PayPal PDT

Setup PayPal PDT (with PHP sample code)

PayPal PDT (Payment Data Transfer) is a method to redirect buyers and customers back to your website. PDT allows PayPal merchants to securely fetch details about a transaction and display order information, confirm payment, check for status, update databases, allow digital downloads, send out software licenses and queue orders for fulfillment. If done correctly, PDT can really help automate the complete process from payment to delivery. It is vitally helpful for merchants who use PayPal to sell digital content as the downloads can be made available right after a payment is made and confirmed. PayPal PDT is really easy to setup and your website gets rolling in a few minutes; we will show you just that in this tutorial.

How PayPal PDT works

Before jumping to your live website, we’ll take a glimpse of how the whole PDT thing actually works. Basically, we will take a quick look at the request-response messages that are exchanged between your customer, your website and PayPal. Below is a graphic representation of the PDT request-response message stack.

PayPal PDT Process

At the simplest, there are 7 steps involved in PDT right from when a customer clicks the Buy button on your website up until he sees an order confirmation message. Below are definitions of a few keywords that you see in the stack image above and description about the exchanges messages in order.

Web form: A page on your website which has the pay now/buy now button or script that directs users to PayPal so that they can make payments for goods/services that you sell online.

PDT Script: A script to which the PDT redirect URL points and redirects to after the payment is complete. This script executes to confirm details, validates the transaction and could greet your customer with a payment or order confirmation message.

PayPal: Here, we refer PayPal to the PayPal servers which handle all the communication back and forth between your website, itself and your customer.

Customer: Someone who helps drive your business and contributes to your organization by purchasing offered goods or services.

 Now here is a complete run-through of the exchanged messages. Note that you don’t get to see these messages (even if you keep your eyes wide open); they happen in the background and in digital jargon.

  1. The first message is triggered when a potential customer clicks on the Buy button on your website. This requests PayPal to show the available payment methods (paypal balance, credit card, debit card, bank transfer etc) so that the good can be paid for and purchased. If you don’t have PDT setup yet, then this will be the end of exchanged messages and flow of the purchase process. Both you and the customer will get an automated payment received and sent email notifications respectively.
  2. Post payment, a message is sent from PayPal to the return URL that you had specified to return customers to. The return URL is accessed with certain parameters appended to it. For example, if you specified the return URL to be, then the first parameters and value append to it would be tx=<transaction_id>. These will be followed by other parameters and their values such as amount, quantity, product id etc.
  3. Upon receiving the values from the second message, your script would validate these locally and then send a request to PayPal for confirmation. This step ensures that the second message (and access to your PDT redirect URL) was sent from PayPal and not by anyone/anything else.
  4. If the transaction is verified, PayPal responds back with complete transaction details.
  5. Your script can now validate each and every attribute of the transaction, starting from item, order quantity, price, currency etc.
  6. Upon complete verification, the PDT script will jump to execute further processing of the order.
  7. The last message is exchanged between your website/PDT Script and the customer. You can show information related to the order, payment, shipping, downloads, license etc.

Creating a PayPal Premier or Business Account

The Payment Data Transfer facility is available to PayPal merchants, i.e. people who sell goods and services using PayPal. To so so, you need to either have a PayPal Premier or a Business account. Make sure that you are going to sell stuff if you sign up for one of these types of accounts as you will start getting charged for all payments that you receive in your account. Click here to know more about account types. If you have a personal account with PayPal, then you can upgrade PayPal account to Premier or Business and start accepting payments while selling things online. Additionally, PayPal allows you to keep 2 accounts – 1 personal and 1 business. So, you can sign up for another account of Business type in case you don’t wish to upgrade your personal account.

Enable PayPal PDT

PDT is disabled by default and needs to be enabled manually. To do so, login to your PayPal account and from the main menu navigate to Profile -> My Selling Tools. Now this option might not be visible to PayPal account holders in all countries – they can simply click on the Profile link and then select My Selling Tools from the left hand side descriptive menu that shows up when the page loads. This is where you need to click:-

My Selling Tools

Now, click on the Update link as it shows ups for Website Preferences under the Selling online section. Doing so will reload the page and present a high list of options, radio buttons and fields to fill in.

PayPal PDT Return URL

The Website Payment Preferences shows a list of all preferences which you can configure for receiving payment. The ones we are concerned with are:-

  1. Auto Return for Website Payment – select the On option for this preference. When turned on, this ensures that all the customers are immediately redirected back to your website after completing the payment.
  2. Return URL – The return URL is the web address to which you wish to bring back your buyers. The file at this location will contain our PDT script which gets executed right when the user is directed to this URL. In the tutorial, we’ve named the file PDTReturnURL.php and placed it under the root folder of the website. You can change the name as per your liking.
  3. Payment Data Transfer – select the On option for this preference as this will turn on PDT for your account.

That’s it for the settings. Just scroll down and click on the Save button to save these.

PDT Return URL

PayPal PDT Identity Token

The PDT Identity token is an alpha-numeric string of characters which uniquely identifies your account. This is necessary so that PayPal only allows only authorized requests for transaction details. If this were not to exists, anyone could request for a transaction details by just knowing the transaction id. The identity token basically safeguards access to the transaction data in your account. Right after you clicked the Save button on the Website Payment Preferences, you would have been directed to the My Profile page where a message ‘You have successfully saved your preferences. Please use the following identity token when setting up Payment Data Transfer on your website’ would have shown up in a box with the PDT identity token.

Paypal PDT Identity Token

Generating the Identity token completes all the PDT configuration that could be done from your PayPal account. Now what’s left is for us to write a simple PDT Script which will run on your website’s server, to which the customers will be directed post payment.

PayPal PDT Sample Code in PHP

The PDT Code comprises of 3 basic functions:-

  1. Grab and interpret the URL parameters
  2. Validate transaction details from PayPal
  3. Execute a script to show order details, update database, initiate file download etc.


Generic functions


Grab Transaction Id from URL


Validate Transaction by communicating with PayPal and execute script to process order

So that is a skeleton of  the PDT script in PHP. You can fill in details for the functions as per requirements and can choose to show order details, start digital downloads, generate and send software licenses, email customers and process their orders. We have tried to cover as many checks for validation and authenticity, but less us know if we might have missed anything important. Feel free to post your suggestions, comments, feedbacks and requests in the comments section below.

PS: In case you are interested in doing a combination of PDT and IPN, then read our tutorial to setup PayPal IPN.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

× four = 12

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">