I am using Website Payments Standard integration and in PDT I am confused about showing message to customer on return page if transaction fails due to something, but I cant get messages directly as a response from Paypal, rather I get codes. I was thinking to create a function that will take code as a Parameter and return Error Message. I went here and read about payment_status variable. I got confused when I saw same variable can can set to 1 value off 11 at one place and off 3 at another. What exactly it will return in my scenario? 1 off 3 or 1 off 11?
Edit
See that variable under Mass Pay Variables and Payment Information Variables in this link.
The payment_status would be various things depending on the txn_type. That's why they are separated in categories like that. If you get a txn_type of masspay, then the payment_status would only be 1 of those 3. The majority of the txn_type's will have a payment_status that falls in the list of 11 you mentioned. If you're using a standard button you'll typically follow the information under the Payment Information Variables section.
On another note, make sure you're not using PDT to handle any post-payment processing like updating your database, sending email notifications, etc. Even with Auto-Return enabled there is no guarantee the user will make it back to your return URL, and if they don't, that code will never run.
Instead, you should use IPN to handle such processing, which is very similar to PDT except that it happens separate from the checkout flow altogether. As soon as any transaction takes place on your account PayPal's server will POST data about that transaction to your IPN listener URL. The data will be the same as what you're looking at with PDT, but IPN will always be triggered regardless of whether or not the user makes it back to your site.
IPN will also allow you to correctly handle things like pending payments from e-checks, fraud filters, etc. that would need to clear before you deliver the product. You'll get an IPN when the pending payment takes place, and another IPN when that payment is updated to completed, failed, or whatever.
IPN also allows you to automate tasks based on refunds, disputes, etc. It's a very powerful tool, and again, it's definitely recommended over PDT.
Related
I am building an application using accept js and C# SDK of authorize.net. here, i am using accept js token to make a credit card payment over authorize.net and able to create transaction and customer profile successfully. but when i tried to create a subscription with customer profile id and payment profile id, i got "E00040 Record Not Found" error response.
I also tried to create subscription with another token after creating transaction but getting "E00114 Invalid OTS Token" error response.
What would cause authorize.net to return an these errors?
Looking forward for your quick response.
I was having this problem today, although I was doing PHP on the backend instead of C#. I called into their tech support and here's what I found:
Their production endpoints are actually pretty overloaded on server resources compared to their sandbox unfortunately, at least as of Aug, 2018. This can lead to this misleading Invalid OTS Token error, which can also have several other causes. The tech explained to me that if you have a submit button on the payment form that generates the token and then immediately submits the transaction, that you should add some kind of sleep call (on PHP, that's sleep(5);, for instance). We tried and got it to work on 4 seconds, minimum, but only intermittently. He told me if it fails after a 4 or 5 second sleep call, to reattempt that call one more time after waiting another 2 seconds, before you give up and recommend the customer call your call center or use your other support channels.
In the sandbox, they won't care if you're not using the cert.pem file in your transactions. Not so in production -- you need to ensure you've got that loaded. You can get that file off of Github if you search on the official Authorize.Net files.
I use the .Net API for managing my organization's users within Google Apps. Within the directory API you can "RetrieveUser". This returns a User object that has a date property of "LastLoginTime".
Google used to separate out their Last Login Time for an account into three categories using the previous api.
last_login_time - the last time you directly logged into a google service using a UI
last_web_mail_time - the last time you logged into gmail.com webmail
last_pop_time - the last time you popped or imap'ed from their server. (indirect login)
In the new SDK, I don't see a specific "How we populate this" comment within their documentation. I'm wondering, and having trouble testing to figure out the rules myself:
How this is populated?
If it is not all encompassing usage that updates this date (usage meaning ANY interaction between the user and their account), how do I get other dates?
I use the last usage date to recycle idle users. Thus I need an accurate representation of what this date is. I've tested, and it appears popping from a google account is not represented within the SDK LastLoggedIn property, even though you need to log in to pop. Thus, any user that pops from the account and doesn't "Log In" could be deleted by accident.
API Reference
Appreciate any help.
These three (And more) properties still exist, just not attached to the "LastLoginTime". If you want to know if an account is truly idle, you'll need to use the Google.Apis.Admin.Reports.reports_v1 API. You can install via NuGet.
After you make your service object (Many stack answers can show you how to do this), usage is below:
UserUsageReportResource resource = _service.UserUsageReport;
UserUsageReportResource.GetRequest request = resource.Get("User#domain.ca", "yyyy-mm-dd");
UsageReports report = request.Execute();
All the interaction dates will need to be searched through, including LastLoginTime, and then take the latest. Each application has different dates all pertaining to when the last time the user did X action.
LastLoginTime appears to be simply the last time a user directly, or indirectly (via device), logged into the Gmail service. This does not include logging in for pop etc.
I'm currently using the paypal's api for checking payments using the IPN checking.
In the method where paypal is checking if the payment is verified , there's a comment saying :
//check that txn_id has not been previously processed
But I can't understand what is ths txn_id , what it does and why do I need to check it and how .
Thanks in advance,
This is a Unique Transaction ID, that is generated by PayPal.
You connect that with your order, and paypal report that back to you with the results of this order.
You use it to prevent fraud, for example what you do, when you verify that your order is OK, you read that number and search your database to see if this is connected to some other order. If you find it again, means that a potential fraud is on progress, some is buy something from you, lets say 5 euro items, and after some months, is try to order from you 100 euro items, and some how is replay to you with an old verify status id - trying to reuse an old complete transaction. But because that status id is unique you catch him.
To use it, connect that id, with the unique id of your order, and keep that connection for check.
txn_id is the PayPal-assigned unique identifier for the original transaction.
All subsequent IPN messages for that transaction will use that txn_id so that you can tie them to the original message. Make sure you save it with the data for the order to which it applies.
The Completed IPN message is the only one you MUST process, as it is THE message that confirms that a payment has been completed. Otherwise, why do you need to worry about IPN at all? The POST variables with that message will have enough customer details for you to use to generate an invoice and delivery docket/label.
You may choose to process other IPN messages, but that is up to how much you want to program for. Basically, the bulk of your sales will be smoothly handled by processing just the Completed messages. Any other messages will be in parallel with the normal emails you will receive, and you will probably have to manually chase up anything else, like refunds or disputes.
Why they ask you to check that it has not been previously processed, is not for fraud, but simply to make sure you do not process a Completed IPN message again, as up to five may be sent to you, up to a day later, as part of the resilience of the IPN process.
For example, if you send out goods when a Completed IPN message is received, you do not want to send them out again if you get another IPN Completed message with the same txn_id.
Basically, when you get a Completed IPN message, you need to check your orders for one using that txn_id, and if found, and if the order is already marked as paid and has been processed, then you can ignore the message, otherwise, process it as the payment for the order, and do what you normally do upon payment.
Refunds and the like will have their own txn_id, but their IPN messages will include parent_txn_id, which holds the txn_id for the original transaction being refunded.
Note that PayPal wants you to check other returned values for correctness, and these are for fraud. Some are:
receiver_email field matches the main email address you use to access your PayPal account. It is not necessarily the one used with the payment button.
Make sure that the item cost and other details returned in the message are correct for the item. This prevents the customer giving themselves a discount.
On our .NET 3.5 website in c# a user clicks submit on our webpage, they are subscribed by email address to our reports. Unfortunately, this action takes about 5 minutes and the user has to sit and wait for confirmation. What I would like to do is change it so that when they click submit, they get a pop up that says they will be notified by email when their subscription goes through, meanwhile i would queue up the subscribe action somewhere else on the server so that it doesnt exist in the web code. Can you give me some ways to do this? The basic idea is that I want to split into two different lines of execution where one will allow them to still browse our website and the other will subscribe them. I was thinking split into a new thread but I think that the web code would still have to wait for that thread to finish before they could do anything else. I'm looking for ideas, preferably something that can run on the same server. thanks!
There's many options, but the basic approach will be to decouple the site from the provider. Instead you'll write out a record saying "User X is waiting to subscribe", a seperate process will then read the record and perform the actual subscription, while marking the record as "in-progress". Once the process has complete the record will again be updated with the completed information.
You can achieve this with databases, message queues, or other approaches. But fundamentally your site will only be responsible for creating the record and checking it's status--the actual interaction with the provider will be handled separately.
If you have something that takes this long and you want to true and ensure the action goes through, then your best bet is going to be to queue it up.
Basically, when they submit the request, store that in a database table and let them move on. Meanwhile, have another process that monitors that table to process the requests. When they come in just have this second process send the request on to the part that takes 5 minutes to complete.
Once it finishes, send them a "welcome to such and such email list" message. That will serve as their confirmation that it worked.
Jeff Atwood blogged on a relevant topic here a while back. Since you are using c#, I assume you're using ASP.NET and can take advantage of the cache mechanisms to kick off a periodic worker job. On the user's request, you can persist details of the subscription to some data store. In that job, you can examine the queue to determine what subscriptions need to be created and then execute them.
https://blog.stackoverflow.com/2008/07/easy-background-tasks-in-aspnet/
I got the following exception from the Social Graph API:
(OAuthException) Block! You are engaging in behavior that may be
considered annoying or abusive by other users.: You have been blocked
from Body of an error/warning message. Title is: Block! You are
engaging in behavior that may be considered annoying or abusive by
other users. because you repeatedly misused this feature. This block
will last anywhere from a few hours to a few days. When you are
allowed to reuse this feature, please proceed with caution. Further
misuse may result in your account being permanently disabled. For
further information, please visit our {= FAQ page}.
My program makes thousands of calls, but the call that threw the exception was like this:
graph.facebook.com/search?q=6511+club&access_token=...
I'm not writing anything back to the API, so I don't see how I could be violating any abuse/annoyance rules. At first I thought I might have gone over the rate limit but this thread says the exception message for that would look like this:
Facebook.GraphAPIError: (#613) Calls to stream have exceeded the rate of 600 calls per 600 seconds.
My program is calling the above Event search endpoint with a new value for the q parameter repeatedly. For each event returned, my program:
(calls /eventId) Gets the Event detail
(calls /pageId) Get place Page of the Event's location if the Event's location references a Facebook place Page
(calls /eventId/attending) Get the ids of the User profiles who are attending or maybe attending
(calls /?ids=...) Get the User profiles of the Users who are attending or maybe attending.
I'm using the Facebook C# SDK. All my calls include an access token (from my personal User profile).
It's not your app which is blocked, it's your user which is blocked. Your user was identified by Facebook's automated system as a bot (which it really is actually). Next step - your user will be banned from Facebook. You're making too many calls harvesting data from Facebook by a single user. You need to rethink your app purpose and whther you need to call this data to store or your users can get it on demand from the API. Most offensive calls here are /eventId/attending and ids per each event. Call it thousand times on thousand events and the user will be blocked.