I want to add a button to my website wherein a logged in member can pay their annual dues of $24.00. To that end I was looking at / but the whole createOrder() bit doesn't make a ton of sense to me:
// Call your server to set up the transaction
createOrder: function(data, actions) {
return fetch('/demo/checkout/api/paypal/order/create/', {
method: 'post'
}).then(function(res) {
return res.json();
}).then(function(orderData) {
return orderData.id;
});
},
Why would I want to pass to it a URL? The only thing I want to pass to PayPal is the fact that the amount to be collected is $24.00. Having to create a URL endpoint to communicate that information to PayPal seems excessively verbose.
For onApprove a URL makes sense. I'd like to log the fact that a member successfully paid in the DB that only server-side code would be able to write to. Per the sample response at I gather I should be getting the email address of the person who made the payment and I can tie that to a user in my DB.
But for createOrder() it just isn't making any sense to me. I mean, maybe there are use cases that I'm not considering wherein the ability to pass a URL to that would be useful but I don't think that's the case in my situation. Like in my situation it just seems like it'd be easier if I could pass to it a JSON with the amount that I'd like to be charged.
I want to add a button to my website wherein a logged in member can pay their annual dues of $24.00. To that end I was looking at https://developer.paypal/demo/checkout/ but the whole createOrder() bit doesn't make a ton of sense to me:
// Call your server to set up the transaction
createOrder: function(data, actions) {
return fetch('/demo/checkout/api/paypal/order/create/', {
method: 'post'
}).then(function(res) {
return res.json();
}).then(function(orderData) {
return orderData.id;
});
},
Why would I want to pass to it a URL? The only thing I want to pass to PayPal is the fact that the amount to be collected is $24.00. Having to create a URL endpoint to communicate that information to PayPal seems excessively verbose.
For onApprove a URL makes sense. I'd like to log the fact that a member successfully paid in the DB that only server-side code would be able to write to. Per the sample response at https://developer.paypal/docs/api/orders/v2/#orders_capture I gather I should be getting the email address of the person who made the payment and I can tie that to a user in my DB.
But for createOrder() it just isn't making any sense to me. I mean, maybe there are use cases that I'm not considering wherein the ability to pass a URL to that would be useful but I don't think that's the case in my situation. Like in my situation it just seems like it'd be easier if I could pass to it a JSON with the amount that I'd like to be charged.
1 Answer
Reset to default 1Integrations that do not "pass it to a URL" on a secured server are inherently insecure. Instead of paying $24.00, such integrations can be arbitrarily changed to pay $0.24 or whatever.
PayPal deprecated them for that reason, a server to create and capture orders is now required -- unless the very simple "Pay links and buttons" from https://www.paypal/buttons meets your needs.