(sorry about the blank reply a minute ago) > I am looking into the more advanced paypal instant notification > stuff for the next version of my sw, but version one is using a > simpler approach to get it out the door. Even that paypal sw > wouldn't solve my problem, which is to make sure that the POST to > paypal actually matches the transaction that the user has built up.
I found IPN to be *very* simple to use, logging the notifications to a DB and then acting as required. I would even be happy to send you my notification script, which uses Apache::Registry but is really just a simple POST BACK to paypal and when the response is 'OK', take the appropriate action (payment received, account terminated, etc) (but please reply privately if you want it). The only nits I experienced were A) forgetting to send back the "OK\r\n" to paypal that they expect to see from a successful notify. They called me and wondered if my script was broken... B) having to set up a unique index on my logging table on the "verify_sign" field, because in spite of the correct response chain, paypal has a tendency to notify repeatedly and redundantly. HTH! L8r, Rob