When my users are logged in with their username and userid saved in the session variable they can donate using paypal. With the simple buy now button that you can simply generate at paypal.
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="XXX">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
When they payment is successful they are sent to my confirm_payment.php with all the _POST data. I can use the mail they paid with and compare this with my user database to find the correct user, but I can't be sure that they use the same email for paypal and my site.
I need to pass the $_SESSION['username'] to paypal so I can use this information to give my users donator status automatically. Can I add something like:
<input type="hidden" name="custom" value="custom variable">
to my button code? Here is more info on the variables avaliable paypal info
yes you can add like this, this is the correct way, and when paypal pings you back on IPNHandler then you'll get the value of this custom hidden field in querystring with the same name.