Hello,

I am trying to integrate payments with paypal. I followed Ryan Bates Railscast except that I don't link to paypal in a form but in my controller with a redirect_to(@order.paypal( ...,...)).

Everything is working fine, but I have not yet implemented the encryption and I have 2 questions:

• the redirect_to is in my controller so params are not visible in the form, in that case do I really need to encrypt (if yes can you explain me why)?

• if I need to encrypt I am not sure how to write the encryption (based on RB's railscast, because currently I have:

APP_CONFIG[:paypal_url] + encrypt_for_paypal(values)

with

def encrypt_for_paypal(values) values.to_query end

to get it working without encryption and if I follow RB I should have

signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY) OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")

in encrypt_for_paypal(values) method but I don't really know how it working to adapt it to my case.

Thanks for your help. Nicolas