Real World PayPal IPN Paypal’s Instant Payment Notifications are GREAT* *Once You Actually Get Them to Work
Paul Croubalian First Edition
The name, “PayPal” is owned by PayPal (Nasdaq: PYPL) and is used within this text solely for ilustration and indentification purposes. PayPal neither endorses nor approved that which is written herein. The author has taken care in the preparation of this book, but makes no expressed or implied warranty of any kind. The author assumes no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. For information about buying this title in bulk quantities or for special sales opportunities (which may include electronic, print, or audio versions, content particular to your business, training goals, marketing focus, branding interests, or consulting) contact the author at
ISBN (audioBook , as narrated by the author): 978-1988406-03-9
Contents Conventions used in this book What you will learn Just how “instant” is Instant? IPN vs PDT The IPN System, How it works Why you’re “sort of” Good to Go Who can use IPN Lets go play in the sandbox Details about Test Accounts Creating Buy Buttons 2 Ways to NOT Test Buttons Customizing a Hosted Button The REAL way to test Hosted Buttons How to build a button from scratch Stored vs. Custom Buttons. Creating your listener Dissecting Listener.php PayPal’s IPN Simulator Debugging the listener Appendix: Variables and Values Variables for special PayPal features Individual items variables Payment transaction variables Shopping cart variables Recurring payment variables Automatic Billing variables
Installment Plan variables PayPal checkout page variables Auto-fill PayPal checkout variables Instant Update API variables Variables for dimensions of individual items Reader Promotions About the Author
Conventions used in this book Most text is written in this font. Code samples, or anything relating to code is written in this font.
ProTip:
ProTips offer hacks or shortcuts or just things to be careful of. Watch for these Tips. They can save you a ton of headaches.
Note:
Notes are used to point something out that I consider important. Watch for these too. Sometimes, they just repeat something in the text. I know people like to skim. ;-) Bookmark Navigation, No Table of Contents
The eBook use Bookmark navigation. You can access the bookmarks (which are easier to use) from the top left corner of your device, or from the Table of Contents.
Three versions: eBook, Book, & AudioBook
The eBook version uses capabilities found in next-generation readers, tablets, smartphones, and computers. That means you can zoom in and out using the pinch-and-zoom method. I increased font sizes so that you shouldn’t need to do that on every page. The print version has extra stuff in the Appendices. It’s tough to click a link on a printed page. Well, it’s easy, but doesn’t take you anywhere. Both are available on Amazon. If you bought the print book, you can get the eBook at a heavily discounted price. The audio book version should be ready in June of 2017. Cheers
What you will learn After reading this book, you will be able to actually use PayPal’s Instant Payment Notification system. That may not sound like a lot. It is. Once it gets going, it goes on forever on its own. IPN will make your life easier. Once you get it going. You’ll see orders and deposits run automatically. Once you get it going. You can connect everything through your server back end to make things seamless, automatic, and effortless. Once you get it going. Getting the darned thing going is another story altogether. I wasted three solid weeks six months apart trying. I spent 3 months invoicing manually! That’s not ideal.
Documentation isn’t the greatest. Until now, I couldn’t find anything that set out a repeatable process, let alone set one out in simple English. That’s why I decided to write this book. It helps that I’m a ghostwriter who’s specialty is demystifying tech. I save you the headaches, aggravation, and Tourette’s style outbursts that accompanied me on this journey. Instant Payment Notification (IPN) does pretty much what its name implies. IPN notifies you (nearly) instantly of any actions people make on, to, or with your account. That’s the first gotcha! There are many more. I’ll share the ones that kicked me in the teeth.
IPN notifies you of any action. A notification that somebody added something to a shopping cart is not the same thing as the notification that somebody actually bought that stuff. Don’t laugh! It took me hours before I figured out why I had so many repeating notifications. They can come in one right after the other. Just that warning alone is worth the price of this book. No worries, once you understand that, you can deal with it. It’s better to get too much info than not enough. You will be able to verify that the order actually came from PayPal. You will know who bought how much of what, for how much and when. Then you can fill the order. You will learn how to use PayPal’s sandbox feature to build and test your notification system You will also learn how to build custom buttons on the fly.
You will know how to have your system send you an email synopsis of every notification. You’ll also know how to turn those emails off. You’ll learn how to generate a log of all notifications, busted up by month and day. You’ll Learn how to make your system read the incoming notifications, ask for verification, and then act on the ones you need to act on. PayPal will send info. They will even confirm that it came from them. They won’t do the work for you.
Just how “instant” is Instant? Paypal goes to great lengths to tell you the system is not really “instant.” Okay, so they’re right. But VVFN, “very, very fast notifications” doesn’t sound as cool. IPN is plenty fast enough for most purposes.
It’s even fast enough for situations where the buyer is waiting for a download link. I ran 1000 test buys. The slowest one was 32 seconds. No other test even came close to that. The next slowest was 21 seconds. Most, over 700, worked in less than 8 seconds. That super slow one may have been due to the bad weather, busy servers, or maybe my ISP was running slow. Isn’t it funny how nowadays, 32 seconds seems like an eternity? I also include links to my web site where you can download the code we talk about here. Those files are the actual code but in RTF format with color-coded notes. They make things very easy. That’s a drawback common to books and eBooks. It isn’t easy to get stuff like code from the book to your site.
Those links fix that. They’re regular text files in rich text format (RTF). Just save them as PHP when ready. If you’re ready, so am I. Let’s get to it. You’ll have it up and running before lunch.
Note:
All the examples and scripts available for download are in PHP with mySQL as the database. You can easily morph them to your preferred poison, sorry, language. PHP and mySQL combine to drive the internet. Even Facebook started out as a LAMP stack (Linux, Apache, MySQL, PHP). I figured that was the best place to focus.
IPN vs PDT PayPal has two notification systems, IPN and PDT. PayPal loves its acronyms. We already learned that IPN was Instant Payment Notifications. PDT stands for Payment Data Transfer. Both use the Name Value Pair system, or NPV. Yeah, PayPal really loves its acronyms. NPV is fancy-pants talk. It just means a variable name has a value associated to it. No poop, Sherlock. They’d be pretty useless otherwise. It’s like back in grade school when we learned X=3. That’s a name-value pair too. “X” is the name. 3 is the value.
ProTip:
The trick for making this stuff
work is in knowing which variable names PayPal sends and which values those names have. That can be complicated or easy. I’m Constructively Lazy so I found the easy way. I’ll show it to you soon.
Back to the two notification systems.
You would think that the “Instant” one would be faster, right? Nope. PDT is the real Instant one. PDT fires off a notification the very moment a buyer buys. There is no lag. Not even a tiny lag of a few seconds. They click, “Buy,” and boom, you have a notification zipping over to you. You might be saying, “Yeah! That’s what I want! To heck with this IPN stuff. Gimme PDT!!!!” Hold your horses. First of all, they both get set up the same way. Second, neither is well-documented. Second, yes, PDT is faster. We’re only talking seconds faster, though. That extra speed comes at a cost, a Big One. Capitals intended.
PDT sends a notification instantly. That’s the problem. Did you catch it? No? I’ll repeat it. This time I’ll add some emphasis.
PDT sends a notification instantly. That’s the problem.
That’s right, it only sends one. Ouch! Miss it and you have an irate customer on your hands. It can happen easily. Double Ouch! I wish for you to have so many orders your server can’t handle them all. The ones it can’t handle will give you grief. On a not so happy note, your server can be down for maintenance just when a bunch of orders pop in. More grief. Much as I love the whole idea of One-and-Done. . . This is not the place for it. IPN sends the notification and waits to hear you got it. Don’t answer and it will resend it. That’s when “instant” is not all that instant at all. IPN will continue sending the notification periodically for four days. Better late than never. There’s another problem with PDT. It only sends payment notifications. That might not sound too bad at all. But, there’s great value to being to automate everything not just payments.
IPN lets you know about:
¾¾ Payments received: That includes Express Checkout
and Adaptive Payments.
¾¾ Credit card authorizations: Handy if your Buyer
doesn’t have a PayPal account or prefers to use a credit or debit card. ¾¾ eCheck payments as well as pending, completed, or
denied situations.
¾¾ New subscriptions. It will even automatically assign
user names and id for you, if you like. ¾¾ New sign-ups or carts. ¾¾ Cancelled subscriptions or carts.
¾¾ Recurring payments: Those are related to subscrip-
tions and installment plans. They’re great. Payments continue until either you or the buyer stops them. The buyer just needs to click once. ¾¾ Chargebacks, disputes, reversals, and refunds.
Okay, so maybe we don’t really want those. Still, they’re a fact of life.
Once you have the info, you can do whatever you want with it. ¾¾ You can email an order confirmation ¾¾ You can email an up-sell pitch ¾¾ You can add them to your email list for future mar-
keting.
¾¾ You can update their info with the info from PayPal ¾¾ Update your customer lists ¾¾ Segregate your lists based on buying habits. ¾¾ Update inventory
¾¾ Prepare a picking and/or packing slip ¾¾ Cut an order if you drop ship ¾¾ Issue a refund (not often, I hope) ¾¾ Update your accounting ¾¾ You can notify sales people of purchases by their
customers.
¾¾ You can update and assign sales to affiliates
You have the data. You can do whatever you need or want to do with the data once you have it.
Want the Speed of PDT with the reliability of IPN? No problem. Implement them both. Really, go ahead.
They aren’t mutually exclusive. There’s no law, rule or even guideline that says you can’t. Nothing even says you shouldn’t. PayPal believes, and I agree, that IPN is better suited for the vast majority of applications. If you need instant notification, use both. I strongly suggest you don’t use PDT exclusively!
It’s an IPN alone or IPN and PDT thing. Even if you absolutely, positively need instant notifications, set them both up. The only reason I can see for not setting up IPN with PDT is if the thing being sold is crazily time-sensitive. It would have to be so much so, that you would rather lose a sale, and maybe a customer, than risk processing too late. Darned if I can think of something that would qualify. Maybe off-track betting on horse races? Is that even legal? Excited yet? Ready to dive in with both feet? Ready! Set! Wait a bit. Let’s look at a quick overview of how this puppy works first.
The IPN System, How it works If you’re reading this, you probably have some idea of what HTML looks like You know about web forms and how they can use either GET or POST as methods. When we start building custom buttons you’ll recognize them for what they are, web forms. You’ll also see how this thingamabobber works more clearly. Bear with me for now.
When you see a ton of seeming gibberish in your browser’s address bar, it isn’t gibberish. It’s a bunch of variables passed from one page to another. Yes, they’re name-value pairs.
That’s a GET. GETs aren’t very useful for what we’re doing here. All the info would be sitting right on the browser bar for anyone to see or play with. If someone was crazy enough to use GET for a sale, any idiot that notices sale_price=100 can just delete a zero or two. They can even delete the 1. Servers are fast. They aren’t very bright. POST works very much the same way as GET but hidden in the background. Much better. PayPal uses a Secure POST to send you notifications. You set up a listener page to, you guessed it, listen for those notifications. Don’t worry about how that works just yet. We’ll get there. The listener hears the notification. That’s not enough to act on. That info could be from anybody who knows the link to the listener page. If they know the info PayPal passes, and that’s public, they can spoof it easily. So, no, we can’t act yet. The listener then parrots the info back to PayPal. PayPal answers that, yes, it was them, or no, someone is messing with you. That step, called logically enough, “verification”, is vital to the process. We need to know we are talking to PayPal not some idiot scammer. It’s pretty easy to pull it off. I’ll show you how. But, first, I’m reminded of a joke that illustrates the importance of this point. A cell phone is just sitting there on a bench in a country club’s locker room. The locker room is a little noisy. The phone rings. A man answers on hands-free.
Man: Hello? Woman’s voice: Hi, Honey, it’s me. I’m at the mall with the girls and I see the most amazing outfit. But, it’s like
$3,000. Man: Well, if you like it, you like it. Go ahead and buy it Woman: Oh honey!!! You’re the best! While you’re in such a good mood. . . . Do you mind if my Mother stays with us for a few weeks? Man: No problem. Whatever makes you happy. Woman: Oh, you are just the Perfect Man!! Bye. Man: Bye The man then turns to the others in the locker room and asks, “Does anyone know whose phone this is?” In keeping with the levity, let’s knock the POST technobabble down to servers talking on the phone. PayPal: Hey, Business, I got a guy here, Tom Smith, who just bought a video game. He paid for it. Ship it to his place, here’s the address. Business: Whoa there. How do I know it’s you, PayPal? PayPal: You have my number. Call me back. I’ll wait. Business calls back. PayPal: Paypal... how can I help you? Business: It’s me, Business. You called about an order? PayPal: Could be. What was it? Business: Tom Smith bought a video game. He’s at this address. PayPal: Lemme check. . . . . . . . Yup, got it right here. Tom Smith, one video game. It’s bought and paid for.
Go ahead and ship it. Business: Will do. Thanks! In a nutshell, that’s what happens. In reality, this is what happens. These are real sample communications. You don’t need to worry about what they mean just yet. Your site will handle that stuff. This is a sample of a notification for Tom Smith’s video game Express Checkout purchase for 19.99.
If you look closely, your server replies with the exact same stuff PayPal sent. It just adds one little piece. It asks for validation. The bolded red part, cmd=_notify-validate, is how PayPal knows it’s a validation request. PayPal checks the data against its records and responds with either VERIFIED or INVALID. If it’s VERIFIED, you’re good to go, sort of. You’ll see why it’s “sort of okay” in a bit. If it’s INVALID, I just ignore it. Others report the fraudulent attempt to PayPal. You can take whatever measures you prefer. It works pretty much like our fictitious phone call between servers. It’s just faster . . . a lot faster. There is some gobbledegook. That’s because some symbols have special meaning to a web server. You can’t use those asis. The same goes for spaces. The server will ignore anything after the space. That’s not a good thing. All you would get from PayPal is />gross=19.95&protection_eligibility=Eligible&address_status=confirmed&payer_id=LPLWNMTBWMFAY&tax=0.00&address_street=1 If you know percent-encoding, you have no trouble reading this. Replace %3A with a colon. Plus signs replace spaces. Ampersands signal the start of a new variable. Replace %40 with a “@.” Now the message is easily read. I did it for you.
address_street=1 Main St payment_date=20:12:59 Jan 13%2C 2017 PST payment_status=Completed charset=windows-1252 address_zip=95131 first_name=Tom mc_fee=0.88 address_country_code=US address_name=Tom Smith notify_version=2.6 custom= payer_status=verified address_country=United States address_city=San Jose quantity=1 verify_sign=AtkOfCXbDm2hu0ZELryHFjY-Vb7PAUvS6nMXgysbElEn9v-1XcmSoGtf payer_email= txn_id=61E67681CH3238416 payment_type=instant last_name=Smith address_state=CA receiver_email= (this would be yours) payment_fee=0.88 receiver_id=S8XGHLYDW9T3S txn_type=express_checkout item_name=video game mc_currency=USD item_number=1 residence_country=US
test_ipn=1 handling_amount=0.00 transaction_subject= payment_gross=19.95 shipping=0.00 Again,it’s not important for you to know what all that stuff means just yet (although you can figure it out, right?). We’ll get to it. Still, it can give you an idea of what kind of information you’ll get. Also, it’s a good idea to double check certain things before you act on the order.
That’s why I said you’re “sort of” good to go.
Why you’re “sort of” Good to Go It’s like leaving your cell phone unattended in the locker room. You can get into trouble. We’ll get to how in due course, but for now, let just say it would be a good idea to double check that the item ordered actually exists, it’s at the price ordered, in the currency ordered, and that you’re the account the order is intended for. You wouldn’t want to ship me your U$10 item for one Mexican peso, would you? Different notifications use different variables. You will need to know which variables PayPal sends before you can work with the data in those variables. Makes sense, right? There’s a hard way to do it and an easy way. Guess which one I like better. We’ll get to how to do that soon too.
What Variables are available Different actions trigger different notifications. Not everything is pertinent to everything else. A new subscriber notification doesn’t need to mention sizes. An order for a bikini doesn’t need a subscription date. There’s a list of variables that may be in your notification in Appendix A. It’s a long list. Don’t freak out. I’ll show you the easy way to find out what variables are actually in your notification. I didn’t have this book when I started using IPN. I did it the hard way. The hard way is very hard. Then I figured out the easy way. The easy way is much better.That’s what I’ll show you. That will come later when we dissect the listener.
Who can use IPN Only business members can use IPN. That makes sense. The general public doesn’t sell stuff in any big way. John Q. Public doesn’t need automation for the occasional eBay sale. You don’t need a Premium Account (i.e. paid). Even a free business account can use IPN. It might make sense for you to get a Premium account. It might not. That all depends on your needs, and doesn’t really matter for our purpose here. Standard or Premium, the method is the same. PayPal is pretty good about guiding you to the best solution. When I first set my business up, I fully expected to open a Premium Account. Jeremy, the PayPal Guy, went over what I needed to do and suggested I stick with the Standard Plan. It’s rare that a big business will put its customer’s needs ahead of it own. I appreciated the gesture.
Every business account can use IPN, but it is not active by default. You need to activate it. It’s straight-forward.
Activating IPN
First you need to get to your Selling Tools. Depending on where you happen to be on the PayPal site, you will need to do one of two things. 1 – Click on your Profile icon. It’s the icon that looks like a head-and-shoulders children’s drawing. From the Business Profile section choose Profile and Settings, then Selling Tools. OR If you don’t see the Profile Icon, 1 - Go My Account -> Profile -> Selling Tools. 2 - Now that you’re in Selling Tools, scroll down to the Getting Paid and Managing My Risk part. Click on Update. 3 - Enter your full web site link including the https:// part.
Note:
You do have https, right? It isn’t 100% required at time of writing but it will be soon enough. You may as well get ahead of the curve. Besides, what with Google putting big red insecure warnings on http sites, you look like a fly-by-night scammer if you don’t have one. Get an SSL certificate, get your https and be done! 4 - Put the full URL for your web site and the file that will
process the PayPal message. Yes, that’s your listener. Here’s an example />cat_bruce/process_message.php A couple of things to add here. I wouldn’t include “PayPal” or “payments” or “here_is_the_cash_come_and_get_it” in that filename. It isn’t easily readable, but why chance it? You need to put something in there, but you don’t need to fall in love with it. Think of that link as the default place where PayPal will send you notifications. You can tell PayPal to send the notification for any button to a specific listener. For you techie types that’s, “You can set the listener programmatically.” For you non-techies, you can also set it when you create the button. We’ll get to that when we build custom buttons. For now, just click Save and this part is done.
Lets go play in the sandbox Obviously, you wouldn’t want to test your IPN with real money. PayPal realizes that. They provide us with a playground where we can test stuff without incurring a boatload of fees.
Like most playgrounds, this one has a sandbox. Lucky for us, PayPal’s sandbox has no cat poop in it. Unluckily for us, PayPal’s sandox has other gotchas. The Sandbox is just a replica of the real PayPal system. The difference is that everything is simulated. You create a fake business account and as many fake buyer accounts as you like. You set them up anyway you like. You can load your fake PayPal accounts with fake money or not. You can link fake credit cards. You can make different fake accounts to simulate different real regions. I made Canadian fakes for every province to test taxation
scripts. I also made fake US and UK accounts.
Setting up your Sandbox is easy.
1.Go to https//developer.paypal.com. 2.Login. Use the email and password from your existing PayPal Business account. If you don’t have one, go to PaylPal’s site and get one. 3.PayPal will send you an email to confirm that you are you. Reply to it. 4.Go to />classic/lifecycle/sb_create-accounts/ 5.Create at least two sandbox (i.e. fake) accounts.
You do need to create at least two fake accounts, a BUYER type and a BUSINESS type. The BUYER type account will do all the fake buying. The BUSINESS type will be you getting all the fake orders, fake notifications, and oodles of fake dollars. You really should create BUYER accounts as both verified and not verified. Let’s call that a suggested optional step. Those fake accounts work like they’re real except no money changes hands and no fees are charged. Actually, that’s not 100% true. It’s true that you won’t get charged anything on your real account. But, PayPal does include what the fee would have been had that fake transaction been real. It’s more accurate, and more useful, to say that PayPal charges fake fees against fake accounts for fake buyers that buy fake stuff.
For real.
ProTip:
Create your tests with real item and cost data. That way, you’ll also get the real Paypal cost of that transaction. You may as well have your tests do double-duty.
Remember the passwords to those fake accounts. You will need to enter the password when you place your fake orders. Passwords don’t need to be super-secure. The accounts don’t actually do anything.
Note:
Don’t forget the passwords to your fake accounts. They don’t actually do anything. It’s safe to write the passwords down. Everything we will do going forward will be with those fake accounts. Once you have everything nice and operational, it’s a simple thing to make it go live.
Danger:
Remember what I said about IPN resending failed notifications? They can come back to drive you nuts.. Some notifications may fail during testing to come back to bite you on the ass when the system is live! If you use the listener I suggest, you’ll be okay. It will catch sandboxed notifications that come through when the system live. It will send you an email to
that effect. You can and should code your processing scripts to ignore them.
I know of one guy who didn’t do this. Worse, or maybe luckily, he used his home address as the sandbox BUYER account address. His warehouse shipped over 700 identical items to his house. Not good. To be extra safe, create an email address specifically for your testing. That temporary email must be reachable. Remove it from the listener when you go live. The listener will ignore anything sent to that email as the Business. For example, if you test with , remove that email from the listener. You’ll see what I mean once we dissect the listener file.
A note on Back-End Testing
f you plan to test extensive back-end processes, you may want to build your own sandbox. It can just be a copy of your system with a limited number of products, or a single mySQL table where records will go. Ask your techies.
Details about Test Accounts
CountrySelect: You can set where the fake BUY-
ER or BUSINESS lives. This way you can test shipping
costs, tax, etc. Set up as many test accounts as make sense to you.
Account type: Select either the Person-
al or Business radio button. You must have at least one of each. The BUSINESS account will receive all your fake money. The PERSONAL or BUYER account(s) will do the fake buying.
Email address: This could be fake too. PayPal
won’t send emails from the Sandbox. Instead, they will list stuff on both the Notifications tab on the Developer site, and on the Sandbox test site. You will use this email to login to the Sandbox site and to process your fake purchases. The BUSINESS email must be real to get your messages from the system. It’s a good idea to make an email just for testing.
Password: The password must be 8-20 charac-
ters long. Use numbers, letters, or both. You’ll need the password to log in to the Sandbox test site as the test account and to process fake orders. Don’t break your head making it super secure. It’s not as if it actually leads to anything. Make it something you’ll remember.
First and Last names: Optional. I just use,
“Fake BuyerUSA,” “FakeBuyerQc,” “FakeBuyerOn,” etc. (I’m Canadian, eh!)
PayPal balance: Optional, but a really good idea.
This is how much fake money your fake Buyer has to make fake purchases. You can enter any integer from 1 to 10 million. Go hog wild. It might also be a good idea to make some accounts without money.
Bank Verified Account: I suggest you create
both Verified and Unverified fake accounts. It will be a better reflection of real-word situations.
Select Payment Card: Test payments made
with different payment cards by selecting either Discover or PayPal. That only works for “US-based” fake business accounts.
Credit card type: If you want, you can choose a single credit card type for each fake account. Sandbox
will create a fake card number for the fake account to send you fake money with.
Notes: Optional but suggested if you have several
fake accounts. You can scroll through the whole page to find out what makes this fake account different. Or, you can look at the note. Once you have at least one BUYER account and one BUSINESS account you’re ready to move on to buy buttons.
Creating Buy Buttons There’s an easy way and a hard way to build buttons. I usually
prefer the easy way of doing anything. That’s not necessarily the case this time. The easy way is to use PayPal’s button building and hosting function. It works and works well. It has advantages. The security is built-in. PayPal hosts the button. It’s fast. You can create a button in record time even if you never saw HTML in your life. You can customize some of it on the fly. One disadvantage is that you can’t customize all of it on the fly. That’s not the biggest disadvantage. The biggest disadvantage is also one of the reasons why so many people have trouble setting up IPN. PayPal hosted buttons are not sandbox-able. That means they can’t be tested. I have no idea why PayPal wouldn’t include hosted buttons in the sandbox. Take it up with them. There is a workaround. We’ll get to it soon. Just know, that one way or another, you will need to learn how to build a custom button. That’s not a bad thing. Things can be easy. Things can be completely customizable. Rarely are they both.
Creating a Hosted Button
¾¾ From your PayPal account, choose Tools from the
top menu bar.
¾¾ Scroll down to All Tools and click.
¾¾ Scroll down again to find PayPal Buttons. On my
page it’s on the far left, fourth row down. Click that. By the way, if you click on the Heart, that Tool will be on your initial drop-down menu. ¾¾ You’ll see links to sample buttons and links to create
new ones.
¾¾ To create a new button, click on “Create new
button,” and follow the steps. Done.
ProTip:
if you click on the Heart in the box that takes you to Buttons, that Tool will be on your initial drop-down menu.
PayPal will write the HTML and show you a preview of what it will look like. By default, it will notify to the link you set when you activated Instant Payment Notification on your account. By default, it also points to the LIVE PayPal site. We definitely don’t want that right now. Let me show you what I mean. This is the HTML generated by the Button Builder for a Sample Subscription button. <form action=” />webscr” method=”post” target=”_top”> <input type=”hidden” name=”cmd” value=”_s-xclick”>
value=”93YR2PTH8LT2Y”> <input type=”image” src=” />border=”0” name=”submit” alt=”PayPal - The safer, easier way to pay online!”>