Recently, I have downloaded Paypal SDK for PHP developers release 1.1.93 which is for “Express Checkout, Recurring Payments, Transaction Details, Mass Pay, Direct Payment, Payment Settlements, etc.”

..and I have been trying to integrate it with my new web application which needs collecting credit card payments. I did not like the “Express Checkout” which is like 5 steps and customer is lead to Paypal’s website during the process; not really straight forward, and I must say, over the years, Paypal integration did not get any less confusing!

The main problem is those so-called Paypal SDK developers clearly have released UNTESTED code:

1. Buggy XML preparation for input: If you care to skim over 25000 lines of code in file: lib/PayPalAPIInterfaceService/PayPalAPIInterfaceService.php you will see function toXMLString() in class SetExpressCheckoutRequestDetailsType and function toXMLString() in class PaymentDetailsType and both of them use class BasicAmountType and its function toXMLString(). The bug is when you are using a currency other than USD, it tries to create an attribute currencyID for tag ebl:OrderTotal. But the function injecting the result already closes the tag; therefore, the amount sent to Paypal is incorrect!

2. Redundant class OAuthException in lib/auth/PPAuth.php causes fatal error if PHP OAuth extension is already enabled in your server environment.

3. Default settings file config/sdk_config.ini has incorrect SOAP service URL; it should be

service.EndPoint="https://api-3t.sandbox.paypal.com/2.0/"
;service.EndPoint="https://api.sandbox.paypal.com/2.0/"

There goes few sleepless nights! .. all because of some “cowboy” programmers!

by the way, see: http://en.wikipedia.org/wiki/Cowboy_coding

Tags: , , ,
Categories: