Paypal Integral evolution : how sending the shipment variable??

[lejeannotfr]

hi, i've discovered that paypal doesn't protect merchants if the payment form doesn't send the shipment customer address. 

The default form send the billing address but if paypal doesn't receive the shipment variable, you're not protected in case of fraud. 

Then, these mothergentleers of paypal support just answer "find the code to send us the following variables":

first_name (??it's already in the code)
last_name (??it's already in the code)
address1
address2
city
country
zip

These 5 last variables, how are they named in virtuemart please? can anyone tell?

[lejeannotfr]

Nobody cares about this problem??   
I just look for the name i must use to qualify these variable in the html code...

[AH]

I use this:-

//Query used to find whether to use Bill Address or Ship to address
$dboui = new ps_DB;
$q_oui = "SELECT * FROM #__vm_order_user_info ";
$q_oui .= "WHERE #__vm_order_user_info.order_id='$order_id' ORDER BY #__vm_order_user_info.order_info_id DESC";
$dboui->query($q_oui);
 
$oui_id = $dboui->f("order_info_id");
 
if($oui_id == $order_id){
  $first_name = $dbb->f("first_name");
  $last_name = $dbb->f("last_name");
  $address1 = $dbb->f("address_1");
  $address2 = $dbb->f("address_2");
  $city = $dbb->f("city");
  $state = $dbb->f("state");
  $address_country = $dbbt->f("country");
  $zip = $dbb->f("zip");
  $H_PhoneNumber = $dbb->f("phone_1");
}
else {
  $first_name = $dboui->f("first_name");
  $last_name = $dboui->f("last_name");
  $address1 = $dboui->f("address_1");
  $address2 = $dboui->f("address_2");
  $city = $dboui->f("city");
  $state = $dboui->f("state");
  $address_country = $dboui->f("country");
  $zip = $dboui->f("zip");
  $H_PhoneNumber = $dboui->f("phone_1");
}
 

[lejeannotfr]

hi and thanks a lot for your help but i don't really understand where i should use the code you give me 
here is my usual code for the payment paypal integral evolution :

Code: [Select]

<?php
$url = "https://securepayments.paypal.com/acquiringweb";

$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");
$dbb = new ps_DB;
$q = "SELECT * FROM jos_vm_user_info ";
$q .= "WHERE user_id ='".$my->id."' ";
$dbb->setQuery($q);
$dbb->query();
$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");
$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": ". $db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round( $db->f("order_subtotal")+$tax_total-$discount_total, 2),
"shipping" => sprintf("%.2f", $db->f("order_shipping")),
"currency_code" => $_SESSION['vendor_currency'],

"address_override" => "1",

"buyer_email" => $dbb->f("user_email"),

"billing_first_name" => $dbb->f("first_name"),

"billing_last_name" => $dbb->f("last_name"),

"billing_address1" => $dbb->f("address_1"),

"billing_address2" => $dbb->f("address_2"),

"billing_city" => $dbb->f("city"),

"billing_country" => $dbb->f("country"),

"billing_state" => $dbb->f("state"),

"billing_zip" => $dbb->f("zip"),

"night_phone_b" => $dbb->f("phone_1"),



"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( $page == "checkout.thankyou" ) {
$query_string = "?";
foreach( $post_variables as $name => $value ) {
$query_string .= $name. "=" . urlencode($value) ."&";
}
vmRedirect( $url . $query_string );
} else {
echo '<form action="'.$url.'" method="post" target="_blank">';
echo '<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( $post_variables as $name => $value ) {
echo '<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo '</form>';

}
?>

[AH]

Sorry for the delay I have been away for a while:-

Here is the modified code base on what you posted.  Just reapply your xxxxx blanked detail.

Code: [Select]

<?php
$url = "https://securepayments.paypal.com/acquiringweb";

$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");
$dbb = new ps_DB;
$dbb->setQuery($q);
$dbb->query();
$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");


[color=red]// buyer e-mail

$buyer_email = $dbbt->f("user_email");

//Query used to find whether to use Bill Address or Ship to address and country

$db1 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$user->country."' ORDER BY country_2_code ASC";
$db1->query($q);
 
$dboui = new ps_DB;
$q_oui = "SELECT * FROM #__vm_order_user_info ";
$q_oui .= "WHERE #__vm_order_user_info.order_id='$order_id' ORDER BY #__vm_order_user_info.order_info_id DESC";
$dboui->query($q_oui);
 
$oui_id = $dboui->f("order_info_id");
 
if($oui_id == $order_id){
  $first_name = $dbb->f("first_name");
  $last_name = $dbb->f("last_name");
  $address1 = $dbb->f("address_1");
  $address2 = $dbb->f("address_2");
  $city = $dbb->f("city");
  $state = $dbb->f("state");
  $country = $db1->f('country_2_code');
  $zip = $dbb->f("zip");
  $night_phone_b = $dbb->f("phone_1");
}
else {
  $first_name = $dboui->f("first_name");
  $last_name = $dboui->f("last_name");
  $address1 = $dboui->f("address_1");
  $address2 = $dboui->f("address_2");
  $city = $dboui->f("city");
  $state = $dboui->f("state");
  $country = $db1->f('country_2_code');
  $zip = $dboui->f("zip");
  $night_phone_b = $dboui->f("phone_1");
}


// end address query
[/color]

$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": ". $db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round( $db->f("order_subtotal")+$tax_total-$discount_total, 2),
"shipping" => sprintf("%.2f", $db->f("order_shipping")),
"currency_code" => $_SESSION['vendor_currency'],

"address_override" => "1",



[color=red]"first_name" => $first_name,
"last_name" => $last_name,
"address1" => $address1,
"address2" => $address2,
"city" => $city,
"state" => $state,
"country" => $country,
"zip" => $zip,
"night_phone_b" => $night_phone_b,
"buyer_email" => $buyer_email,
[/color]


"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( $page == "checkout.thankyou" ) {
$query_string = "?";
foreach( $post_variables as $name => $value ) {
$query_string .= $name. "=" . urlencode($value) ."&";
}
vmRedirect( $url . $query_string );
} else {
echo '<form action="'.$url.'" method="post" target="_blank">';
echo '<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( $post_variables as $name => $value ) {
echo '<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo '</form>';

}
?>

[lejeannotfr]

hi, sorry too, i had a lot of soucies with paypal & had to modify the use of "integral evolution" cause i had no merchant protection working with it.
I'm gonna try your code and will tell you how it works... many thanks.
 

[lejeannotfr]

well sorry, i've been slow to try this and tell you : you code doesn't work, it generates an error (see attached picture)... something wrong somewhere but i can't tell what and where... 


[attachment cleanup by admin]

[Panikos]

I've played around and got it working for me (V.M 1.1.2)

Code: [Select]

//Query used to find whether to use Bill Address or Ship to address
$dboui = new ps_DB;
$q_oui = "SELECT * FROM #__vm_order_user_info ";
$q_oui .= "WHERE #__vm_order_user_info.order_id='$order_id' ORDER BY #__vm_order_user_info.order_info_id DESC";
$dboui->query($q_oui);

$oui_id = $dboui->f("order_info_id");
$oui_st = $dboui->f("address_type");

if($oui_st == "ST"){
              $db1 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dboui->f("country")."' ORDER BY country_2_code ASC";
$db1->query($q);
$first_name = $dboui->f("first_name");
$last_name = $dboui->f("last_name");
$address1 = $dboui->f("address_1");
$address2 = $dboui->f("address_2");
$zip = $dboui->f("zip");
$city = $dboui->f("city");
$state = $dboui->f("state");
$country = $db1->f("country_2_code");
$email = $dboui->f("user_email");
$night_phone_b = $dboui->f("phone_1");
}
else {
              $db2 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$user->country."' ORDER BY country_2_code ASC";
$db2->query($q);
$first_name = $dbbt->f("first_name");
$last_name = $dbbt->f("Qlast_name");
$address1 = $dbbt->f("address_1");
$address2 = $dbbt->f("address_2");
$zip = $dbbt->f("zip");
$city = $dbbt->f("city");
$state = $dbbt->f("state");
$country = $db2->f("country_2_code");
$email = $dbbt->f("user_email");
$night_phone_b = $dbbt->f("phone_1");
}

Reason I'm using address_type is because the order_info_id will never match with the order_id.

Then

Code: [Select]

"address_override" => "1",
"first_name" => $first_name,
"last_name" => $last_name,
"address1" => $address_1,
"address2" => $address_2,
"zip" => $zip,
"city" => $city,
"state" => $state,
"country" => $country,
"email" => $user_email,
"night_phone_b" => $phone_1,
"cpp_header_image" => $vendor_image_url,

Please delete the :

Code: [Select]

$db1 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dboui->f("country")."' ORDER BY country_2_code ASC";
$db1->query($q);
It is replaced in the above code.
 

[lejeannotfr]

hi, thanks a lot but excuse me i don't really understand what i must do to try your code : do you mean i must replace the first code by the second one?
What should i modifiy in the first part of code you have sent? 
sorry

[Panikos]

hi, thanks a lot but excuse me i don't really understand what i must do to try your code : do you mean i must replace the first code by the second one?
What should i modifiy in the first part of code you have sent? 
sorry

You have to use both sets of code.

The first block must go at the top. Please pay attention to the else statement. You must replace the $dbbt-> with whatever you have in your original code.

The second block replaces the code further down in the page.

I you still are struggling paste the whole of your code and I'll amend for you.

[lejeannotfr]

arrg! Sorry Panikos but it doesn't work, i'm using VM 1.1.6.
When i follow the cart process, if i chose the billing address as delivery address, it works but nothing appens in the paypal page (the fields of the form are not filled, but it may be normal). However, if I choose a delivery address different from the billing address, I get the following error:

Code: [Select]

Fatal error: Call to a member function f() on a non-object in /.../..../components/com_virtuemart/themes/vm_mynxx/templates/pages/checkout.thankyou.tpl.php(61) : eval()'d code on line 37
Then i can't say what happens in your code cause i'm not developer but perhaps one paypal option is missing... thanks a lot.

[Panikos]

arrg! Sorry Panikos but it doesn't work, i'm using VM 1.1.6.
When i follow the cart process, if i chose the billing address as delivery address, it works but nothing appens in the paypal page (the fields of the form are not filled, but it may be normal). However, if I choose a delivery address different from the billing address, I get the following error:

Code: [Select]

Fatal error: Call to a member function f() on a non-object in /.../..../components/com_virtuemart/themes/vm_mynxx/templates/pages/checkout.thankyou.tpl.php(61) : eval()'d code on line 37
Then i can't say what happens in your code cause i'm not developer but perhaps one paypal option is missing... thanks a lot.

Do you still have the original paypal code??

If so can you paste it and I'll amend it for you.

What is happening is that the database code to do any sql query/s is failing because the f() function is not present in your installation.
If I can see the original code that will tell me what the equivalent f() function is and I'll substitute it in the code so it works.

[lejeannotfr]

hi again, and thanks for you special help.

yes the original code for paypal intregral evolution is the following :

Code: [Select]

<?php
$url = "https://securepayments.paypal.com/acquiringweb";

$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");
$dbb = new ps_DB;
$q = "SELECT * FROM jos_vm_user_info ";
$q .= "WHERE user_id ='".$my->id."' ";
$dbb->setQuery($q);
$dbb->query();
$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");
$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": ". $db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round( $db->f("order_subtotal")+$tax_total-$discount_total, 2),
"shipping" => sprintf("%.2f", $db->f("order_shipping")),
"currency_code" => $_SESSION['vendor_currency'],

"address_override" => "1",

"buyer_email" => $dbb->f("user_email"),

"billing_first_name" => $dbb->f("first_name"),

"billing_last_name" => $dbb->f("last_name"),

"billing_address1" => $dbb->f("address_1"),

"billing_address2" => $dbb->f("address_2"),

"billing_city" => $dbb->f("city"),

"billing_country" => $dbb->f("country"),

"billing_state" => $dbb->f("state"),

"billing_zip" => $dbb->f("zip"),

"night_phone_b" => $dbb->f("phone_1"),



"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( $page == "checkout.thankyou" ) {
$query_string = "?";
foreach( $post_variables as $name => $value ) {
$query_string .= $name. "=" . urlencode($value) ."&";
}
vmRedirect( $url . $query_string );
} else {
echo '<form action="'.$url.'" method="post" target="_blank">';
echo '<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( $post_variables as $name => $value ) {
echo '<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo '</form>';

}
?>
the first code was the standard paypal account payment i don't have backup of it...
Sorry

[Panikos]

Sorry for the delay.

Try this:

Code: [Select]

<?php
// this make sure that we are using the right currency
if(isset($_SESSION['product_currency']) && $_SESSION['product_currency']!=''){
$currency = $_SESSION['product_currency'];
}else{
$currency = $_SESSION['vendor_currency'];
}

$url = "https://securepayments.paypal.com/acquiringweb";

$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");
$order_id = $db->f("order_id") ;

// get user info i.e. address etc
$dbb = new ps_DB;
$q = "SELECT * FROM jos_vm_user_info ";
$q .= "WHERE user_id ='".$my->id."' ";
$dbb->setQuery($q);
$dbb->query();

//Query used to find whether to use Bill Address or Ship to address
$dboui = new ps_DB;
$q_oui = "SELECT * FROM #__vm_order_user_info ";
$q_oui .= "WHERE #__vm_order_user_info.order_id='$order_id' ORDER BY #__vm_order_user_info.order_info_id DESC";
$dboui->setQuery($q_oui);
$dboui->query($q_oui);
$oui_st = $dboui->f("address_type");

//now lets see if the order was placed using a shipping address we then send paypal the shipping address
if($oui_st == "ST"){
$db1 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dboui->f("country")."' ORDER BY country_2_code ASC";
$db1->setQuery($q);
$db1->query($q);
$first_name = $dboui->f("first_name");
$last_name = $dboui->f("last_name");
$address1 = $dboui->f("address_1");
$address2 = $dboui->f("address_2");
$zip = $dboui->f("zip");
$city = $dboui->f("city");
$state = $dboui->f("state");
$country = $db1->f("country_2_code");
$email = $dboui->f("user_email");
$night_phone_b = $dboui->f("phone_1");
}
//if no shipping address we use send paypal the bill to address
else {
$db2 = new ps_DB();
$q = "SELECT country_2_code FROM #__vm_country WHERE country_3_code='".$dbb->f("country")."' ORDER BY country_2_code ASC";
$db2->setQuery($q);
$db2->query($q);
$first_name = $dbb->f("first_name");
$last_name = $dbb->f("Qlast_name");
$address1 = $dbb->f("address_1");
$address2 = $dbb->f("address_2");
$zip = $dbb->f("zip");
$city = $dbb->f("city");
$state = $dbb->f("state");
$country = $db2->f("country_2_code");
$email = $dbb->f("user_email");
$night_phone_b = $dbbt->f("phone_1");
}


$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = $db->f("order_shipping");
$post_variables = Array(

"cmd" => "_ext-enter",
"redirect_cmd" => "_hosted-payment",
"upload" => "1",
"business" => PAYPAL_EMAIL,
"receiver_email" => PAYPAL_EMAIL,
"item_name" => $VM_LANG->_('PHPSHOP_ORDER_PRINT_PO_NUMBER').": ". $db->f("order_id"),
"order_id" => $db->f("order_id"),
"invoice" => $db->f("order_number"),
"subtotal" => round( $db->f("order_subtotal")+$tax_total-$discount_total, 2),
"shipping" => sprintf("%.2f", $db->f("order_shipping")),
"currency_code" => $currency,

"address_override" => "1",

"buyer_email" => $email,
"billing_first_name" => $first_name,
"billing_last_name" => $last_name,
"billing_address1" => $address_1,
"billing_address2" => $address_2,
"billing_city" => $city,
"billing_country" => $country,
"billing_state" => $state,
"billing_zip" => $zip,
"night_phone_b" => $phone_1,



"return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.result&order_id=".$db->f("order_id"),
"notify_url" => SECUREURL ."administrator/components/com_virtuemart/notify.php",
"cancel_return" => SECUREURL ."index.php?option=com_virtuemart&page=checkout.paypal-cancel-2010.php&order_id=".$db->f("order_id")."&invoice=".$db->f("order_number"),
"undefined_quantity" => "0",

"test_ipn" => PAYPAL_DEBUG,
"pal" => "XXXXXXXXXXXXX",
"no_shipping" => "1",
"no_note" => "1"
);
if( $page == "checkout.thankyou" ) {
$query_string = "?";
foreach( $post_variables as $name => $value ) {
$query_string .= $name. "=" . urlencode($value) ."&";
}
vmRedirect( $url . $query_string );
} else {
echo '<form action="'.$url.'" method="post" target="_blank">';
echo '<input type="image" name="submit" src="XXXXXXXXXXXXXXXXXXXXXXXXX" alt="xxxxxxxxxxxxxxxxx" />';

foreach( $post_variables as $name => $value ) {
echo '<input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'" />';
}
echo '</form>';

}
?>

Let us know how it goes

[lejeannotfr]

Don't be sorry for the delay, no problem i will try and tell you, i'm not in hurry since these gentlein' paypal support doesn't want to work on that code to make it work in virtuemart!  They take money on your business and they don't work to help you telling that you must read the user manual of paypal integral evolution...