2

Sorry for the longwinded title, but that pretty much sums up my issue here. I am using PayPal IPN to verify incoming payments against prices in my database. I am only selling one item at a time, no cart, and there is no shipping cost. Tax is only charged if the buyer is from one area.

All prices are stored in my database as XX.XX without any tax. When PayPal sends back data via IPN I thought I could use mc_gross to compare with my database prices but I have found two possible issues:

  1. If the buyer pays with non-usd funds, I read that mc_gross will not equal the price I sent to PayPal in the first place and therefore will not matchup with my database, is this true?

  2. If the buyer is within the taxable area, and tax is added to his total at PayPal.com will this be reflected in mc_gross? I found conflicting info in the PayPal docs and online about whether or not mc_gross includes tax price.

Josh Mountain
  • 1,888
  • 10
  • 34
  • 51

2 Answers2

2

If the buyer pays with non-usd funds, I read that mc_gross will not equal the price I sent to PayPal in the first place and therefore will not matchup with my database, is this true?

You should be verifying how you are processing the payment in the first place, lock down the fund type or store an item id using the custom variable

If the buyer is within the taxable area, and tax is added to his total at PayPal.com will this be reflected in mc_gross? I found conflicting info in the PayPal docs and online about whether or not mc_gross includes tax price.

mc_gross is the total amount paid so yes tax is included, you should be verifying what product was purchased using some sort of id not by the amount paid

David Nguyen
  • 8,368
  • 2
  • 33
  • 49
  • 1
    Hi David, thanks for the response. What do you mean by 'lock down the fund type'? Is there a way I can only accept USD payments? The problem with verifying by ID (if my thinking is correct) is that the buyer could change the amount payed to $0.01 and still submit the same item number through paypal. I only sell one product, but the price changes based on some customization options. – Josh Mountain Feb 27 '13 at 07:10
  • How is the buyer adding the item and paying for it? Whatever you are using (paypal button, 3rd party cart) should allow you to lock down the currency/price/etc. – David Nguyen Feb 28 '13 at 01:35
  • I am using this method http://stackoverflow.com/a/5348937/1538275 to create a custom link - PHP calculates the price based on user selection and inserts the price into the link (and stores it in a database for the order). – Josh Mountain Feb 28 '13 at 01:46
2

If the buyer is within the taxable area, and tax is added to his total at PayPal.com will this be reflected in mc_gross? I found conflicting info in the PayPal docs and online about whether or not mc_gross includes tax price.

As David Nguyen says mc_gross is the total amount paid so yes tax is included. but, you must use mc_gross to compare with your database prices to secure the transaction.

if you like to get the real price without the tax all you have to do is to check if the posted variable "tax" is numeric and if so decrease it from the posted variable "mc_gross".

e.g.
mc_gross = 142.68
tax = 19.68
mc_gross - tax = 123

your database amount need to be 123. If not there is a security error because the user change the price and bypass the system.

by the way you must also check the currency, create a post back and more, click here for more details

Roy Shoa
  • 3,117
  • 1
  • 37
  • 41