Web DevCenter    
 Published on Web DevCenter (http://www.oreillynet.com/javascript/)
 See this if you're having trouble printing code examples


O'Reilly Book Excerpts: PayPal Hacks

Hacking PayPal, Part 2

by Shannon Sofield, Dave Nielsen, Dave Burchell

Last week, in Part 1 of this two-part excerpt from PayPal Hacks, the authors offered three hacks to ensure PayPal's convenience and effectiveness. This week they present two more hacks to help make you and your customers happy. The first hack highlights using IPN to effortlessly deliver digital goods to your customers, and the second shows how to set up phony Sandbox accounts to test your code.

Hack #71

Deliver Digital Goods with IPN


Use IPN to have your server automatically send digital goods to customers as soon as they purchase them from your web site.

The Internet revolution allows instant gratification when purchasing an item. Customers can purchase digital goods--eBooks, digital music, video files, software, and anything else that can be delivered over the Internet--from the comfort of home and use them almost instantly.

This hack shows you how to leverage PayPal's ease of use, security, and brand name to sell digital goods with large margins and low overhead. PayPal's IPN system [Hack #65] lets you deliver those goods without any interaction as a seller.

The Code

The code in this hack uses Microsoft VBScript, but the same process can be implemented with any web scripting language.

WARNING: Because this solution employs IPN to deliver a product without any action on your part, you should take steps to ensure that the payment is legitimate (for example, no price tampering has taken place) [Hack #73].

This script, when used in conjunction with the IPN script from [Hack #73], sends your customer an email with your digital product as an attachment:

'Declare and populate email address for delivery
Dim payer_email
Payer_email = Request.Form("payer_email")

'Create file variable and set path to file
Dim file_location
1.  file_location = "C:\InetPub\wwwroot\yoursite\filestore\file.zip"

'Send an email to customer and attach file
Dim objCDO
Set objCDO = Server.CreateObject("CDOSYS.NewMail")
2.  objCDO.From = "sales@paypalhacks.com"
'Add customer email address
objCDO.To = payer_email
'Add file attachement
objCDO.AttachFile(file_location)
3.  objCDO.Subject = "PayPal Hacks Software Exo"
4.  objCDO.Body = "Thank you for your order. Your file is attached to this email."
objCDO.Send( )
Set objCDO = Nothing

Place your digital product in a file (presumably zipped) on your server, and specify the full path and filename in the file_location variable (line 1). Include your email address as the return (line 2); in most cases it will be the same as the email address your PayPal account uses. Finally, you'll want to customize the subject and message body text (lines 3 and 4, respectively) to suit your needs.

WARNING: When delivering files by email, be sure to keep the file size relatively small (less than 500K). Otherwise, you run the risk of overfilling your customer's email in-box or having the message rejected by the customer's ISP.

See Also

This hack shows the most simplistic way to implement digital goods sales for your site. For an improved method, see [Hack #72].

PayPal Hacks

Related Reading

PayPal Hacks
100 Industrial-Strength Tips & Tools
By Shannon Sofield, Dave Nielsen, Dave Burchell

Hack #87

Set Up the Sandbox


Create phony accounts and use phony money to test your API code, all without spending a dime.

TIP: Go to http://paypalhacks.com for downloadable code and API updates.

PayPal Developer Central includes an environment called the PayPal Sandbox, in which you can test your PayPal Web Services applications, as well as IPN and PDT features (discussed in Chapter 7 of the book). The Sandbox looks and behaves like the PayPal web site, with one important exception: no real money is transacted. You can create and access multiple test accounts in the Sandbox, which means that you can create both a business and a buyer account without the hassle of setting up real email, credit card, and bank accounts.

Before PayPal created its Sandbox, you would have had to create two real PayPal accounts and use real money to test your code. There was no way to get around that, but you could send test payments in pennies--$0.01 for a widget or $0.02 for a gumball--and then refund the transactions immediately thereafter. As you can imagine, this process quickly became burdensome. Although some companies (such as Eliteweaver) offered good IPN-testing solutions, ultimately nothing was able to replace the comfort of knowing that your code worked against the real thing.

Creating a Sandbox Account

Creating a Sandbox PayPal account is similar to creating a live PayPal account. The web pages look and behave almost identically. Here's how to do it:

  1. Log in to Developer Central with your new developer account and click on the Sandbox tab.

  2. Click on the Create Account link, at which point a familiar page appears: the PayPal sign-up page.

    TIP: It might be a little jarring to see the PayPal account sign-up page, but if you look at the top left corner, you'll see a PayPal Sandbox logo, verifying that you did swallow the blue pill and are indeed working within a simulated PayPal environment.

  3. To create a business account, select the Business Account option. Select your country and click on the Continue button.

  4. On the next page, enter any existing address and phone number. This information never leaves the Sandbox, so the information you enter here makes little difference. Click on the Continue button when you're done.

  5. On the Enter Your Information page, type an email address and password. To make it easy on yourself, use a simple email address such as business@mysite.com and an easy-to-remember password such as qwertyui. You don't have to use a real email account, because the Sandbox emails never leave the Sandbox.

    TIP: Real currency isn't involved when using the Sandbox, so there isn't much of a security issue. You might choose to use the same password for every Sandbox account you create. Having to manage multiple passwords is pointless and can slow down your development team.

  6. You also need to provide answers to two security questions. Again, this information never leaves the Sandbox. Enter something obvious, such as your own last name, for Mother's Maiden Name and the town you work in for City of Birth. Finally, enter the Security Measure characters and click on the Sign-Up button.

  7. Next, you will be asked to confirm your email address. Before you do, repeat steps 1 through 6 to create a second Sandbox account, from which you can send test payments. To create a buyer account, select Personal Account (instead of Business Account) in Step 3. You'll be asked fewer questions this time.

    TIP: You might want to create both types of personal accounts (Standard and Premier) to mimic the different types of PayPal users who will be buying things from your site. To create a Premier account, answer Yes when asked "Would you like this to be a Premier Account?"

Figure 8-2
Figure 8-2. Buyer and Seller accounts in the Sandbox

Confirming Your Sandbox Email Addresses

Just as you would on the live PayPal site, you must confirm your newly created PayPal Sandbox accounts before you use them. Normally, PayPal sends a real email message to a newly added email address for confirmation, but email sent on behalf of pseudo accounts would be confusing, to the say the least. So, for security and other reasons, PayPal's Developer Central web site includes a self-contained pseudo email messaging system to catch and display emails the PayPal Sandbox generates.

To view these emails, log in to the Developer Central web site and click on the Email tab. A list of emails from PayPal to your various accounts will be displayed here. Click on the subject link of any email to open the email message, as shown in Figure 8-3.

Figure 8-3
Figure 8-3. The PayPal Sandbox account verification process

To confirm your Sandbox account:

  1. Copy the URL from the Activate Your PayPal Account email.

  2. Open a new browser window, paste the URL into your browser's address bar, and press Enter.

  3. Enter the password for your account and click on Submit.

You will need to follow this process for every new Sandbox account you've created.

Verifying Bank Accounts in the Sandbox

PayPal uses bank accounts to verify [Hack #2] that their members are who they say they are.

TIP: Bank accounts are also used to add and withdraw funds [Hack #20].

Adding a bank account to a Sandbox account is relatively straightforward and has the added bonus of instantly making you rich--at least in the world of the PayPal Sandbox.

To add a bank account to your PayPal Sandbox account:

  1. Log in to the Sandbox with your business account, and click on Add Bank Account on the My Account/Overview page.

  2. The Add Bank Account page will be conveniently prepopulated with a fake bank account number. Add a name for the account and click on Add Account. Be sure to make note of the account numbers used for the bank account, because you will need them in the future to add multiple users or enable other features.

    TIP: At the time of this writing, the Sandbox displays this account number only once: at the moment of its creation. So, write it down somewhere, because you won't see it again. One way to remind yourself of this bank account information is to use the routing number and bank account as part of the account name (for example, BofA-325272157_10448249836185934481). If you do forget the account numbers, you might want to abandon this Sandbox account and open another.

  3. On the Get Verified page, click on Add and Confirm a Checking Account to be taken to the Confirm Bank Account page. Select the bank account you would like to confirm and click on Submit. Click on Continue when you see Your U.S. Bank Account Has Been Confirmed.

Repeat this process for your buyer account.

Adding Funds (and Getting Rich Quick)

When you've verified all your accounts, the last step is to put some money in your Personal (buyer) account.

TIP: You don't have to add funds to your account before making a payment, because PayPal will let you fund payments from your fake bank account or fake credit card, just as in real life.

To add funds, log in to the Sandbox with your Sandbox buyer account, and from the My Account tab, click on Add Funds. Click on the Transfer Funds from a Bank Account link and follow the instructions. You need to put some money into your Personal account only, since that's the account from which you'll be making your pseudo payments.

TIP: The transaction will be held as Pending until you actually view the details of the transaction and click on Clear Transaction or Fail Transaction. For the purposes of this hack, select Clear Transaction here.

This might be the most fun of all the things mentioned in this book, because you can, on a whim, transfer any amount of money into your account and become a pseudo millionaire in seconds! (And you thought this was going to be about the coding!)

--Rob Conery and Dave Nielsen

Shannon Sofield began working with Macromedia development tools when Macromedia acquired Future Splash.

Dave Nielsen is the co-founder of CloudCamp, and principal consultant at Platform D, a developer programs consulting company. He is also coauthor of PayPal Hacks.

Dave Burchell got his start with computers by programming the Radio Shack TRS-80 in BASIC and the Commodore 64 in 6510 assembly. A fervent proponent of XML, Dave enjoys solving content-management problems with markup and open source software.


View catalog information for PayPal Hacks

Return to Web DevCenter.

Copyright © 2009 O'Reilly Media, Inc.