Jump to content

peterbuzzin

Members
  • Content count

    139
  • Joined

  • Last visited

  • Days Won

    9

peterbuzzin last won the day on June 26 2019

peterbuzzin had the most liked content!

1 Follower

Profile Information

Recent Profile Visitors

10,519 profile views
  1. peterbuzzin

    Issue with Recreate Session = true

    PM the address to your site and I'll register with a test account. It would help throw more light on it and as I've never been to your site before there's no danger of stale session cache conflicts.
  2. peterbuzzin

    Issue with Recreate Session = true

    This can happen when either the osCsid has been indexed in a search engine, you have hardcoded a URL somewhere that contains the osCsid and you haven't enabled other options in admin that will check to see if the session being recreated belongs to the user that has stumbled across one of those bad links. It might shed some more light on it if you said which payment module you're using too but for now try below. Make sure Prevent Spider Sessions is set to True You can also set the Check User Agent to True Try setting Check IP Address to true, I've found this can sometimes have unpredictable results for payment gateway callback URL's so test this one fully before committing. Try setting Force Cookie Use (again sometimes unpredictable in my experience so test fully)
  3. peterbuzzin

    Login with PayPal saying return url is wrong

    Hey @MrPhil it's separate as although it needs to be done in order for Login with PayPal to work it would also need to be done in order to use any other "Login with *" module. For simplicity, I'd recommend Option 1 "Relocating the code back to login.php" and then you don't have to remember to always have all "Login with *" set with a lower sort value than "Login Form", it could be any sort value once reverted back to login.php. The code isn't specific to cm_login_form.php and was intended to be available to all login modules, it should not have been moved.
  4. peterbuzzin

    Login with PayPal saying return url is wrong

    Update Behind the scenes I've been working on this for supercheaphobb to find out what the cause is. After a lot of investigation today we have found the issue and been able to introduce a solution without much change to the code. This issue is present in every install of the Frozen 2.3.4.1 Fork (straight out of the box) and stores will need to make this change in order to use Login with PayPal (now called Connect with PayPal) or any other similar oAuth/token authorisation service such as Login with Google or Facebook. A some point a decision was made to move script from top of login.php and place it amongst the code of includes/modules/content/login/cm_login_form.php. This would have been fine if that code was only intended for the login form but it's intended to be shared amongst and used by any other modules/content/login/***.php modules that need to (i.e. Login with PayPal). This code was originally designed to execute if $login_customer_id was set and more than zero (that was all it needed), but in cm_login_form.php it's been buried within other conditional statements so it will only execute if the traditional login form has been completed and a user/pass match has been found another reason why this code will always fail when using other authentication methods. Full thanks and credit go to supercheaphobb for his sponsorship of this solution. The original script previously located in login.php is //from login.php (originally) if ( is_int($login_customer_id) && ($login_customer_id > 0) ) { if (SESSION_RECREATE == 'True') { tep_session_recreate(); } $customer_info_query = tep_db_query("select c.customers_firstname, c.customers_default_address_id, ab.entry_country_id, ab.entry_zone_id from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " ab on (c.customers_id = ab.customers_id and c.customers_default_address_id = ab.address_book_id) where c.customers_id = '" . (int)$login_customer_id . "'"); $customer_info = tep_db_fetch_array($customer_info_query); $customer_id = $login_customer_id; tep_session_register('customer_id'); $customer_default_address_id = $customer_info['customers_default_address_id']; tep_session_register('customer_default_address_id'); $customer_first_name = $customer_info['customers_firstname']; tep_session_register('customer_first_name'); $customer_country_id = $customer_info['entry_country_id']; tep_session_register('customer_country_id'); $customer_zone_id = $customer_info['entry_zone_id']; tep_session_register('customer_zone_id'); tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null where customers_info_id = '" . (int)$customer_id . "'"); // reset session token $sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand()); // restore cart contents $cart->restore_contents(); if (sizeof($navigation->snapshot) > 0) { $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href); } tep_redirect(tep_href_link('index.php')); } And has now been moved to includes/modules/content/login/cm_login_form.php at approximately line 61. There are two possible fixes for this and you can choose whichever will best suit your current/future needs. 1: Relocate/move the code back to login.php (but make sure you remove it from cm_login_form.php) or 2: Move the code outside of the conditionals (if statements) that surround it in cm_login_form.php If you choose option 2, you'll need to ensure that you give Login with PayPal a lower sort value in Admin > Modules > Content than the sort value of Login Form as the Login with PayPal code needs to execute before Login Form (as it would have originally before Frozen). So if Login Form has a sort value of 100, give Login with PayPal a sort value of 50. Option 2 Fix below Select the following code on line 61 //from login.php if ( is_int($login_customer_id) && ($login_customer_id > 0) ) { if (SESSION_RECREATE == 'True') { tep_session_recreate(); } $customer_info_query = tep_db_query("select c.customers_firstname, c.customers_default_address_id, ab.entry_country_id, ab.entry_zone_id from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " ab on (c.customers_id = ab.customers_id and c.customers_default_address_id = ab.address_book_id) where c.customers_id = '" . (int)$login_customer_id . "'"); $customer_info = tep_db_fetch_array($customer_info_query); $customer_id = $login_customer_id; tep_session_register('customer_id'); $customer_default_address_id = $customer_info['customers_default_address_id']; tep_session_register('customer_default_address_id'); $customer_first_name = $customer_info['customers_firstname']; tep_session_register('customer_first_name'); $customer_country_id = $customer_info['entry_country_id']; tep_session_register('customer_country_id'); $customer_zone_id = $customer_info['entry_zone_id']; tep_session_register('customer_zone_id'); tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null where customers_info_id = '" . (int)$customer_id . "'"); // reset session token $sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand()); // restore cart contents $cart->restore_contents(); if (sizeof($navigation->snapshot) > 0) { $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href); } tep_redirect(tep_href_link('index.php')); } Cut and paste it on what will then be approx line 65, the line immediately after the closing/right curly brace/bracket and above the line of code starting with if($error == true){ } //PASTE THE CODE HERE if ($error == true) { $messageStack->add('login', MODULE_CONTENT_LOGIN_TEXT_LOGIN_ERROR); } @burt you might want to patch/fix this, if not in frozen then in the Edge version.
  5. peterbuzzin

    Login with PayPal saying return url is wrong

    1 down, 1 to go, cool. So I can see you already have the redirect fix added to your code, so unlikely to be that as a next step. Can you confirm the account belonging to the registered paypal address you used to login with has been added to your customers list? If it hasn't then a process elsewhere is failing. If the account has been added, delete it. Then clear your cookies and session data, close the browser, reopen and try again. Osc may be storing navigation history and attempting to redirect you elsewhere or may have partially saved user account information and is missing others which is causing a logged in check to be incomplete.
  6. peterbuzzin

    Login with PayPal saying return url is wrong

    Ok, So there is an issue that your login with PayPal is 3 years out of date, the newest version is 2017 but I've ran a comparison and the differences are largely the replacement of HTTP_GET_VARS for $_GET and hardcoded db table names . So all indicators at the moment look good, we'll see how it goes. On approx line 123 find: if ( isset($response['email']) ) { $paypal_login_access_token = $response_token['access_token']; tep_session_register('paypal_login_access_token'); $force_login = false; Replace with: if ( isset($response['email']) ) { $paypal_login_access_token = $response_token['access_token']; tep_session_register('paypal_login_access_token'); $force_login = false; if (!isset($response['given_name']) && !isset($response['family_name'])) { //code to extract firstname and lastname from name $name = explode(' ', $response['name']); $response['given_name'] = tep_db_prepare_input($name[0]); $response['family_name'] = tep_db_prepare_input((isset($name[count($name)-1]) ? $name[count($name)-1] : '')); } Try that and we'll see how far we get and what might need doing after
  7. peterbuzzin

    Login with PayPal saying return url is wrong

    Hi Phil, I suspect this is similar but different. I asked OP to create a separate topic for this instead of posting on my original topic about deprecation. It's all good.
  8. peterbuzzin

    Login with PayPal saying return url is wrong

    Hey Troy, I know about the issue with the first and last name. Osc looks for indexes given_name and family_name in the response from PayPal. I don't think these are available anymore or not always populated. To overcome this I've had to use a different index i the response to reference called 'name' which contains both the first and last name. So my code looks a little like this if (!isset($response['given_name']) && !isset($response['family_name'])) { //code to extract firstname and lastname from name $name = explode(' ', $response['name']); $response['given_name'] = tep_db_prepare_input($name[0]); $response['family_name'] = tep_db_prepare_input((isset($name[count($name)-1]) ? $name[count($name)-1] : '')); } If you post the contents of your file includes/modules/content/login/cm_paypal_login.php I'll take a look and give you a solution from mine (this is the location and name for the stock OSC 2.3.4.1 so it may differ in your installation but should be similar).
  9. peterbuzzin

    PayPal App v5.018 Log In with PayPal is now dead

    Hi Troy, That's not according to another user, that's me and it was my first post in this topic when I created it (check out page 1) The fixes I listed on the first page makes it become/work with Connect with PayPal. I'm happy to help, but I'd really appreciate it if you'd start a new topic, as your issues are off-topic and specific to your single individual installation from the errors you've listed (invalid client_ID etc) and not the deprecation of Login with PayPal (now Connect with PayPal).
  10. peterbuzzin

    PayPal App v5.018 Log In with PayPal is now dead

    Cool, if that doesn't work would you mind creating a separate topic (where I'll be happy to help) just so this one can stay on topic
  11. peterbuzzin

    PayPal App v5.018 Log In with PayPal is now dead

    Sorry my previous answer was a bit short at the time, I was replying on my mobile whilst sat in traffic. Check in your site files that includes/modules/content/login/templates/paypal_login.php exists. If it does then you have a permission issue if it doesn't then you'll need to upload it.
  12. peterbuzzin

    PayPal App v5.018 Log In with PayPal is now dead

    Nope. You're missing files or permissions issue
  13. peterbuzzin

    PayPal App v5.018 Log In with PayPal is now dead

    osC initialises the variable with $ship_zone_id = 0 on first processing. It then queries the DB to find the country provided by PayPal in the shipping address contained in PayPal If the country is present in osC it then queries again to see if the region (contained in $ship_zone) provided by PayPal exists in the osC DB as a zone name (Alabama for example) or zone code (AL), if it does then $ship_zone_id is given the ID (1) contained in osC DB So later on when it gets to approx 213 it looks to see if $ship_zone_id is greater than zero (the result of whether a matching region was returned). If it's greater than zero then it's applied to $sql_data_array['entry_zone_id'] If it's not then instead of storing the ID against entry_zone_id (because it doesn't exist) it saves the name/text of the region provided by PayPal in entry_state. It's the exact same process/logic as create_account.php, it doesn't save the text value of the state/region because the state ID is already present in table zones.
  14. peterbuzzin

    PayPal App v5.018 Log In with PayPal is now dead

    It's not possible to get a phone number from PayPal any longer. Only option would be to ask the customer to enter the number after login. You'd need to code a secondary page after login with PayPal that just has one field asking for the telephone number and if you wanted to make it compulsory, code it so that they cannot proceed past that page without entering a number.
  15. Does any of the affected sites and orders use any sort of discount module/functionality? i.e discount codes/coupons? I've seen this happen before due to the way tax is calculated and rounding in the store versus how PayPal calculates tax and discounts. When the two figures don't match up during the callback (usually 1pence/1cents difference) the store will not accept the result and the process fails, no emails sent, baskets not cleared etc.
×