I think this write-up best fits here: http://developer.pesapal.com And by the way I <3 PHP. On Fri, Oct 12, 2012 at 1:29 AM, John Doe Smith Kamau KipNg'etich Jones <skunkworks.ku@gmail.com> wrote:
I'll be blunt... for a dev, pesapal integration is steeper than other (less established) payment gateways in other countries (at least Egypt & SA where integration is at per with paypal or moneybookers). It has its good sides... integration to all mobile money services in kenya, co-op, visa and mastercard!! whoa!! plus, it uses Oauth by default (or by force. no other option :-D)!!
Interestingly... pesapal is just KES (so much that you never specify the currency you want to work with anywhere. Its just assumed to be KES, all the time. weird... never seen that before with the gateways i've worked with. I thought financial guys liked to be very explicit with their systems )
I tried to contact someone to have at least one issue fix (the first one, below)... but I got a very PR response. Moving along...
Issue 1: The PHP documentation has very, VERY... very wrong code at some point, and its apparently been like that for months (a collegue argues since the beginning of pesapal). Though the code is PHP, it uses a request object available only in javascript (xmlHttpRequest). Check out the last two pages of the PDF for intergration using PHP... another collegue think its all part of a grand scheme to have people contact pesapal for help (and get billed for the assistance. Biz calls it "creating a need in the market")
--> Solution: Update the darn code.... ask for my own code if you have to. Its only a small part of the sample code that is off. Its probably turned many potential customers to ipay... or some other gateway in the region __________________________________ Issue 2: PesaPal's code needs an urgent bugfix... Well... using pesapal's own sample code from their dev resources, amounts are posted to pesapal in the form "1,234.56". Note the comma "thousands-separator".
Unfortunately, pesapal uses PHP (its a bad language. everyone knows that)... & one interesting thing is how php parses numbers. Basically, php parses numbers by the digit, stopping when it encounters a non-numeric value.
To php, "345abceefg" is parsed to the number "345" .... and "1,234.56" is parsed to just "1"
Since pesapal deals with finances, it must be very robust, and fail when it sees something like "345abc" instead of saying that the value is "345". Kept saying my "3,453.00" amount was just 3 bob.
SOLUTION: if ( is_numeric($amount) === false ) { // FAIL, or THOW NEW EXCEPTION }
.... and that's it. (i said pesapal uses php coz i think its the only language that parses numbers like that, AFAIK) __________________________________ Issue 3: It needs to be simpler.... Why the heck do I need to build some XML string, and post it.... it doesn't make the post any lighter, or anymore secure, or make anymore sense. It makes the request heavier with that XML envelope, and makes the whole thing prone to mistakes e.g. if I make a typo somewhere (which will be tricky to find in that XML mess)... come on! let me just post the payment details directly!! wtf!!
and add some common API features.....pesapal has been around for so many years... but no new features! devs like new features! in my eyes, pesapal is still wearing granny undies as far as i'm concerned.. read the moneybookers PDFs for instance... cool stuf (i'll rarely use), but cool! basically... dont get too comfortable... evolve. __________________________________
Issue 4: No IPN (Instant Payment Notification). Even m-pesa has this (email me if you want the PDFs for m-pesa's IPN. It calls a URL on ur server when a payment comes in) .... back to the point: With no IPN, you're left with no choice but to have a cron-job regularly running to check the status of all pending payments you might have. The problem: 1) Increased server requirements: Not all hosts allow for cron-jobs, and many devs out there are pretty lazy and dont feel like they're being paid enough to even think about putting in the extra effort. 2) Increased costs on hosting, on both pesapal and its clients: In the event of mpesa/visa delays, my cronjob will make many useless requests to pesapal for my pending payments. These useless requests guzzle-up server and bandwidth resources on both my server and pesapal's. Its worse for pesapal, because the payment plugin I've built could run on 10 or 50 servers, and their cumulative hits would be hard on pesapal (think DenialOfService) 3) Increased code complexity: I now need to add a few fields to store pesapal's tracking ID, and keep track of pending payments, and do other bla bla bla. I'm not getting paid extra btw. My plugin is doing a lot of magic to work now... so much that it could star in a harry porter movie! (... yeah, nice joke :-D. twitting)
-->SOLUTION: pesapal should build an IPN thingy, so some data is posted to a URL i provide only when the status of a payment changes. Will save pesapal a lot! they just dont know it! Reduced server & bandwidth load, increased ease-of-use of pesapal's API (i.e. more customers)
.... I actually dont use a cronjob btw. My code aggresively makes repeated and consecutive requests to pesapal until the status of a payment changes. The script does this by using sockets to "call itself" whenever a payment is still pending. Too grumpy for effing cronjobs... so if my plugin proves too popular, pesapal could be DoS'd... and I'd probably feel very proud about that!
(Cheers... your friendly neighbourhood script kiddie) _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke