Down & Dirty .NET PayPal Buttons?

CAN IT BE?
Yes, my friends it is possible… I think.  Bottom line is, you can design buttons all day long in PayPal and there are various ways to get them working.  However, since I am far too dense for GhostForms, I found my own little path.

A strange blue cyber background with black lines going vertical and horizontal. The image of a woman takes up a third of the frame and she is starting at a the small image of a meme where someone is wearing a rainbow afro. "Support MindFuel Blog on Patreon" is meticulously crafted into a graphical overlay which obfuscates part of the underlying artistry. So sad.

GO GET YOUR BUTTONS
Now, I am not going to drill into PayPal buttons… their website will generate both hosted and non-hosted buttons for you.  I am opting for non-hosted because then I can actually have my website generate the buttons based on info in my website/database. Handy.

I HAVE BUTTONS, NOW WHAT?
Once you have your buttons, you can do many things.  What I wanted was to have CONTROL! (Sound FX: Maniacal laughter), so I wanted to generate the parameters for my buttons. But there are a couple caveats:
1) I didn’t want the guts of my button in the HTML of the web page for people to examine and hack.
2) I didn’t want the guts of my button on a URL for folks to hack! Hacker: “What’s that price? I think I will just set that to price=-50.00 so Ted owes ME! Hahaha!”

This means, my users will click a button, and my server code will generate an HttpRequest that goes to PayPal, passing it a POST so that PayPal can come back with their shopping page. It goes like this: 

SOURCES
http://stackoverflow.com/questions/698029/invoking-a-post-to-an-external-site-with-c-httpwebrequest
http://www.csharp-station.com/HowTo/HttpWebFetch.aspx

CODE:
//This goes wherever you need it… button click, page load, etc.
//You need System.IO, System.NET, System.Text

//make a button (just for this demo – see PayPal documents)
//NOTE: ampersands used to make a psuedo URL…

            StringBuilder ParamsAsString = new StringBuilder();
            string Url = “https://www.paypal.com/cgi-bin/webscr“;
            ParamsAsString.Append(“cmd=_xclick-subscriptions”);
            ParamsAsString.Append(“&business=your@paypal.email“);
            ParamsAsString.Append(“&lc=US”);
            ParamsAsString.Append(“&item_name=productname”);
            ParamsAsString.Append(“&item_number=productid”);
            ParamsAsString.Append(“&no_note=1”);
            ParamsAsString.Append(“&no_shipping=1”);
            ParamsAsString.Append(“&a3=25.95”);
            ParamsAsString.Append(“&currency_code=USD”);
            ParamsAsString.Append(“&src=1”);
            ParamsAsString.Append(“&p3=1”);
            ParamsAsString.Append(“&t3=M”);
            ParamsAsString.Append(“&sra=1”);
            ParamsAsString.Append(“&bn=PP-SubscriptionsBF:btn_subscribeCC_LG.gif:NonHosted”);
//convert params to a byte array
            byte[] paramStream = Encoding.ASCII.GetBytes(ParamsAsString.ToString());

//create a request
            HttpWebRequest ppr = (HttpWebRequest)WebRequest.Create(Url);
            ppr.Method = “POST”;
            ppr.ContentType = “application/x-www-form-urlencoded”;
            ppr.UserAgent = “Mozilla/5.0 (Windows; U; Windows NT 6.0; sv-SE; rv:1.9.1b2) Gecko/20081201 Firefox/3.1b2”;
            ppr.ContentLength = paramStream.Length;

//Get request stream and put our parameters there!
            using (var stream = ppr.GetRequestStream())
            {
                stream.Write(paramStream, 0, paramStream.Length);
            }

//Send this to PayPal and get response
            var response = ppr.GetResponse();
            string result;
            using (var sr = new StreamReader(response.GetResponseStream()))
            {
                result = sr.ReadToEnd();
            }

//Write this to the user’s browser
            Response.RedirectLocation = “https://www.paypal.com/cgi-bin/webscr“;
            Response.Write(result);
//Be Done! Don’t process the rest of the page…
            Response.Flush();
            Response.End();

NOTES:
I set the RedirectLocation because I feel guilty.  Also, the Flush() and End() stop the rest of the page from processing.  Since you just wrote a complete HTML page from PayPal, continuing to write more will just be weird!!

Now, you might also notice is that the URL on the web page is still YOUR url, but all the buttons, content and everything else, having been put together on the remote website’s server (PayPal in this case) are all set up to point to the correct place…so you should be good to go.

Happy Coding!

Leave a Comment

Your email address will not be published. Required fields are marked *