Blog

How to Set Up PayPal with RSVPMaker

For more current information, see https://rsvpmaker.com/blog/category/paypal/

RSVPMaker includes integration routines from the PayPal software developer’s kit to allow you to solicit online payments for your events and record which users have paid. The setup is a little bit involved, but there’s a reason for it.

I could have made it easier to set up RSVPMaker to work with PayPal, but for security reasons I hesitated to do so. If I had you enter your security credentials into a WordPress and save them as options associated with the application, they would be stored in the WordPress database and potentially be vulnerable to exposure through any hack that might allow someone to gain database access. While WordPress is secure enough for many purposes, it does get hacked from time to time, and I wouldn’t want anyone to gain access to your PayPal account (and, indirectly, to your bank and credit card accounts) for the sake of making things more convenient.

So I instead require you to edit the paypal_constants.php file in the paypal subdirectory of the RSVPMaker distribution. You will have to enter your API Username, API Password, and API Signature in that file. To obtain these you must have a Business or Premier PayPal Website Payments Standard or Website Payments Pro account (in most cases, I recommend Website Payments standard, which provides the needed functionality but does not require a monthly fee). Log into PayPal and visit the Profile Menu, follow the link to API Access, and then View API Signature. This will display the codes you need to copy into the configuration file.

I recommend storing this file outside of the web root directory — or at least somewhere other than the default location — so that it’s not possible for an attacker (who may have read these instructions) to browse to

http://yoursite.com/wp-content/plugins/rsvpmaker/paypal/paypal_constants.php

and make some kind of mischief on it. If your directory structure is /home/account/public_html then putting the file in /home/account and giving it a different name would be better.

Once you have this set up, record the path to the configuration file on the Settings screen for RSVPMaker, and you should be good to go.

Create a test event with a fee associated with it, go through the RSVP process, and you should be prompted to pay online. When you click the Pay Now button, you should be redirected to a page on the PayPal website that displays the name of your organization and asks you to either log in or provide credit card information to make a purchase.

Here is a visual walkthrough of the setup steps:

Record location of configuration file. Setting screen should show OK to confirm rsvpmaker can find the file.
In the event editor, set the price or prices you want to charge.
Attendee makes payment selections as part of RSVP
Prompt to pay online
Redirect to PayPal payment page

What You Can Do With RSVPMaker

I developed the RSVPMaker plugin to serve the event scheduling needs of multiple volunteer organizations, political campaigns, and professional groups I have worked with. It attempts to address many of the common requirements of these groups, while still leaving a great deal of flexibility for customization.

RSVPMaker Event Editor
RSVPMaker Event Editor

The plugin uses the custom post types feature introduced in WordPress 3.0 to treat events differently from other types of posts, while letting you create and edit them using the same basic WordPress editing tools. The event editor essentially looks like the blog editor, but with a few extra options for specifying dates, times, and RSVP options.

You can then create an events listing on your website with the events listed in chronological order, as opposed to blog style reverse chronological order by the date of publication.

You can modify the RSVP form to ask for more or fewer details, according to your preference. The sample RSVP form used on this website is an abbreviated one, but sometimes you may want to collect more complete contact information. For example, the Florida political campaigns I’ve worked with are required to collect full contact information plus the employer and occupation of everyone who attends a fundraiser.

Features of RSVPMaker:

  • Use the standard WordPress editor to enter and style text and upload images.
  • Set one or more dates to be associated with your event.
  • Specify just a start time, both a start time and an end time, or don’t include the time at all in the headline (for example, an all-day event where you will list the schedule details in the body of the event description).
  • Request RSVPs, if desired. Set one or more email addresses to be sent a notification as RSVPs come in.
  • Configure the default details to be included with new events. For example, if a group has a standard meeting place, you can have the boilerplate details with the address and a map link for directions included by default. You can specify whether RSVPs should be requested by default, if you want that most of the time, or only turn on RSVPs when needed, and you can set a default email address for RSVP notifications to be sent to.
  • Prompt attendees to choose one or more specific timeslots (example: signing up volunteers for shifts on a petition drive or bake sale).
  • Request online payments via PayPal. Set pricing to be calculated according to the number of participants in one or more categories (for example, a different price for members and non-members or children versus adults). Some manual setup required for PayPal configuration.
  • Modify the plugin’s default behavior by overriding functions. The plugin checks for a custom.php file (sample included) installed in the plugins/rsvpmaker/ directory, which you can use to substitute your own functions for things like the fields to be included in the RSVP form or the logging of attendee responses.
  • Display listings on an events page, or put an abbreviated list on your home page, using the RSVPMaker Shortcodes. A widget for displaying upcoming events in your blog sidebar is also provided.

I use RSVPMaker in conjunction with another plugin for integration with the MailChimp broadcast email service, which is not yet ready for public release. However, if you copy and paste an RSVPMaker event into the MailChimp editor, you will find that the RSVP Now links are coded according to the MailChimp merge language with a ?e=*|EMAIL|* parameter that will be substituted with the recipient’s email address. When a recipient who has previously RSVP’ed clicks on this link, RSVPMaker will check to see if we have that user’s details on file so we don’t have to ask for them again. This is particularly useful for longer RSVP forms that ask for more details.

Help wanted: This plugin has served my purposes, but I’m sure there is room for improvement. I have not yet invested in things like localization. I’ve tried to follow best practices for web application security, but I would welcome any suggestions about how to make it better.