--- /tmp/dsg/dolibarr/htdocs/paypal/lib/github_paypal.lib.php
+++ /tmp/dsg/dolibarr/htdocs/paypal/lib/client_paypal.lib.php
@@ -22,8 +22,6 @@
* \brief Library for common paypal functions
*/
-require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
-
/**
* Define head array for tabs of paypal tools setup pages
@@ -44,15 +42,144 @@
$object = new stdClass();
- // Show more tabs from modules
- // Entries must be declared in modules descriptor with line
- // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab
- // $this->tabs = array('entity:-tabname); to remove a tab
+ // Show more tabs from modules
+ // Entries must be declared in modules descriptor with line
+ // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab
+ // $this->tabs = array('entity:-tabname); to remove a tab
complete_head_from_modules($conf, $langs, $object, $head, $h, 'paypaladmin');
complete_head_from_modules($conf, $langs, $object, $head, $h, 'paypaladmin', 'remove');
- return $head;
+ return $head;
+}
+
+
+
+/**
+ * Return string with full Url
+ *
+ * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'membersubscription' ...)
+ * @param string $ref Ref of object
+ * @return string Url string
+ */
+function showPaypalPaymentUrl($type, $ref)
+{
+ global $conf, $langs;
+
+ $langs->load("paypal");
+ $langs->load("paybox");
+ $servicename = 'PayPal';
+ $out = '
';
+ $out .= img_picto('', 'globe').' '.$langs->trans("ToOfferALinkForOnlinePayment", $servicename).'
';
+ $url = getPaypalPaymentUrl(0, $type, $ref);
+ $out .= '';
+ $out .= ajax_autoselect("paypalurl", 0);
+ return $out;
+}
+
+
+/**
+ * Return string with full Url
+ *
+ * @param int $mode 0=True url, 1=Url formated with colors
+ * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'membersubscription' ...)
+ * @param string $ref Ref of object
+ * @param int $amount Amount
+ * @param string $freetag Free tag
+ * @return string Url string
+ */
+function getPaypalPaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag = 'your_tag')
+{
+ global $conf;
+
+ $ref = str_replace(' ', '', $ref);
+
+ if ($type == 'free')
+ {
+ $out = DOL_MAIN_URL_ROOT.'/public/paypal/newpayment.php?amount='.($mode ? '' : '').$amount.($mode ? '' : '').'&tag='.($mode ? '' : '').$freetag.($mode ? '' : '');
+ if (!empty($conf->global->PAYPAL_SECURITY_TOKEN))
+ {
+ if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $out .= '&securekey='.$conf->global->PAYPAL_SECURITY_TOKEN;
+ else $out .= '&securekey='.dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
+ }
+ }
+ if ($type == 'order')
+ {
+ $out = DOL_MAIN_URL_ROOT.'/public/paypal/newpayment.php?source=order&ref='.($mode ? '' : '');
+ if ($mode == 1) $out .= 'order_ref';
+ if ($mode == 0) $out .= urlencode($ref);
+ $out .= ($mode ? '' : '');
+ if (!empty($conf->global->PAYPAL_SECURITY_TOKEN))
+ {
+ if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $out .= '&securekey='.$conf->global->PAYPAL_SECURITY_TOKEN;
+ else
+ {
+ $out .= '&securekey='.($mode ? '' : '');
+ if ($mode == 1) $out .= "hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + '".$type."' + order_ref)";
+ if ($mode == 0) $out .= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN.$type.$ref, 2);
+ $out .= ($mode ? '' : '');
+ }
+ }
+ }
+ if ($type == 'invoice')
+ {
+ $out = DOL_MAIN_URL_ROOT.'/public/paypal/newpayment.php?source=invoice&ref='.($mode ? '' : '');
+ if ($mode == 1) $out .= 'invoice_ref';
+ if ($mode == 0) $out .= urlencode($ref);
+ $out .= ($mode ? '' : '');
+ if (!empty($conf->global->PAYPAL_SECURITY_TOKEN))
+ {
+ if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $out .= '&securekey='.$conf->global->PAYPAL_SECURITY_TOKEN;
+ else
+ {
+ $out .= '&securekey='.($mode ? '' : '');
+ if ($mode == 1) $out .= "hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + '".$type."' + invoice_ref)";
+ if ($mode == 0) $out .= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN.$type.$ref, 2);
+ $out .= ($mode ? '' : '');
+ }
+ }
+ }
+ if ($type == 'contractline')
+ {
+ $out = DOL_MAIN_URL_ROOT.'/public/paypal/newpayment.php?source=contractline&ref='.($mode ? '' : '');
+ if ($mode == 1) $out .= 'contractline_ref';
+ if ($mode == 0) $out .= urlencode($ref);
+ $out .= ($mode ? '' : '');
+ if (!empty($conf->global->PAYPAL_SECURITY_TOKEN))
+ {
+ if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $out .= '&securekey='.$conf->global->PAYPAL_SECURITY_TOKEN;
+ else
+ {
+ $out .= '&securekey='.($mode ? '' : '');
+ if ($mode == 1) $out .= "hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + '".$type."' + contractline_ref)";
+ if ($mode == 0) $out .= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN.$type.$ref, 2);
+ $out .= ($mode ? '' : '');
+ }
+ }
+ }
+ if ($type == 'membersubscription')
+ {
+ $out = DOL_MAIN_URL_ROOT.'/public/paypal/newpayment.php?source=membersubscription&ref='.($mode ? '' : '');
+ if ($mode == 1) $out .= 'member_ref';
+ if ($mode == 0) $out .= urlencode($ref);
+ $out .= ($mode ? '' : '');
+ if (!empty($conf->global->PAYPAL_SECURITY_TOKEN))
+ {
+ if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $out .= '&securekey='.$conf->global->PAYPAL_SECURITY_TOKEN;
+ else
+ {
+ $out .= '&securekey='.($mode ? '' : '');
+ if ($mode == 1) $out .= "hash('".$conf->global->PAYPAL_SECURITY_TOKEN."' + '".$type."' + member_ref)";
+ if ($mode == 0) $out .= dol_hash($conf->global->PAYPAL_SECURITY_TOKEN.$type.$ref, 2);
+ $out .= ($mode ? '' : '');
+ }
+ }
+ }
+
+ // For multicompany
+ $out .= "&entity=".$conf->entity; // Check the entity because He may be the same reference in several entities
+
+ return $out;
}
@@ -69,96 +196,97 @@
*/
function print_paypal_redirect($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag)
{
- //declaring of global variables
- global $conf, $langs;
- global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
- global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
-
- global $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum;
- global $email, $desc;
-
- //'------------------------------------
- //' Calls the SetExpressCheckout API call
- //'
- //'-------------------------------------------------
-
- if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY = 'integral';
-
- $solutionType = 'Sole';
- $landingPage = 'Billing';
- // For payment with Paypal only
- if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly')
- {
- $solutionType = 'Mark';
- $landingPage = 'Login';
- }
- // For payment with Credit card or Paypal
- if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral')
- {
- $solutionType = 'Sole';
- $landingPage = 'Billing';
- }
- // For payment with Credit card
- if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'cconly')
- {
- $solutionType = 'Sole';
- $landingPage = 'Billing';
- }
-
- dol_syslog("print_paypal_redirect expresscheckout redirect with callSetExpressCheckout $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $solutionType, $landingPage, $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum");
- $resArray = callSetExpressCheckout(
- $paymentAmount,
- $currencyCodeType,
- $paymentType,
- $returnURL,
- $cancelURL,
- $tag,
- $solutionType,
- $landingPage,
- $shipToName,
- $shipToStreet,
- $shipToCity,
- $shipToState,
- $shipToCountryCode,
- $shipToZip,
- $shipToStreet2,
- $phoneNum,
- $email,
- $desc
- );
-
- dol_syslog("print_paypal_redirect resArray=".var_export($resArray, true), LOG_DEBUG);
-
- $ack = strtoupper($resArray["ACK"]);
- if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING")
- {
- $token = $resArray["TOKEN"];
-
- // Redirect to paypal.com here
- $payPalURL = $API_Url.$token;
- dol_syslog("Redirect to ".$payPalURL, LOG_INFO);
- header("Location: ".$payPalURL);
- exit;
- } else {
- //Display a user friendly Error on the page using any of the following error information returned by PayPal
- $ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
- $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
- $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
- $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
-
- if ($ErrorCode == 10729)
- {
- $mesg .= "PayPal can't accept payments for this thirdparty. An address is defined but is not complete (missing State).
Ask system administrator to fix address or to setup Paypal module to accept payments even on not complete addresses (remove option PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS).
\n";
- } else {
- $mesg = $langs->trans('SetExpressCheckoutAPICallFailed')."
\n";
- $mesg .= $langs->trans('DetailedErrorMessage').": ".$ErrorLongMsg."
\n";
- $mesg .= $langs->trans('ShortErrorMessage').": ".$ErrorShortMsg."
\n";
- $mesg .= $langs->trans('ErrorCode').": ".$ErrorCode."
\n";
- $mesg .= $langs->trans('ErrorSeverityCode').": ".$ErrorSeverityCode."
\n";
- }
-
- return $mesg;
- }
+ //declaring of global variables
+ global $conf, $langs;
+ global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
+ global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
+
+ global $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum;
+ global $email, $desc;
+
+ //'------------------------------------
+ //' Calls the SetExpressCheckout API call
+ //'
+ //'-------------------------------------------------
+
+ if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY = 'integral';
+
+ $solutionType = 'Sole';
+ $landingPage = 'Billing';
+ // For payment with Paypal only
+ if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly')
+ {
+ $solutionType = 'Mark';
+ $landingPage = 'Login';
+ }
+ // For payment with Credit card or Paypal
+ if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral')
+ {
+ $solutionType = 'Sole';
+ $landingPage = 'Billing';
+ }
+ // For payment with Credit card
+ if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'cconly')
+ {
+ $solutionType = 'Sole';
+ $landingPage = 'Billing';
+ }
+
+ dol_syslog("expresscheckout redirect with callSetExpressCheckout $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $solutionType, $landingPage, $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum");
+ $resArray = callSetExpressCheckout(
+ $paymentAmount,
+ $currencyCodeType,
+ $paymentType,
+ $returnURL,
+ $cancelURL,
+ $tag,
+ $solutionType,
+ $landingPage,
+ $shipToName,
+ $shipToStreet,
+ $shipToCity,
+ $shipToState,
+ $shipToCountryCode,
+ $shipToZip,
+ $shipToStreet2,
+ $phoneNum,
+ $email,
+ $desc
+ );
+
+ $ack = strtoupper($resArray["ACK"]);
+ if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING")
+ {
+ $token = $resArray["TOKEN"];
+
+ // Redirect to paypal.com here
+ $payPalURL = $API_Url.$token;
+ header("Location: ".$payPalURL);
+ exit;
+ }
+ else
+ {
+ //Display a user friendly Error on the page using any of the following error information returned by PayPal
+ $ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
+ $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
+ $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
+ $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
+
+ if ($ErrorCode == 10729)
+ {
+ $mesg .= "PayPal can't accept payments for this thirdparty. An address is defined but is not complete (missing State).
Ask system administrator to fix address or to setup Paypal module to accept payments even on not complete addresses (remove option PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS).
\n";
+ }
+ else
+ {
+ $mesg = $langs->trans('SetExpressCheckoutAPICallFailed')."
\n";
+ $mesg .= $langs->trans('DetailedErrorMessage').": ".$ErrorLongMsg."
\n";
+ $mesg .= $langs->trans('ShortErrorMessage').": ".$ErrorShortMsg."
\n";
+ $mesg .= $langs->trans('ErrorCode').": ".$ErrorCode."
\n";
+ $mesg .= $langs->trans('ErrorSeverityCode').": ".$ErrorSeverityCode."
\n";
+ }
+
+ return $mesg;
+ }
}
/**
@@ -204,103 +332,105 @@
*/
function callSetExpressCheckout($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $solutionType, $landingPage, $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum, $email = '', $desc = '')
{
- //------------------------------------------------------------------------------------------------------------------------------------
- // Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
-
- //declaring of global variables
- global $conf, $langs, $mysoc;
- global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
- global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
-
- $nvpstr = '';
- //$nvpstr = $nvpstr . "&VERSION=".$API_version; // Already added by hash_call
- $nvpstr = $nvpstr."&RETURNURL=".urlencode($returnURL);
- $nvpstr = $nvpstr."&CANCELURL=".urlencode($cancelURL);
- if (!empty($conf->global->PAYPAL_ALLOW_NOTES))
- {
- $nvpstr = $nvpstr."&ALLOWNOTE=0";
- }
- if (empty($conf->global->PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS))
- {
- $nvpstr = $nvpstr."&NOSHIPPING=1"; // An empty or not complete shipping address will be accepted
- } else {
- $nvpstr = $nvpstr."&NOSHIPPING=0"; // A valid shipping address is required (full required fields mandatory)
- }
- $nvpstr = $nvpstr."&SOLUTIONTYPE=".urlencode($solutionType);
- $nvpstr = $nvpstr."&LANDINGPAGE=".urlencode($landingPage);
- if (!empty($conf->global->PAYPAL_CUSTOMER_SERVICE_NUMBER))
- {
- $nvpstr = $nvpstr."&CUSTOMERSERVICENUMBER=".urlencode($conf->global->PAYPAL_CUSTOMER_SERVICE_NUMBER); // Hotline phone number
- }
-
- $paypalprefix = 'PAYMENTREQUEST_0_';
- //$paypalprefix = '';
+ //------------------------------------------------------------------------------------------------------------------------------------
+ // Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
+
+ //declaring of global variables
+ global $conf, $langs, $mysoc;
+ global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
+ global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
+
+ $nvpstr = '';
+ //$nvpstr = $nvpstr . "&VERSION=".$API_version; // Already added by hash_call
+ $nvpstr = $nvpstr."&RETURNURL=".urlencode($returnURL);
+ $nvpstr = $nvpstr."&CANCELURL=".urlencode($cancelURL);
+ if (!empty($conf->global->PAYPAL_ALLOW_NOTES))
+ {
+ $nvpstr = $nvpstr."&ALLOWNOTE=0";
+ }
+ if (empty($conf->global->PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS))
+ {
+ $nvpstr = $nvpstr."&NOSHIPPING=1"; // An empty or not complete shipping address will be accepted
+ }
+ else
+ {
+ $nvpstr = $nvpstr."&NOSHIPPING=0"; // A valid shipping address is required (full required fields mandatory)
+ }
+ $nvpstr = $nvpstr."&SOLUTIONTYPE=".urlencode($solutionType);
+ $nvpstr = $nvpstr."&LANDINGPAGE=".urlencode($landingPage);
+ if (!empty($conf->global->PAYPAL_CUSTOMER_SERVICE_NUMBER))
+ {
+ $nvpstr = $nvpstr."&CUSTOMERSERVICENUMBER=".urlencode($conf->global->PAYPAL_CUSTOMER_SERVICE_NUMBER); // Hotline phone number
+ }
+
+ $paypalprefix = 'PAYMENTREQUEST_0_';
+ //$paypalprefix = '';
if (!empty($paypalprefix) && $paymentType == 'Sole') $paymentType = 'Sale';
$nvpstr = $nvpstr."&AMT=".urlencode($paymentAmount); // Total for all elements
- $nvpstr = $nvpstr."&".$paypalprefix."INVNUM=".urlencode($tag);
- $nvpstr = $nvpstr."&".$paypalprefix."AMT=".urlencode($paymentAmount); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
- $nvpstr = $nvpstr."&".$paypalprefix."ITEMAMT=".urlencode($paymentAmount); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
- $nvpstr = $nvpstr."&".$paypalprefix."PAYMENTACTION=".urlencode($paymentType); // PAYMENTACTION deprecated by paypal -> PAYMENTREQUEST_n_PAYMENTACTION
- $nvpstr = $nvpstr."&".$paypalprefix."CURRENCYCODE=".urlencode($currencyCodeType); // CURRENCYCODE deprecated by paypal -> PAYMENTREQUEST_n_CURRENCYCODE
-
- $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_QTY0=1";
- $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_AMT0=".urlencode($paymentAmount);
- $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_NAME0=".urlencode($desc);
- $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_NUMBER0=0";
-
- $nvpstr = $nvpstr."&".$paypalprefix."SHIPTONAME=".urlencode($shipToName); // SHIPTONAME deprecated by paypal -> PAYMENTREQUEST_n_SHIPTONAME
- $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTREET=".urlencode($shipToStreet); //
- $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTREET2=".urlencode($shipToStreet2);
- $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOCITY=".urlencode($shipToCity);
- $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTATE=".urlencode($shipToState);
- $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOCOUNTRYCODE=".urlencode($shipToCountryCode);
- $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOZIP=".urlencode($shipToZip);
- $nvpstr = $nvpstr."&".$paypalprefix."PHONENUM=".urlencode($phoneNum);
- if (!empty($email)) $nvpstr = $nvpstr."&".$paypalprefix."EMAIL=".urlencode($email); // EMAIL deprecated by paypal -> PAYMENTREQUEST_n_EMAIL
- if (!empty($desc)) $nvpstr = $nvpstr."&".$paypalprefix."DESC=".urlencode($desc); // DESC deprecated by paypal -> PAYMENTREQUEST_n_DESC
-
- if (!empty($conf->global->PAYPAL_LOGOIMG) && $mysoc->logo)
- {
- global $dolibarr_main_url_root;
-
- // Define $urlwithroot
- $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
- $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
- //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
-
- $urllogo = $urlwithroot."/viewimage.php?modulepart=mycompany&file=".urlencode('logos/'.$mysoc->logo);
- $nvpstr = $nvpstr."&LOGOIMG=".urlencode($urllogo);
- }
- if (!empty($conf->global->PAYPAL_BRANDNAME))
- {
- $nvpstr = $nvpstr."&BRANDNAME=".urlencode($conf->global->PAYPAL_BRANDNAME); // BRANDNAME
- }
- if (!empty($conf->global->PAYPAL_NOTETOBUYER))
- {
- $nvpstr = $nvpstr."&NOTETOBUYER=".urlencode($conf->global->PAYPAL_NOTETOBUYER); // PAYPAL_NOTETOBUYER
- }
+ $nvpstr = $nvpstr."&".$paypalprefix."INVNUM=".urlencode($tag);
+ $nvpstr = $nvpstr."&".$paypalprefix."AMT=".urlencode($paymentAmount); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
+ $nvpstr = $nvpstr."&".$paypalprefix."ITEMAMT=".urlencode($paymentAmount); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
+ $nvpstr = $nvpstr."&".$paypalprefix."PAYMENTACTION=".urlencode($paymentType); // PAYMENTACTION deprecated by paypal -> PAYMENTREQUEST_n_PAYMENTACTION
+ $nvpstr = $nvpstr."&".$paypalprefix."CURRENCYCODE=".urlencode($currencyCodeType); // CURRENCYCODE deprecated by paypal -> PAYMENTREQUEST_n_CURRENCYCODE
+
+ $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_QTY0=1";
+ $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_AMT0=".urlencode($paymentAmount);
+ $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_NAME0=".urlencode($desc);
+ $nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_NUMBER0=0";
+
+ $nvpstr = $nvpstr."&".$paypalprefix."SHIPTONAME=".urlencode($shipToName); // SHIPTONAME deprecated by paypal -> PAYMENTREQUEST_n_SHIPTONAME
+ $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTREET=".urlencode($shipToStreet); //
+ $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTREET2=".urlencode($shipToStreet2);
+ $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOCITY=".urlencode($shipToCity);
+ $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTATE=".urlencode($shipToState);
+ $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOCOUNTRYCODE=".urlencode($shipToCountryCode);
+ $nvpstr = $nvpstr."&".$paypalprefix."SHIPTOZIP=".urlencode($shipToZip);
+ $nvpstr = $nvpstr."&".$paypalprefix."PHONENUM=".urlencode($phoneNum);
+ if (!empty($email)) $nvpstr = $nvpstr."&".$paypalprefix."EMAIL=".urlencode($email); // EMAIL deprecated by paypal -> PAYMENTREQUEST_n_EMAIL
+ if (!empty($desc)) $nvpstr = $nvpstr."&".$paypalprefix."DESC=".urlencode($desc); // DESC deprecated by paypal -> PAYMENTREQUEST_n_DESC
+
+ if (!empty($conf->global->PAYPAL_LOGOIMG) && $mysoc->logo)
+ {
+ global $dolibarr_main_url_root;
+
+ // Define $urlwithroot
+ $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
+ $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
+ //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
+
+ $urllogo = $urlwithroot."/viewimage.php?modulepart=mycompany&file=".urlencode('logos/'.$mysoc->logo);
+ $nvpstr = $nvpstr."&LOGOIMG=".urlencode($urllogo);
+ }
+ if (!empty($conf->global->PAYPAL_BRANDNAME))
+ {
+ $nvpstr = $nvpstr."&BRANDNAME=".urlencode($conf->global->PAYPAL_BRANDNAME); // BRANDNAME
+ }
+ if (!empty($conf->global->PAYPAL_NOTETOBUYER))
+ {
+ $nvpstr = $nvpstr."&NOTETOBUYER=".urlencode($conf->global->PAYPAL_NOTETOBUYER); // PAYPAL_NOTETOBUYER
+ }
$_SESSION["FinalPaymentAmt"] = $paymentAmount;
- $_SESSION["currencyCodeType"] = $currencyCodeType;
- $_SESSION["PaymentType"] = $paymentType; // 'Mark', 'Sole'
- $_SESSION['ipaddress'] = getUserRemoteIP(); // Payer ip
-
- //'---------------------------------------------------------------------------------------------------------------
- //' Make the API call to PayPal
- //' If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.
- //' If an error occured, show the resulting errors
- //'---------------------------------------------------------------------------------------------------------------
- $resArray = hash_call("SetExpressCheckout", $nvpstr);
- $ack = strtoupper($resArray["ACK"]);
- if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING")
- {
- $token = urldecode($resArray["TOKEN"]);
- $_SESSION['TOKEN'] = $token;
- }
-
- return $resArray;
+ $_SESSION["currencyCodeType"] = $currencyCodeType;
+ $_SESSION["PaymentType"] = $paymentType; // 'Mark', 'Sole'
+ $_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR']; // Payer ip
+
+ //'---------------------------------------------------------------------------------------------------------------
+ //' Make the API call to PayPal
+ //' If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.
+ //' If an error occured, show the resulting errors
+ //'---------------------------------------------------------------------------------------------------------------
+ $resArray = hash_call("SetExpressCheckout", $nvpstr);
+ $ack = strtoupper($resArray["ACK"]);
+ if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING")
+ {
+ $token = urldecode($resArray["TOKEN"]);
+ $_SESSION['TOKEN'] = $token;
+ }
+
+ return $resArray;
}
/**
@@ -311,39 +441,39 @@
*/
function getDetails($token)
{
- //'--------------------------------------------------------------
- //' At this point, the buyer has completed authorizing the payment
- //' at PayPal. The function will call PayPal to obtain the details
- //' of the authorization, incuding any shipping information of the
- //' buyer. Remember, the authorization is not a completed transaction
- //' at this state - the buyer still needs an additional step to finalize
- //' the transaction
- //'--------------------------------------------------------------
-
- //declaring of global variables
- global $conf, $langs;
- global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
- global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
-
- //'---------------------------------------------------------------------------
- //' Build a second API request to PayPal, using the token as the
- //' ID to get the details on the payment authorization
- //'---------------------------------------------------------------------------
- $nvpstr = "&TOKEN=".$token;
-
- //'---------------------------------------------------------------------------
- //' Make the API call and store the results in an array.
- //' If the call was a success, show the authorization details, and provide
- //' an action to complete the payment.
- //' If failed, show the error
- //'---------------------------------------------------------------------------
- $resArray = hash_call("GetExpressCheckoutDetails", $nvpstr);
- $ack = strtoupper($resArray["ACK"]);
- if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING")
- {
- $_SESSION['payer_id'] = $resArray['PAYERID'];
- }
- return $resArray;
+ //'--------------------------------------------------------------
+ //' At this point, the buyer has completed authorizing the payment
+ //' at PayPal. The function will call PayPal to obtain the details
+ //' of the authorization, incuding any shipping information of the
+ //' buyer. Remember, the authorization is not a completed transaction
+ //' at this state - the buyer still needs an additional step to finalize
+ //' the transaction
+ //'--------------------------------------------------------------
+
+ //declaring of global variables
+ global $conf, $langs;
+ global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
+ global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
+
+ //'---------------------------------------------------------------------------
+ //' Build a second API request to PayPal, using the token as the
+ //' ID to get the details on the payment authorization
+ //'---------------------------------------------------------------------------
+ $nvpstr = "&TOKEN=".$token;
+
+ //'---------------------------------------------------------------------------
+ //' Make the API call and store the results in an array.
+ //' If the call was a success, show the authorization details, and provide
+ //' an action to complete the payment.
+ //' If failed, show the error
+ //'---------------------------------------------------------------------------
+ $resArray = hash_call("GetExpressCheckoutDetails", $nvpstr);
+ $ack = strtoupper($resArray["ACK"]);
+ if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING")
+ {
+ $_SESSION['payer_id'] = $resArray['PAYERID'];
+ }
+ return $resArray;
}
@@ -357,41 +487,41 @@
* @param string $ipaddress IP Address
* @param string $FinalPaymentAmt Amount
* @param string $tag Full tag
- * @return array
+ * @return void
*/
function confirmPayment($token, $paymentType, $currencyCodeType, $payerID, $ipaddress, $FinalPaymentAmt, $tag)
{
- /* Gather the information to make the final call to
+ /* Gather the information to make the final call to
finalize the PayPal payment. The variable nvpstr
holds the name value pairs
*/
- //declaring of global variables
- global $conf, $langs;
- global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
- global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
-
- $nvpstr = '';
- $nvpstr .= '&TOKEN='.urlencode($token);
- $nvpstr .= '&PAYERID='.urlencode($payerID);
- $nvpstr .= '&PAYMENTACTION='.urlencode($paymentType);
- $nvpstr .= '&AMT='.urlencode($FinalPaymentAmt);
- $nvpstr .= '&CURRENCYCODE='.urlencode($currencyCodeType);
- $nvpstr .= '&IPADDRESS='.urlencode($ipaddress);
- $nvpstr .= '&INVNUM='.urlencode($tag);
-
- /* Make the call to PayPal to finalize payment
+ //declaring of global variables
+ global $conf, $langs;
+ global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
+ global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
+
+ $nvpstr = '';
+ $nvpstr .= '&TOKEN='.urlencode($token);
+ $nvpstr .= '&PAYERID='.urlencode($payerID);
+ $nvpstr .= '&PAYMENTACTION='.urlencode($paymentType);
+ $nvpstr .= '&AMT='.urlencode($FinalPaymentAmt);
+ $nvpstr .= '&CURRENCYCODE='.urlencode($currencyCodeType);
+ $nvpstr .= '&IPADDRESS='.urlencode($ipaddress);
+ $nvpstr .= '&INVNUM='.urlencode($tag);
+
+ /* Make the call to PayPal to finalize payment
If an error occured, show the resulting errors
*/
- $resArray = hash_call("DoExpressCheckoutPayment", $nvpstr);
-
- /* Display the API response back to the browser.
+ $resArray = hash_call("DoExpressCheckoutPayment", $nvpstr);
+
+ /* Display the API response back to the browser.
If the response from PayPal was a success, display the response parameters'
If the response was an error, display the errors received using APIError.php.
*/
- $ack = strtoupper($resArray["ACK"]);
-
- return $resArray;
+ $ack = strtoupper($resArray["ACK"]);
+
+ return $resArray;
}
/**
@@ -436,7 +566,7 @@
$nvpstr = $nvpstr . "&CITY=" . urlencode($city);
$nvpstr = $nvpstr . "&STATE=" . urlencode($state);
$nvpstr = $nvpstr . "&COUNTRYCODE=" . urlencode($countryCode);
- $nvpstr = $nvpstr . "&IPADDRESS=" . getUserRemotIP();
+ $nvpstr = $nvpstr . "&IPADDRESS=" . $_SERVER['REMOTE_ADDR'];
$nvpstr = $nvpstr . "&INVNUM=" . urlencode($tag);
$resArray=hash_call("DoDirectPayment", $nvpstr);
@@ -455,20 +585,22 @@
*/
function hash_call($methodName, $nvpStr)
{
- //declaring of global variables
- global $conf, $langs;
- global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT, $PROXY_USER, $PROXY_PASS;
- global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
-
- // TODO problem with triggers
- $API_version = "98.0";
+ //declaring of global variables
+ global $conf, $langs;
+ global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT, $PROXY_USER, $PROXY_PASS;
+ global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
+
+ // TODO problem with triggers
+ $API_version = "98.0";
if (!empty($conf->global->PAYPAL_API_SANDBOX) || GETPOST('forcesandbox', 'alpha')) // We can force sand box with param 'forcesandbox'
{
- $API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
- $API_Url = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=";
- } else {
- $API_Endpoint = "https://api-3t.paypal.com/nvp";
- $API_Url = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
+ $API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
+ $API_Url = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=";
+ }
+ else
+ {
+ $API_Endpoint = "https://api-3t.paypal.com/nvp";
+ $API_Url = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
}
// Clean parameters
@@ -482,73 +614,76 @@
if (!empty($conf->global->PAYPAL_API_SANDBOX)) $PAYPAL_API_SANDBOX = $conf->global->PAYPAL_API_SANDBOX;
// TODO END problem with triggers
- dol_syslog("Paypal API endpoint ".$API_Endpoint);
-
- //setting the curl parameters.
- $ch = curl_init();
-
- /*print $API_Endpoint."-".$API_version."-".$PAYPAL_API_USER."-".$PAYPAL_API_PASSWORD."-".$PAYPAL_API_SIGNATURE."
";
+ dol_syslog("Paypal API endpoint ".$API_Endpoint);
+
+ //setting the curl parameters.
+ $ch = curl_init();
+
+ /*print $API_Endpoint."-".$API_version."-".$PAYPAL_API_USER."-".$PAYPAL_API_PASSWORD."-".$PAYPAL_API_SIGNATURE."
";
print $USE_PROXY."-".$gv_ApiErrorURL."
";
print $nvpStr;
exit;*/
- curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
- curl_setopt($ch, CURLOPT_VERBOSE, 1);
- // TLSv1 by default or change to TLSv1.2 in module configuration
- curl_setopt($ch, CURLOPT_SSLVERSION, (empty($conf->global->PAYPAL_SSLVERSION) ? 1 : $conf->global->PAYPAL_SSLVERSION));
-
- //turning off the server and peer verification(TrustManager Concept).
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
-
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, empty($conf->global->MAIN_USE_CONNECT_TIMEOUT) ? 5 : $conf->global->MAIN_USE_CONNECT_TIMEOUT);
- curl_setopt($ch, CURLOPT_TIMEOUT, empty($conf->global->MAIN_USE_RESPONSE_TIMEOUT) ? 30 : $conf->global->MAIN_USE_RESPONSE_TIMEOUT);
-
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_POST, 1);
-
- //if USE_PROXY constant set to true in Constants.php, then only proxy will be enabled.
- if ($USE_PROXY)
- {
- dol_syslog("Paypal API hash_call set proxy to ".$PROXY_HOST.":".$PROXY_PORT." - ".$PROXY_USER.":".$PROXY_PASS);
- //curl_setopt ($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); // Curl 7.10
- curl_setopt($ch, CURLOPT_PROXY, $PROXY_HOST.":".$PROXY_PORT);
- if ($PROXY_USER) curl_setopt($ch, CURLOPT_PROXYUSERPWD, $PROXY_USER.":".$PROXY_PASS);
- }
-
- //NVPRequest for submitting to server
- $nvpreq = "METHOD=".urlencode($methodName)."&VERSION=".urlencode($API_version)."&PWD=".urlencode($PAYPAL_API_PASSWORD)."&USER=".urlencode($PAYPAL_API_USER)."&SIGNATURE=".urlencode($PAYPAL_API_SIGNATURE).$nvpStr;
- $nvpreq .= "&LOCALECODE=".strtoupper($langs->getDefaultLang(1));
- //$nvpreq.="&BRANDNAME=".urlencode(); // Override merchant name
- //$nvpreq.="&NOTIFYURL=".urlencode(); // For Instant Payment Notification url
-
-
- dol_syslog("Paypal API hash_call nvpreq=".$nvpreq);
-
- //setting the nvpreq as POST FIELD to curl
- curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
-
- //getting response from server
- $response = curl_exec($ch);
-
- $nvpReqArray = deformatNVP($nvpreq);
- $_SESSION['nvpReqArray'] = $nvpReqArray;
-
- //convrting NVPResponse to an Associative Array
- dol_syslog("Paypal API hash_call Response nvpresp=".$response);
- $nvpResArray = deformatNVP($response);
-
- if (curl_errno($ch)) {
- // moving to display page to display curl errors
- $_SESSION['curl_error_no'] = curl_errno($ch);
- $_SESSION['curl_error_msg'] = curl_error($ch);
-
- //Execute the Error handling module to display errors.
- } else {
- //closing the curl
- curl_close($ch);
- }
-
- return $nvpResArray;
+ curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
+ curl_setopt($ch, CURLOPT_VERBOSE, 1);
+ // TLSv1 by default or change to TLSv1.2 in module configuration
+ curl_setopt($ch, CURLOPT_SSLVERSION, (empty($conf->global->PAYPAL_SSLVERSION) ? 1 : $conf->global->PAYPAL_SSLVERSION));
+
+ //turning off the server and peer verification(TrustManager Concept).
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
+
+ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, empty($conf->global->MAIN_USE_CONNECT_TIMEOUT) ? 5 : $conf->global->MAIN_USE_CONNECT_TIMEOUT);
+ curl_setopt($ch, CURLOPT_TIMEOUT, empty($conf->global->MAIN_USE_RESPONSE_TIMEOUT) ? 30 : $conf->global->MAIN_USE_RESPONSE_TIMEOUT);
+
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($ch, CURLOPT_POST, 1);
+
+ //if USE_PROXY constant set to true in Constants.php, then only proxy will be enabled.
+ if ($USE_PROXY)
+ {
+ dol_syslog("Paypal API hash_call set proxy to ".$PROXY_HOST.":".$PROXY_PORT." - ".$PROXY_USER.":".$PROXY_PASS);
+ //curl_setopt ($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); // Curl 7.10
+ curl_setopt($ch, CURLOPT_PROXY, $PROXY_HOST.":".$PROXY_PORT);
+ if ($PROXY_USER) curl_setopt($ch, CURLOPT_PROXYUSERPWD, $PROXY_USER.":".$PROXY_PASS);
+ }
+
+ //NVPRequest for submitting to server
+ $nvpreq = "METHOD=".urlencode($methodName)."&VERSION=".urlencode($API_version)."&PWD=".urlencode($PAYPAL_API_PASSWORD)."&USER=".urlencode($PAYPAL_API_USER)."&SIGNATURE=".urlencode($PAYPAL_API_SIGNATURE).$nvpStr;
+ $nvpreq .= "&LOCALECODE=".strtoupper($langs->getDefaultLang(1));
+ //$nvpreq.="&BRANDNAME=".urlencode(); // Override merchant name
+ //$nvpreq.="&NOTIFYURL=".urlencode(); // For Instant Payment Notification url
+
+
+ dol_syslog("Paypal API hash_call nvpreq=".$nvpreq);
+
+ //setting the nvpreq as POST FIELD to curl
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
+
+ //getting response from server
+ $response = curl_exec($ch);
+
+ $nvpReqArray = deformatNVP($nvpreq);
+ $_SESSION['nvpReqArray'] = $nvpReqArray;
+
+ //convrting NVPResponse to an Associative Array
+ dol_syslog("Paypal API hash_call Response nvpresp=".$response);
+ $nvpResArray = deformatNVP($response);
+
+ if (curl_errno($ch))
+ {
+ // moving to display page to display curl errors
+ $_SESSION['curl_error_no'] = curl_errno($ch);
+ $_SESSION['curl_error_msg'] = curl_error($ch);
+
+ //Execute the Error handling module to display errors.
+ }
+ else
+ {
+ //closing the curl
+ curl_close($ch);
+ }
+
+ return $nvpResArray;
}
@@ -561,24 +696,24 @@
*/
function deformatNVP($nvpstr)
{
- $intial = 0;
- $nvpArray = array();
-
- while (strlen($nvpstr))
- {
- //postion of Key
- $keypos = strpos($nvpstr, '=');
- //position of value
- $valuepos = strpos($nvpstr, '&') ? strpos($nvpstr, '&') : strlen($nvpstr);
-
- /*getting the Key and Value values and storing in a Associative Array*/
- $keyval = substr($nvpstr, $intial, $keypos);
- $valval = substr($nvpstr, $keypos + 1, $valuepos - $keypos - 1);
- //decoding the respose
- $nvpArray[urldecode($keyval)] = urldecode($valval);
- $nvpstr = substr($nvpstr, $valuepos + 1, strlen($nvpstr));
- }
- return $nvpArray;
+ $intial = 0;
+ $nvpArray = array();
+
+ while (strlen($nvpstr))
+ {
+ //postion of Key
+ $keypos = strpos($nvpstr, '=');
+ //position of value
+ $valuepos = strpos($nvpstr, '&') ? strpos($nvpstr, '&') : strlen($nvpstr);
+
+ /*getting the Key and Value values and storing in a Associative Array*/
+ $keyval = substr($nvpstr, $intial, $keypos);
+ $valval = substr($nvpstr, $keypos + 1, $valuepos - $keypos - 1);
+ //decoding the respose
+ $nvpArray[urldecode($keyval)] = urldecode($valval);
+ $nvpstr = substr($nvpstr, $valuepos + 1, strlen($nvpstr));
+ }
+ return $nvpArray;
}
/**
--- /tmp/dsg/dolibarr/htdocs/paypal/lib/github_paypalfunctions.lib.php
+++ /tmp/dsg/dolibarr/htdocs/paypal/lib/client_paypalfunctions.lib.php
@@ -52,7 +52,9 @@
{
$API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
$API_Url = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=";
-} else {
+}
+else
+{
$API_Endpoint = "https://api-3t.paypal.com/nvp";
$API_Url = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
}