WVSailor

:'( Ready for a biggun?? Installed this contribution, then uninstalled due to errors. Still didnt' get rid of the errors. Here they are, any ideas? Warning: Cannot modify header information - headers already sent by (output started at /home/nownthen/public_html/includes/filenames.php:131) in /home/nownthen/public_html/includes/functions/general.php on line 1174 Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/nownthen/public_html/includes/filenames.php:131) in /home/nownthen/public_html/includes/functions/sessions.php on line 67 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/nownthen/public_html/includes/filenames.php:131) in /home/nownthen/public_html/includes/functions/sessions.php on line 67 Thanks for anyone's input! Jim

:'( Warning: openssl_pkcs7_sign(): error creating PKCS7 structure! in /home/nownthen/public_html/includes/modules/payment/paypal_ipn.php on line 369 Ok, corrected all the other errors. Does anyone know what this one means?? Thanks for everyones help!

My understanding of this contribution is that it will automatically update your invoice status once a confirmed payment is received among other things. I don't know if the PayPal that come with OSCommerce will do that. The IPN will also allow you to encrypt the information going to and coming from PayPal so that it should be able to be intercepted and your payments or other information from your customer to be stolen. B)

:'( Getting everything set up on my new host. I have the absolute path correct for the location of my crt and key file(s): /usr/share/ssl/private (key) and /usr/share/ssl/certs (crt) I'm getting the following error on the "Order Confirmation" page of mydomain Warning: file_get_contents(): open_basedir restriction in effect. File(/usr/share/ssl/certs/www.mydomain.com.crt) is not within the allowed path(s): (/home/mydomain/:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/maydomain/public_html/includes/modules/payment/paypal_ipn.php on line 369 Is the above line telling me that it's looking for my crt file in /home/mydomain or use/lib/php or usr/local/lib/php or /tmp? Warning: file_get_contents(/usr/share/ssl/certs/www.mydomain.com.crt): failed to open stream: Operation not permitted in /home/mydomain/public_html/includes/modules/payment/paypal_ipn.php on line 369 Is the above line stating that the permissions are not set correctly on the absolute path: /usr/share/ssl/certs/www.mydomain.com.crt Warning: file_get_contents(): open_basedir restriction in effect. File(/usr/share/ssl/private/www.mydomain.com.key) is not within the allowed path(s): (/home/mydomain/:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/mydomain/public_html/includes/modules/payment/paypal_ipn.php on line 369 Is the above line telling me that it's looking for my crt file in /home/mydomain or use/lib/php or usr/local/lib/php or /tmp? Warning: file_get_contents(/usr/share/ssl/private/www.mydomain.com.key): failed to open stream: Operation not permitted in /home/mydomain/public_html/includes/modules/payment/paypal_ipn.php on line 369 Is the above line stating that the permissions are not set correctly on the absolute path: /usr/share/ssl/private/www.mydomain.com.key? Warning: openssl_pkcs7_sign(): error getting private key in /home/mydomain/public_html/includes/modules/payment/paypal_ipn.php on line 369 I really don't have a clue with the above. Any Ideas? :P Warning: file_get_contents(/home/mydomain/public_html/pp//146134-2-signed.txt): failed to open stream: No such file or directory in /home/mydomain/public_html/includes/modules/payment/paypal_ipn.php on line 374 The pp directory does exist, but I think that is because of the trailing / that I put in the box in the module. I'll take it out to see if that works.

I called to ask a couple of questions and ended up speaking with him too. To say that I'm impressed with their service would be an understatement! My site was setup, dedicated IP address, SSL and all in less than 24 hours! I'm working on the "tweaks" now and will be testing the PP IPN this evening! Again, THANK YOU!

:) Thanks for the referral!!! We've switched to WebzPro! Definately looks like the way to go and after speaking with the owner directly, he addressed all of my concerns and then some! I'm impressed and will be moving the remainder of my sites to WebzPro! B)

Rik, To say we're "disgruntled" with our host would be an understatement at the moment. We've decided to move. You stated that your SSL is through goDaddy.com. Is this where you host your site? Since we've been having so many problems with them, we've done some research and have found that the issue is with out hosting service, no OSCommerce or PayPal. Any recommendations? Thanks

The email address used in the PPIPN is NOT the primary email address for the Pay Pal account. It's an additonal, or secondary, email address. Does the email address have to be the primary? When logged in to PayPal under Profile>Account Information>Email "[email protected]" is not listed as primary, does it need to be?? Cost(s) of ssl... I checked on verisign among other.... and they were quite expensive and we don't have a dedicated IP address either. Would this make a difference?

Ok, I switched back to the sandbox for testing. I'm not getting the errors on my page(s) anymore, but I'm receiving the following when sent on paypal: Error Detected -------------------------------------------------------------------------------- The email address for the business is not present in the encrypted blob. Please contact your merchant. I've tried just about everything I can think of... 1) I've deleted and recreated ALL crt's & keys using the primary email address on the PayPal Account, the secondary, etc, resubmitted to paypal and recieved ID & crts from them. Tried to place an order & I still get the same error, over and over and over. 2) I've submitted a support ticket to paypal. I still haven't heard anything from that tho. Is there anyone else that is using a shared SSL from their host? Could the "email blob" response be because it's a shared SSL with their email addy in it?? I really can't afford to purchase my own. I've priced them and $2,000+ is just a bit to much for an unemployed student to put out! I checked freessl.com and their "free" is only free for 30 days! So... 1) Does OpenSSL "generate" crts & keys? My host uses cURL or something like that I think from CPanel (I've tried sending an email to support@myhost, they are not the greatest. 2) How would I "install" OpenSSL on my site? The directions/instructions on openssl aren't very clear for a newbie like me. 3) Would this or could this, even possibly solve my problem? Thanks!

Ok, I was a bit premature.... :( Decided to "buy" something from myself. When clicking on the "Confirm Order" button, it takes me to paypal and I get the following error at https://www.paypal.com/cgi-bin/webscr: Error Detected -------------------------------------------------------------------------------- There was a problem with the decryption of your secure order. Please contact your merchant. I've changed the email addy to the [email protected] from [email protected] for the live server. Don't know how or even where I got the second, but I have TWO crt's from paypal. One called paypal_cert_pem.txt and cert_key_pem.txt (second was downloaded from Paypal after logging in to my "[email protected]" account, going to profile, selling preferences, encrypted payment settings, uploading my crt file, and downloading from PayPal--I don't remember where I got the first from! AArg! I guess I should have taken better notes!) If under Admin>Modules>Payment>Paypal IPN I change Paypals Public Certificate to the paypal_cert_pem.txt I get an error about the following error at https://www.paypal.com/cgi-bin/webscr: Error Detected -------------------------------------------------------------------------------- The email address for the business is not present in the encrypted blob. Please contact your merchant. Now, when I generated my certificate on my site, I used the email address "[email protected]". So, I guess the questions I have now are: 1) Which file from paypal should I use if any? or 2) Should I regenerate my crt/key using the "[email protected]", re-upload and get a "new" Publice Certificate & ID from PayPal I'm so confused and flusterated B) at this point! I'm gonna scream! hehehe

Ok, I was a bit premature.... :( When clicking on the "Confirm Order" button, it takes me to paypal and I get the following error: Error Detected -------------------------------------------------------------------------------- There was a problem with the decryption of your secure order. Please contact your merchant. Any ideas?

Well, I got it to work!!! Woohoo!!!! I finally figured it out while talking to my sister. She's a gem letting me walk through everything with her. She helped me figure out that you need to upload the TEST certificate when working on the TEST/SANDBOX server, not your LIVE certificate (DOH!). Well, I got it working and I want to thank everyone that helped me!

I ended up moving my crt/key/pem file from my home/username/ssl folder to home/username/tmp with permissions set to 777 on the tmp folder. For some reason I couldn't change the permissions on the ssl folder. I'm still recieving the following error though: Warning: fread(): Length parameter must be greater than 0. in /home/username/public_html/store/includes/modules/payment/paypal_ipn.php on line 406 If I figure it out, I'll post it and let you know.

Ok, got the permissions set correctly, got the absolute pate correct (I think) but I'm getting the following error :'( now: Warning: fread(): Length parameter must be greater than 0. in /home/username/public_html/store/includes/modules/payment/paypal_ipn.php on line 406 and line 406 reads: $data = fread($fh, filesize(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt')); Thanks!