Thanks for the update Derrick. I've used PayPal before in some cases, but have not encrypted the button like this. I think this info will be very useful for me in the future.
> Mike (who tried to help), and anyone else. > > Solved the problem. Changes: > > Use "cmd=_xclick" in your name value pairs for your text file, which > you will encrypt (not _s-xclick). > But DO use <input type="hidden" name="cmd" value="_s-xclick"> in your > actual form. > > That mismatch of information was only found by purchasing an article > written on Nov 8, 2008 by Arman Danesh ($4.00) from Communitymx.com > (located here: http://www.communitymx.com/abstract.cfm?cid=202EF ) > > I also reissued the private key and cert on my end for good measure > and re-uploaded it to Pay Pal. Downloaded theirs (again), for (again), > good measure. However, I do not believe the certs were the issue. I > reissued them before trying the new code changes. So, I will never know. > > Code follows in case someone else wants to use Pay Pal and CF and > dynamically encrypt variable shopping cart and price data on the fly. > (Step omitted - creating a signing key and cert via openssl. Search > google for that, or hit me back when the time arrives that you need to > do it. ) The code is for the Pay Pal issue only and is for a *nix > system with openSSL installed (or windows with openSSL): > > > > <!--- create temp file (empty) ---> > <!--- (could use a UUID() here to randomize the file name, but since > it is in a directory not made public, I prefer a clean "makes sense" > approach). ---> > <cfset buttonfile = "/websites/tempfiles/ > paypal_order_#session.orderID#"> > > > <!--- write temp file with a return after each name value pair ---> > <cffile action="write" file="#buttonfile#" output="cert_id=28HGKDTN9SP1F > cmd=_xclick > [email protected] > item_name=My Product or Service > item_number=#session.orderID# > amount=25.00 > currency_code=USD > tax=0 > no_shipping=1 > address1=my street address which matches my private cert > city=my city which matches my private cert > state=my state which matches my private cert > zip=my zip which matches my private cert > country=US > no_note=1 > cancel_return=where to take the user if they cancel their payment"> > > > <!--- create signed, binary version of file created above ---> > <cfexecute name="/usr/bin/openssl" arguments="smime -sign -in > #buttonfile# -signer /etc/certificates/my-publiccert.pem -inkey /etc/ > certificates/my-privatekey.pem -outform der -nodetach -binary -out > #buttonfile#.binary" timeout="3000" variable="encButtonOutput" /> > > > <!--- generate encrypted button ---> > <cfexecute name="/usr/bin/openssl" arguments="smime -encrypt -des3 - > binary -in #buttonfile#.binary -outform pem /etc/certificates/ > paypal_cert_pem.txt" timeout="3000" > variable="encButton">#encButtonOutput#</cfexecute> > > > <!--- actual form ---> > <div id="paypalform" style="text-align:center;"> > <form action="https://www.paypal.com/cgi-bin/webscr"; method="post"> > <input type="hidden" name="cmd" value="_s-xclick" /> > <input type="hidden" name="encrypted" value="#encButton#" /> > <input type="submit" value="Pay $25.00 via PayPal" /> > </form> > </div> > > > <!--- encryption temp file clean up ---> > <cffile action="delete" file="#buttonfile#"> > <cffile action="delete" file="#buttonfile#.binary"> > > > _____________________ > Derrick Peavy > [email protected] > _____________________ > > > > On Feb 18, 2009, at 12:13 PM, Mike Staver wrote: > >> So, you're posting that info back to PayPal - and they have to be >> able to >> read it to process it, right? Do you set up something with your >> account >> so they can unencrypt it when it gets posted to their server? >> >>> I am trying to integrate PayPal with a CF solution. Pay Pal account >>> is >>> a business account, using "Website Payments Standard" >>> >>> I am not using the PayPal encrypted buttons, but am providing my own >>> encryption on the fly with OpenSSL and CFEXECUTE due to specific >>> situation. >>> >>> I am having one he** of a day trying to make this work. Keep getting >>> new errors and nothing seems to work. Support from PayPal is >>> extremely >>> frustrating. >>> >>> MY QUESTION IS - Has anyone on the list done this before - >>> specifically, encrypting your payment buttons on the fly? I have >>> created the public cert and key and uploaded that to PayPal and >>> downloaded their cert as well. Code is below, problems are below >>> that. >>> >>> >>> Here is the process/code I am using, based upon PayPal's documents >>> and >>> other CF examples I could find: >>> >>> <!--- file name ---> >>> <cfset buttonfile = "/var/tmp/ >>> cc_com_paypal_order_#session.bannerOrderID#"> >>> >>> >>> <!--- create temp file ---> >>> <cffile action="write" file="#buttonfile#" >>> output="cert_id=DFKJDF97ADFK >>> cmd=_s-xclick >>> business=payPalApprovedAccountEmail >>> item_name=Service Being Sold >>> item_number=#orderID# >>> amount=50.00 >>> currency_code=USD >>> tax=0 >>> no_shipping=1 >>> address1=address as stated in public cert >>> city=city as stated in public cert >>> state=state as stated in public cert >>> zip=zip as stated in public cert >>> country=US >>> no_note=1 >>> cancel_return=returnFile.cfm"> >>> >>> <!--- create signed, binary version of file created above ---> >>> <cfexecute name="/usr/bin/openssl" arguments="smime -sign -in >>> #buttonfile# -signer /etc/certificates/mysite-publiccert.pem -inkey / >>> etc/certificates/mysite-privatekey.pem -outform der -nodetach - >>> binary - >>> out #buttonfile#.binary" timeout="30" variable="encButtonOutput" /> >>> >>> <!--- generate encrypted button from binary ---> >>> <cfexecute name="/usr/bin/openssl" arguments="smime -encrypt -des3 - >>> binary -in #buttonfile#.binary -outform pem /etc/certificates/ >>> paypal_cert_pem.txt" timeout="30" variable="encButton" /> >>> >>> >>> <!--- actual form ---> >>> <div id="paypalform" style="text-align:center;"> >>> <form action="https://www.paypal.com/cgi-bin/webscr"; method="post"> >>> <input type="hidden" name="cmd" value="_s-xclick"> >>> <input type="hidden" name="encrypted" value="#encButton#"> >>> <input type="submit" value="Pay #dollarFormat(paymentToMake)# >>> via >>> PayPal"> >>> </form> >>> </div> >>> >>> >>> The problem is that when the transaction is submitted, PayPal gives >>> different errors, ranging from problems with the email (which PayPal >>> Customer Service confirmed is correct), to issues with decrypting the >>> cert. It's nuts. No one error is the same and PayPal will only say >>> "Gee, we don't know." >>> >>> _____________________ >>> Derrick Peavy >>> [email protected] >>> _____________________ >>> >>> >>> >>> >> >> >> >> ------------------------------------------------------------- >> To unsubscribe from this list, manage your profile @ >> http://www.acfug.org?fa=login.edituserform >> >> For more info, see http://www.acfug.org/mailinglists >> Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >> List hosted by http://www.fusionlink.com >> ------------------------------------------------------------- >> >> >> >> > > ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
