If you MUST use PayPal...PayPal Magic: Managing Subscriptions

Would you ever play Russian Roulette? Probably not. PayPal is almost like this deadly game: with each transaction that you make, it could be financial life for another day, or financial death now. PayPal, as a service is arbitrary and unpredictable. However, if for whatever reasons you might have, you want to continue using PayPal (or open another PayPal account), this section is for you.

The Ultimate Survival Guide is Finally Here! PayPal or eBay account frozen? Need a new account or multiple accounts? Find out EVERY way to SOLVE every PayPal or eBay Problem including...

YES. This information is relevant for EVERY COUNTRY where PayPal & eBay are available! Every Tool & Trick in the Book...this is the ULTIMATE PayPal & eBay Survival Package! This is the REAL DEAL and you can't afford to not take a minute and check this out...

PayPal Magic is a tutorial of tips and tricks that will help you decrease the chances of PayPal limiting or flagging your account. If you can avoid making some of the common "errors" that a lot of people make when using PayPal, you can learn to survive the Paypal trap another day!

Sell Subscriptions to Your Online Content

Combine a database, PayPal subscriptions, and the IPN system to manage subscriber accounts.

If your web site offers something special that people are willing to pay for, such as access to a technical information database or specialized business-to-business commerce site, you might want to offer subscriptions. PayPal makes it easy. Using IPN, your web server, and your online database, you can easily create an entirely automated system.

Many adult sites on the Internet are available on a subscription basis. Don't offer subscriptions to these sorts of sites with PayPal. Your site's content must be allowed under PayPal's Acceptable Use Policy; otherwise, you might find that your account has been limited.

For the purposes of this example, let's say you offer access to a Rhesus monkey marketing database for the low, low price of $30 per month. This opt-in database contains the monkey name, monkey age, caregiver name, and mailing address of over 10,000 monkeys across North America. You offer your subscribers, typically Rhesus monkey supply vendors, access to this information for marketing purposes.

You'll need four things to implement your subscription business model:

Creating a Subscribe Button

The Subscribe button for your site can come straight from PayPal's button generator on the Merchant Tools page (log into PayPal and click the Merchant Tools tab). This example (created without encryption) should look familiar if you have created any unencrypted Buy Now or Donate Now buttons. The variables a3, p3, and t3 set the amount, period, and time unit of the subscription, respectively:


<head><title>Monkey Market Database</title></head>


<form action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but20.gif"

border="0" name="submit" alt="Make payments with PayPal - it's fast,

free and secure!">

<input type="hidden" name="cmd" value="_xclick-subscriptions">

<input type="hidden" name="business" value="burchell@inebraska.com">

<input type="hidden" name="item_name" value="Monkey Market">

<input type="hidden" name="item_number" value="mm-1">

<input type="hidden" name="no_note" value="1">

<input type="hidden" name="currency_code" value="USD">

<input type="hidden" name="a3" value="30.00">

<input type="hidden" name="p3" value="1">

<input type="hidden" name="t3" value="M">

<input type="hidden" name="src" value="1">




Setting Up Your Database

Your access control database can be simple. A single table, containing the email address and the password of your subscriber is all you need. For this example, the table subscribers contains two alphanumeric fields: email and password. You could issue customer usernames to your subscribers, but you might be better served if you follow PayPal's example and use email addresses to identify users. Passwords can be stored as plain text.

A database to keep track of your subscribers













Processing Subscriber Notifications

You need to handle two kinds of notifications from PayPal: the addition of new subscribers to your database when they sign up and removal of subscribers whose subscriptions lapse or are cancelled. Here's a snippet of ASP that does this:

<!-- Standard IPN processing here -->


if Request.Form("txn_type") == "subscr_signup" then

' Add this subscriber to the database

' Use SQL like this:

set cInsSubscr = Server.CreateObject("ADODB.Command")

cInsSubscr.ActiveConnection = "DRIVER={Microsoft Access Driver


cInsSubscr.CommandText = "INSERT INTO subscriber (email, password) VALUES

( '" & Request.Form("payer_email") & "', 'drowssap')"

cInsSubscr.CommandType = 1

cInsSubscr.CommandTimeout = 0

cInsSubscr.Prepared = true

cInsSubscr.Execute( )

' Email the password to the new subscriber


Request.form("txn_type") == "subscr_cancel" then

' Remove a subscriber from the database

' Use SQL like this:

set cDelSubscr = Server.CreateObject("ADODB.Command")

cDelSubscr.ActiveConnection = "DRIVER={Microsoft Access Driver


cDelSubscr.CommandText = "DELETE * FROM subscriber WHERE email =

'" & Request.Form("payer_email") & "'"

cDelSubscr.CommandType = 1

cDelSubscr.CommandTimeout = 0

cDelSubscr.Prepared = true

cDelSubscr.Execute( )



Don't really give every one of your subscribers the same password (drowssap in this example). Instead, use an algorithm for generating a password or let them choose a password for themselves in the subscription process.

Don't forget to turn on IPN in your PayPal account and point it at your IPN processing script.

Controlling Access to Your Valued Content

Now you have a list of valid subscribers that is automatically updated by PayPal and your IPN script. Next, you'll need to make use of this information by ensuring that visitors to your site are on the current subscriber list. In this example, all the members-only pages are dynamic ASP pages. The first thing the code does is check that the user is properly logged in. If not, the premium content is not displayed and the user is redirected to a Sign In page. You know the user is signed in if the magic cookie has been set.



'Check for the magic cookie.

'If not found, redirect

if Response.Cookies("MagicMonkey) != "swordfish" then

Response.Print("Please log in before accessing this page.")




<!-- Put your content here -->

The Sign In page simply asks for the user's email address and password. If this information shows the visitor is a valid subscriber, a cookie is set on the user's browser. The cookie contains the magic word that allows your subscribers access. Without this cookie, set to the proper magic word, no one can access subscriber-only content.

Your page, login.asp, should contain an HTML form that asks for each customer's email address and password. Its data is posted to sign_in.asp.

This example is purposefully simplistic. If the cookie is always the same, all a nonsubscriber needs to do to gain access is manually set the browser's cookies to include your magic word. In practice, you will want to change your magic cookie daily. Users will need to visit the Sign In screen each day and provide their email address and password to get that day's magic cookie. Better yet, use a one-way encryption algorithm to create a unique cookie each day for each subscriber.

Offer Tiered Subscriptions

Enhance simple subscription management to accommodate different levels of users.

Offering something of value for a small amount of money, and then selling your customer an upgrade to something of even greater value for a larger amount of money, is a great marketing plan. PayPal does this itself in a way; you can get some nice features for a low price (free) with a Personal account, and when you want more features you can upgrade to a Premier or Business account.

This modification shows you how to add tiers (or service levels) to your subscribers' accounts. You can create Subscribe buttons for each of your subscription levels, add a field to your database to indicate the subscriber's tier, check the tier of subscribers when users access pages, and give your customers an easy upgrade option.

Creating a Premium Subscription Button

Who knew the opportunities in marketing to lower primates? Thanks to a new partnership, you now own exclusive North American distribution rights to the customer data of Rhesus Research International, a leading monkey marketing firm in Europe and Asia. You want to keep offering access to your North American data at the usual low price, but you want to add an option for buyers of your data who want to market to the rest of the world as well. Solve this problem by adding another subscription option at a higher price.

Time Your Subscriptions to End on Specific Dates

Use some simple JavaScript and PayPal's trial period to calculate the lengths of new subscriptions, assuring they all expire at the same time.

Imagine you own a diaper service for Rhesus monkeys. Your customers subscribe by the month, and every month some customers allow their subscriptions to lapse. You need to get these customers back on board so you get some help from your brother-in-law Leon, a guy with a knack for bringing monkey owners around. Market research suggests lapsed subscribers are best contacted seven to nine days after dropping the service, just when the smell has started to get the attention of local law enforcement. But Leon doesn't want to call two or three people a day. He'd rather make 60 or 90 calls all at once.

PayPal doesn't offer a feature to set the date a subscription will expire; the subscription expires at a time that corresponds to the date the customer signed up. For example, a monthly subscription started on the 12th will run until the 12th of the next month. But you can use this modification to ensure that every new subscription will be billed on the first of the month, keeping Leon as happy as a Rhesus monkey in a fresh nappy.

Modifying the Trial Period

One handy feature of PayPal's subscriptions is the trial period. It allows you to set an introductory price for new subscribers that changes to the standard rate when the trial period expires. For example, you might offer access to your online information service for $1 during a three-day trial period, after which the price jumps to $100 a month.

To time your subscriptions to expire on the same day, bend the terms of the trial period so that each customer is charged a prorated amount for the balance of the month, after which the standard monthly rate kicks in. The JavaScript code makes this easy by completing these tasks:

  1. Calculate how many days are left in the current month.

  2. Find the prorated price by dividing the monthly subscription fee by the number of days in a month (31 days in this example) and multiplying by the number of days left.

  3. Stuff the calculated values into the subscription button when the buyer clicks Subscribe.

Just use this for your subscription sign-up page:



<title>Prorated Subscription</title>



<script language="JavaScript">

function CalcDate( ) {

var subend

//Set the start day to today

today=new Date( )

//Set the end date

//If it is December now, then the ending date needs to be January 1 of

next year

if (today.getMonth == 12) {

subend=new Date(today.getFullYear( )+1, 1, 1)

} else {

subend=new Date(today.getFullYear( ), today.getMonth( )+1, 1)


//Set 1 day in milliseconds

var one_day=1000*60*60*24

//Calculate the difference between the two dates, convert to days, and put

it in the day_count variable

var day_count = (Math.ceil((subend.getTime( )-today.getTime( ))/(one_day)))

//Set the subscription fee, then calculate the prorated value

var sub_fee = 10

var prorated_fee = Math.floor(((sub_fee/31)*day_count)*100)/100

//Write the values to the form on click

document.fmSubscribe.p1.value = day_count

document.fmSubscribe.a1.value = prorated_fee



form action="https://www.paypal.com/cgi-bin/webscr"

method="post" name="fmSubscribe">

<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but20.gif"

onClick="CalcDate( )" border="0" name="submit">

<input type="hidden" name="cmd" value="_xclick-subscriptions">

<input type="hidden" name="business" value="burchell@inebraska.com">

<input type="hidden" name="item_name" value="Monkey Nappy Service">

<input type="hidden" name="item_number" value="Sub-001">

<input type="hidden" name="no_note" value="1">

<input type="hidden" name="currency_code" value="USD">

<input type="hidden" name="a3" value="10.00">

<input type="hidden" name="p3" value="1">

<input type="hidden" name="t3" value="M">

<input type="hidden" name="src" value="1">

<input type="hidden" name="sra" value="1">

<!-- Values for the "trial period" -->

<input type="hidden" name="a1" value="">

<input type="hidden" name="p1" value="">

<input type="hidden" name="t1" value="D">




PayPal allows you to have two subscription trial periods. If you'd like to offer new subscribers a special rate and also have them all expire on the same schedule, use the first trial period for the discount (or even free) trial and the second trial period to prorate the balance of the month. Set the second trial period to the number of days left in the month after accounting for the days in the first trial.

Don't forget to modify the JavaScript code to figure the end date of the second (prorated) trial period, which may fall at the end of next month.

Manage Subscription Passwords the Easy Way

Use PayPal's Password Management feature and a PayPal-provided Perl script to get a subscription service up and running quickly.

PayPal offers a subscription service that enables you to set up your customers to pay you on a recurring basis. But if you offer access to an online resource, it can be a pain to manage all the subscribers manually. You'll have to monitor your PayPal account or email notifications, activate service each time you get a new subscriber, email customers their usernames and passwords, and deactivate the accounts of canceled subscribers precisely at each subscription's end of term. It goes on and on. That ain't any kind of fun.

If you are an experienced programmer, you can take advantage of Instant Payment Notifications (IPN) to update subscriber lists and send out passwords automatically, but that requires a fair amount of knowledge, expertise, and patience. To help online merchants, PayPal offers a Password Management feature, including a complementary Perl script, that makes things much easier.

The Password Management feature takes PayPal's standard subscriptions service one step further by automatically generating usernames and passwords for your subscribers. PayPal displays the newly created username and password to each new subscriber upon signup. Subscribers should probably write them down, because they aren't memorable. For example, a username might be pp-cookankle with the password saga!glint. Occasionally, you'll get even stranger combinations!

Shortcut to the Subscription Page

Subscribers can always find their usernames and passwords in the subscription details page at the PayPal web site. You can provide your customers with a shortcut to this page with this link (where merchant_email is the email address of the merchant—in this case, you):


The link takes each subscriber to his own History page at PayPal and shows a list of any and all subscriptions purchased from you. Merchants can also pull down a list of subscribers, including usernames and passwords, in a downloadable log.

.htpasswd and .htaccess

To use Password Management, you must run your own Apache web server on Unix or Linux (or use a hosting provider that offers it; the vast majority of hosts do). Password Management works with the .htpasswd and .htaccess files used by Linux/Unix and Apache, as described at http://httpd.apache.org/docs/howto/auth.html. Apache consults these password files before it allows (or denies) access to your premium content directories.

The Perl script mentioned in this modification works in conjunction with the Password Management option on the PayPal system, IPN, and your web server to automatically add and remove users from your .htpasswd and .htaccess files and thus provide immediate password-protected access to new subscribers.

PerlDiver is a useful tool when deploying Perl scripts. It tells you the path to your home directory, the path to your sendmail program, and which Perl modules are installed on your server. All three are pertinent to Password Management installation. PerlDiver is available for free at http://www.scriptsolutions.com/programs/free/perldiver/.

6.5.2 Getting the Code

Even though Perl is a programming language, you don't need to know how to program in order to install this script successfully. Familiarity with Perl is, of course, helpful, as is some experience in creating and editing files and directories on Unix or Linux systems.

It's usually possible to perform a complete installation using File Transfer Protocol (FTP)—a method of transferring files between computers—to upload the file to your server. If not, you might need to connect to your server with Telnet or SSH (or with some other server access program provided by your hosting provider). In any event, use the method with which you are most comfortable.

First, obtain the PayPal Perl script from the PayPal web site:

  1. Log into PayPal and click the Merchant Tools tab.

  2. Click Subscriptions and Recurring Payments.

While you're here, make note of the Subscriptions Password Management checkbox. To use Password Management for a subscription, you'll need to enable this feature.

Click the "IPN and server modifications" link.

Click the "Download Perl script" link and save the Manual and Script to your hard drive.

The script is packed into a gzipped TAR file. Windows users can use WinZip (http://www.winzip.com) to decompress this file. Unix and Mac OS X users should go to the command line and type gunzip paypal.tar.gz and then tar xvf paypal.tar to extract the script and README file.

The complete installation instructions are too lengthy to discuss here, but the manual provided by PayPal does a decent job. Among other things, the manual covers the setup of basic authentication with Apache, installation and configuration of the script, and updates you'll need to make your PayPal account configure IPN.

The PayPal manual sometimes refers to the password file as .htpassword (as opposed to the more standard .htpasswd). This is okay; the file can be named anything you choose, so long as it is referenced properly in your Perl script and Apache configuration files.

If you encounter any problems, make sure your files are installed to the correct locations, that you've set the file privileges with chmod, and that the file location of your .htaccess file is specified in your paypal.pl Perl script.

Once you have everything set up, you should give it a thorough testing and then roll it out to your customers. The script will handle incoming Instant Payment Notifications and make updates to your password files automatically.

Adding Users Manually

In order to manage users on your web site manually, open your .htpasswd file for editing (any plain-text editor will do). You'll notice that it is made up of a long list of text strings that look like this: pp-oaktunnel:8fusre9fhs. The first part is the PayPal-generated username, the second part is a scrambled version of the password, and the two are separated by a colon (:). The PayPal Perl script automatically inserts and deletes lines in this file.

To remove a user, simply delete the corresponding line from the file. Or, to temporarily disable a subscriber's access without deleting the line altogether, just add the word OFF in front of the user's password. You can reinstate access by removing the OFF prefix at any time.

When you are just getting started with a Password Management installation, you'll probably want to set up some temporary user accounts for testing purposes. Adding a few test accounts here means that you don't have to set up secondary PayPal accounts and purchase subscriptions from yourself just to test the system.

Adding users is a little more complicated, because the passwords are scrambled with the Unix crypt() function. The easiest way to generate an encrypted password is to use a web-based tool such as the one at http://www.earthlink.net/cgi-bin/pwgenerator.pl. Next, insert the username:password combo just as you would edit any other file on your web server. If you add a username:password combination to the end of the list, make sure to press Return or Enter so that your cursor moves to the next line before you save the file.

If you want to add a user from the Unix command line (and without having to edit the .htpasswd file manually), use the htpasswd utility that comes with Apache, like this:

htpasswd -b -d /usr/web/mysite.com/.htpasswd newuser newpass

In this command, /usr/web/mysite.com is the full path of your .htpasswd file, and newuser and newpass are the username and password of the new user, respectively.

There are some commonly requested enhancements to the paypal.pl Perl script that are reasonably easy and safe to perform:

Multiple currencies

The paypal.pl Perl script supports subscriptions funded by U.S. dollars (USD) only, but you can modify it to support the other currencies that PayPal uses (GBP, CAD, JPY, and EUR).

Multiple subscription terms

PayPal's Perl script handles only one set of subscription terms. However, you can add support for a more complicated pricing structure, such as discounts for longer-term commitments.




Get the word out, PayPal is NOT YOUR PAL!Donate | Contact Us | Privacy Policy | Legal | ©2014 Screw-Paypal.com