From: John Doe Smith Kamau KipNg'etich Jones <skunkworks.ku@gmail.com>
To: Skunkworks Mailing List <skunkworks@lists.my.co.ke>
Sent: Friday, October
12, 2012 1:29 AM
Subject: [Skunkworks] my (not so merry) dev-experience with pesapal
I'll be blunt... for a dev, pesapal integration is steeper than other
(less established) payment gateways in other countries (at least Egypt
& SA where integration is at per with paypal or moneybookers).
It has its good sides... integration to all mobile money services in
kenya, co-op, visa and mastercard!! whoa!! plus, it uses Oauth by
default (or by force. no other option :-D)!!
Interestingly... pesapal is just KES (so much that you never specify
the currency you want to work with anywhere. Its just assumed to be
KES, all the time. weird... never seen that before with the gateways
i've worked with. I thought financial guys liked to be very explicit
with their systems )
I tried to contact someone to have at least one issue fix (the first
one, below)... but I got a very PR response. Moving along...
Issue 1:
The PHP documentation has very, VERY... very wrong code at some point,
and its
apparently been like that for months (a collegue argues since
the beginning of pesapal). Though the code is PHP, it uses a request
object available only in javascript (xmlHttpRequest). Check out the
last two pages of the PDF for intergration using PHP... another
collegue think its all part of a grand scheme to have people contact
pesapal for help (and get billed for the assistance. Biz calls it
"creating a need in the market")
--> Solution: Update the darn code.... ask for my own code if you have
to. Its only a small part of the sample code that is off. Its probably
turned many potential customers to ipay... or some other gateway in
the region
__________________________________
Issue 2:
PesaPal's code needs an urgent bugfix...
Well... using pesapal's own sample code from their dev resources,
amounts are posted to pesapal in the form "1,234.56". Note the
comma
"thousands-separator".
Unfortunately, pesapal uses PHP (its a bad language. everyone knows
that)... & one interesting thing is how php parses numbers.
Basically, php parses numbers by the digit, stopping when it
encounters a non-numeric value.
To php, "345abceefg" is parsed to the number "345"
.... and "1,234.56" is parsed to just "1"
Since pesapal deals with finances, it must be very robust, and fail
when it sees something like "345abc" instead of saying that the value
is "345". Kept saying my "3,453.00" amount was just 3 bob.
SOLUTION:
if ( is_numeric($amount) === false ) {
// FAIL, or THOW NEW EXCEPTION
}
.... and that's it.
(i said pesapal uses php coz i think its the only language that parses
numbers like that, AFAIK)
__________________________________
Issue 3:
It needs to be simpler....
Why the heck do I need to build some XML string, and post
it.... it
doesn't make the post any lighter, or anymore secure, or make anymore
sense. It makes the request heavier with that XML envelope, and makes
the whole thing prone to mistakes e.g. if I make a typo somewhere
(which will be tricky to find in that XML mess)... come on! let me
just post the payment details directly!! wtf!!
and add some common API features.....pesapal has been around for so
many years... but no new features! devs like new features! in my eyes,
pesapal is still wearing granny undies as far as i'm concerned.. read
the moneybookers PDFs for instance... cool stuf (i'll rarely use), but
cool! basically... dont get too comfortable... evolve.
__________________________________
Issue 4:
No IPN (Instant Payment Notification). Even m-pesa has this (email me
if you want the PDFs for m-pesa's IPN. It calls a URL on ur server
when a payment comes in)
.... back to the point: With no IPN,
you're left with no choice but to
have a cron-job regularly running to check the status of all pending
payments you might have.
The problem:
1) Increased server requirements: Not all hosts allow for cron-jobs,
and many devs out there are pretty lazy and dont feel like they're
being paid enough to even think about putting in the extra effort.
2) Increased costs on hosting, on both pesapal and its clients: In the
event of mpesa/visa delays, my cronjob will make many useless requests
to pesapal for my pending payments. These useless requests guzzle-up
server and bandwidth resources on both my server and pesapal's. Its
worse for pesapal, because the payment plugin I've built could run on
10 or 50 servers, and their cumulative hits would be hard on pesapal
(think DenialOfService)
3) Increased code complexity: I now need to add a few fields to store
pesapal's tracking ID, and keep track of pending payments,
and do
other bla bla bla. I'm not getting paid extra btw. My plugin is doing
a lot of magic to work now... so much that it could star in a harry
porter movie! (... yeah, nice joke :-D. twitting)
-->SOLUTION: pesapal should build an IPN thingy, so some data is
posted to a URL i provide only when the status of a payment changes.
Will save pesapal a lot! they just dont know it! Reduced server &
bandwidth load, increased ease-of-use of pesapal's API (i.e. more
customers)
.... I actually dont use a cronjob btw. My code aggresively makes
repeated and consecutive requests to pesapal until the status of a
payment changes. The script does this by using sockets to "call
itself" whenever a payment is still pending. Too grumpy for effing
cronjobs... so if my plugin proves too popular, pesapal could be
DoS'd... and I'd probably feel very proud about that!
(Cheers... your friendly neighbourhood script
kiddie)
_______________________________________________
Skunkworks mailing list
Skunkworks@lists.my.co.ke------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94------------
Other services @
http://my.co.ke