PayPal Payment Gateway Integration in CodeIgniter
We’ll create two tables called products and payments.
Products table
CREATE TABLE `products` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`image` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`price` float(10,2) NOT NULL,
`status` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
payments
CREATE TABLE `payments` (
`payment_id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`product_id` int(11) NOT NULL,
`txn_id` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`payment_gross` float(10,2) NOT NULL,
`currency_code` varchar(5) COLLATE utf8_unicode_ci NOT NULL,
`payer_email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`payment_status` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`payment_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
Controller
We’ll create two controllers Products and Paypal
Products:
This controller has two methods, index(), and buy(). index()
<?php defined('BASEPATH') OR exit('No direct script access allowed');
class Products extends CI_Controller
{
function __construct() {
parent::__construct();
$this->load->library('paypal_lib');
$this->load->model('product');
}
function index(){
$data = array();
//get products data from database
$data['products'] = $this->product->getRows();
//pass the products data to view
$this->load->view('products/index', $data);
}
function buy($id){
//Set variables for paypal form
$returnURL = base_url().'paypal/success'; //payment success url
$cancelURL = base_url().'paypal/cancel'; //payment cancel url
$notifyURL = base_url().'paypal/ipn'; //ipn url
//get particular product data
$product = $this->product->getRows($id);
$userID = 1; //current user id
$logo = base_url().'assets/images/logo.png';
$this->paypal_lib->add_field('return', $returnURL);
$this->paypal_lib->add_field('cancel_return', $cancelURL);
$this->paypal_lib->add_field('notify_url', $notifyURL);
$this->paypal_lib->add_field('item_name', $product['name']);
$this->paypal_lib->add_field('custom', $userID);
$this->paypal_lib->add_field('item_number', $product['id']);
$this->paypal_lib->add_field('amount', $product['price']);
$this->paypal_lib->image($logo);
$this->paypal_lib->paypal_auto_form();
}
}
Paypal: controller
This controller has three methods, success(), cancel(), and ipn(). success()
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Paypal extends CI_Controller
{
function __construct(){
parent::__construct();
$this->load->library('paypal_lib');
$this->load->model('product');
}
function success(){
//get the transaction data
$paypalInfo = $this->input->get();
$data['item_number'] = $paypalInfo['item_number'];
$data['txn_id'] = $paypalInfo["tx"];
$data['payment_amt'] = $paypalInfo["amt"];
$data['currency_code'] = $paypalInfo["cc"];
$data['status'] = $paypalInfo["st"];
//pass the transaction data to view
$this->load->view('paypal/success', $data);
}
function cancel(){
$this->load->view('paypal/cancel');
}
function ipn(){
//paypal return transaction details array
$paypalInfo = $this->input->post();
$data['user_id'] = $paypalInfo['custom'];
$data['product_id'] = $paypalInfo["item_number"];
$data['txn_id'] = $paypalInfo["txn_id"];
$data['payment_gross'] = $paypalInfo["mc_gross"];
$data['currency_code'] = $paypalInfo["mc_currency"];
$data['payer_email'] = $paypalInfo["payer_email"];
$data['payment_status'] = $paypalInfo["payment_status"];
$paypalURL = $this->paypal_lib->paypal_url;
$result = $this->paypal_lib->curlPost($paypalURL,$paypalInfo);
//check whether the payment is verified
if(preg_match("/VERIFIED/i",$result)){
//insert the transaction data into the database
$this->product->insertTransaction($data);
}
}
}
Model (Product) Creation
Product model has two methods, getRows() and insertTransaction(). getRows()
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Product extends CI_Model{
//get and return product rows
public function getRows($id = ''){
$this->db->select('id,name,image,price');
$this->db->from('products');
if($id){
$this->db->where('id',$id);
$query = $this->db->get();
$result = $query->row_array();
}else{
$this->db->order_by('name','asc');
$query = $this->db->get();
$result = $query->result_array();
}
return !empty($result)?$result:false;
}
//insert transaction data
public function insertTransaction($data = array()){
$insert = $this->db->insert('payments',$data);
return $insert?true:false;
}
}
View Creation
Into the views directory, we’ll create two folders called products and paypal. products/ holds the view file of the Products controller and paypal/ holds the view files of Paypal controller.
products:
This directory has only one view file (index.php). This file holds the HTML for all the products listing.
<div class="row">
<?php if(!empty($products)): foreach($products as $product): ?>
<div class="thumbnail">
<img src="<?php echo base_url().'assets/images/'.$product['image']; ?>" alt="">
<div class="caption">
<h4 class="pull-right">$<?php echo $product['price']; ?> USD</h4>
<h4><a href="javascript:void(0);"><?php echo $product['name']; ?></a></h4>
</div>
<a href="<?php echo base_url().'products/buy/'.$product['id']; ?>"><img src="<?php echo base_url(); ?>assets/images/x-click-but01.gif" style="width: 70px;"></a>
</div>
<?php endforeach; endif; ?>
</div>
paypal:
This directory has two view file, success.php and cancel.php.
The success.php file holds the HTML for displaying the transaction success notification.
<div>
<h2>Dear Member</h2>
<span>Your payment was successful, thank you for purchase.</span><br/>
<span>Item Number :
<strong><?php echo $item_number; ?></strong>
</span><br/>
<span>TXN ID :
<strong><?php echo $txn_id; ?></strong>
</span><br/>
<span>Amount Paid :
<strong>$<?php echo $payment_amt.' '.$currency_code; ?></strong>
</span><br/>
<span>Payment Status :
<strong><?php echo $status; ?></strong>
</span><br/>
</div>
The cancel.php file holds the HTML for displaying the transaction cancel notification.
<div>
<h3>Dear Member</h3>
<p>We are sorry! Your last transaction was cancelled.</p>
</div>
paypal_lib.php file will be placed in the
application/libraries/ directory and
paypallib_config.php file will be placed in the application/config/ directory.
Paypal_lib.php
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
class paypal_lib {
var $last_error; // holds the last error encountered
var $ipn_log; // bool: log IPN results to text file?
var $ipn_log_file; // filename of the IPN log
var $ipn_response; // holds the IPN response from paypal
var $ipn_data = array(); // array contains the POST values for IPN
var $fields = array(); // array holds the fields to submit to paypal
var $submit_btn = ''; // Image/Form button
var $button_path = ''; // The path of the buttons
var $CI;
function __construct()
{
$this->CI =& get_instance();
$this->CI->load->helper('url');
$this->CI->load->helper('form');
$this->CI->load->config('paypallib_config');
$sanbox = $this->CI->config->item('sandbox');
$this->paypal_url = ($sanbox == TRUE)?'https://www.sandbox.paypal.com/cgi-bin/webscr':'https://www.paypal.com/cgi-bin/webscr';
$this->last_error = '';
$this->ipn_response = '';
$this->ipn_log_file = $this->CI->config->item('paypal_lib_ipn_log_file');
$this->ipn_log = $this->CI->config->item('paypal_lib_ipn_log');
$this->button_path = $this->CI->config->item('paypal_lib_button_path');
// populate $fields array with a few default values. See the paypal
// documentation for a list of fields and their data types. These defaul
// values can be overwritten by the calling script.
$businessEmail = $this->CI->config->item('business');
$this->add_field('business',$businessEmail);
$this->add_field('rm','2'); // Return method = POST
$this->add_field('cmd','_xclick');
$this->add_field('currency_code', $this->CI->config->item('paypal_lib_currency_code'));
$this->add_field('quantity', '1');
$this->button('Pay Now!');
}
function button($value)
{
// changes the default caption of the submit button
$this->submit_btn = form_submit('pp_submit', $value);
}
function image($file)
{
$this->submit_btn = '<input type="image" name="add" src="' . site_url($this->button_path .'/'. $file) . '" border="0" />';
}
function add_field($field, $value)
{
// adds a key=>value pair to the fields array, which is what will be
// sent to paypal as POST variables. If the value is already in the
// array, it will be overwritten.
$this->fields[$field] = $value;
}
function paypal_auto_form()
{
// this function actually generates an entire HTML page consisting of
// a form with hidden elements which is submitted to paypal via the
// BODY element's onLoad attribute. We do this so that you can validate
// any POST vars from you custom form before submitting to paypal. So
// basically, you'll have your own form which is submitted to your script
// to validate the data, which in turn calls this function to create
// another hidden form and submit to paypal.
$this->button('Click here if you\'re not automatically redirected...');
echo '<html>' . "\n";
echo '<head><title>Processing Payment...</title></head>' . "\n";
echo '<body style="text-align:center;" onLoad="document.forms[\'paypal_auto_form\'].submit();">' . "\n";
echo '<p style="text-align:center;">Please wait, your order is being processed and you will be redirected to the paypal website.</p>' . "\n";
echo $this->paypal_form('paypal_auto_form');
echo '</body></html>';
}
function paypal_form($form_name='paypal_form')
{
$str = '';
$str .= '<form method="post" action="'.$this->paypal_url.'" name="'.$form_name.'"/>' . "\n";
foreach ($this->fields as $name => $value)
$str .= form_hidden($name, $value) . "\n";
$str .= '<p>'. $this->submit_btn . '</p>';
$str .= form_close() . "\n";
return $str;
}
function validate_ipn()
{
// parse the paypal URL
$url_parsed = parse_url($this->paypal_url);
// generate the post string from the _POST vars aswell as load the
// _POST vars into an arry so we can play with them from the calling
// script.
$post_string = '';
if ($this->CI->input->post())
{
foreach ($this->CI->input->post() as $field=>$value)
{
$this->ipn_data[$field] = $value;
$post_string .= $field.'='.urlencode(stripslashes($value)).'&';
}
}
$post_string.="cmd=_notify-validate"; // append ipn command
// open the connection to paypal
$fp = fsockopen($url_parsed['host'],"80",$err_num,$err_str,30);
if(!$fp)
{
// could not open the connection. If loggin is on, the error message
// will be in the log.
$this->last_error = "fsockopen error no. $errnum: $errstr";
$this->log_ipn_results(false);
return false;
}
else
{
// Post the data back to paypal
fputs($fp, "POST $url_parsed[path] HTTP/1.1\r\n");
fputs($fp, "Host: $url_parsed[host]\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: ".strlen($post_string)."\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $post_string . "\r\n\r\n");
// loop through the response from the server and append to variable
while(!feof($fp))
$this->ipn_response .= fgets($fp, 1024);
fclose($fp); // close connection
}
if (preg_match("/VERIFIED/",$this->ipn_response))
{
// Valid IPN transaction.
$this->log_ipn_results(true);
return true;
}
else
{
// Invalid IPN transaction. Check the log for details.
$this->last_error = 'IPN Validation Failed.';
$this->log_ipn_results(false);
return false;
}
}
function log_ipn_results($success)
{
if (!$this->ipn_log) return; // is logging turned off?
// Timestamp
$text = '['.date('m/d/Y g:i A').'] - ';
// Success or failure being logged?
if ($success) $text .= "SUCCESS!\n";
else $text .= 'FAIL: '.$this->last_error."\n";
// Log the POST variables
$text .= "IPN POST Vars from Paypal:\n";
foreach ($this->ipn_data as $key=>$value)
$text .= "$key=$value, ";
// Log the response from the paypal server
$text .= "\nIPN Response from Paypal Server:\n ".$this->ipn_response;
// Write to log
$fp=fopen($this->ipn_log_file,'a');
fwrite($fp, $text . "\n\n");
fclose($fp); // close file
}
function dump()
{
// Used for debugging, this function will output all the field/value pairs
// that are currently defined in the instance of the class using the
// add_field() function.
ksort($this->fields);
echo '<h2>ppal->dump() Output:</h2>' . "\n";
echo '<code style="font: 12px Monaco, \'Courier New\', Verdana, Sans-serif; background: #f9f9f9; border: 1px solid #D0D0D0; color: #002166; display: block; margin: 14px 0; padding: 12px 10px;">' . "\n";
foreach ($this->fields as $key => $value) echo '<strong>'. $key .'</strong>: '. urldecode($value) .'<br/>';
echo "</code>\n";
}
function curlPost($paypalurl,$paypalreturnarr)
{
$req = 'cmd=_notify-validate';
foreach($paypalreturnarr as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
$ipnsiteurl=$paypalurl;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $ipnsiteurl);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
}
?>
paypallib_config.php
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
// ------------------------------------------------------------------------
// Paypal IPN Class
// ------------------------------------------------------------------------
// Use PayPal on Sandbox or Live
$config['sandbox'] = TRUE; // FALSE for live environment
// PayPal Business Email ID
$config['business'] = 'InsertPayPalBusinessEmail';
// If (and where) to log ipn to file
$config['paypal_lib_ipn_log_file'] = BASEPATH . 'logs/paypal_ipn.log';
$config['paypal_lib_ipn_log'] = TRUE;
// Where are the buttons located at
$config['paypal_lib_button_path'] = 'buttons';
// What is the default currency?
$config['paypal_lib_currency_code'] = 'USD';
?>
Test PayPal Transaction
Open the Products controller (http://localhost/codeigniter/products)