7 days of WordPress plugins, themes & templates - for free!* Unlimited asset downloads! Start 7-Day Free Trial
  1. Code
  2. PHP

Using PayPal's Instant Payment Notification With PHP

Scroll to top
Read Time: 10 mins

Hi there! Today we are going to combine Paypal with PHP to allow for the easy processing of payments on your website.

Finished Product: Preview

Step 1 - Creating a PayPal Account

For this tutorial you will need a Premier PayPal Account and an online website. Begin by going to paypal.com and click "signup" at the top of the page.

Step 1Step 1Step 1

Click Get Started under the Premier Title; you will be redirected to a signup form. Please fill in all necessary information. When your account has been created, login and move on to step 2.

Step 2 - Enable IPN

In this step we are going to enable Instant Payment Notification (IPN), so while logged in, please click Profile and then choose Instant Payment Notification

Step 2Step 2Step 2

Now on the next screen you will see that IPN is set to "off"; click "Edit" to change that.

At the start of this tutorial, I mentioned that you would need an online website. Why? Well we are going to ask PayPal to send us data when a payment is complete. PayPal can't reach local hosted websites unless you have all settings configured correctly. (This involves opening ports on your router). So, I'll enter the url to my validation script for example https://www.yourdomain.com/PayPal/ipn.php. PayPal will then post a notification to my server, at the URL I've specified.

Step 3 - Building a Simple HTML Page

Okay, now we need a simple and basic html page where your visitor can buy access to your download area.
I'm not going to explain all the HTML because i think you should know the basics of HTML before you start with PHP.

index.php - A simple HTML page with a stylesheet.

css/style.css - A simple stylesheet for our HTML Page.

step 3step 3step 3

Step 4 - Building a PayPal Button

We need to create a purchase button, so please click Merchant Services, and then chooseWebsite Payments Standard

You may choose three types of buttons, Sell single items, Sell multiple items and, Subscription. Now in this tutorial we are going to create a single item. When someone purchases this single item, in this case access to a download area. Once the payment has been validated, an email will be sent with there details.

Step 4Step 4Step 4

Let's enter some information for our purchase button; you may leave the rest as it is.

Step 4 SettingsStep 4 SettingsStep 4 Settings

When you have finished filling in each section, generate the code. Copy this code to your clipboard, and then paste it insideindex.php - where I added the comment in the html page. Please review step 3, if needed.

This should work perfectly. Users can click the button and complete their purchase.

Step 5 - Writing ipn.php

First, create ipn.php so we can start writing. We'll use a small snippet that I made from a larger snippet that you can get from Paypal's website.
Please note that there is no reason to learn this code out of your head! Snippets are handy and save time. I will break it down below.

Please fill in the correct credentials for your database so we can insert data in the next step.

PayPal POSTS data to the url we specified. In this example we only need the email address from the buyer, so that we may send him his login information. This code above will read the data PayPal sends and return the info to PayPal. I've added two comments where the code should come if its validated. Additionally, I've also added a comment that specifies what should be done if it's not validated.

Step 6 - Creating the Database

Now we are going to focus on what should happen if the payment is verified. First, we need to build a MySQL table where we store the users information. Just a simple one with an id, email and password field.

Next, we must enter our table details; we need an ID with a primary key selection and it should auto increment; next an email and password field.

For those of you don't have the time to enter all of this information, below is a small MySQL Dump code to recreate the table.

Step 7 - Account Creation

Open ipn.php again. We are going to write the following code below the "// PAYMET VALIDATED" line.

Our first step is to retrieve the email address of the buyer; PayPal sends all of this info over to ipn.php.

We must create one last variable - which is the password that we will generate using php.

As you can see, we used mt_rand to generate a random password - in this case a numeric value between 1000 and 9999. Next, we need to insert this data into our database. To do so, we'll use the mysql insert query.

Here we tell our script to insert the email and the password into our database. I've added a mysql_escape_string to ensure that mysql injection isn't possible. I've also added the md5 function to our password so that it will be stored as a 32-character hash. Now the account is created; let's move on to the next step.

Step 8 - Emailing the Login Credentials

We need to write some code that will email the login information to the buyer. To accomplish this, we will use the php mail function.

Let's break this email function down. We use the variable $email to get the user's email address and assign it to the $to variable.
The variable $subject is the title/subject that you will see in your email program. After this, we have our message, which will contain a thank you note as well as the account information. The $email and $password variables in the message will change to the correct information once the email has been sent. We also have set a custom header. When the user receives the email, the "from" address will display as "noreply@yourdomain.com".

Step 9 - Invalid Payment Email

An invalid payment might occur because of fraud, but also because of a problem with PayPal; so we want to make sure that our customer gets what he paid for.
So we are going to send an email to our site administrator, telling him to contact the buyer for more information. Simply copy the email code we used before and then make the changes listed below.

This code is nearly the same as above, only we made some changes to the receiver, subject and message.

Step 10 - User Login

This is our final step, where we build a simple login form for our buyers. Make a new php file, and name it login.php. We'll use the same HTML page as used for the index.php, only we will make some adjustments to the content of the page, and of course add a bit of styling to our login form.

login.php - This is the page where our buyers can login.

Add to style.css

Now that we've made our form, we need to check if the login credentials are correct. I made a few changes to login.php so we can get started:

The code above will check if email and password are both posted. If true, we can verify the credentials. If not, we return a error. The next code we are going to write will be placed below "// Verify". First we need to turn the post variables into local variables.

I've added an escape function to prevent mysql injection and have transformed the posted password into a md5 hash. Because we did this in our database, we must also hash the user's password to compare the two values correctly. Now it's time to verify the data.

As you can see, we are running a mysql query, and are selecting all the data from our user table - but only the row where the user's email address matches the one from the database.
mysql_num_rows checks if a match has been found: 1 = true; 0 = false.

That's All!

And that's the end of this tutorial. I hope you enjoyed it, and feel free to leave a comment with your thoughts. Have any tips that might help?

  • Subscribe to the NETTUTS RSS Feed for more daily web development tuts and articles.

Did you find this post useful?
Want a weekly email summary?
Subscribe below and we’ll send you a weekly email summary of all new Code tutorials. Never miss out on learning about the next big thing.
Looking for something to help kick start your next project?
Envato Market has a range of items for sale to help get you started.