Donation Button Control for ASP.NET Web Form
This page explains the usage and facts about the BuyNow button Web Form Server Control. If you intend to use BuyNow button within your ASP.NET MVC project, please visit this page. Donation buttons are suitable for single-item payments. You can use a Donation button to Collect contributions to your cause on your website, Enable donors to choose the amount of their secure donation or set donations to fixed amounts. Good for non-profit and advocacy groups.If you already have a PayPal account and if you have obtained this Control (ASP.NET PayPal Control for Website Payments Standard), you are just few steps away from collecting money from your donors.
In order to keep this page short and simple, the examples are given only in C# language. If you are a VB.NET programmer, please accept our apology. The example snippets are so short and comprehensive that as a programmer you wont have any problem to comprehend.
| - The Checkout Experience|
- Getting Started
| - Set Properties Programmatically|
- Click Event and Post Back
| - Handling Instant Payment Notification (IPN)|
- Handling PayPal Return / PDT
Drag and drop an instance of the Donation Button control from your Visual Studio Toolbox as shown below:
The first property of this control that you need to set is your Business Email Address or Merchant ID of your Merchant Account. If you are testing in Sand Box, then, this is the account which you created as 'Test Merchant Account' as explained in the Sand Box preparation chapter. Please do not get confused with the Developer Central Login account with the Test Merchant Account. Merchant ID is an alternative to using your Email address. It is better not to expose your business email address in order to protect your Email In-box from Spams. You can set either Business Email or Merchant ID from the Smart Tag or from the Property Editor. In order to get your Merchant ID, log in to your PayPal account. If you are testing in Sand Box, then, log in to your Developer Central Account, then log in to your Merchant Test Account from https://www.sandbox.paypal.com/. Click 'Profile' Menu, then, your Merchant ID will be shown up as shown in the following screen shot.
Set the merchant ID as shown here:
Now you may want to set few more properties like Donation Name, Donation Number, Amount etc and you can do all of these using the Wizard for the button which can be called by clicking the link found in the Smart Tag as shown in the following Screen Shot. Although it is more practical to leave the Amount box empty so that the donor can enter any amount he/she wants to donate from the PayPal website. If you do not leave the Amount box empty, rather if you set any value, then the donor will have to donate exactly the amount you specify here. Donation Number is optional. You can use this field to track the donation in IPN_Notified event.
Furthermore, you may choose to set the visual styles and PayPal page behaviors for the Donation button. Just click the button "Next" shown in the wizard and you will be taken to configure the display page as shown in the following screen shot.
Please note: If your account is not upgraded to a Premier or Business account, then, you will not see any affect of these styling properties for PayPal page. For example, if you set a header image URL, you will not see that image when you are taken to PayPal website due to a click on the Donation button. In that case, you will see your email address as the header of the page.
- If you want to pass unlimited custom data that you want to track in a Post Payment event like IPN_Notified, PayPal_Returned, then, please check the feature chapter about Additional Data Items.
Setting Properties Programmatically using the Rich set of API.
Click Here to view the complete Class Diagram that you may use as a reference when you set properties from your code.
You may want to set the properties of your Donation Button after the donor has clicked the Button for purchasing an item. In order to do that, this control has an event named "Click". It is similar to any standard ASP.NET button control's Click Event as shown in the following figure:
If you attach an event handler to this event, then the event handler method will be executed before the data is transferred to PayPal.
You can use Validation logic inside the Click Event handler of a Donation button and based on a condition (user input) you can cancel the submission to PayPal. Please check the method CancelSubmission()..
- The Donation Button will POST BACK only IF the Click event is handled. If you do not handle Click event, the donor will be taken to PayPal website directly from the Client Side without any Server Round Trip.
Handling Instant Payment Notification (IPN) from PayPal:
When the donor Clicks the final 'Donate Now' button in the PayPal website, PayPal sends notification to your website asynchronously which is called Instant Payment Notification (IPN).
This control can capture that notification and fire a server side event named IPN_Notified. This control not only just fires the event, but also collects all the transaction data from IPN and offers you a rich set of strongly typed relational object model as event argument object which is not only loved by all Object Oriented Programmers, but also revealing all the headaches from the developer about verification and other complex tasks in IPN Session.
Click Here to view the complete Class Diagram of DonationIPNEventArgs object.
By the way, the above example snippet does not show the detailed way of handling FRAUD attempts in order to simplify the overview of IPN_Notified event. So, you should check the pattern for payment verification, fraud detection and automated Product delivery.
If you do not want to handle IPN_Notified event from the same page, rather if you want to handle IPN_Notified event from a dedicated page, you can do that too. Simply do not handle IPN_Notified event and set the Custom Notification URL from the Design Time Smart Tag Wizard -> Step 3 as shown here:
- If you use a Custom IPN URL to capture the IPN from a dedicated page, you can still get the benefit of firing IPN_Notified event and capture all IPN data from event argument object from that dedicated page. How ? Please check the chapter for IPNHandler Component.
If you handle IPN_Notified event, then, setting Custom Notification URL will have NO EFFECT. The control will always generate notify URL automatically to use the same page where the Donation button is hosted so that the same Donation button can fire IPN_Notified event.
If you do not handle IPN_Notified event and if you do not set any Custom Notification URL then, this control will not capture IPN at all. If you have specified any default IPN URL in your PayPal profile, then, PayPal will use that URL to send IPN for any transaction happens in your PayPal account in that case.
You should handle IPN_Exception event if you want to capture any Exception thrown in your IPN_Notified event handler method. By handling IPN_Exception event, you not only catch any exception that was fired beyond your IPN_Notified handler layer, but also you get rid of using TRY - CATCH block in your IPN_Notified handler which will enhances the readability of your code.
You do not need to turn IPN option ON from your PayPal account at all. This control will take care of everything for you.
Whenever the donor is transferred back to your website from PayPal website after completing or canceling a payment (pursuant to submission of your Donation button), you can execute post payment business logic on your website by handling an event named PayPal_Returned. This control not only just fires the event, but also collects all the transaction data from PayPal if you have turned 'Payment Data Transfer' option ON from your PayPal profile. The event argument object of PayPal_Returned event offers you a rich set of strongly typed relational object model same like the event argument object of IPN_Notified event. This event will take care of notification validation so you just do not need to worry about any dirty code work, rather use the clean data returned by this event argument object.
Once you handled PayPal_Returned event of your Donation button, the donor will be taken back to your website after the payment is completed or canceled. You can check from your Event handler if the payment was proceeded or canceled as shown below:
If you do not handle PayPal_Returned event, then, the donor will not be returned to your website by PayPal. So, you should handle this event if you want to bring the donor back to your site.
If you want to redirect the donor to a different page after returning from PayPal, you can do so by setting the Custom Completed Return URL and Custom Canceled Return URL from the Step 4 tab of the Donation button Design Time Wizard as shown here:
Notice the check box in the above screen shot. If you check this box, then, the Canceled Return URL will be auto generated so that you can handle both of the Completed and Canceled Return event from the same page. It is HIGHLY RECOMMENDED that you check this option.
If you prefer to use Custom Return URL as mentioned above, you can still fire PayPal_Returned event and collect the information about completed/canceled from your dedicated return page. How ? please check the chapter for PayPalReturnHandler Component.
- If you handle PayPal_Returned event, then, setting Custom Complete Return URL and Custom Canceled Return URL will have NO EFFECT. So, if you want to redirect your the donor to a dedicated page after PayPal return, then, make sure that you do not handle PayPal_Returned event and then, set the Custom Complete Return URL / Custom Canceled Return URL.
If you want to receive all the transaction data in PayPal_Returned event as you could in IPN_Notified event from DonationReturnedEventArgs, then, you need to turn 'Payment Data Transfer (PDT)' option On from your PayPal account. Once you turn PDT ON for your PayPal account, you will receive an Authentication Token which is called 'PDT Authentication Token'.
Once you get the PDT Authentication Token, from the design time smart tag, click Button Wizard and select the last tab "Step 4 (Payment Return / PDT)". In that tab, at the bottom of the Form, you will find the box for PDT Authentication Token. Set the PDT Authentication Token in that box as shown here:
After PDT Authentication Token is set, you can collect transaction data from the PayPal_Returned event argument object DonationReturnedEventArgs.
Click Here to view the complete Class Diagram of DonationReturnedEventArgs object.
- You do not need to enable PDT if you just need to collect Transaction ID from PayPal_Returned event. e.TransactionID is available even though if you do not set PDT Authentication token.
So, PayPal_Returned event is fired after IPN events, is that right ?Answer : Not strictly but usually. What does it mean ? Ok, as I said, IPN is submitted to your website by PayPal Notification Service. It actually queues the notification task to it's Queue and depending on the tasks the notification service already has, the time when 'IPN event fire' varies. For the PayPal live site, the notification service task queue is not usually long but the task queue for PayPal Sand box is usually very long. So, when testing in Sand box, most of the time, you will find that the donor is already back to your website (PayPal_Returned event fired) before IPN events are fired. But, when you are testing in PayPal live site, most of the time you will find that, IPN events are fired before the donor is back to your website (PayPal_Returned event fired). Please remember, PayPal_Returned event is Synchronous and IPN events are Asynchronous. One event does not depend on the completion of another event.
A piece of advice : Never process the post payment logic (i.e. logging the transaction data in your database, verifying the payment and generating License Key, sending email to the payer with shipping information etc) from PayPal_Returned event even though you can collect all transaction data from PDT. Because, if the donor closes his / her browser while living in PayPal website before coming back to your website, then, PayPal_Returned event will never fire and so you will miss that transaction. Always use IPN_Notified event for processing post payment logic. Use PayPal_Returned event to convey 'Thank you' Message or doing some additional Read-Only tasks. What is a Read Only task ? Read Only task means, "the task that can be done by reading your database without writing / updating the database". Get the Transaction-ID from the PayPal_Returned event, query your database using that Transaction-ID and find out if any information is already recorded by IPN_Notified event. If found, show the download link / shipping information etc from your database
You should take appropriate measures to protect against Fraud Attempts.
Consider the IPN_Notified event as a pure Service Event, do not perform any task that directly interacts with User Interface Controls, Session Variables, Cookies, ViewState etc. When IPN_Notified event is fired, the donor wont see any effect of this event. For example, if you want to set Text of a Label Control 'Thank you for your Payment' in this event, the donor will never see that. Why ? Because, the donor is not directly responsible for firing IPN_Notified event, rather, PayPal Notification Service fires this event in a background thread. For that reason, this control Suppresses all HTML that could be rendered to the Event firer (PayPal Notification Service). Also, this control will STOP firing the Page_Load event of the hosting page. WHY ? Maybe you placed some code in your Page_Load event that directly interacts with Session Variables, Cookies etc or time consuming tasks like Executing lengthy SQL queries which is unnecessary or sometimes harmful for IPN session. So, this control will bypass Page_Load event in the IPN Session. But if you want to let this control fire the Page_Load event in the IPN session because you want to set IPN Settings programmatically from the Page_Load event, then, you have that option too. Set "PayPalIPN.EnablePageLoadEventInIPNSession = true" from the property editor and then, Page_Load event will be fired before IPN_Notified event, but you need to be very careful about using Page_Load event in this case.
If you are testing your web site from "Local Host" then IPN_Notified Event wont get fired. Because, IPN is activated by a notification service from PayPal, not directly by the donor. So, when the Donation button submits all the information to PayPal website as a result of 'Click' on the button, PayPal captures the URL of the page where the Donation button is hosted. When you test from your local host, the URL of the page where the Donation button is hosted contains 'local host' or '127.0.0.1' and that URL is collected by PayPal so that it can notify as soon as the payment is made. Naturally that URL is not accessible from any other client/website/service other than anyone who is testing from your PC. So, if PayPal submits IPN to your URL with 'local host'/127.0.0.1 your website wont know about it and so this Donation button will fail to fire IPN_Notified event. The story is not end here. Whenever, PayPal IPN service Fails to get HTTP '200 OK' status from your Website as as result of IPN posting, the service will keep trying to post to the same URL again after few hours and it will keep trying for a certain period until it gets HTTP '200 OK' result from your website. That is bad for PayPal as PayPal's resource is being wasted. So, PayPal can disable the IPN for your account which is bad for you. In order to avoid that problem, this control will detect if the test website is from 'local host' or not. If it is from local host, then, it will NOT pass any IPN information to PayPal so that, PayPal wont submit IPN to your website. By the way, if you do not handle IPN_Notified event and specify a Custom IPN URL then the logic is little different. In that case, the control will check if the Custom IPN URL is a relative URL or not. If it is a relative URL and if you are testing from local host, that means, the final URL would be an URL with 'local host'. So, in that case, the control will not generate any IPN information so that PayPal wont submit IPN. But if your Custom IPN URL is an absolute URL which does not contain 'local host' or '127.0.0.1' then, the Donation button will pass IPN information to PayPal so that PayPal can submit IPN. In any case, if the control does not pass any IPN information to PayPal, then, PayPal will check if you have specified any default IPN URL in your PayPal profile. If so, then, PayPal will submit IPN to that default URL in these cases. But whenever you upload your test website to a production server where the hosting page of Donation button has a REAL accessible URL, then, IPN_Notified event will be fired as usual.
Membership users, please note:
If you are using ASP.NET Membership feature in your website, then, you need to allow PayPal to see your page where you placed your IPN_Notified event handler code. That means, if you are handling IPN_Notified event right from your Donation button, then, the page that hosts your Donation button should be visible to all. If you are Handling IPN from a dedicated page then, your IPN handler page should be accessible to all users. Assume that you hosted your Donation button at "Purchase.aspx" page where "Purchase.aspx" page is located in a private folder (Not visible to everyone). Then, you need to add the following section to you web.config file which is located in that folder.
If you placed your 'Purchase.aspx' page in a public folder then you do not need to worry about setting the above config unless you explicitly blocked the 'purchase.aspx' page from public.
If you do not permit PayPal to post IPN to your page, then, you will find that IPN_Notified event is not being fired.
By this time, I hope you already realized that, IPN is a different SESSION created by PayPal to your website and this SESSION is not the same SESSION created by your customer to your website. Since any asp.net designer wanting to set up a site where users pay a membership fee to join, would very likely want to put a user in a Role on IPN_Notified event handler method. It will be a common mistake if you assume that the Customer is logged in as a member in the IPN SESSION. So, how would you pass the user-name of the Customer to the IPN_Notified event so that you can write code to add your customer in a paid member role by the customer's user name ? Yes, we have designed a very special property named "Additional Data Items". This is a Dictionary type property which can be populated either in design time or programmatically. So, you can pass your customer's user-name by Additional Data Items to the Payment Button and you can access that data right from IPN_Notified event handler method. Once you retrieve that user name of the customer from Additional Data Item, you can add him/her to your paid member role. In order to learn about Additional Data Items, please visit this page .