I am working on a project where users purchase a page of the site and are able to upload stuff to that page. At the moment, when the user pays using PayPal, they are taken straight to the upload page, which is good, however, this page is also accessible by anyone - even if they did not purchase the rights to it. Is there a way to 'protect' the upload page, to only allow proper purchasers to use it themselves? Some sort of system that would detect the PayPal payment and then redirect them to a temporary upload URL?
One way you could do this is to use Paypal's IPN (Instant Payment Notification) service. The IPN service triggers a notification when an event occurs that pertains to a transaction.
Paypal also has webhooks too.
Related
I have this website where Bank users register using API and then Bank can use our SSO login API to log their users directly from Bank's mobile App or website. Now the Bank wants to log into our website via Banno's OAuth. Such that users log into Banno via Bank and then login directly into our website.
How can this be achieved? How will banno know which user to login? How to make it without having users to come into our website and fill user's login details? Can anyone help?
It sounds like your scenario is looking for Banno to be the 'Identity Provider' which is supported by our OAuth + OpenID Connection implementation in our Authentication Framework.
It'll be a good idea to take a look at the Consumer API OpenID Connect Example for inspiration.
When you run that example project, you can navigate in your web browser to https://localhost:8080/login.html. That'll show a page with a "Sign in with Banno" button. The page is meant to be a generic representation of what a non-Jack Henry web page would be.
Imagine that the button was formatted to say "Sign in with [Financial-Institution-name-goes-here]", it would be the same concept.
When you click the "Sign in with Banno" button, you'll be redirected to the Garden demo institution. This happens because the example project is configured to begin the authorization flow and use Garden.
If you're not signed in as your user in Garden, you'll be prompted to sign in.
It's worth noting that the username + password are never shared back to the example project...the user is logging into their (Banno-powered) financial institution.
After signing in (and accepting the permissions which have been requested), your web browser will be redirected to https://localhost:8080/me which finishes the authentication flow.
That page then displays the Identity Token for your convenience as a developer.
The content of the Identity Token is usable to cross-reference the user to your existing system and/or to prefill out registration forms.
Hope this helps!
In short I want to achieve the following, but cannot find how:
People navigate to my (internal) site, no login required
Someone clicks a button stating "Pinterest"
I redirect them to Pinterest and automatically log them into 'my' account
For an internal project I want to circumvent the hassle of requiring every user to login to Pinterest individually so they can access a specific private board. Instead, I want to allow everyone to use 'my' account (I trust all my users).
To make sure nobody has to remember the user credentials, I want to hardcode them into my site, submitting these credentials (presumably using the URL) whenever someone clicks the Pinterest link on my site.
I have reviewed the Pinterest API but cannot distinguish any such approach. Also reviewing the login form of Pinterest and tracing their submit routine didn't work out.
Other sites sometimes specify and/or allow a URL approach: example.
A more generic approach was discussed (see below), but does not apply to this specific case. How to automatically login to the site using url parameters?
At my company, they have a Wordpress site. Disclaimer: I'm a new hire here.
They also use a third party service/website called "act-on". Within act-on, we can manage our campaigns, generate webforms that submit data back to act-on and generate anchor tags that link to resources that act-on hosts.
I want to be clear, we upload documents to act-on. Then, act-on gives us links that we can place on our website to these documents. When a user clicks the link on our website, they are taken to a subdomain of our website that they did not create, to view the resource.
When I talk about "act-on", I'm referring to this service:
https://www.act-on.com/
Example:
We live at websitename.com.
The anchor tag that act-on creates, links to solutions.websitename.com/acton/resourcename
We didn't create a page or subdomain "solutions.websitename.com" and don't have any pages that reflect that.
I need to know how this works because their google analytics doesn't seem to track page visits to this subdomain.
How has act-on created some subdomain on our website? I don't understand that process. How can act-on link to files that they host, but the url be a subdomain of our website.
Thanks,
It is very similar to another company called reachlocal. They basically proxy all your web content, and in a lot of cases they even put up proxy phone numbers and record the calls audibly and transcript them. All this in addition to marketing campaigns such as analytics, PPC and alike.
A business essentially gives them this right when signing up and are told about it upfront.
It is all for the sake of keeping record in order on file of everything taking place, with web presence and "presented in a friendly interface and graphs. Which also allows employees to listen to recorded calls to "see how the employee does"
More than likely from my experience is they were given the keys for all web presence, including web, analytics, social sites and so on by the owner or project manager.
Unfortunately, by proxying all the websites they in turn get a lot of Google ranking, but it can be a valuable service for some.
Bottom Line: Someone at your job, signed up, gave them the go ahead to perform tasks such as proxy domain names and are in fact paying them.
I am making a website where people will buy things. What I am wondering is if there is a way to check if payment was received in paypal, and then execute some code. Or should I add a paypal widget where when payment is done then it executes some code? This is all being done in HTML and CSS being it is a website.
Take a look at Instant Payment Notification (IPN). Any time a transaction hits your PayPal account their server will POST the transaction data to a URL you specify. Your script receives the data, verifies it with PayPal to ensure it actually came from them, and then you can process that data however you need to.
This gives you the ability to update your own database, send out your own email notifications, hit 3rd party web services, or anything else you want to automate when transactions hit your account. This works for payments, refunds, disputes, etc. so you can automate lots of tasks. It happens in real-time, too.
I am looking to implement a donations form on a political party website, but rather than using the default single "Donation" button I would like to have a menu with multiple payment options, much like the form found here: https://www.oaklandgop.net/donate.
I can't seem to find this option on the PayPal's basic button creator, so I'm assuming this must be done with custom HTML? Sorry if this question has already been asked; I wasn't able to find any relevant answers on the forum.
Thanks,
Justin
You wont find an option like this for the basic button creator. If you are wanting to accept the credit card information on your site, you would have to use Pro. There wouldn't be a problem with collecting any of the other information as the form would be on your site so you could ask for what every infomration you want.
If you use standard, you can collect the information on your site and pass it over to PayPal during the payment flow. However if you are using standard, you would also need to redirect the buyer over to PayPal to enter in their credit card informatioin and make the payment.
You do have a few other options as well. For example you could use Express Checkout. With Express Checkout the buyer would have to enter in the credit card information on PayPal's page or log into their PayPal account to make a payment. However, you could set up the flow in the following way. The buyer selects the amount that they wish to make a payment for. You make the SetExpressCheckout API call and get your token back. You redirect the buyer over to PayPal where they enter in their credit card information or sign into their PayPal account and agree to the payment. They are then redirected back to your site, where they fill in the rest of the information, and then you execute the DoExpressCheckout API call to complete the payment. You could also collect the information up front as well.
There are also hosted pages you could use as well to do something similar to this as well, but if you are wanting the buyer to enter in the credit card information on your site and keep this all in one form, your best option would be to use pro.