search

geodesicsolutions-community / geocore-community

GeoCore Community, open source classifieds and auctions software
MIT License
9 stars 6 forks source link

Update paypal library to use composer and latest version #56

Open jonyo opened 2 years ago

jonyo commented 2 years ago

Look into replacing the paypal library used by Paypal PRO payment gateway.

I started looking briefly, it seems some are deprecated. They have newer ones. See if there is any for PHP that can be used by the paypal pro payment gateway. Or even if paypal pro is still a thing. Basically just look into it more to figure out best option.

vicos59 commented 2 years ago

Upvote for this one. We use Paypal PRO.

jonyo commented 2 years ago

Upvote for this one. We use Paypal PRO.

Good to know, like I mentioned I wasn't sure it was still actively used, Paypal likes to change their products over time.

In that case we'll definitely look into how to update the library rather than remove it altogether! 😄

vicos59 commented 2 years ago

PayPal PRO is one of the best solutions out there for people needing an online merchant account. Before you had to find some company/bank to set you up with a merchant account (shady business world for the small guy), then you had to go to someone like authorize.net and pay them to be your middleware. It was a real hassle and very expensive. PayPal delivers a simple all-in-one solution that is very affordable and they have good telephone support.

jonyo commented 2 years ago

👍 good to know! Lately the payment gateway I've been using a lot is stripe, I really like their element solutions.

One of the issues with having a CC form on your own page, that CC input is an element that any JS running on the page can read. Now, you yourself are an upstanding citizen and would never intentionally add some JS to your own website that stole info. But what about all those fancy UX components made by 3rd parties? Basically you have to worry about security of your entire tech stack.

But with stripe elements, the part they enter the payment info is actually a mini iframe that your own website cannot access with JS even if you wanted to. It is the easiest way to have a super secure checkout experience without ever leaving the site.

Of course they aren't the only ones that do this, I forget how Pro does it maybe they do something similar. But I digress...

vicos59 commented 2 years ago

A crypto Payment gateway would be awesome. For later.

vicos59 commented 2 years ago

https://developer.paypal.com/api/nvp-soap/paypal-payments-pro/

In Typical Paypal fashion, the docs lack clarity. They have "PayPal Payments Pro" marked as legacy. Payflow seems to be the latest thing. But, they make no indication if this is just a rebranding with added capabilities and if it is backwards compatible with PayPal Pro.

There is no real library for this. All you do is make a curl call to their URL and pass the required parameters and get a response back.

For the first compatibility release, I suggest we just release it as-is (after fixing the Admin issue identified here https://github.com/geodesicsolutions-community/geocore-community/discussions/95#discussioncomment-2223421 )

Our PayPal Pro currently works fine and we are using 7.5.1. After the admin issue is fixed, I can get a dev account and test it against the PP sandbox.

A future release can add compatibility with PayPal Payflow---whether that just involves an update to the PayPal Pro code or a completely new payment gateway for PayPal Flow. I don't know enough to say right now. I think it is backwards compatible, because the getting started docs for PayPal Pro links directly to PayFlow Gateway.

I fear adding PayPal Flow to this release and breaking something for existing users (like me).

jonyo commented 2 years ago

They have "PayPal Payments Pro" marked as legacy.

Its been that way for years, that is one of the reasons I wondered if it was still in use initially (at the beginning of the thread here).

Unless I'm mistaken, you can't even sign up for it anymore, you have to already have it. But I may be mistaking for another gateway, it's been years since I've worked with it.

For the first compatibility release, I suggest we just release it as-is (after fixing the Admin issue identified here https://github.com/geodesicsolutions-community/geocore-community/discussions/95#discussioncomment-2223421 )

So, the fact that the PEAR library does not work means the gateway also would not work. That said, the actual error is not too hard to fix, but I hesitate making changes to libraries. But if that is the only thing that needs adjusting for it to work... Or perhaps if there is a newer version of the PEAR library that we could start using instead... That might work. I'll have to look into that "quick fix" option when I have some time.

Our PayPal Pro currently works fine and we are using 7.5.1

That is on PHP 7.2 though, if you try to go to PHP 7.4 it will stop working due to the curly brace deprecation thing. Basically you used to be able to use $str{2} which would get the 3rd character in a string, but now only the square brackets is supported. Its easy to fix, in the example you would just change it to $str[2] instead. So maybe we could do that in the library (for now) if that is all it takes to fix.

jonyo commented 2 years ago

@vicos59 Ok I just merged some changes that at least fix those PEAR libraries to work on PHP 7.4 and up. I didn't have time to try to test it beyond that though, can you test and report back when you get a chance?

Changes are in #112