处理Paypal和本地数据库之间的事务

我最近有一个ASP.NET MVC项目

我学习了两件事：

• Paypal与您的数据库之间的沟通不能信任（好吧，没有真正学习，但完全加强了）

• Communication between Paypal and your database cannot be trusted (well, didn't really learn this, but it was entirely reinforced)

现在了解为什么有这么多的Paypal作为交易类型的网站提到，在交易完成和产品的运输/交付完成之间可能有一个处理期。

I now understand why so many websites that have Paypal as a transaction type mention there could be a processing period between the time that the transaction was completed and shipping/delivery of the product is completed.

处理这种情况的方式类似于商家处理个人支票的方式：

• 个人支票看起来像货币（通常是），但许多企业希望银行提供某种形式的资金在他们接受付款之前可用 - 所以他们使用一台机器询问银行是否实际可用资金。


• 如果机器说资金可用，则商家信任它，并完成交易。 但，该计算机可能会显示一条错误消息，通常表示资金不可用或出现问题，并且业务决定：
  
  
  
  
  • 我们可以信任客户并接受支票，交付产品，并希望在日后将支票存入银行时获得最佳效果。
  
  
  • 或者我们可以告诉客户需要时间来支票清算，存入支票，等待资金实际到达我们的帐户，并且（如果成功）在业务收到资金后交付产品。
  
  
  • A personal check looks like currency (and typically is), but many businesses would like some sort of verification from the bank that funds are available before they accept payment - so they use a machine that asks the bank if funds are actually available.
  • If the machine says the funds are available, the business trusts it and you complete the transaction. However, the machine can give an error message that typically means "the funds are not available or something went wrong" and the business has a decision to make:
    • We can trust the customer and accept the check, deliver the product, and hope for the best when later depositing the check to the bank.
    • Or we can tell the customer that it will take time for the check to clear, deposit the check, wait for the funds to actually arrive in our account, and (if successful) deliver the product after the business receives funding.

    今天许多企业的运作方式听起来效率不高，事实上，这就是为什么很多商家不愿意接受个人支票，与其他付款方式相比，它们是不可靠的。

    This sounds inefficient with the way many businesses operate today, but it is something that does come up. In fact, this is why a lot of businesses stray away from accepting personal checks, they are unreliable when compared to other methods of payment.

    现在怎么做与处理Paypal付款相关？

    
    
    • Paypal付款看起来像货币（通常是）例如Paypal在接受付款之前可以使用的某些验证，所以他们使用Paypal PDT，IPN或其他方法来检查交易是否被正确处理。
    
    
    • 如果Paypal正确地响应其中一个验证请求，企业可以信任它并完成该事务。 但，您的网站可能会出现某种错误（例如Paypal可能回复IPN响应 NOTVALID ，或者您永远无法收到回复从Paypal）。企业有决定：
      
      
      
      
      • 企业可以信任客户并接受他们已经支付Paypal付款，一切都应该是正确的在Paypal交易的情况下非常糟糕的决定）
      
      
      • 或者商家可以在退房时告诉客户，PayPal付款可能有72小时的处理期。
      
      
      • A Paypal payment looks like currency (and it typically is), but many businesses would like some sort of verification from the Paypal that funds are available before they accept payment - so they use Paypal PDT, IPN, or other method for checking that the transaction was handled appropriately.
      • If Paypal properly responds to one of the verification requests, the business can trust it and complete the transaction. However, your website may throw an error of some sort (i.e. Paypal could reply with an IPN response of NOTVALID, or you could never get a reply from Paypal). The business has a decision to make:
        • The business can trust the customer and accept that they have made a Paypal payment and everything should be alright (very bad decision in the case of a Paypal transaction)
        • Or the business can tell the customer at check-out time that there may be a 72 hour processing period for Paypal payments.

        这可能不是最好的经营业务的方式，这是我们处理不完美互联网的方式。

        This may not sound like the best way to operate your business, but it is the way we have to deal with an imperfect internet.

        
        
        1. UserA希望使用Paypal将$ 100发送给另一个UserB
        
        
        2. UserA在结帐字段中输入值，并发送到Paypal
        
        
        3. UserA从Paypal发回您的网站，您的网站会执行IPN检查，以及Paypal发送到您的网站的详细信息（在这种情况下，我选择了IPN - 如果我们使用快速结帐
        
        
        4. 如果IPN VALID ，则按照预期处理事务。 li>
           
        5. 如果IPN不是 VALID ，请向客户提及处理可能有延迟，您的应用程序向您发送通知发生了可能的Paypal交易问题（您可能想要包括一个引用ID，以便您可以快速找到该通知引用的事务），并将该事务标记为 pending 为 c>
        
        
        6. 处理这些通知的网站的管理员将手动调查交易（或强制网站再次检查Paypal - 有关详细信息，请参阅Paypal API文档），并手动将事务标记为完成或失败
        
        
        1. UserA wants to send $100 to another UserB using Paypal
        2. UserA enters the value in the 'checkout field' and is sent over to Paypal to verify the transaction.
        3. UserA is sent back to your website from Paypal and your website performs the IPN check with the details that Paypal has POSTed to your site(I chose IPN in this case - as if we were using Express Checkout as opposed to some other payment gateway that Paypal offers).
        4. If the IPN is VALID, process the transaction as expected.
        5. If the IPN is not VALID, mention to the customer that there may be a delay in processing, have your application send you a notification that a possible Paypal transaction issue has occurred (you may want to include a reference id so that you can quickly find which transaction this notification is referencing), and mark the transaction as pending as opposed to complete or something similar.
        6. An admin of the site who handles these notifications will manually investigate the transaction (or force the website to check with Paypal again - see the Paypal API documentation for details on this) and manually mark the transaction as complete or failed.
        7. Notify those involved of the status of the transaction.

        这是令人讨厌的我们必须采取额外的步骤，以确保资金被转移，但是，如前所述，我们使用一个不完美的系统，我们要非常确定金融交易的成功/失败。

        It is annoying that we have to have extra steps involved to make sure the money was transferred, but, as mentioned earlier, we are using an imperfect system and we want to be very certain of the success / failure of financial transactions.

        这个过程的另一个好处是，当有人篡改Paypal支付系统时，可能会收到通知，让您在未来能够更好地应对恶意软件。

        An added bonus to this process is that there is likely to be notifications when someone is tampering with the Paypal payment system - leaving you better equipped to deal with evil-doers in the future.