Update to PayPal IPN

In Sept 2016 PayPal are changing their requirement for posting IPN messages back to PayPal for verification.

They are making the post url as https. My current versions of scripts already post to https so there should not be any change required, however, they also suggest that https://ipnpb.paypal.com/cgi-bin/webscr should be used in the future rather than https://www.paypal.com/cgi-bin/websc





PayPal upgrade to Certificate which may affect IPN based programs and scripts

There appears to be quite a bit of chat about the changes that PayPal are making to their system to allow SHA-256 during September 2015. This is to do with improving the SSL (Secure Socket Layer) security and is used over https systems.

A part of their message is:

“PayPal is upgrading the certificate for www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.”

PayPal IPN can be used over non SSL, that is using http – that is why many developers like it because it does not need SSL certificates on their web servers which can be expensive especially if you are a small trader. You don’t really want to have to purchase certificates if you are selling a small number of items.

So the kind of systems that are affected are those that use https and which use PayPal API to provide secure connections from your server to the PayPal server.

IPN over plain http will be supported as it currently is, so you will still be able to supply a plain http link to your IPN listener script. However if your IPN listener script is sSL/TLS enabled it will have to be SHA-256 complaint and your listening server will need to be able to accept SHA-256 certificates.

So do the changes affect the scripts on www.Withinweb.com that use IPN? Well the answer to that is NO, it does not affect the scripts at all.

PHP-eSeller, PHP-SecureArea and PHP-KeyCodes use a simple method of handshake between PayPal to verify that the transaction has taken place and hence no modifications are need to the applications.

Setting up a digtial download store

We have already written a short pdf document at http://www.withinweb.com/global/hints_tips_and_tricks/digital_files.pdf which provides some hints, tips and tricks for selling digital downloads.

Here are a few other issues that you may want to consider when setting up a digital online shopping system

Make sure your system is secure

It probably goes without saying that the shopping system has to be secure but in addition it needs to have a good method to protect the files you are going to download.

Select a good payment system

You should choose a payment system that has the facilies to feedback the results back you your web site.  Most payments systems will have some kind of notification method and some are more reliable than others.  There will be quite a bit of integration needed between your shopping system and the payment system which may restrict your choice.

Set up your own system on your web site or use a 3rd party web site

There are now a number of 3rd party web sites that you can subscribe to and they will handle all the selling of your digital product,  Many of these charge a fee which may be monthly or based on file size or some other factor.  You will need to judge whether your sells will be sufficient to cover the costs of the fees.

Select a good web hosting company

You need a web server that has all the facilites that you need, for example mySQL database, PHP support.  It also has to be reliable so that you know your site is running every day of the year.  It also helps if the web hosting company has good technical support.

Signing up for PayPal Express Checkout

To work with PayPal digital goods you need to use PayPal Express Checkout system and then get the API credentials from the PayPal site.

Use the following link to sign up with PayPal :

Express Checkout sign up


You select the Express Checkout option and then either create a new account or convert your existing account into a Business account.

I have had some problems in converting an existing account to a Business account that will work with express checkout and I have found that the best way is to create a new PayPal account from scratch using the above link.

This sets up your account to work with Express Checkout.

Now you can get your signature details as follows :

Log into you PayPal account.

Click on the ‘Profile‘ tab.

Click on ‘My Selling Preferences‘ on the left hand side of the page.

For API Access, click on the ‘Update‘ link.

This takes you to the ‘API Access‘ page.

Click on ‘Request API credentials’ link and this takes you to the ‘Request API Credentials‘.

You need to select the ‘Request API signature’ so that you can obtain the three components of :

API Username
API password
API signature

Make sure that the Request API signature radio button is selected.

Then click on ‘Agree and Submit‘ button.

Copy all the details and store in a secure place on your PC.

PayPal Mini Cart does not display

It is quite easy to implement PayPal Mini Cart on to your web site but there is a simple error that can stop the cart from displaying on your web page.

When you create you web page, make sure that the web page has proper validation at the top of the page such as

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>

Secondly, the Javascript code should be poistioned at the bottom of the web page just above the </body> tag.