https://stackoverflow.com/questions/23251136
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianYeah. Don't use the Paypal userid/password generation feature. It's more or less useless. What I do is register the username via his email address when I've receive both the 'signup' and the first payment, in a state where the password isn't valid (LDAP feature), and send him an email telling him to use the system's 'password reset' feature to set his initial password, with an appropriate expiring link.
Paypal IPN subscription password hashing
Question
I created Paypal IPN listener script for subscribe button. Everything works fine, but the password, that paypal sends, is hashed. The hash function is this:
<?php echo crypt("password", "nw"); ?>
It is described here: https://stackoverflow.com/a/17780339/789186. But in my task I need to store the password, using SHA-256 hashing. So, I am unable to use the hashed password, generated by Paypal.
Is there any alternative to generating the new password in my script and creating md5 hash from it?
Solution 2
OTHER TIPS
You could build the creation of a un/pw into your sign up form. Save the un/pw to your database prior to sending the user over to PayPal for payment. Include your local record ID in the request so that it comes back in IPN, and then you can update the existing record using that record ID within an IPN script.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
