The end goal is to show PayPal buttons and fields for people to make a purchase with. While also showing a flyer and/or any other relevant details or instructions. Nothing else from PayPal is needed.
So the person interacting with Quickbase would be picking an item and then opting to make a purchase of said item using Paypal? So the payment goes to you from that person? Is that accurate?
If that's the case then you can probably get away with a codepage only - since you're not actually authenticating with your account via a server. In theory (just spitballing) you could have the user in question authenticate themselves to Paypal through a pop up window or leverage their google account or something in that vein - and then send you that payment / process the purchase. Still a significant development effort - but if this is correct then it's just that person authenticating themselves through the browser and you're holding the token short term which makes it more doable.
Yup. The drop down, quantity, and any comments about the purchase are all fields provided by the PayPal code as well. The standard integration instructions reference their JavaScript SDK and involves saving some js to a file and another js to a file for their back end stuff. A code page can be saved as a .js, right? I was thinking, instead of "creating folders and saving files", I could save multiple code pages and reference those accordingly but, I am not sure.
To the point of someone being able to right click and view the backend of the site for credentials, is there a way to prevent this or maybe secure retrieve the credentials from another table in the app that is not open to the public?
