Ecommerce Templates > PHP Version Help > Payment Processors > PayPal Payments Pro

PayPal Payments Pro

What is PayPal Payments Pro?

PayPal Payments Pro allows you to take credit card orders directly on your site without having to go to PayPal to enter any details. The integration is completely seamless meaning that all the processing goes on in the background and the customer doesn't need to leave the site. PayPal takes care of all that processing so you won't see or store any sensitive credit card information.

How to Integrate PayPal Payments Pro

Click here to create an account with PayPal.

Ecommerce Templates offers two methods for hooking up with PayPal Payments Pro. The three token method is the simpler and recommended option of the two. If you do run into any issues with the integration, please check out our PayPal troubleshooting section. UK merchants can also now use PayPal Payments Pro.

US merchants implementing PayPal Payments Pro can enroll in the Verified by Visa program.

Using the three token authentication for PayPal Payments Pro

The three token authentication system for PayPal Payments Pro is the recommended way of integration. This method is much more "shared hosting friendly" than the API certificate method described below.

  • Log in to your PayPal account and click on Account Settings.
  • In the left hand "ACCOUNT & SECURITY » Account access" column click "Update" for "API access".
  • Scroll down to NVP/SOAP API integration (Classic) > You or your developer integrated NVP/SOAP (or “Classic”) APIs that allow you to accept payments via PayPal. > Request API Signature
  • Click on "Request API Credentials", check "API Signature", agree to the terms and press Submit.
  • Enter the API Username, API Password and Signature into the payment providers admin page for PayPal Direct / PayPal Pro.
  • Select "API Method" as "API Signature".
  • In your store main admin settings page set your HTTPS Store UR.
  • That should be all you have to do.

Back to top

Setting up PayPal Payments Pro with the API Certificate method

You will require the Ecommerce Plus version 4.9.2 or higher. You can check the version you are running by logging into your store control panel and the number will appear at the top of the first page. If you are running an earlier version then the latest updater will always be available here for download.

These are the configuration steps you will need to take:

  • Log in to your PayPal account
  • Go to Profile -> API Access -> API Certificate Request
  • You will need to fill in the application for the certificate request. It may take some time for you to be granted this certificate.
  • The certificate you receive from PayPal will have a .txt extension so you will need to rename that to .pem ie. cert_key_pem.txt -> cert_key.pem
  • As part of the signup process, an “account name” will be suggested for the certificate. This will be of the form “user_api1.yoursite.com”. You will also be required to create a password for the certificate. You are strongly recommended for security reasons to NOT use your PayPal login password. Create a new password.
  • When you receive your certificate you will need to save it to your web server. Make sure that for security reasons you save the certificate OUTSIDE the web root. This means that nobody can download the certificate by entering it’s URL in their web browser.
  • PayPal Payments Pro - Direct Payment is a system where the credit card number is taken on your site. Because of this you must have your own SSL setup and set the HTTPS Store URL in the main admin settings page so that the credit card details are entered over a secure connection.
  • Now log in to your ecommerce plus template admin section, click on the payment providers admin page and enter the following information for PayPal Direct.

    API Account Name: (Such as user_api1.yoursite.com)

    API Password: The password you created above.

    Path to certificate : The full path to the certificate on your server. For instance /user/websites/yoursite.com/certificate.pem
    Please note that for security reasons this path should be outside your web root. That way your certificate can’t be downloaded by someone entering the path to the certificate in their web browser.

PayPal Pro

Advanced Tip

In your cart.php page, above the opening HTML tab you should have some lines of PHP like this . . .

<?php
session_cache_limiter('none');
session_start(); ?>

When using PayPal Payments Pro it helps if you have “output buffering” turned on. To do this, just make sure you have the ob_start() directive which you can add like this . . .

<?php
session_cache_limiter('none');
session_start();
ob_start(); ?>

This step is optional, but it does mean that when using Express Checkout the transition between your site and the PayPal server will be smoother.

Back to top

Notes for UK based merchants

PayPal Direct Payments will now natively support UK stores which take bank cards like Switch/Maestro/Solo which have an issue number / start date. You will need to be running a minimum version of 5.9.2 of Ecommerce Templates. If you are a UK merchant and would like to enroll in the verified by visa, please use this registration form.

Back to top

PayPal Pro Hosted Solution / Pasarela Integral

PayPal Hosted, also known as Pasarela Integral was introduced in version 6.1.3. It allows buyers to choose between paying via their PayPal account or via credit card on the PayPal secure server. To use this service, you will need to follow the following steps

  • You will need to enable PayPal Pro and PayPal Standard through the store control panel
  • Add the following line to vsadmin/includes.asp
    $paypalhostedsolution=TRUE;
  • In your PayPal control panel go to Profile > Website payment settings > PayPal Pro Hosted or Pasarela Integral > Settings and choose the information you want to collect as well as setting your company's confirmation page to something like http://www.yourstoreurl.com/thanks.php
  • Now go to Profile > Instant Payment Notification preferences and set the Notification URL to something like http://www.yourstoreurl.com/vsadmin/ppconfirm.php and Message Delivery to "Enabled"
  • That's about all these is to it but you can read more about it from PayPal here. Please note the iframe feature is not available due to incompatibility issues in IE9.

Back to top

 

Using the PayPal Sandbox (demo mode)

You can put PayPal into Demo Mode on the ecommerce plus template payment provider admin section, but this will involve using the PayPal “Sandbox” as here . . . https://www.sandbox.paypal.com/
This would mean creating a separate sandbox email login, password and certificate request. (Sandbox certificates are assigned immediately).

When testing your PayPal account using the PayPal sandbox you may find the usual test credit card number (4111111111111111) doesn’t work correctly. If you follow the instructions below this should help you generate a test credit card number that is compatible with the PayPal sandbox.

  • Login into your Sandbox Account
  • Click on Add Credit Card under Profile section
  • Then use the CC information to make a payment as a non-PayPal account. Just Don't click on 'Add Card' button. Copy the number down, once you leave the page, the number is gone.

Back to top

Troubleshooting

If you receive this error on thanks.php:

"I'm sorry, there was a problem with your transaction.
Transaction Result: Direct Payment has been disabled on this account. Transaction has not been processed."
or
" I'm sorry, there was a problem with your transaction.
Transaction Result: (10501) This transaction cannot be processed due to an invalid merchant configuration."

...then make sure you have agreed to the PayPal Billing Agreement at https://www.paypal.com/us/cgi-bin/webscr?cmd=_wp-pro-overview

If you get this error when hitting the checkout button:
Fatal error: Call to undefined function: curl_init()
... it probably means that the cURL component is not installed on your server. cURL is required for connecting to the PayPal server. PayPal Pro requires communication over a secure (HTTPS) connection and cURL is the only way to do it really. if it's not available, check with your host to see if they would add it. It's quite simple, free and there are details here . . .
http://www.php.net/manual/en/function.curl-init.php

An alternative is provided for those that don't have cURL compiled into PHP, but where the host provides cURL on the command line. To use this feature you need to set the path to the cURL binary on your server in the parameter $pathtocurl in your vsadmin/includes.php file. For instance...
$pathtocurl="/usr/local/curl";

This was introduced in version 4.3.0, and if that line doesn't appear in your includes.php file, you can add it to the list.

If you get this error. . .
SSL: error:14094418:SSL routines:func(148):reason(1048)
Then the problem is having PayPal Direct in demo mode, but a non-demo mode certificate and vice-versa

If you need your customer to provide a phone number then in your PayPal Profile go to Website Payment Preferences -> Contact Telephone Number
...and set it to "On (Required Field)"

Please note that you can use the same PayPal Pro account on multiple sites

Back to top

AVS and CVV Checking and codes

Do check these codes and make a decision accordingly of whether to ship the order

  • AVS codes

    A Address Address only (no ZIP)
    B International “A” Address only (no ZIP)
    C International “N” None
    D International “X” Address and Postal Code
    E Not allowed for MOTO (Internet/Phone)
    transactions
    Not applicable
    F UK-specific “X” Address and Postal Code
    G Global Unavailable Not applicable
    I International Unavailable Not applicable
    N No None
    P Postal (International “Z”) Postal Code only (no Address)
    R Retry Not applicable
    S Service not Supported Not applicable
    U Unavailable Not applicable
    W Whole ZIP Nine-digit ZIP code (no Address)
    X Exact match Address and nine-digit ZIP code
    Y Yes Address and five-digit ZIP
    Z ZIP Five-digit ZIP code (no Address)
    All
    others
    Error Not applicable

  • CVV codes

    M Match CVV2
    N No match None
    P Not Processed Not applicable
    S Service not Supported Not applicable
    U Unavailable Not applicable
    X No response Not applicable
    All
    others
    Error Not applicable

Back to top

Please do read our guide here on credit card fraud.

That's all there is to it really - any comments on the set up can be posted on our Support Forum.