I've been trying to piece around information, but I am just ending up confused.
I need to setup a donation page on a site, it needs to have the option for recurring and one-time. That should be simple enough, but where things get complicated is returning the total amount of donations in a one month period.
I don't want to return the account balance, but the total of the transactions for the month.
Is it safe to do this over http, not https? Is there any major risk if someone gets the Paypal API info?
I've been through multiple sites that seem to deal with this through the local end - a database stores the donations after Paypal returns a complete - but they don't deal with recurring, as if someone cancels, the total would be off and require manual intervention.
Thanks for any of your time!
I'm not entirely I sure I understand what you're asking here, but I do think that what you need is Instant Payment Notification (IPN).
Any time a profile is created, canceled, payments are made, etc. an HTTP POST of that transaction data will be sent to a URL/script you have setup. This script can receive that data and process it accordingly.
This will allow you to update your database with payments as they occur, and when payments no longer occur you simply won't get IPNs so no more payments would be added.
If a profile is canceled you would get an IPN for that, too, so you could update your system accordingly.