On Fri, Mar 4, 2011 at 4:44 PM, Jeff Schnitzer <j...@infohazard.org> wrote: > > Say what you will about Paypal's evil eye and their confusing product > line, at least the integration is going fairly smoothly. It feels > like 1990s technology but it works. The most helpful advice I can > offer: Forget everything else on their stupid overmarketed website > and go straight for "Web Payments Standard".
I retract everything I said here. PayPal's API is a horrorshow. It makes the Facebook API look rational. I won't get into the fact that their documentation is confusing and grossly inadequate. The API is actually broken by design - I can't believe people use this stuff to handle money. IPN (the "reliable" messaging system) combines message verification with message acknowledgement. You can't verify a message without accepting it - which means you either a) commit a bunch of unauthenticated data and figure out how to roll it back on failure or b) accept the message and then HOPE that nothing goes wrong during processing. Paypal's sample code all suggests strategy b), which is just grossly negligent. I could rant at length about how defective the messaging system is too (what uniquely identifies a message? NOTHING!) but really this should go into a blog entry. I've built porn-serving infrastructure that was 100 times more robust. I am deeply, deeply disappointed. Even as abandonware, Google Checkout is better thought out. Jeff -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
