Paypal自适应支付迷你浏览器

Question

我尝试使用PHP中的Codeigniter框架为我的产品使用迷你浏览器选项使用Paypal自适应支付。当我点击付费按钮时，迷你浏览器打开很好但当我点击登录按钮时，新标签打开，但我想在现有的迷你浏览器中打开此登录。

视图文件：

       <html>
       <head>
       <script src="https://www.paypalobjects.com/js/external/apdg.js" type="text/javascript"></script>
     </head>
     <body>
      <?php echo form_open_multipart('pay/splitPay','target="PPDGFrame"', 'class="standard"', 'id="mini-form"'); ?>
  <label for="buy">Buy Now:</label>
     <input type="image" id="submitBtn" value="Pay with PayPal" src="https://www.paypalobjects.com/en_US/i/btn/btn_paynowCC_LG.gif">
    <input id="type" type="hidden" name="expType" value="mini">
    <input id="paykey" type="hidden" name="paykey" value="10">
    </form>
     <script type="text/javascript" charset="utf-8">
        var returnFromPayPal = function(){

        alert("Returned from PayPal");
     // Here you would need to pass on the payKey to your server side handle to call the PaymentDetails API to make sure Payment has been successful or not
  // based on the payment status- redirect to your success or cancel/failed urls
      }
     var dgFlowMini = new PAYPAL.apps.DGFlowMini({trigger: 'submitBtn', expType: 'mini', callbackFunction: 'returnFromPayPal'});
     </script>

控制器：

     function splitPay() {
       $createPacket = array (
        "actionType" => "PAY",
        "currencyCode" => 'USD',
        "receiverList" => array(
                "receiver" => array(
                    array("amount"=>'2.00', "email"=>'bhomnath@salyani.com.np'),
                    array("amount"=>'4.00', "email"=>'infotechnab_api1@yahoo.com'),
                )
            ),
        "returnUrl" => 'http://localhost/paypal/index.php/pay/notify_payment',
        "cancelUrl" => 'http://localhost/paypal/index.php/pay/tempo',
        "requestEnvelope" => $this->envelope
    );

    $response = $this->_paypalSend($createPacket,"Pay");
    $payKey = $response['payKey'];
    $detailsPacket = array(
        "requestEnvelope" => $this->envelope,
        "payKey" => $payKey,
        "receiverOptions" => array(
            array(
                "receiver"=>array(
                    'email'=>'bhomnath@salyani.com.np'),
                    'invoiceData'=>array(
                    'item'=>array(
                        array(
                            "name"=>'product1',
                            "price"=>'1.00',
                            "identifier"=>'P1'
                        ),
                        array(
                             "name"=>'product2',
                            "price"=>'1.00',
                            "identifier"=>'P2'
                        )
                    )
            )),
            array(
                "receiver"=>array(
                    'email'=>'infotechnab_api1@yahoo.com'),
                    'invoiceData'=>array(
                    'item'=>array(
                        array(
                            "name"=>'product3',
                            "price"=>'2.00',
                            "identifier"=>'P1'
                        ),
                        array(
                             "name"=>'product4',
                            "price"=>'2.00',
                            "identifier"=>'P2'
                        )
                    )
            ))
        )
    );

    $response = $this->_paypalSend($detailsPacket,"SetPaymentOptions");

    $dets = $this->getPaymentOptions($payKey);

    header("Location: ".$this->paypalUrl.$payKey);
}

Answer 1

PayPal的安全要求会在某些情况下强制使用新窗口（并且javascript会强制执行此操作）。通常，当用户输入登录凭据时，他们需要这样做，这可能是您在问题中使用“登录”与“付款”按钮所指的内容吗？

这样做是为了最大限度地降低通过跨站点脚本攻击进行凭据窃取的风险，并确保用户看到“chrome”（例如安全连接符号和PayPal URL），并且可以在输入时验证窗口是否与PayPal安全连接凭据（出于反网络钓鱼的原因）。

一些较新的PayPal产品正在放宽这些要求，但我相当确定Adaptive在这个范例中是坚定的。