Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Preimum Accounts/Paypal Help

x00x00 MVP
edited February 2012 in Vanilla 2.0 - 2.8


This plug-in will not be enabled unless configuration is provided, in settings/premium

PayPal can be tricky at times. See this tutorial if you are having difficulty understanding paypal:

This plugin uses a PayPal Account ID instead of email, for privacy, security.

You need to upgrade you account to Premier or Merchant account first, if you don't already have one. It shouldn't be much hassle:

Unfortunately it can be difficult to find your PayPal Account ID. Here is some help:

Even more annoyingly in Paypal Sandbox it is even harder to get. The only way I've found works is:

Yet another way to see the PayPal Business ID or Merchant Referral ID is choose to not host your item button code or encrypt it. Simply create a test button. What you need to do is "uncheck" the option for "Save Button At PayPal" in Step 2 of the process. Then after you "Create" the button code, in the window that displays the code there is a link that says "Remove Code Protection". Select this link. Your code will be changed to clear text. Just look for the "business" variable value

Paypal Sandbox

it is a good idea to test on the sandbox before going live with your upgrade service. So you don't have to spend real money.

Here is a tutorial:

Remember that the sandbox ID is different from your live one. See above.

One gotacha is that payment are not automatically cleared in sandbox if the test account is not configured correctly. here is how to solve this issue:

Further tutorials if needed can go in this thread. Please suggest.

User have the the option to upgrade, look in you profile, and there should be a tab.

The uri for handling upgrade/premium account status is user/upgrade. You can make a link.

The plugin works on the basis of if the transaction doesn't smell right, the account is not ungraded.

I tried to make this plugin as locale friendly as possible. The following can be translated:

Premium Accounts
Transaction Log
Account Type
Subscription Period
Apply for Membership
Premium Accounts Settings
Allows users to upgrade their accounts, through paypal payment. Details must be valid to activate
Premium Accounts Log

grep is your friend.



  • Options

    Allows users to upgrade their accounts, through paypal payment. Details must be valid to activate should be SettingsDescription, UpgradeAccount is replaced with UpgradeToPremium

    grep is your friend.

  • Options

    On my install the 'buynow.gif' URL is broken. It's something like


  • Options

    thanks, should be fixed now.

    grep is your friend.

  • Options

    I installed, activated, config and enabled the pluging for "member" users, but when i try yo create a new user nothing extra happend. Its the same as not plugin.

    How exactly works?
    Thank you

  • Options

    Oh sorry me, i understand now.

    The upgrade option its in profile. Its ok, thank you ! : )

  • Options
    x00x00 MVP
    edited February 2012

    You can place the upgrade link anywhere on your site.



    grep is your friend.

  • Options

    Thank you x00.

    I am testing the plugin and had some problems.

    1. Testing in Sandbox the transaction status was "payment_invalid" and the log was:
      "payment_mismatch: mc_gross 10.00 doesn't match 10,00"

    The problem is the , or the . in price.

    1. When the pay is invalid i dont know how can delete this log for the user. I want to delete this invalid payment for try again. How can restart?

    Thanks ! : )

  • Options
    x00x00 MVP
    edited February 2012

    Yes I taught it to if in doubt fail.

    You can refund the payment through paypal. Change the decimal marker in settings. Then do the transaction again.

    I can add manual approval of payments if you are willing to sponsor.

    Logs are transactional so basically don't get deleted, but may get superseded.

    grep is your friend.

  • Options

    Ok x00, thanks.

    Whats exactly the amount for be your sponsor? :P

    Some things:

    -I cant decide the returned decimal sign in Paypal Sandbox, then i comment the code line where its controled

    -Sometimes the plugin utomatically expired account (force_expired) i dont kown why or when, and the premiun role still

    -When the payment its correct and upgraded the "Transaction log" dont show it (log only shows expired and invalid transactions)

  • Options

    You should use the dot decimal sign in settings.

    I've always thought it was a contradiction that SI allows 10 000,00 and 10 000.00, they should pick one notation, in any event. Paypal uses.

    Seriously though if you want to use french notation in the front end I could include it as a locale. It would be merely for displaying the value, but the transaction would take place as normal.

    Force expired happens when when, you save a user roles without the premium role. It will not reinstate.

    the log should show payment_complete, and all the detail of the transaction. Are you payment actually complete? Did you follow this advice:

    grep is your friend.

  • Options

    Whats exactly the amount for be your sponsor? :P

    It depend on exactly what you want. If you are just looking to be able manually approve payments from he settings log I could do that for 25GPB.

    Her are some example of options that could be sponsored:

    1. Display the status, on the buttons an various places, etc. So it is clear if they still have the premium role.
    2. Possbility or reinstating the role through the usual way, and having the expiry reinstated, for the remainder.
    3. Auto refund/canceling of subscription through the dashboard using papal API, you might want a cut off point, you could also have the users do the refund with a strict moneyback period.
    4. Auto cancelling, on reversion, charge back, refund, etc in paypal after payment has been cleared, using IPN.
    5. Recurring payments option. Paypal has this option it is a slight different form. You can also have reminders. I'd look into the most flexible method.
    6. Multiple term payment n x term.
    7. Manual clearing of transactions, force premium role for any period (including extend).

    grep is your friend.

  • Options

    Sorry me x00 but not correct in my case.

    The pluging not "force_expired" when i remove the user from the premium role.
    Sometimes happends the account expired automatically, i dont kwown still why. (i think happends when after pay the user remains without activity in "/user/upgrade/return" page) When the automatic account_expired happend the user still with premium role.

    Yes the "Payment Review" from SandBox is Enabled and Paypal test return a Complete status, but the plugin "Transaction Log" not show Completed subscriptions.

    The proof is that the order is registered in the GND_PremiumLog database table.
    The memo Log value is:

    |payment_date->05:39:34 Feb 23, 2012 PST

    0XX, i would like to collaborate with new functions related, but I think the project base is not yet optimal, or maybe i downloaded an old or alpha .zip.
    The version of my script is: v0.7.1:Mon Feb 13 11:35:27 GMT 2012

    Thanks : )

  • Options

    Other bug?

    registerbasic.php and registercaptcha.php arent effective in new registrations. : (

  • Options
    solonovasolonova New
    edited February 2012

    Other bug?

    In the "user/upgrade/" form the pay isnt a subscription, its a simple payment (_xclick)

    <input type="hidden" value="_xclick" name="cmd">
    <input type="hidden" value="1XTLQ3FBCWBP6" name="business">
    <input type="hidden" value="EUR" name="currency_code">
    <input type="hidden" value="5" name="amount">
    <input type="hidden" value="PremiumAccount" name="item_name">
    <input type="hidden" value="1" name="item_number">
    <input type="hidden" value="1" name="no_shipping">
    <input type="hidden" value="" name="notify_url">
    <input type="hidden" value="" name="return">
    <input type="hidden" value="" name="cancel_return">
    <input type="hidden" value="Return to Account" name="cbt">
    <input type="hidden" value="2" name="rm">
    <input class="Button" type="image" border="0" alt="PayPal -- The safer, easier way to pay online." name="submit" style="background-color:#fff;padding:5px;" src="">
  • Options
    x00x00 MVP
    edited February 2012

    last one is NOT a bug

    5. Recurring payments option. Paypal has this option it is a slight different form. You can also have reminders. I'd look into the most flexible method.

    Please sponsor.

    sorry registerbasic.php and registercaptcha.php option to upgrade weren't implemented in the current version. If you want this option please sponsor.

    grep is your friend.

  • Options

    Ok x00.

    I think this plugin need code review. After researching the method I will not use because I need extra safety and i think IPN method will be better for me.

    However i may use part of your code, so I want to be your sponsor. Please send your Paypal email by private message.

  • Options
    x00x00 MVP
    edited February 2012

    this plugin uses IPN. check your facts.

    grep is your friend.

  • Options

    If you want the security decisions explained I'm happy to do that:

    For instance the form is not encrypted, becuase, it is if it does not check out it will fail anyway. Immutable forms are for those than don't have facility to check the transaction.

    It doesn't use payment pro, becuase most forums to don't have a secure environment to make a payment.

    The payment being made on the PayPal site, there is little issue with the security of the payment.

    So far the only bugs you mentioned outstanding expiry and display of the log.

    The former may well be to do with configuration, naming issues. The later may well be to do with different version of mysql handing advanced queries differently (which I have encountered before).

    grep is your friend.

  • Options

    Yes x00, sorry, your script uses IPN, but its a public "notify_url" and needs the user be connected to forum.

    I was referring to the private account "notify_url".

  • Options

    are you testing on localhost?

    grep is your friend.

Sign In or Register to comment.