News:

Support the VirtueMart project and become a member

Main Menu

Paypal Integral evolution : how sending the shipment variable??

Started by lejeannotfr, July 04, 2012, 23:20:31 PM

Previous topic - Next topic

lejeannotfr

hi, i've discovered that paypal doesn't protect merchants if the payment form doesn't send the shipment customer address.  >:(

The default form send the billing address but if paypal doesn't receive the shipment variable, you're not protected in case of fraud.  :o

Then, these mothergentleers of paypal support just answer "find the code to send us the following variables":

first_name (??it's already in the code)
last_name (??it's already in the code)
address1
address2
city
country
zip

These 5 last variables, how are they named in virtuemart please? can anyone tell? :'(

lejeannotfr

Nobody cares about this problem??   :o
I just look for the name i must use to qualify these variable in the html code...

lejeannotfr

hi and thanks a lot for your help but i don't really understand where i should use the code you give me  :-[
here is my usual code for the payment paypal integral evolution :

<?php
$url 
"https://securepayments.paypal.com/acquiringweb";

$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");
$dbb = new ps_DB;
$q "SELECT * FROM jos_vm_user_info ";
$q .= "WHERE user_id ='".$my->id."' ";
$dbb->setQuery($q);
$dbb->query();
$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");
$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": "$db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round$db->f("order_subtotal")+$tax_total-$discount_total2),
"shipping" => sprintf("%.2f"$db->f("order_shipping")),
"currency_code" => $_SESSION['vendor_currency'],

"address_override" => "1",

"buyer_email" => $dbb->f("user_email"),

"billing_first_name" => $dbb->f("first_name"),

"billing_last_name" => $dbb->f("last_name"),

"billing_address1" => $dbb->f("address_1"),

"billing_address2" => $dbb->f("address_2"),

"billing_city" => $dbb->f("city"),

"billing_country" => $dbb->f("country"),

"billing_state" => $dbb->f("state"),

"billing_zip" => $dbb->f("zip"),

"night_phone_b" => $dbb->f("phone_1"),



"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( 
$page == "checkout.thankyou" ) {
$query_string "?";
foreach( 
$post_variables as $name => $value ) {
$query_string .= $name"=" urlencode($value) ."&";
}
vmRedirect$url $query_string );
} else {
echo 
'<form action="'.$url.'" method="post" target="_blank">';
echo 
'<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( 
$post_variables as $name => $value ) {
echo 
'<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo 
'</form>';

}
?>

AH

Sorry for the delay I have been away for a while:-

Here is the modified code base on what you posted.  Just reapply your xxxxx blanked detail.


<?php
$url 
"https://securepayments.paypal.com/acquiringweb";

$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");
$dbb = new ps_DB;
$dbb->setQuery($q);
$dbb->query();
$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");


[
color=red]// buyer e-mail

$buyer_email $dbbt->f("user_email");

//Query used to find whether to use Bill Address or Ship to address and country

$db1 = new ps_DB();
$q "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$user->country."' ORDER BY country_2_code ASC";
$db1->query($q);
 
$dboui = new ps_DB;
$q_oui "SELECT * FROM #__vm_order_user_info ";
$q_oui .= "WHERE #__vm_order_user_info.order_id='$order_id' ORDER BY #__vm_order_user_info.order_info_id DESC";
$dboui->query($q_oui);
 
$oui_id $dboui->f("order_info_id");
 
if(
$oui_id == $order_id){
  
$first_name $dbb->f("first_name");
  
$last_name $dbb->f("last_name");
  
$address1 $dbb->f("address_1");
  
$address2 $dbb->f("address_2");
  
$city $dbb->f("city");
  
$state $dbb->f("state");
  
$country $db1->f('country_2_code');
  
$zip $dbb->f("zip");
  
$night_phone_b $dbb->f("phone_1");
}
else {
  
$first_name $dboui->f("first_name");
  
$last_name $dboui->f("last_name");
  
$address1 $dboui->f("address_1");
  
$address2 $dboui->f("address_2");
  
$city $dboui->f("city");
  
$state $dboui->f("state");
  
$country $db1->f('country_2_code');
  
$zip $dboui->f("zip");
  
$night_phone_b $dboui->f("phone_1");
}


// end address query
[/color]

$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": "$db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round$db->f("order_subtotal")+$tax_total-$discount_total2),
"shipping" => sprintf("%.2f"$db->f("order_shipping")),
"currency_code" => $_SESSION['vendor_currency'],

"address_override" => "1",



[
color=red]"first_name" => $first_name,
"last_name" => $last_name,
"address1" => $address1,
"address2" => $address2,
"city" => $city,
"state" => $state,
"country" => $country,
"zip" => $zip,
"night_phone_b" => $night_phone_b,
"buyer_email" => $buyer_email,
[/
color]


"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( 
$page == "checkout.thankyou" ) {
$query_string "?";
foreach( 
$post_variables as $name => $value ) {
$query_string .= $name"=" urlencode($value) ."&";
}
vmRedirect$url $query_string );
} else {
echo 
'<form action="'.$url.'" method="post" target="_blank">';
echo 
'<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( 
$post_variables as $name => $value ) {
echo 
'<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo 
'</form>';

}
?>
Regards
A

Joomla 3.10.11
php 8.0

lejeannotfr

hi, sorry too, i had a lot of soucies with paypal & had to modify the use of "integral evolution" cause i had no merchant protection working with it.
I'm gonna try your code and will tell you how it works... many thanks.

lejeannotfr

well sorry, i've been slow to try this and tell you : you code doesn't work, it generates an error (see attached picture)... something wrong somewhere but i can't tell what and where...  :'(


[attachment cleanup by admin]

Panikos

I've played around and got it working for me (V.M 1.1.2)


//Query used to find whether to use Bill Address or Ship to address
$dboui = new ps_DB;
$q_oui = "SELECT * FROM #__vm_order_user_info ";
$q_oui .= "WHERE #__vm_order_user_info.order_id='$order_id' ORDER BY #__vm_order_user_info.order_info_id DESC";
$dboui->query($q_oui);

$oui_id = $dboui->f("order_info_id");
$oui_st = $dboui->f("address_type");

if($oui_st == "ST"){
              $db1 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dboui->f("country")."' ORDER BY country_2_code ASC";
$db1->query($q);
$first_name = $dboui->f("first_name");
$last_name = $dboui->f("last_name");
$address1 = $dboui->f("address_1");
$address2 = $dboui->f("address_2");
$zip = $dboui->f("zip");
$city = $dboui->f("city");
$state = $dboui->f("state");
$country = $db1->f("country_2_code");
$email = $dboui->f("user_email");
$night_phone_b = $dboui->f("phone_1");
}
else {
              $db2 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$user->country."' ORDER BY country_2_code ASC";
$db2->query($q);
$first_name = $dbbt->f("first_name");
$last_name = $dbbt->f("Qlast_name");
$address1 = $dbbt->f("address_1");
$address2 = $dbbt->f("address_2");
$zip = $dbbt->f("zip");
$city = $dbbt->f("city");
$state = $dbbt->f("state");
$country = $db2->f("country_2_code");
$email = $dbbt->f("user_email");
$night_phone_b = $dbbt->f("phone_1");
}


Reason I'm using address_type is because the order_info_id will never match with the order_id.

Then

"address_override" => "1",
"first_name" => $first_name,
"last_name" => $last_name,
"address1" => $address_1,
"address2" => $address_2,
"zip" => $zip,
"city" => $city,
"state" => $state,
"country" => $country,
"email" => $user_email,
"night_phone_b" => $phone_1,
"cpp_header_image" => $vendor_image_url,


Please delete the :

$db1 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dboui->f("country")."' ORDER BY country_2_code ASC";
$db1->query($q);

It is replaced in the above code.
;D

lejeannotfr

hi, thanks a lot but excuse me i don't really understand what i must do to try your code : do you mean i must replace the first code by the second one?
What should i modifiy in the first part of code you have sent?  :)
sorry

Panikos

Quote from: lejeannotfr on September 27, 2012, 23:58:54 PM
arrg! Sorry Panikos but it doesn't work, i'm using VM 1.1.6.
When i follow the cart process, if i chose the billing address as delivery address, it works but nothing appens in the paypal page (the fields of the form are not filled, but it may be normal). However, if I choose a delivery address different from the billing address, I get the following error:
Fatal error: Call to a member function f() on a non-object in /.../..../components/com_virtuemart/themes/vm_mynxx/templates/pages/checkout.thankyou.tpl.php(61) : eval()'d code on line 37

Then i can't say what happens in your code cause i'm not developer but perhaps one paypal option is missing... thanks a lot.

Do you still have the original paypal code??

If so can you paste it and I'll amend it for you.

What is happening is that the database code to do any sql query/s is failing because the f() function is not present in your installation.
If I can see the original code that will tell me what the equivalent f() function is and I'll substitute it in the code so it works.

lejeannotfr

hi again, and thanks for you special help.

yes the original code for paypal intregral evolution is the following :
<?php
$url 
"https://securepayments.paypal.com/acquiringweb";

$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");
$dbb = new ps_DB;
$q "SELECT * FROM jos_vm_user_info ";
$q .= "WHERE user_id ='".$my->id."' ";
$dbb->setQuery($q);
$dbb->query();
$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");
$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": "$db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round$db->f("order_subtotal")+$tax_total-$discount_total2),
"shipping" => sprintf("%.2f"$db->f("order_shipping")),
"currency_code" => $_SESSION['vendor_currency'],

"address_override" => "1",

"buyer_email" => $dbb->f("user_email"),

"billing_first_name" => $dbb->f("first_name"),

"billing_last_name" => $dbb->f("last_name"),

"billing_address1" => $dbb->f("address_1"),

"billing_address2" => $dbb->f("address_2"),

"billing_city" => $dbb->f("city"),

"billing_country" => $dbb->f("country"),

"billing_state" => $dbb->f("state"),

"billing_zip" => $dbb->f("zip"),

"night_phone_b" => $dbb->f("phone_1"),



"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( 
$page == "checkout.thankyou" ) {
$query_string "?";
foreach( 
$post_variables as $name => $value ) {
$query_string .= $name"=" urlencode($value) ."&";
}
vmRedirect$url $query_string );
} else {
echo 
'<form action="'.$url.'" method="post" target="_blank">';
echo 
'<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( 
$post_variables as $name => $value ) {
echo 
'<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo 
'</form>';

}
?>


the first code was the standard paypal account payment i don't have backup of it...
Sorry

Panikos

Sorry for the delay.

Try this:


<?php
// this make sure that we are using the right currency
if(isset($_SESSION['product_currency']) && $_SESSION['product_currency']!=''){
$currency $_SESSION['product_currency'];
}else{
$currency $_SESSION['vendor_currency'];
}

$url "https://securepayments.paypal.com/acquiringweb";

$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");
$order_id $db->f("order_id") ;

// get user info i.e. address etc
$dbb = new ps_DB;
$q "SELECT * FROM jos_vm_user_info ";
$q .= "WHERE user_id ='".$my->id."' ";
$dbb->setQuery($q);
$dbb->query();

//Query used to find whether to use Bill Address or Ship to address
$dboui = new ps_DB;
$q_oui "SELECT * FROM #__vm_order_user_info ";
$q_oui .= "WHERE #__vm_order_user_info.order_id='$order_id' ORDER BY #__vm_order_user_info.order_info_id DESC";
$dboui->setQuery($q_oui);
$dboui->query($q_oui);
$oui_st $dboui->f("address_type");

//now lets see if the order was placed using a shipping address we then send paypal the shipping address
if($oui_st == "ST"){
$db1 = new ps_DB();
$q "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dboui->f("country")."' ORDER BY country_2_code ASC";
$db1->setQuery($q);
$db1->query($q);
$first_name $dboui->f("first_name");
$last_name $dboui->f("last_name");
$address1 $dboui->f("address_1");
$address2 $dboui->f("address_2");
$zip $dboui->f("zip");
$city $dboui->f("city");
$state $dboui->f("state");
$country $db1->f("country_2_code");
$email $dboui->f("user_email");
$night_phone_b $dboui->f("phone_1");
}
//if no shipping address we use send paypal the bill to address
else {
$db2 = new ps_DB();
$q "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dbb->f("country")."' ORDER BY country_2_code ASC";
$db2->setQuery($q);
$db2->query($q);
$first_name $dbb->f("first_name");
$last_name $dbb->f("Qlast_name");
$address1 $dbb->f("address_1");
$address2 $dbb->f("address_2");
$zip $dbb->f("zip");
$city $dbb->f("city");
$state $dbb->f("state");
$country $db2->f("country_2_code");
$email $dbb->f("user_email");
$night_phone_b $dbbt->f("phone_1");
}


$tax_total $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total $db->f("coupon_discount") + $db->f("order_discount");
$shipping $db->f("order_shipping");
$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": "$db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round$db->f("order_subtotal")+$tax_total-$discount_total2),
"shipping" => sprintf("%.2f"$db->f("order_shipping")),
"currency_code" => $currency,

"address_override" => "1",

"buyer_email" => $email,
"billing_first_name" => $first_name,
"billing_last_name" => $last_name,
"billing_address1" => $address_1,
"billing_address2" => $address_2,
"billing_city" => $city,
"billing_country" => $country,
"billing_state" => $state,
"billing_zip" => $zip,
"night_phone_b" => $phone_1,



"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( 
$page == "checkout.thankyou" ) {
$query_string "?";
foreach( 
$post_variables as $name => $value ) {
$query_string .= $name"=" urlencode($value) ."&";
}
vmRedirect$url $query_string );
} else {
echo 
'<form action="'.$url.'" method="post" target="_blank">';
echo 
'<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( 
$post_variables as $name => $value ) {
echo 
'<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo 
'</form>';

}
?>



Let us know how it goes

lejeannotfr

Don't be sorry for the delay, no problem i will try and tell you, i'm not in hurry since these gentlein' paypal support doesn't want to work on that code to make it work in virtuemart!  :-\ They take money on your business and they don't work to help you telling that you must read the user manual of paypal integral evolution...  ;)

lejeannotfr

Quote from: Panikos on October 04, 2012, 10:24:51 AM
Sorry for the delay.

Try this Let us know how it goes

Hi panikos, well i have a good & a bad new :
1 - the good one is that your code works on the fisrt page of paypal integral evolution, when you arrive on the paypal page, the "credit card bank payment" (choose to pay with card) shows the shipping address of the buyer, then it's good.
2 - if the customer choose to pay with its paypal account, as you know, he should click on a button to arrive on a second paypal form asking to "sign in" paypal and in this form, the shipping adresse is not automaticaly entered in the form fields.

then i can say it works a half, the shipping address for the payment with paypal account always bugs.
I forgot to tell you, in my form configuration in VM 1.1 i use a payment class "ps_paypal" & not "ps_paypal_api" ... i don't know if this detail is important for you.

Best regard.