Payments made via PayPal are made on a secure page hosted by this provider. When a researcher chooses transactions to pay and clicks the Pay Online/Pay Now button on the Aeon Order Billing form (ViewOrderApproval.html), they are taken to the CreditCardPayment form. Clicking the Pay Online/ Pay Now button on this form takes them to the PayPal website to perform the payment transaction. The researcher logs into PayPal to pay using their account, or pays using a credit card. After the payment is submitted and the transaction is complete, the researcher is returned back to the Order Billing page in the Aeon web interface. The status line at the top of the form notifies the researcher that the payment was successful and displays the confirmation code.
PayPal returns users back to Aeon within 10 seconds, or users can click on the link to return themselves to their Aeon web account. If the user closes the browser from PayPal and does not return to the Aeon web pages, the transaction will not automatically update with payment details. However, PayPal's IPN (Instant Payment Notification) will hit the dll at a random time and the Order Billing form will be updated. This process takes place behind the scenes and is not visible to users.
If the user's Aeon web session expires while in PayPay, they will be redirected to the Aeon login form. When they log into Aeon they will be taken to the Order Billing page, which will show an updated balance due and the status line at the top of the form notifying the researcher that the payment was successful.
Because it is possible for users to attempt to manipulate the payment transaction, there are safeguards in place to prevent this. All of these scenarios will not make a record of the payment in Aeon and will need to be rectified by the user.
- If a user modifies the amount to be paid, they will be redirected to the CreditCardPayment page and asked to pay again.
- If a user tries to send a payment to an alternate PayPal address the CreditCardPayment page displays a status line stating that the payment could not be processed and redisplays the VIewOrderApproval page.
Using PayPal as a Credit Card Payment Provider for Aeon requires an SSL Certificate which uses the SHA-256 algorithm. All Atlas-provided certificates meet this standard, but sites providing their own certificates (especially self-hosted sites) will need to verify that their SSL certificate meets this standard
PayPal integration in Aeon makes use of PayPal Payments Standard. In order to work with PayPal your site will need to activate Payment Data Transfer.
Customization Keys
The payment provider customization keys used to set up PayPal are located in the Aeon Customization Manager under System | Billing. You will need to set the following key values:
PaymentProviderMerchantId | The email address associated with your PayPal account. |
---|---|
PaymentProviderToken | A token provided by PayPal when PayPal's Payment Data Transfer (PDT) is enabled. This provides immediate feedback to Aeon to indicate a payment has been made. |
CreditCardTransactionsDescription | Used as a product description on the PayPal website to describe the researcher's purchase. The default value of this key includes the transaction numbers of the included requests: "Aeon Photoduplication charges for transaction(s) <#PARAM name='TransactionNumbers'>." |
---|
Web Page Edits
Below are the steps necessary to set up the web pages to work with PayPal. Specialized ViewOrderApproval and CreditCardPayment forms have been created to work with PayPal.
Your Aeon Implementation Coordinator or a Customer Service Agent will supply the PayPal web pages to you when you are setting up your payment provider information. You can also obtain these pages on the Aeon Downloads page.
ViewOrderApprovals Form
Replace the default ViewOrderApprovals.html form in the Web folder with the ViewOrderApprovals.html form designed to work with credit card payments. This form contains the Pay Now button that takes the researcher to the CreditCardPayment.html form.
CreditCardPayment Form
For Aeon v5.0.73 and later:
You will need to modify the default CreditCardPayment.html web page to reference include_payment_form_paypal.html. These files can be downloaded from the Aeon Downloads page as part of the Aeon Default Web Pages. See the instructions below for the required changes:
- Open the default directory in File Explorer where your CreditCardPayment.html page is located. If you already have a complete set of 5.0.73 or later web pages, skip to step 4.
- If you have just downloaded new web pages, overwrite the CreditCardPayment.html web page with the updated file.
- Open the "templates" folder in the new web pages download, and add the "payment" subfolder to your web directory in the "templates" folder.
- Open CreditCardPayment.html and make the following changes:
Change this (default line 42):
|
To this:
|
Prior to Aeon v5.0.73 web pages:
- Replace the default CreditCardPayment.html form in the Web folder with the PayPal CreditCardPayment.html form.
Next, make the following changes to these hidden fields on the CreditCardPayment.html if you are using web pages prior to v5.0.73. If you are using v5.0.73 or later pages, these changes should be made on include_payment_form_paypal.html:
currency_code | This field specifies the currency that the transaction uses. The default value for this field is USD. This value is specified by the PayPay currency code and must match the currency the site has configured their PayPal account to accept. PayPal's available currency codes can be found here. |
---|---|
item_name_1 | This field provides the value that will be used on the PayPal website to describe the researcher's purchase. The default setting simply pulls the value from the CreditCardTransactionsDescription customization key, but can be changed if you wish to differentiate the product's description, and additional values can be added. |
notify_url | This field is the URL that PayPal will post to, to notify Aeon that a credit card transaction has completed, successfully or otherwise. The default value is <#CUSTOMIZATION name=WebURL />/aeon.dll?action=11&type=105" />. This URL must use an action of 11 and an action type of 105. A couple of caveats to note:
|
The notify_url value is constructed using the WebURL customization key. The value can also be constructed using a #DLL tag that provides the address of the DLL that is actually being used. Most of the time these values are the same, but there can be some subtle differences. For example, if a site were using the Aeon.dll in the test web directory, the #DLL method would build the notification URL as ‘http://university.edu/aeon/testweb/aeon.dll?action=11&type=105’ while the #CUSTOMIZATION method would build it as ‘http://university.edu/aeon/aeon.dll?action=11&type=105’. The #DLL may be a better approach if a shared server setup has different directories and pages for different sites.
Web Tag Edits to the CreditCardPayment Form
The DLL tag on the PayPal CreditCardPayment.html (prior to v5.0.73) or include_payment_form_paypal.html (v5.0.73 or later) has some optional parameters:
absoluteUrl |
When set to true, the <#DLL> tag will be replaced by the full url of the |
---|---|
queryFields | By default, the query parameters in the url for a pay are included in the <#DLL> replacement, such as aeon.dll?Action=10&Form=10. If set to false, the query parameters will not be included. For example, <#DLL queryFields="false"> would be replaced by just aeon.dll. |
encodeUrl | If set to true, the string will be HTTP encoded so that it can be used as a URL query parameter, for example <#DLL absoluteUrl="true" encodeUrl= "true"> would be replaced by http%3A%2F%2Faeon.institution.edu% 2Faeon%2Faeon.dll%3FAction%3D10%26Form%3D10%0A, in contrast to the absoluteUrl example above. |
Option name = Countries |
The <#OPTION name="Countries"> option has changed slightly. You can now specify the format of the value of the dropdown that is submitted by using the mode parameter, for example <#OPTION name="Countries" mode="twoLetter">. The values for mode are "twoLetter" (the default), "threeLetter", "numeric" (ISO numeric code), and "name", which is just the full name. |
JavaScript
Note that the javascript of this page has been changed from previous versions. If a user cancels the page instead of using the post previously used, the account is returned to the Main Menu:
$("#cancel").click(function() {
window.location.replace("<#DLL queryFields=false>?action=10&form=10");