USE CURL. IF YOUR HOST DOESN'T HAVE CURL INSTALLED, FIND A NEW HOST.
Known Issues
- The same old problem of certain IPN responses being INVALID due to strange characters in the address or name field still plagues me. I find many people on the paypal developer forums with the same issue, but they all seem to have a different idea to make it work, but none of them are 100%. So if you have a name on your paypal address with an apostrophe or some other non-normal character, You will likely see IPN INVALID in the system log. However, the order will be changed to "Pending" state for manual verification. So no orders will be lost
