I did an integration between my website and paypal payment gateway but did not work

Question

I have a website where I sell courses and I want to link my php website to paypal payment gateway

I have created a buy now paypal button through this url: https://www.paypal.com/buttons/

This is the generated button:

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIISQYJKoZIhvcNAQcEoIIIOjCCCDYCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYBRhEbYTh1SADSGj87MpEEtvhp1UfY4rccrqq5wx1UyA6WiqWE5sizXvs8MN2jxIOZAPUO6wpeaJ4yNzz/u1pONuz1ufVlQU28ka/A1zmP1VCEKL1dqU92fkO4q7pVJB3cdj4M8tcAHgxoUqF30eSCQJwYYd6TSXTnDi55p6/7A+TELMAkGBSsOAwIaBQAwggHFBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECJd1wb3eLU9/gIIBoGAezQe+0HAgc2LCQA1uYt0XPflsPOpJAdizW7nkAE4T1yngUrq/zUoBYvTkqFS8qQ47lEsZuZb8o7cFbeZyPdZpnK0AWe75lFSfATxBKhm1vj6zWNqd86ARDPPVhgI5shWaHpJ1LrFalXr9u5OnJ6YmHkI+7FtZiCVp2YzOcSWfgxRHVpygtg6dWcGfizlGvLYLka5NDu4kgDj58FbEBJErPZTxC5yLtqY6E9fOkjj8FuhDlvt7DOwU36gePLQM1zOuIl6vPZDssVdJIWbXMvm4V9e9vPLX+PJ+CheDn6JaMOvYN1Nrrii1V7/ZGaF8mNKucg8O7p2O8s1JrQY97i52WQGXBrWX/10XPMyzTS3Mxc3WNq78vK/bIyLKEXkslz6rEI11ERW74AYkctY6nxEjcBPnQyI+vHvMjLqrVGzCAfJl3ed8MlHNOExKTg+Xhw2ttl/oGvxjg/ucDpCd5k1gv4pdCEHvhv6cAghQn6vxeA6lR/TYsa9IOkEedY/CbZFXznJ9Gfo8aWBbvUJxnJ1/3+L4/he66aGYb4IlQ3TSoIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjMwMzMwMTg1ODI1WjAjBgkqhkiG9w0BCQQxFgQUbqm8W0o3oci2PrOitHK/N4Dyq4MwDQYJKoZIhvcNAQEBBQAEgYCw0uB4kLvNto317VkK0IkHc3V6RxVHmTJU7KePgkmglWVtWJdBbSwwrF+FiTrrFOZLZh8YmO6GiptSDRF1eDXvFuFu9tM+jkq4Grzna3DagJM6k9Q27xZWm0m/8QGaK/NjcuIBrqJwY5yT3gY9qYppwesyQIhwW9eqxUhHj/D0/Q==-----END PKCS7-----">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/ar_EG/i/scr/pixel.gif" width="1" height="1">
</form>

This is my listener.php file:


       if ($_SERVER['REQUEST_METHOD'] != "POST") {
    
        header("Location: ../../courses/courses.php");
        exit();

    }

    session_start();
    $email = $_SESSION['email'];
    $course_name = $_SESSION['course_name'];
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, 'https://ipnpb.paypal.com/cgi-bin/webscr');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, "cmd=_notify-validate&" . http_build_query($_POST));
    $response = curl_exec($ch);
    curl_close($ch);

    if ($response == "VERIFIED") {
        $name = $_POST['first_name'] . " " . $_POST['last_name'];
        $cEamil = $_POST['payer_email'];

        $price = $_POST['mc_gross'];
        $currency = $_POST['mc_currency'];
        $item = $_POST['item_number'];
        $paymentStatus = $_POST['payment_status'];
        
        if ($paymentStatus == "Completed" && $price == 20) {
            
$servername = "localhost";
$username = "username";
$password = "password";
$database = "database";

$conn = new mysqli($servername, $username, $password, $database);


$sql = "SELECT bought_courses FROM users WHERE `email` = '$email'";
$result = $conn->query($sql);
$row = $result->fetch_assoc();
if ($row['bought_courses'] != "") {
$bought_courses = $row['bought_courses'] . ',' .  $course_name;
}else {
$bought_courses = $course_name;
}
        
$sql = "UPDATE users SET bought_courses = '$bought_courses' WHERE `email` = '$email'";
$result = $conn->query($sql);

        }
    }

when I tried to buy one of my courses via paypal I get this error from paypal:

Sorry, we can’t complete your purchase at this time
To comply with international regulations, this transaction has been declined.

I've generated the paypal button I've created a listener.php file

**First check:** Please go to your Account Summary page and checked that you have confirmed your identity (make sure information such as residential address is provided). — Ken Lee, Apr 01 '23 at 17:08
**Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) — Dharman, Apr 01 '23 at 18:27

Preston PHX · Answer 1 · 2023-04-01T18:54:55.883

To comply with international regulations, this transaction has been declined.

For this you need to contact PayPal via its website to inquire about the reason for the decline.

As a technical matter, the integration you are using might work but is extremely old. There is no reason to redirect away to a cgi-bin/webscr nor use an IPN listener anymore, those things are very much obsolete.

Instead, follow the current standard checkout integration guide. The examples there show how to create two backend routes in node.js (one to create the PayPal API order, one to capture it after a button is clicked and approval given by a payer) but you can of course use any language/environment for your backend including PHP.

Ok Thank you for your help and response, My website is using PHP as its backend, Can you provide me with another tutorial that uses PHP as the backend rather than node.js — Mohammed Fahd, Apr 01 '23 at 18:26

I did an integration between my website and paypal payment gateway but did not work

1 Answers1