J
Jason James
Guys,
it seems that several people have enquired about how to communicate
with Paypal as securely as possible. It is obvious that placing the
shopping cart details in the URL is about as insecure as could be.
Therefore why not use a POST and hide them in hidden variables? Well I
would if I could figure it out. The contents of the cart are created
dynamically and since I already have a button on my form that needs to
be captured by the server I seem to be looking at having another HTML
form on my page. The problem with that is I also want a confirmation
email to be sent to the seller that confirms the contents of the
shopping cart, and since the email is created in my ASP code, an HTML
button does not seem the way to go.
I have read some posts about using a WebRequest object to POST the
shopping cart to Paypal. However, my attempts at this code have
failed. I am using the PDT process for payments. All works well if I
use a response.redirect but I would appreciate anyone taking a look at
my latest attempt a hopefully pointing out where I am going wrong.
Dim req As WebRequest
req =
WebRequest.Create("https://www.sandbox.paypal.com/uk/cgi-bin/webscr")
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
Dim urlString As String =
"cmd=_cart&upload=1&[email protected]¤cy_code=GBP&return=http://www.mysite/paypalreturn.aspx"
Dim urlEncoded As New StringBuilder
urlEncoded.Append(urlString)
urlEncoded.Append("&item_name_1=firstitem")
urlEncoded.Append("&on0_1=Size")
urlEncoded.Append("&os0_1=6x4 (MATT)")
urlEncoded.Append("&amount_1=1.00")
urlEncoded.Append("&quantity_1=1")
Dim SomeBytes() As Byte
SomeBytes =
System.Text.Encoding.UTF8.GetBytes(urlEncoded.ToString())
req.ContentLength = SomeBytes.Length
Dim RequestStream As Stream
RequestStream = req.GetRequestStream
RequestStream.Write(SomeBytes, 0, SomeBytes.Length)
RequestStream.Close()
Executing this code does not return an error, neither does it redirect
me to the paypal site!
Any thoughts,
Jason.
it seems that several people have enquired about how to communicate
with Paypal as securely as possible. It is obvious that placing the
shopping cart details in the URL is about as insecure as could be.
Therefore why not use a POST and hide them in hidden variables? Well I
would if I could figure it out. The contents of the cart are created
dynamically and since I already have a button on my form that needs to
be captured by the server I seem to be looking at having another HTML
form on my page. The problem with that is I also want a confirmation
email to be sent to the seller that confirms the contents of the
shopping cart, and since the email is created in my ASP code, an HTML
button does not seem the way to go.
I have read some posts about using a WebRequest object to POST the
shopping cart to Paypal. However, my attempts at this code have
failed. I am using the PDT process for payments. All works well if I
use a response.redirect but I would appreciate anyone taking a look at
my latest attempt a hopefully pointing out where I am going wrong.
Dim req As WebRequest
req =
WebRequest.Create("https://www.sandbox.paypal.com/uk/cgi-bin/webscr")
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
Dim urlString As String =
"cmd=_cart&upload=1&[email protected]¤cy_code=GBP&return=http://www.mysite/paypalreturn.aspx"
Dim urlEncoded As New StringBuilder
urlEncoded.Append(urlString)
urlEncoded.Append("&item_name_1=firstitem")
urlEncoded.Append("&on0_1=Size")
urlEncoded.Append("&os0_1=6x4 (MATT)")
urlEncoded.Append("&amount_1=1.00")
urlEncoded.Append("&quantity_1=1")
Dim SomeBytes() As Byte
SomeBytes =
System.Text.Encoding.UTF8.GetBytes(urlEncoded.ToString())
req.ContentLength = SomeBytes.Length
Dim RequestStream As Stream
RequestStream = req.GetRequestStream
RequestStream.Write(SomeBytes, 0, SomeBytes.Length)
RequestStream.Close()
Executing this code does not return an error, neither does it redirect
me to the paypal site!
Any thoughts,
Jason.