Encrypted PayPal Buttons with Cataloger Module
Posted: Fri Jul 25, 2008 12:02 am
I needed to add a PayPal button to a site I'm working on, and I needed these buttons on Cataloger item pages. I saw this thread about this, but it only supported unencrypted buttons. Since I needed encrypted buttons, I looked around PayPal's site for how to encrypt (specifically the actual steps on the server-side) and came up with this.
It makes (by default) an Add to Cart button and consists of a user-defined tag, {catalog_paypal_button}, and a PHP script, paypal_encrypt.php. It requires PHP5 and the OpenSSL module for PHP. If you want a Buy Now button or some other function, see the instructions.
You can find the tag here and the script here.
To set this up, get in your server, and go to one or two directories above your document root. In this example, it's "/users/home/scottywz/domains/example.com". Make a directory there called "forbidden", and note the path. In the new forbidden folder, make a directory called "tmpfiles".
Make a private key and save it to "private.pem":
and type in a decent passphrase when asked. Note the passphrase.
Make a certificate and save it to "cert.pem":
and type in the details. This certificate lasts for 1095 days (3 years).
Then upload the certificate to PayPal. Once that's done, there will be a certificate ID with letters and numbers under Your Public Certificates. Note that. Also download PayPal's public certificate and save it as "paypal_cert.pem".
Upload the private key, your certificate, and PayPal's certificate to your server in that forbidden folder we made earlier. Save the PHP script as "paypal_encrypt.php".
In the PHP script, replace YOUR CERTIFICATE ID WITH PAYPAL with your certificate ID and PRIVATE KEY PASSWORD with the private key passphrase. Save the script.
Make sure your server can write to forbidden/tmpfiles (check with your host if you don't know. Each is different). Then, in CMSMS, go to your admin panel, then Extensions -> User Defined Tags. Make a new one and call it "catalog_paypal_button". Paste the tag above into the big text box, and replace YOUR PAYPAL EMAIL ADDRESS with your PayPal email address. Replace PATH TO FORBIDDEN DIRECTORY with the path to your forbidden directory. Save it.
In Cataloger, go to your item template, and where you want the button, put:
If you want weight or item number, use the options weight and id. If you want anything next to the button (it displays on its own line), use the extra option with the HTML/Smarty variables as a string.
Example:
will show the price and the PayPal Add to Cart button next to it.
Now, if you want it to be a Buy Now button, a Donate button, or something else, use the option type.
Type can be cart, buy, donate, or subscription. Each makes a(n) Add to Cart, Buy Now, Donate, or Subscribe button respectively.
Example:
will show the price and the PayPal donate button next to it.
Finally, go to https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-website-payments and set Block non-encrypted website payment to ON. This ensures that your users don't try and rip you off.
And there you go! I hope this helps someone.
Scott
It makes (by default) an Add to Cart button and consists of a user-defined tag, {catalog_paypal_button}, and a PHP script, paypal_encrypt.php. It requires PHP5 and the OpenSSL module for PHP. If you want a Buy Now button or some other function, see the instructions.
You can find the tag here and the script here.
To set this up, get in your server, and go to one or two directories above your document root. In this example, it's "/users/home/scottywz/domains/example.com". Make a directory there called "forbidden", and note the path. In the new forbidden folder, make a directory called "tmpfiles".
Make a private key and save it to "private.pem":
Code: Select all
$ openssl genrsa -des3 -out private.pem 2048Make a certificate and save it to "cert.pem":
Code: Select all
$ openssl req -new -key private.pem -x509 -days 1095 -out cert.pemThen upload the certificate to PayPal. Once that's done, there will be a certificate ID with letters and numbers under Your Public Certificates. Note that. Also download PayPal's public certificate and save it as "paypal_cert.pem".
Upload the private key, your certificate, and PayPal's certificate to your server in that forbidden folder we made earlier. Save the PHP script as "paypal_encrypt.php".
In the PHP script, replace YOUR CERTIFICATE ID WITH PAYPAL with your certificate ID and PRIVATE KEY PASSWORD with the private key passphrase. Save the script.
Make sure your server can write to forbidden/tmpfiles (check with your host if you don't know. Each is different). Then, in CMSMS, go to your admin panel, then Extensions -> User Defined Tags. Make a new one and call it "catalog_paypal_button". Paste the tag above into the big text box, and replace YOUR PAYPAL EMAIL ADDRESS with your PayPal email address. Replace PATH TO FORBIDDEN DIRECTORY with the path to your forbidden directory. Save it.
In Cataloger, go to your item template, and where you want the button, put:
Code: Select all
{catalog_paypal_button name=$title price=$price}Example:
Code: Select all
{catalog_paypal_button name=$title price=$price extra="<strong>Price:</strong> \$$price "}Now, if you want it to be a Buy Now button, a Donate button, or something else, use the option type.
Type can be cart, buy, donate, or subscription. Each makes a(n) Add to Cart, Buy Now, Donate, or Subscribe button respectively.
Example:
Code: Select all
{catalog_paypal_button name=$title price=$price type="donate" extra="<strong>Price:</strong> \$$price "}Finally, go to https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-website-payments and set Block non-encrypted website payment to ON. This ensures that your users don't try and rip you off.
And there you go! I hope this helps someone.
Scott