If you charge for some of your events, you now have the option to use the Stripe payment service rather than PayPal. This is a new feature (call it “beta” if you like), so if you try it please report back with a comment below to confirm that it worked for you.
Rather than writing my own API integration code for Stripe, I’m supporting this with an assist from the WP Simple Pay Lite for Stripe plugin. (There is also a Pro version for you to consider, but the free version seems to work just fine for my purposes). Once you install and activate the plugin, you will see a checkbox option to “Use Stripe instead of PayPal” on the RSVPMaker settings screen.
Update: The integration method I used is based on what the latest release of WP Simple Pay defines as its “legacy” shortcode and settings.
You will also need to have SSL security enabled on your site (or at least on the event page) to use Stripe payment in production. These days, SSL is becoming more and more of a default requirement for all websites, and there are good free options for obtaining SSL certificates. The reason SSL is not required for RSVPMaker’s default PayPal integration is that the responsibility for encrypting the financial transaction is delegated to PayPal’s website. After users complete the transaction at paypal.com, they’re redirected back to your WordPress site, and the payment is logged to the RSVP record.
You may find the Stripe integration to be a nicer user experience because the user never leaves your website and is presented with a straight credit card entry form, rather than a choice between between paying by credit card or with a PayPal account. According to this comparison, Stripe’s fee schedule also includes fewer surcharges.
For the sake of the demo below, I have WP Simple Pay enabled but in test mode.
The latest release of RSVPMaker supports more complex pricing scenarios with different price breaks, associated with deadlines for each tier (“early bird”, “on time”, and “late” registration for an event). This is one of several ways the new RSVPMaker improves the process of setting up events and accepting payment via PayPal and adds flexibility.
The example embedded below is loosely based on the variety of pricing packages my local Toastmasters district uses for its regional conferences. Click on the “RSVP Now!” button, and you will see two sets of prices with the “early bird” rates available until about 1 month before the event date. After that deadline, all the early bird prices will disappear from the options website visitors can select from the menu. (I picked a date in 2018 to keep the expiration dates from arriving too quickly.)
The corresponding administrative user interface for setting up pricing looks like this:
As part of my preparation for a webinar on RSVPMaker, I have been working on satisfying some longstanding requests from users of the plugin to simplify the PayPal setup and the setup of the RSVP form itself. These improvements are in version 3.7, just released.
Just the other week, I heard from a wedding planner who wanted to prompt users for a meal choice for themselves and any guests — and including those choices for guests was not something RSVPMaker handled well until now.
Another bit of motivation is related to my WordPress for Toastmasters project, which is based on extensions to RSVPMaker. It used to be that enabling PayPal support required manually editing and uploading a configuration file. But now I’m hosting sites on behalf of Toastmasters clubs in a WordPress multisite setup where it wouldn’t be practical for those who want to add PayPal support FTP access. So I’ve provided a little PayPal Setup wizard on the RSVPMaker settings screen to streamline the process.
Note on Security
The reason I didn’t simplify PayPal setup before now is justified paranoia: I didn’t want to be responsible for someone getting unauthorized access to your PayPal account. I still don’t. This is why I don’t store your PayPal credentials in the WordPress database. From time to time, WordPress has been known to be hacked.
While nothing is completely secure, the file system is a little more secure than the database — if an attacker has FTP access to your site, you’re already in big trouble. The PHP file containing your user credentials is set up to prevent someone from browsing to it and viewing the contents. By giving it a random filename, rather than calling it “paypal_constants.php,” I also make it less likely that an attacker will find it in the first place.
If you do have FTP access to your site, one thing you may want to do for extra security is move the file to a location outside of web root. For example, instead of storing it in /home/rsvpmaker/public-html/wp-content/uploads/2016/02/stringofjibberish.php I might put it above the public-html directory in /home/rsvpmaker/.