Submit a form before redirecting to paypal

Question

I have a site that provides guide tours. Each tour has it owns price depending the people that will participate.

The user has to fill the form, then the server has to validate the form and then sent an email to the client and to the agent office with the details of the booked tour (preferred day, how many people etc) and then redirect the user to paypal to pay.

The problem is that the Buy now button that paypal provides has his own form with some hidden fields so two forms on same page.

I found tree solutions but I don't know what is best.

1. When user press submit, do the validation , send the emails and then redirect the user to a page that has a button that says something like 'Proceed to paying' that submits the paypal form with the giver price in the hidden fields

2. When the user press the submit button an ajax call been made at server to validate the form and send the emails and then on success submit the paypal form.

3. When user press submit, do the validation , send the emails and then the server submits the form to paypal

I am reading a couple of hours finding the best solution to this problem. What is the most secure , efficient and won't create problems to the user.

Sorry for my English

Answer 1

Assuming you have a fair knowledge of web development (since you are talking about forms, sessions, etc.), I'd recommend using PayPal Express Checkout APIs. What you are trying to do is very common. And here's how I would do it:

1. User enters tour information in a form on page-1, and hits the "submit" button.

2. Your server receives the call, validates the form and calls SetExpressCheckout with PAYMENTACTION set to "Authorization". This is just like "booking a hotel room" or a "rental car". You are just asking the user to authorize payment at this moment; not charging him yet.

3. The API returns you a token. You store this token along with tour information in your backend database; and mark this particular "booking" as say "booking request received".

4. You redirect the user to paypal.com (and pass that token in the URL) to "authorize" the payment.

5. Once the user completes authorization, paypal redirects the user to your website (the "success page" or the "return URL" as it's called in paypal terminology).

6. You update your database entry with the status say "payment authorized". At this point you email the user and the agent.

7. Agent validates and makes sure that there is still room available in the tour, etc. and let's you know that the user is all set.

8. At this point you call the DoCapture API using that token. This actually "captures" the payment. And you update the database entry with the status "payment processed". You can also send another email to the user confirming the payment and the booking.

At any stage if there's a drop off (say the user never completed authorization), you'd know from your database, and you can send a follow up email to the user. Or if he authorized but later the agent says there's no space on that particular tour, you could again follow up with the user for next available date, or void the payment, etc.

Yes, this means that it's "more coding"... but then you get "more flexibility" and hopefully you'll be able to reduce drop offs.

Hope this helps. Here's the documentation for express checkout: https://cms.paypal.com/cms_content/CA/en_US/files/developer/PP_ExpressCheckout_IntegrationGuide.pdf. There are Java, PHP, etc. SDKs available for this to help merchants integrate quickly.

Answer 2

You'd create sort of a confirmation page with all the values of the PayPal form but using <input type="hidden" balal /> rather than <input type="text" balal />

Try to break up the process instead of having the whole transaction sitting on that "Buy Now" button. Perhaps create a basic cart system on your website, then allow users to checkout which then will send the contents of their cart using hidden inputs to PayPal.

This way will allow you to match users to bookings.