Recently I wanted to sell a small script for which I was getting some requests.I wanted the procedure to be as efficient as possible where the user was delivered the script though a secret link once the payment was made. After some thorough searching around the net , I found that though the Idea and procedure is so simple there exist No Free scripts
to do so ( Weired ). So in this tutorial we build a small script which can be used anywhere to sell digital goods online using Paypal IPN.They can be ebooks, shareware , software, images anything Bits and Bytes.
The script has the following features
- Complete automation of your online orders.
- Automatically emails your customers and provides them with a unique download link to your digital product.
- Automatically expiring links as required by the user.
- File Attachments in Email.
- Easy to test and debug.
- Easy to integrate into any existing website.
- Easy to install and configure. Only one settings file.
IPN is what this system is designed around.Instant Payment
Notification (IPN) allows you to integrate PayPal payments with your
website’s back-end operations. IPN provides immediate notification and
confirmation of PayPal payments you receive. Here is how IPN works
- A customer payment or a refund triggers IPN. This payment can be
via Website Payments Standard FORMs or via the PayPal Web Services
API’s for Express Checkout, Mass Pay, or Refund Transaction. If the
payment has a “Pending” status, you receive another IPN when the
payment clears, fails, or is denied. - PayPal posts HTML FORM variables to a program at a URL you specify.
You can specify this URL either in your Profile or with the notify_url
variable on each transaction. This post is the heart of IPN. Included
in the notification is the customer’s payment information (such as
customer name, payment amount). All possible variables in IPN posts are
detailed in this guide. When your server receives a notification, it
must process the incoming data. - Your server must then validate the notification to ensure that it
is legitimate.Once this is verified you can go ahead and deliver the
goods with a link which expires after sometime to the payer.
To activate IPN, you can either change a setting in your PayPal
Profile or include the notify_url variable in the payment FORMs on your
website. We will us the notify_url method.
Also as we will not be using any encryption in the buttons we will
verify all the IPN details during the verification procedure.
Before you begin this tutorial please download the source and refer to it side by side for better understanding.
Step 1 : Setting up to receive and validate IPN
request . We are going to use one of the many Paypal Classes available
freely, I have taken one from micah carrick
.This class handles the request which Paypal send back to us.So the
validation code which will be called once the Paypal invokes our IPN.
validate_ipn() is the function which handles this part.
Step 2 : Now we want do define the products which
we want to sell , As my aim was to sell 1 - 2 odd scripts there was no
use of building a shopping cart. Also as i planned to skip the database
, and keep things simple as possible. So my products listing is a
simple array defined in the settings.php file. The array item index is
the item number which is used when creating a button.
// product[number] = array(’Name’ ,’Price’ , ‘Download Link’);
$products[2] = array(’My Script’,’32′,’downloads/myscript.zip’);
Step 3 : As we will be using non encrypted buttons
, users might try to fool the script by sending in fake IPN requests or
paying different amount and invoking the IPN script. To prevent such
kind of things from happening we put in a validation function which
checks various parameters according to our defined products. This
function is validate_product().
Step 4 : Now we need a Buy now button for our
product which defines our IPN callback, Item number , price etc. This
button is simple HTML and can be placed anywhere and all the user is
required is to click it and pay up , rest the script will take care of.
<form action=”https://www.sandbox.paypal.com/cgi-bin/webscr” method=”post”>
<input type=”hidden” name=”cmd” value=”_xclick”>
<input type=”hidden” name=”business” value=”mail@mybusiness.com”>
<input type=”hidden” name=”item_name” value=”My Ebook”>
<input type=”hidden” name=”item_number” value=”2″>
<input type=”hidden” name=”amount” value=”32.00″>
<input type=”hidden” name=”rm” value=”2″>
<input type=”hidden” name=”return” value=”http://www.mybusiness.com/thankyou.html”>
<input type=”hidden” name=”cancel_return” value=”http://www.mybusiness.com/”>
<input type=”hidden” name=”notify_url” value=”http://www.mybusiness.com/paypal/paypal.php”>
<input type=”image” src=”https://www.paypal.com/en_US/i/btn/x-click-but23.gif” border=”0″ name=”submit” alt=”Make
payments with PayPal - it’s fast, free and secure!”>
<img alt=”” border=”0″ src=”https://www.paypal.com/en_US/i/scr/pixel.gif” width=”1″ height=”1″>
</form>
Step 5 : Now if everything goes fine and user pays
up we need to send him a secret link which expires at our pre decided
time( say 24 hours ). Now this procedure will only takes place if the
IPN return a verified value. The secret link just contains a timestamp
and a product ID which is encrypted using RC4 encryption and then base
64 Encoded so that it can be used in a URL. Then a email is sent to the
user with the Download link.
// Client has successfully paid for the product
$product_id = $p->ipn_data[’item_number’];
$download = $product_id.’|’.time();
$download_link = $script_location.’download.php?file=’.base64_encode(RC4Crypt::encrypt($secret,$download));
Step 6 : Now we need a script which takes this link
and validates it and gives the user the download if everything goes
fine. download.php is the file which does this.
That’s it , you have a set of 2 scripts which will allow you to sell downloads online.
The package also includes a check.php which helps you check if Digisell is functioning properly. Run it after you have editing the settings file.
Yes I have Setup IPN also to divert to a blank Thankyou page.
Robert
how will i know if its working?does the link be emailed to notification email?i cant seems to find it…am using sandbox to test it….is it possible?or should i use the true paypal account to test if i received the downloaded link? help me
yes you can use two paypal email accounts for it.
The emails are sent to both payers and payee accounts.
Nice script, pretty much what I was looking for.
Somehow I cannot change the currency. After clicking the pay-button the currency remains USD. Since in the settinge I have choosen EUR the comparison fails.
Got it. And I am not just saying that it is working, I will tell you the solution (like someone above did not).
Just put a hidden “currency_code” in the button-form
Hi everybody,
This script worked perfectly, Thanks to ngcoders.com
For some people with send e-mail problems. That may be because the hosting you are using. At first I try the script on hostmonster, email do not send the same.
But when I try moving the script to dreamhost, now email sent normally.
Solution
1. Open check.php and send testing email to see your hosting can send mail or not
2. If email still not sent, try change this in settings.php
change
$email_config['protocol'] = ‘mail’;to
$email_config['protocol'] = ’sendmail’;3. If still can’t send, contact your hosting or use smtp function… Editing in email.php
Tips
Protect your donwload directory from directly download
Create .htaccess file with this line
deny from all
Upload to your download folder
Suggest
DigiSell should has timezone fucntion because HOST Time and LOCAL Time not same. Some people may live in the uk but use hosting on usa so this script will take usa time not uk time, this issue will cause the time delay on “link remain valid function” and information on email that send to a customer and the seller
// How long will download link remain valid
$download_life = '24';
I hope ngcoders.com will add time zone function to a new version of DigiSell
Example: time zone function
$yourtimezone = -7;
$yourtimezone = floor($yourtimezone);
if ($yourtimezone12) $yourtimezone = 0;
// Date...
$date = gmdate("d/m/Y", time() + 3600*($yourtimezone+(date("I")==1?0:1)));
$time = gmdate("G:i", time() + 3600*($yourtimezone+(date("I")==1?0:1)));
DigiSell is Super Great IPN Paypal Script because it’s totally FREE and NOT encrypt file so people can edit everything they want. I can’t find free IPN Paypal script like this.
For a useful script. Will be open to receive donations. We willing to spend a few money through paypal. Then you can continue to develop this script.
DigiSell help us do business easier and now the time we will give DigiSell back.
Regards,
nadia
Again..
[Limit GET POST]
deny from all
[/Limit]
* change [ to
* change ] to >
* change [ to <
Wonderful.. I have added your blog to my bookmarks and share it with all my colleagues and friends..
Hello,
When I turn any of the button codes into an add to cart button, it stops working, is it normal ? is it possible to use an add to cart button ?
This is what I modified to my button code:
See target added, add with a value of 1, and changed _xclick to _cart
Please help me, thanks.
OK, the HTML got stripped.
This is: add value=”1″ form target=”paypal” cmd=”_cart”
I am also having a problem converting Buy Now buttons to Add to Cart buttons. I would appreciate learning how you did it? (Please excuse me if I just don’t understand your explanation!)
Thanks!!
Hi guys. I have everything done but not getting any emails as attachments. DO you know what are the common reasons ?
Also, does the paypal’s sandbox test email ever get attachments (the mail feature is within paypal’s web app…)
hi all, i have finally made the link work. But just 2 minor questions for the customers POV.
1) Why is it that my item at the array is set at 2 ? I’ve tried setting at 1 and it doesn’t work ?
2) I have 2 email accs tied to one paypal acc. Only 1 email ireceive the attachment. Has this got to do with paypal ?
thanks for your post , i got it.
Hello All,
Love the script but I too am having some similar issues and could use some help.
I got the script to work fine in all sense of the word on my yahoo webhosting account but when I set it up on my Go Daddy hosting account it does everything but send the “customer” the download link email. Any ideas as to why this would happen?
I have tried a few of the suggestions on this thread but to no avail. Any help would be great. Thanks.
how will i set up the download page if i have two products or more?
in settings.php should it be like this?
$products[2] = array(’My Script’,'1.00′,’downloads/myscript.zip’);
$products[3] = array(’My Script1′,’2.00′,’downloads/myscript1.zip’);
How would you go about flipping this script to allow for a file-upload rather then a download?
Can you direct the client to a form with the posted Receipt Information as read only that would then be mailed to admin with attachment?
Doesn’t it take up a lot of time to keep your blog so interesting ?
Is there anyway to manual generate a link? Say for example for whatever reason it didn’t work but you verify that they did infact pay, or they wanted to pay in cash, is there way way to say type in the file ID and an email address into a simple html form and have it call the functions to run as if it were an IPN verified request??
Hi,Mike, this is a script for generating a download link by yourself:
<?
//Named this script as self_generate.php
//How to use -
//http://yourdomain.com/self_generate.php?id=xxxx
include(’settings.php’);
$item_number = $_REQUEST['id'];
/**
* Provides encryption service using RC4 encryption scheme.
*
* RC4 encryption is reversible. See
*
* @author Xiang Wei Zhuo
* @version v1.0, last update on Sat Mar 12 15:19:50 EST 2005
* @package prado.examples.petshop
*/
class RC4Crypt {
/**
* Encrypt the data.
* @param string private key.
* @param string data to be encrypted.
* @return string encrypted string.
*/
function encrypt ($pwd, $data)
{
$key[] = ”;
$box[] = ”;
$pwd_length = strlen($pwd);
$data_length = strlen($data);
for ($i = 0; $i < 256; $i++)
{
$key[$i] = ord($pwd[$i % $pwd_length]);
$box[$i] = $i;
}
for ($j = $i = 0; $i < 256; $i++)
{
$j = ($j + $box[$i] + $key[$i]) % 256;
$tmp = $box[$i];
$box[$i] = $box[$j];
$box[$j] = $tmp;
}
$cipher = ”;
for ($a = $j = $i = 0; $i
=====Rest of the script===
$cipher = ”;
for ($a = $j = $i = 0; $i
Hey thanks, the rest of the script doesn’t seem to be showing up?? might you be able to e-mail it if your having troubles getting it to display here? mikem562@gmail.com
–sorry for double post, forgot to add email address–
Hey thanks, the rest of the script doesn’t seem to be showing up?? might you be able to e-mail it if your having troubles getting it to display here?
H, I’m having the exact same problem as Doris. I get the emails saying someone has purchased, and as the customer I get the paypal receipt. But no download link/attachment email comes. The check.php reports everything as fine. Has anyone any ideas? thanks.
thanks for post
I have install the script and I have used check.php to check everything and all report fine. However, I am not getting the download link? Has anybody got any idea? Thanks!
Appreciate the nice tool.
Because of the size of the download I would like to not have it attached to the email. I only want the download link.
How do I disable the attachment?
Thanks.
In the settings.php file you will find:
$email_attachment = true;
I believe you just change it to this:
$email_attachment = false;
Hope you get it up and running!!!
Hi i like the script but i have a script already but the part i am getting stcuk on with PAYPAL IPN is “Getting it to send back that the person has paid” ?
Please HELP A.S.A.P
Thanks
Aaron
Hello and thank you for passing this awesome script out freely.
My question is: how do I change the script to work with “Add to Cart” buttons. I see that “P. C.” figured it out on May 1, but I don’t understand the explanation.
Any ideas?
Thanks.
Кайтсерфинг, школа кайтсерфинга, обучение кайтсерфингу,кайтинг, кайтинг обучение, кайт школа, кайт школа вьетнам.
I am in need of assistance. I have downloaded the DigiSell 1.1.0 and it appears to work except for the emails to the buyer. Is there someone that can shed some light on this for me. I really like the script and would like to use it for my project. I am just stuck as to why I get the test email but nothing else. Check.php shows that everything is ok.
Thanks in advance!
Richard
Hey that really is insightful, cheers for this post. Could I replicate this post on my site?