Easiest way to update PayPal details using CMSB
3 posts by 2 authors in: Forums > CMS Builder
Last Post: October 22, 2023 (RSS)
Hi, there. My client sells calendars every fall as a fundraiser, and they use PayPal to handle online payments. Is there an easy way for them to use CMSB, which is already part of their site, to do future updates in-house? This is the type of code is generated by PayPal that they would need to replace. They usually send me the code, and I change it manually.
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="XXXXXXXXXXXX">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
By Deborah - October 22, 2023
Hi, CommonSenseDesign. I have sites using PayPal standard checkout and have used both of the following approaches:
1) Encrypted buttons: A unique button ID is created at PayPal for each product. This is what you're using now. The same button ID can be used, but changes to price and description will need to be updated at PayPal AND in CMSB.
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="paypal">
<input type="hidden" name="cmd" value="_s-xclick">
<!-- If a new button is created each year, this field would need updating,
but if the same button ID is used each year, it can be hardcoded in the HTML -->
<input type="hidden" name="hosted_button_id" value="<?php echo htmlencode($calendar['ppbtnid']) ?>">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif" alt="Buy now">
</form>
2) Non-encrypted buttons (the original PayPal button type): Product pricing and description are managed in CMSB, with no product setup necessary at PayPal.
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="paypal">
<input type="hidden" name="add" value="1">
<input type="hidden" name="cmd" value="_cart">
<!-- The PP business ID won't change & can be hardcoded in the HTML -->
<input type="hidden" name="business" value="XXXXXXXXXXXXX">
<input type="hidden" name="item_name" value="<?php echo htmlencode($calendar['itemname']) ?>">">
<input type="hidden" name="amount" value="<?php echo htmlencode($calendar['price']) ?>">
<input type="hidden" name="currency_code" value="USD">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif" alt="Buy now">
</form>
The downside of non-encrypted buttons is that someone could copy the HTML and enter any price they wish. PayPal will still process the payment. However, if the person reviewing the orders checks the price, they can simply refund the purchase if the price has been altered. (I've never had this happen on a client's site.)
To simplify things for the client, you might consider method #2, because they'd only have one place to make updates each year. You could also add an "In stock?" checkbox field in the calendar's CMSB editor to act as a toggle to replace the entire form tag with a "Sold out for 2023" message."
Hope that helps.
~ Deborah
By CommonSenseDesign - October 22, 2023 - edited: October 22, 2023
Thank you for these suggestions, Deborah. I'll look into them and decide which is going to work best for my client.