Using PayPal with Aeon


Payments made via PayPal are made on a secure page hosted by this provider. When a researcher chooses transactions to pay and clicks the Pay Now button on the Aeon Orders to Approve/Pay form (ViewOrderApproval.html), they are taken to the PayPal-specific CreditCardPayment form. Clicking the Pay Now button on this form takes them to the PayPal website to perform the payment transaction. The researcher logs into PayPay to pay using their account, or pays using a credit card. After the payment is submitted and the transaction is complete, the researcher is returned back to the Orders to Approve/Pay page in the Aeon web interface. The status line at the top of the form notifies the researcher that the payment was successful and displays the confirmation code. 

PayPal returns users back to Aeon within 10 seconds, or users can click on the link to return themselves to their Aeon web account. If the user closes the browser from PayPal and does not return to the Aeon web pages, the transaction will not automatically update with payment details. However, PayPal's IPN (Instant Payment Notification) will hit the dll at a random time and the Orders to Approve/Pay form will be updated. This process takes place behind the scenes and is not visible to users. 

If the user's Aeon web session expires while in PayPay, they will be redirected to the Aeon logon form. When they log into Aeon they will be taken to the Orders to Approve/Pay page, which will show an updated balance due and the The status line at the top of the form notifying the researcher that the payment was successful.

Because it it is possible for users to attempt to manipulate the payment transaction, there are safeguards in place to prevent this. All of these scenarios will not make a record of the payment in Aeon and will need to be rectified by  the user. 

  • If a user modifies the amount to be paid, they will be redirected to the CreditCardPayment page and asked to pay again.
  • If a user tries to send a payment to an alternate PayPal address the CreditCardPayment page displays a status line stating that the payment could not be processed and redisplays the VIewOrderApproval page.

Using PayPal as a Credit Card Payment Provider for Aeon requires an SSL Certificate which uses the SHA-256 algorithm. All Atlas-provided certificates meet this standard, but sites providing their own certificates (especially self-hosted sites) will need to verify that their SSL certificate meets this standard

PayPal integration in Aeon makes use of PayPal Payments Standard. In order to work with PayPal your site will need to activate Payment Data Transfer. See PayPal's documentation on the process.

Customization Keys

The payment provider customization keys used to set up PayPal are located in the Aeon Customization Manager under System | Billing. You will need to set the following key values:

PaymentProviderMerchantId The email address associated with your PayPal account.
PaymentProviderToken A token provided by PayPal when PayPal's Payment Data Transfer (PDT) is enabled. This provides immediate feedback to Aeon to indicate a payment has been made.
The following key is located under System | General:
CreditCardTransactionsDescription Used as a product description on the PayPal website to describe the researcher's purchase. The default value of this key includes the transaction numbers of the included requests: "Aeon Photoduplication charges for transaction(s) <#PARAM name='TransactionNumbers'>."

Web Page Edits

Below are the steps necessary to set up the web pages to work with PayPal. Specialized ViewOrderApproval and CreditCardPayment forms have been created to work with PayPal.

Your Implementation Coordinator or Customer Service Agent will supply the PayPal web pages to you when you are setting up your payment provider information. You can also obtain these pages on the Aeon 4.0 Downloads page.

ViewOrderApprovals Form

Replace the default ViewOrderApprovals.html form in the Web folder with the ViewOrderApprovals.html form designed to work with credit card payments. This form contains the Pay Now button that takes the researcher to the CreditCardPayment.html form.

CreditCardPayment Form

  1. Replace the default CreditCardPayment.html form in the Web folder with the PayPal CreditCardPayment.html form.
  2. Make the following changes to these hidden fields on the form:

    currency_code This field specifies the currency that the transaction uses. The default value for this field is USD. This value is specified by the PayPay currency code and must match the currency the site has configured their PayPal account to accept. PayPal's available currency codes can be found here.
    item_name_1 This field provides the value that will be used on the Sage Pay website to describe the researcher's purchase. The default setting simply pulls the value from the CreditCardTransactionsDescription customization key, but can be changed if you wish to differentiate the product's description, and additional values can be added.
    notify_url This field is the URL that PayPal will post to, to notify Aeon that a credit card transaction has completed, successfully or otherwise. The default value is <#CUSTOMIZATION name=WebURL />/aeon.dll?action=11&type=106" />. This URL must use an action of 11 and an action type of 106. A couple of caveats to note:
    • If you are using the website on the web server and are using local host or a 127 address to access the pages, that URL will be used to replace the dll tag and PayPal will not be able to reach the web server. Make sure to use the same URL an external user would use in this case. 
    • This may not work if a site is using RemoteAuth and the dll being used is under a RemoteAuth directory. In this case, the notify_url should be edited to point to the URL under the non-Shibboleth directory.

    The notify_url value is constructed using the WebURL customization key. The value can also be constructed using a #DLL tag that provides the address of the DLL that is actually being used. Most of the time these values are the same, but there can be some subtle differences. For example, if a site were using the Aeon.dll in the test web directory, the #DLL method would build the notification URL as ‘’ while the #CUSTOMIZATION method would build it as ‘’. The #DLL may be a better approach if a shared server setup has different directories and pages for different sites.

Web Tag Edits to the CreditCardPayment Form

The DLL tag on the PayPal CreditCardPayment form has some optional parameters:


When set to true, the <#DLL> tag will be replaced by the full url of the
aeon.dll. For example, <#DLL> or <#DLL absoluteUrl ="false"> would be
replaced by aeon.dll. <#DLL absoluteUrl ="true"> would be replaced by

queryFields By default, the query parameters in the url for a pay are included in the
<#DLL> replacement, such as aeon.dll?Action=10&Form=10. If set to
false, the query parameters will not be included. For example,
<#DLL queryFields="false"> would be replaced by just aeon.dll.
encodeUrl If set to true, the string will be HTTP encoded so that it can be used as a
URL query parameter, for example <#DLL absoluteUrl="true" encodeUrl=
"true"> would be replaced by
%3D10%26Form%3D10%0A, in
contrast to the absoluteUrl example above.
Option name
= Countries
The <#OPTION name="Countries"> option has changed slightly. You
can now specify the format of the value of the dropdown that is submitted
by using the mode parameter, for example <#OPTION name="Countries"
mode="twoLetter">. The values for mode are "twoLetter" (the default),
"threeLetter", "numeric" (ISO numeric code), and "name", which is just
the full name.


Note that the javascript of this page has been changed from previous versions. If a user cancels the page instead of using the post previously used, the account is returned to the Main Menu:

$("#cancel").click(function() {
	window.location.replace("<#DLL queryFields=false>?action=10&form=10");

Web Changes for Aeon 3.8 & Pay Pal

See Aeon 3.8 Web Page Changes for more information on the following changes.

  • In the form element with id="paypalform", the action attribute has been changed from

    action="<#CUSTOMIZATION name=PaymentProviderURL />"


0 out of 0 found this helpful



Article is closed for comments.