Recently I wanted to sell a small script for which I was getting some requests.I wanted the procedure to be as efficient as possible where the user was delivered the script though a secret link once the payment was made. After some thorough searching around the net , I found that though the Idea and procedure is so simple there exist No Free scripts
to do so ( Weired ). So in this tutorial we build a small script which can be used anywhere to sell digital goods online using Paypal IPN.They can be ebooks, shareware , software, images anything Bits and Bytes.
The script has the following features
- Complete automation of your online orders.
- Automatically emails your customers and provides them with a unique download link to your digital product.
- Automatically expiring links as required by the user.
- File Attachments in Email.
- Easy to test and debug.
- Easy to integrate into any existing website.
- Easy to install and configure. Only one settings file.
IPN is what this system is designed around.Instant Payment
Notification (IPN) allows you to integrate PayPal payments with your
website’s back-end operations. IPN provides immediate notification and
confirmation of PayPal payments you receive. Here is how IPN works
- A customer payment or a refund triggers IPN. This payment can be
via Website Payments Standard FORMs or via the PayPal Web Services
API’s for Express Checkout, Mass Pay, or Refund Transaction. If the
payment has a “Pending” status, you receive another IPN when the
payment clears, fails, or is denied. - PayPal posts HTML FORM variables to a program at a URL you specify.
You can specify this URL either in your Profile or with the notify_url
variable on each transaction. This post is the heart of IPN. Included
in the notification is the customer’s payment information (such as
customer name, payment amount). All possible variables in IPN posts are
detailed in this guide. When your server receives a notification, it
must process the incoming data. - Your server must then validate the notification to ensure that it
is legitimate.Once this is verified you can go ahead and deliver the
goods with a link which expires after sometime to the payer.
To activate IPN, you can either change a setting in your PayPal
Profile or include the notify_url variable in the payment FORMs on your
website. We will us the notify_url method.
Also as we will not be using any encryption in the buttons we will
verify all the IPN details during the verification procedure.
Before you begin this tutorial please download the source and refer to it side by side for better understanding.
Step 1 : Setting up to receive and validate IPN
request . We are going to use one of the many Paypal Classes available
freely, I have taken one from micah carrick
.This class handles the request which Paypal send back to us.So the
validation code which will be called once the Paypal invokes our IPN.
validate_ipn() is the function which handles this part.
Step 2 : Now we want do define the products which
we want to sell , As my aim was to sell 1 – 2 odd scripts there was no
use of building a shopping cart. Also as i planned to skip the database
, and keep things simple as possible. So my products listing is a
simple array defined in the settings.php file. The array item index is
the item number which is used when creating a button.
// product[number] = array(’Name’ ,’Price’ , ‘Download Link’);
$products[2] = array(’My Script’,’32′,’downloads/myscript.zip’);
Step 3 : As we will be using non encrypted buttons
, users might try to fool the script by sending in fake IPN requests or
paying different amount and invoking the IPN script. To prevent such
kind of things from happening we put in a validation function which
checks various parameters according to our defined products. This
function is validate_product().
Step 4 : Now we need a Buy now button for our
product which defines our IPN callback, Item number , price etc. This
button is simple HTML and can be placed anywhere and all the user is
required is to click it and pay up , rest the script will take care of.
<form action=”https://www.sandbox.paypal.com/cgi-bin/webscr” method=”post”>
<input type=”hidden” name=”cmd” value=”_xclick”>
<input type=”hidden” name=”business” value=”mail@mybusiness.com”>
<input type=”hidden” name=”item_name” value=”My Ebook”>
<input type=”hidden” name=”item_number” value=”2″>
<input type=”hidden” name=”amount” value=”32.00″>
<input type=”hidden” name=”rm” value=”2″>
<input type=”hidden” name=”return” value=”http://www.mybusiness.com/thankyou.html”>
<input type=”hidden” name=”cancel_return” value=”http://www.mybusiness.com/”>
<input type=”hidden” name=”notify_url” value=”http://www.mybusiness.com/paypal/paypal.php”>
<input type=”image” src=”https://www.paypal.com/en_US/i/btn/x-click-but23.gif” border=”0″ name=”submit” alt=”Make
payments with PayPal – it’s fast, free and secure!”>
<img alt=”” border=”0″ src=”https://www.paypal.com/en_US/i/scr/pixel.gif” width=”1″ height=”1″>
</form>
Step 5 : Now if everything goes fine and user pays
up we need to send him a secret link which expires at our pre decided
time( say 24 hours ). Now this procedure will only takes place if the
IPN return a verified value. The secret link just contains a timestamp
and a product ID which is encrypted using RC4 encryption and then base
64 Encoded so that it can be used in a URL. Then a email is sent to the
user with the Download link.
// Client has successfully paid for the product
$product_id = $p->ipn_data[’item_number’];
$download = $product_id.’|’.time();
$download_link = $script_location.’download.php?file=’.base64_encode(RC4Crypt::encrypt($secret,$download));
Step 6 : Now we need a script which takes this link
and validates it and gives the user the download if everything goes
fine. download.php is the file which does this.
That’s it , you have a set of 2 scripts which will allow you to sell downloads online.
The package also includes a check.php which helps you check if Digisell is functioning properly. Run it after you have editing the settings file.
Hello, I am trying to implement this into a swf shopping cart. Is the there a sample action script for Paypal?
Thank you!!!
Thanks for for the script!
It took me quite a while to figure out how to install it. So here is an installation and test guide.
Installation
1. Unzip
2. Edit the file settings.php: it contains the products, prices, email-addresses and more. See also:
http://www.ngcoders.com/php/selling-digital-goods-with-paypal-ipn-and-php/comment-page-2#comment-10126
3. Optional: to use different language or different buy-now-button images edit the file check.php. (lc for language and image for picture.)
4. Copy all files to your website into http://www.yoursite.com/paypal/
5. Copy your products into http://www.yoursite.com/paypal/downloads/
6. Run the script http://www.yoursite.com/paypal/check.php (type the url in your browser) This generades the html code for your buy-now button.
7. Copy the html code of the buy-now-botton to your website.
How to test
1. In the file settings.php set $sandbox = true
2. Run the script check.php
3. Copy the html code fro the buy-now-button to your website
4. To test a transaction setup a sandbox (testenvironment) in paypal at http://www.sandbox.paypal.com (sign up, login and create a fictional buyers account)
5. Go to your website and click the buy-now-button. Then use the fictional buyer account to buy.
Hello,
first of all, it’s an awesome script. Thanks for providing it as Open Source.
However, I got a small problem with the return_url I can’t figure out. As soon as a sales is completed successfully, it return me to the following error message:
“Method Not Allowed
The requested method POST is not allowed for the URL /thankyou-de.html.”
Where the URL is https://mywebsite/directory/thankyou-de.html
It didn’t helps if I use different directories or just the root-dir of my site. The settings.php holds the same return_url.
Everything else works perfectly.
Maybe you have an idea for me, what might cause this error.
Thanks again for this great script.
Regards,
Stephan
Hi,
I just figured out what my problem was. Returning to a html-page was not allowed by my webserver, which in turn showed the error message.
The come around the error, I just renamed the html-file to a php-file (incl. in line 2) and the problem is gone.
Thanks a lot for this awesome script. Now it works like charm.
Regards,
Stephan
P.S. Another things for everyone how needs another language, you might copy the digisell files in a separate folder per language and the edit the settings file for that folder. You could stay with the download folder if you like, but that could be moved to any place on your server. I decided to move it somewhere else.
Has anyone implemented this on gmail smtp?
I have these settings configured on the email.php but it has failed:
var $smtp_host = “smtp.gmail.com”;
var $smtp_user = “mygmailusername@gmail.com”;
var $smtp_pass = “mygmailpass”;
var $smtp_port = “465″;
var $_smtp_connect = “”;
var $_smtp_auth = TRUE;
In settings.php, email_config is set to ’smtp’.
Is there anything else I am missing? Thanks.
Hi there,
What notify e-mail address are you sending from? The security settings on gmail don’t allow sending as a different sender (e.g. as someone@mail.com), unless you prove that someone@mail.com is indeed your own e-mail account. You can do that in gmail account settings.
You have a great blog here and it is Nice to read some well written posts that have some relevancy…keep up the good work
Круто! Реально отлично написано.
check.php is not working
here’s what is being outputed:
DigiSell Checklist
This script check various parameters required for Digisell to function properly.Also checks for most common errors.
Checking Settings file is accessible (settings.php) :
Checking Email file is accessible (email.php) :
Checking products :
Checking Paypal connectivity :
Warning: fsockopen() expects parameter 2 to be long, string given in C:\wamp\www\OnlineSariSari\paypal\check.php on line 82
Failed [ : ]
i h=get this error:
Warning: fsockopen() [function.fsockopen]: php_network_getaddresses: getaddrinfo failed: No such host is known
please help me.
Does this always apply?
Rather interesting. Has few times re-read for this purpose to remember. Thanks for interesting article. Waiting for trackback
Hi,
I’ve got your script working fine in the PayPal Sandbox, however when it goes live on my site with PayPal I get the following error message in the logfile, and no emails are sent.
[11/11/2009 4:06 PM] – FAILURE :Invalid Reciver E-Mail :
[11/11/2009 4:06 PM] – FAILURE :IPN prodcut validation failed.
Nothing has been changed between the Sandbox and going live with PayPal.
Any assistance would be greatly appreciated.
Is there anyway to manual generate a link? Say for example for whatever reason it didn’t work but you verify that they did infact pay, or they wanted to pay in cash, is there way way to say type in the file ID and an email address into a simple html form and have it call the functions to run as if it were an IPN verified request??
Yes, email me and I’ll send you the script. It’s named self_generate.php….works slick
mosesiam at charter dot net
Hey all,
I have everything working while in sandbox. When I go live and purchase something for $.01 all I get is the paypal email. I don’t get a notification email and the buyer doesn’t get the download link email. What am I doing wrong? I’ve read through similar problems and people have corrected them but I can’t seem to get it working. This script is exactly what I need and is very good please help me to get this working.
Ok, finally got it. To those that aren’t receiving the notification email or the download link, in ’settings.php’ change the paypal address to your primary paypal email. I thought I had it set right but when I checked paypal I was wrong, I have a few emails attached to paypal as well. But everything is working perfectly. Thanks soooo much for this great FREE script.
That
The same of GB
Warning: Cannot modify header information – headers already sent by (output started at /homepages/44/d185879075/htdocs/club/club/clients/hgmodule2574/settings.php:99) in /homepages/44/d185879075/htdocs/club/club/clients/hgmodule2574/download.php on line 140
I dont understand !
Sorry for my English, I’m French
thank you for this software.
Everything is ok except that clicking on the download link I have this error:
Warning: Cannot modify header information – headers already sent by (output started at /homepages/44/d185879075/htdocs/club/club/clients/hgmodule2574/settings.php:99) in /homepages/44/d185879075/htdocs/club/club/clients/hgmodule2574/download.php on line 140
the error is in the file download.php:
// set headers
header(“Pragma: public”);
header(“Expires: 0″);
header(“Cache-Control: must-revalidate, post-check=0, pre-check=0″);
header(“Cache-Control: public”);
header(“Content-Description: File Transfer”);
header(“Content-Type: application/force-download”);
header(“Content-Disposition: attachment; filename=\”$file_name\”");
header(“Content-Transfer-Encoding: binary”);
header(“Content-Length: ” . filesize($file_path));
I dont understand
thank you in advance for help!
best regards
Thierry
Indian Drugs – The best of pharmasy
Online pharmacy Indian Drugs is an ideal source of information
for people to get their drugs with maximum comfort. We make
every effort to make sure that you save money every time you
shop with us. In our online store, you pay less and get more.
Well, the post is really the sweetest on this noteworthy topic. I concur with your conclusions and will eagerly look forward to your upcoming updates. Saying thanks will not just be sufficient, for the extraordinary lucidity in your writing. I will at once grab your rss feed to stay privy of any updates. Authentic work and much success in your business endeavors!
Will this work with 2 products?
Yes, 2 or 200+
Everything works fine in sandbox. when going live, buyer does not get an email.
I’ve went through the comments to find the answer and I kinda have. I just need a little guidance.
Should I set the send_mail email to a domain email?
Should I set up smtp info?
or should i do both??
Thanks
have you tried
// Send File as attachment
$email_attachment = false;
Yes. I have it at false. I also tried setting it to smtp and entering these variables on the email.php page with no luck.
var $mailpath = “/usr/sbin/sendmail”;
var $protocol = “smtp”;
var $smtp_host
var $smtp_user
var $smtp_pass
var $smtp_port
Does it matter if the paypal email and the smtp email are different?
THANK YOU VERY MUCH!
This is awesome, however how to modify it to work with shopping cart also?
This was an interesting read, I’m always on the lookout for great articles and blog ideas so thanks. I’ve bookmarked this article so I’ll stay in contact!
Sag mal wie heisst den dieses Theme hier? Ich hab das schon mal wo gesehen und w
Greetings,
Logan’s post above get me through the button and the payment. Unfortunately, I don’t know how to run the verification and get the IPN information. Paypal.php doesn’t do anything. Please help! I’m about to look for another script.
Hello
You no need the IPN, the script confirm the pay when the customer has payment in PayPal, because Paypal notify to
customer’s email and seller’s email.
Check.php generate button’s code, coy and paste end your
sale’s page, moreover test if your email config it’s rigth.
México D.F.
Hi, I’ve used this awesome script on a website before and managed to get it working perfectly, however, now when I have come to implement it into another site I’m running into problems at the very final stage … receiving the link and notification email.
The new site is hosted by Godaddy, which I have noticed some other people in the comments have had the same problem with regarding the emails being sent. I was wondering if anyone has found what the problem is and could share this information with me?
When I run Check.php and send the dummy email using “$email_config['protocol'] = ’sendmail’;” it tells me that it has been a Success, however the email never arrives! Everything else also says Success.
As far as I can tell this must be a problem with the Godaddy hosting but I’m not sure how to get around it! I may have to try setting up the smtp, has anyone else tried this and had any success?
Any help would be greatly appreciated. info@adropofsyrup.com
If you’re wanting to sell digital downloads, try http://www.scubbly.com/ . It’s a great site, very easy to use, and as a seller they have a “no risk” fee structure so you never lose a cent. Try it!
How a great deal of do I owe you for all the Awesome post.
Hi,
Awesome work! It works nicely with if selling 1 digital product. Could you please help us if we need to use Paypal shopping cart for selling multiple products and generating secret downloading links for each products separately in just one email.
Thanks much for your help!
Hi, thank man. Great script. Works very well.
Anyway, I have a little complaint. I would like to count each download. I tried to add a counter by different issues and codes but without success. Do you have a trick for that?
Oups! Sorry for my previous message. I just read it back. I was meaning “request” not “complaint”. It was my girlfriend who was complaining at this moment because I was all day long on my computer.
i have this message trying the download link….Parse error: syntax error, unexpected T_WHILE in /home/skynet9/public_html/shop/download.php on line 153
Hey guys, I was just wondering if anyone had managed to get the emails to send using SMTP instead of Sendmail or mail, my host has just stopped supporting Sendmail so I have to try and figure out how to do it using SMTP, I have the host and port details and they’ve told me to leave the username and password blank. In “Settings.php” I’ve changed it to this $email_config['protocol'] = ’smtp’; and in “email.php” I’ve changed it to this var $protocol = “smtp”;// mail/sendmail/smtp but I am still having no luck and “check.php” is showing the dummy email as a failure, any help about SMTP would be hugely appreciated!
class Email {
var$useragent= “CodeIgniter”;
var$mailpath= “”; //nothing sendmail root
var$protocol= “mail”;
var$smtp_host= “smtp.yourweb.com”; // or “mail.yourweb.com”;
var$smtp_user= “user@yourweb.com”; // or “user”;
var$smtp_pass= “password”;
var$smtp_port= “25″; // or “26″; in Mexico City for example
…
I hope that you serve
Another tip:
DOWNLOAD EMAIL NOT WORK IN MY HOSTING
$download_email = ‘My Buisness ‘;
I CHANGE THE FORMAT AND WORK FINE:
$download_email = ’support@mybuisness.com’;
Hello
It’s a great job, simple and effective.
I’m adapting to my website and besides I am translated into Spanish.
If I can provide the translation just tell me to mail you
sending files.
Thanks for your input.
Mexico D.F.
Hey José, thanks for your help! I did what you said regarding the smtp settings and they have worked, the dummy email sends and is received almost instantly! However when I actually buy something, neither the customer or the seller receives a notification email, they only receive the paypal email.
I have tried everything mentioned in the comments but still no luck, any ideas what it could be?
I’m so close to finally getting this script to work!!
Hi Spencer!
The best mail format is SENDMAIL, since it is through the server.
You could try putting some product testing at 0.00 or 0.10 for buy real in Paypal, I included the option to bank deposit with another script.
jlrs13@gmail.com
Absolutely wonderful.
Been trying to implement something like this for ages, and finally this solution solved the problem.
Thanks very much,
Dan
Intimately, the post is really the sweetest on this notable topic. I agree with your conclusions and will eagerly look forward to your incoming updates. Saying thanks will not just be sufficient, for the extraordinary lucidity in your writing. I will right away grab your rss feed to stay abreast of any updates. Pleasant work and much success in your business enterprize!
Hello (and thanks for digisell).
I want to put a text link instead a paypal logo.
I know the way to do it but what I have to change in digisell’s PHP files to make my link working.
Thanks for your answer.
Hello, I was wondering if there was a way to generate a text link rather than a “buy it” button.
Thank you very much for this script.
-Greg
Websites RSS feed is not work in my browser (google chrome) how can I fix it?
It really is wonderful how many different things that improveing your focus can actually aid with. And yes, you will find a number of ways of doing that – as has already been pointed out elsewhere. Dustin Snell
Hi!
I am runnig the check.php.
All I get is:
==============================================================
Checking Settings file is accessible (settings.php) : Success
Checking Email file is accessible (email.php) : Success
===============================================================
No dummy email….
I dont get any more info,
What is wrong ??
/Bertil
I am sorry, but I missed a “,” comma in settings.php.
Now it i playing
/Bertil