Ian-San

Somebody else may know better than me - all this line does is to rename the final "continue" button. I am not aware of any auto-direct so this must be the result of some other setting you have made to your PayPal?

The PayPal guide seems to suggest that PayPal can only work with two decimal places - I guess it truncates after that. On the other hand, osC can work with multiple decimal places. So for a foreign currency, the calculated amount will be in many decimal places but only displayed in the required number. I guess you are unlikely to price in your own currency to multiple decimals. I dont think changing the decimal places in admin will have any effect as it is just changing the display not the calculated or stored amount. The solution would require a change to osC core code to force everything to be stored and displayed in 2 decimals which wouldnt suite everyone. Alternatively, you could force payment in your home currency so that rounding problems dont exist. Or, as I said above, make the if statement in ipn.php more fuzzy.

If I understand you correctly, I think the problem is down to a combination of decimal places and rounding - PayPal uses different settings to osC. Then, this line fails: if ($_POST['mc_gross'] == number_format($total['value'] * $order['currency_value'], $currencies->get_decimal_places($order['currency']))) { so the status is not updated correctly to give an indication of a problem. The answer would seem to be to set your osC to exactly the same decimal places and rounding method as PayPal (what is it???) or to make the above line a bit more fuzzy?

For a non-paypal order and payment, the comments are checked by the input box which put in the back-slash. So the database input is not further protected by the tep_db_input. However, when these comments go off to PayPal they lose the back-slash. There are about 4 places in my store where comments might be inserted into the database in the Paypal IPN modules so the simple solution would be to put the tep_db_input function around all of them as it will do no harm if it is not actually required.

Opps, my mistake. I think it should be: 'comments' => '[Unfinished / In progress PayPal IPN Order] ' . tep_db_input($order->info['comments'])); This function changes every ' to \'

The solution should be easy but I havent tested it. Just change: 'comments' => $order->info['comments']); in paypal_ipn.php to: 'comments' => $order->tep_db_input(info['comments']));

There is contribution included with this mod that intends to add back in the missing customer details. But my belief is that it is flawed as it using the "billing" address which is not defined function order in class order in the standard build so actually no details are actually passed. Apologies to hostmistress if I am wrong. I havent had time to test it yet, but I think it would work, without changing the order class, if "billing" was changed to "customer". In short, just paste this in to paypal_ipn.php at the end of the current parameter list: $parameters['first_name'] = $order->customer['name']; $parameters['address1'] = $order->customer['street_address']; $parameters['address2'] = $order->customer['suburb']; $parameters['city'] = $order->customer['city']; if ($order->customer['country']['iso_code_2']=='US') { $order->customer['state'] = tep_get_zone_code($order->customer['country_id'], $order->customer['zone_id'], $order->customer['state']); } $parameters['state'] = $order->customer['state']; $parameters['zip'] = $order->customer['postcode']; $parameters['country'] = $order->customer['country']['iso_code_2']; $parameters['email'] = $order->customer['email_address'];

There are two parts to this mod: - The first part pre-stores the order, manages the transfer of the customer and order details to PayPal and on customer payment and return will generate your customer emails (and any copies to yourself). - The second part will receive the IPN from PayPal in the background, change the order status to completed and update the order history. Depending on your store, IPN is not really required anyway in so much as you can just check the emails you get direct from PayPal, go to PayPal and check you actually have the cash and then manually update the order status before sending out the product. The IPN just automates this bit for you and gives you another opportunity to spot fraud. In my case, I do not sell physical products anyway so am not so concerned about spotting fraud in real time. However, I use the successful IPN to automatically update the customers account and alert me to specific order status details which allows me to manage my store in a completely hands-off way and deal with fraud in my own time.

yes I got it to work and no, I don't know why it doesnt work with the standard set-up. My solution was: 1) Replace the top two lines of ipn.php with: require('ipn_application_top.php'); and the bottom with: tep_db_close(); 2) Create the following file called ipn_application_top.php in the same place as ipn.php: <?php // ipn_application_top.php, v 1.0 chdir('../../../../'); // include server parameters require('includes/configure.php'); // include the list of project database tables require(DIR_WS_INCLUDES . 'database_tables.php'); // include the database functions require(DIR_WS_FUNCTIONS . 'database.php'); // make a connection to the database... now tep_db_connect() or die('Unable to connect to database server!'); // set the application parameters $configuration_query = tep_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION); while ($configuration = tep_db_fetch_array($configuration_query)) { define($configuration['cfgKey'], $configuration['cfgValue']); } // Add in specific other functions function tep_not_null($value) { if (is_array($value)) { if (sizeof($value) > 0) { return true; } else { return false; } } else { if (($value != '') && ($value != 'NULL') && (strlen(trim($value)) > 0)) { return true; } else { return false; } } } // Return a random value function tep_rand($min = null, $max = null) { static $seeded; if (!isset($seeded)) { mt_srand((double)microtime()*1000000); $seeded = true; } if (isset($min) && isset($max)) { if ($min >= $max) { return $min; } else { return mt_rand($min, $max); } } else { return mt_rand(); } } // Wrapper function for round() function tep_round($number, $precision) { if (strpos($number, '.') && (strlen(substr($number, strpos($number, '.')+1)) > $precision)) { $number = substr($number, 0, strpos($number, '.') + 1 + $precision + 1); if (substr($number, -1) >= 5) { if ($precision > 1) { $number = substr($number, 0, -1) + ('0.' . str_repeat(0, $precision-1) . '1'); } elseif ($precision == 1) { $number = substr($number, 0, -1) + 0.1; } else { $number = substr($number, 0, -1) + 1; } } else { $number = substr($number, 0, -1); } } return $number; } // include currencies class and create an instance require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); // charset for emails define('CHARSET', 'iso-8859-1'); // include the mail classes require(DIR_WS_CLASSES . 'mime.php'); require(DIR_WS_CLASSES . 'email.php'); // Send an Email function tep_mail($to_name, $to_email_address, $email_subject, $email_text, $from_email_name, $from_email_address) { if (SEND_EMAILS != 'true') return false; // Instantiate a new mail object $message = new email(array('X-Mailer: osCommerce Mailer')); // Build the text version $text = strip_tags($email_text); if (EMAIL_USE_HTML == 'true') { $message->add_html($email_text, $text); } else { $message->add_text($text); } // Send message $message->build_message(); $message->send('', $to_email_address, $from_email_name, $from_email_address, $email_subject); } ?> Note, I use HTML emails and not sure how standard the above Send Email part is. Also, you may want to check on the need for CHARSET - it might be something I added!

You wont get emails unless the customer actually clicks the final PayPal continue button and returns back to the store as the emails are sent out from the paypal_ipn.php module in the after process not the ipn callback module - ipn.php. There is no easy solution to this. You could move the email generation to the process_button section of paypal_ipn.php or alternatively to ipn.php. But both solutions create other problems. In the first case, the emails would be sent out even if the payment has not actually been made and in both cases it would be a little complicated to get the full order detail into the email. Or you could generate a temporary email from the process_button section with some bland all purpose words about the order but again it has problems if the customer doesnt complete the purchase. In addition, you cannot actually tell which module - ipn.php or paypal_ipn.php will actually be run first as it depends on the speed of the cusomer returning versus the speed of the ipn callback. So the simpler option is just to add this to the parameter list in paypal_ipn.php! $parameters['cbt'] = 'Click to Complete Order!'; This will rename the final PayPal button and make it clearer that the customer must return to the store.

It just means that PayPal are in the process of updating software on the server and access is slow or restricted.

Seems unlikely - more likely to be because $insert_order is false I would think.

This moudule still doesnt work for me but some of you might want to check this potential error: Email order confirmation will not show the selected attribute list as $languages_id is not defined in query line 488 / 491. In catalog/includes/modules/payment/paypal_ipn.php look for the global statement - line 409 - immediately following "function before process() {" and change to: global $customer_id, $order, $sendto, $billto, $payment, $currencies, $cart, $cart_PayPal_IPN_ID, $languages_id;

A lot of people in this post have reported problems with the order status "Preparing [PayPal IPN]" not changing on PayPal notify and so far there has not been a real solution posted. I also have that problem. However, it is obvious that this contribution does work for many people and so the problem is clearly not with the module itself. In addition, I have verified that the module does in fact work perfectly up to the point of notify, everything that should be sent is sent to PayPal, all the emails are received, the basket is cleared, the order history updated and PayPal does indeed send back a notify which is logged by my server. I get this code 200 in my server logs which clearly indicates that the notify was uccessfully attempted and Paypal does not attempt to send any repeat notifies: 216.113.188.202 - - [09/Jul/2005:19:33:26 +0100] "POST /ext/modules/payment/paypal_ipn/ipn.php HTTP/1.0" 200 189 "-" "-" However, the fact remains that the notify still doesnt work! Initially, I thought the problem was something to do with session creation, permissions or spider blocking but after changing the ipn.php file to one that would simply add an entry to the page_parse_time.log it still doesnt work. Yet, if I manually post the variables to the ipn.php file it works perfectly. So, it appears to me that something in the server settings is preventing the posts from what looks to the server as being a spider or robot. It is not the htaccess file as far as I can see and I can successfully post forms to my site from other external sites. So does anyone have any idea what this might be? I am running in safe mode - has anyone successfully used this contribution on shared server running safe mode? Has anyone who reported the notify not working actually got it to work?

Ric Taking the second point first: When you first enter your store you will probably see the SID in the url string. For most users / stores this will disappear on the second click in the store as it is replaced by the cookie. However, if you do not allow cookies on your browser, you will continue to see the SID in all urls throughout your store. The WP mod uses tep_href_link to construct the WP string. If cookies are not allowed, the SID will also be present in this string and passed through to WP at this point. The mod also adds the SID with this code: tep_draw_hidden_field('MC_oscsid', $oscSid); as well, so two SIDs would be present in the string which is what you are experiencing. What is probably required is an improvement to replace the: $worldpay_callback = explode('http://', $callback_url); along the lines of: $string_new = str_replace("http://","",$callback_url); $file = strtolower(strrchr($string_new,"/")); $worldpay_callback = str_replace($file,"",$file_new); and later to replace: tep_draw_hidden_field('MC_callback', $worldpay_callback[1] . '?language=' . $language_code) with tep_draw_hidden_field('MC_callback', $worldpay_callback . '?language=' . $language_code) or similar ...