Jump to content
Mark Evans

Official PayPal IPN Support Thread

Recommended Posts

Terra, I think I found a small bug in this contribution.

 

Unlike other payment modules, this one doesn't give any "description" of the payment process to the user on "checkout_confirmation". In other word, the MODULE_PAYMENT_PAYPAL_IPN_TEXT_DESCRIPTION doesn't appear anywhere on this page.

 

I modified the following, which seems to solve this and doesn't break anything. However, can anybody confirm that this modification doesn't mess up with the rest of the contribution?

 

find:

	}

function process_button() {
  global $customer_id, $order, $languages_id, $currencies, $currency, $cart_PayPal_IPN_ID, $shipping;

 

right before this, replace

return false;

 

with

	  return array('title' => MODULE_PAYMENT_PAYPAL_IPN_TEXT_DESCRIPTION);

 

I hope this helps and doesn't break anything.:)

Edited by niviche

Share this post


Link to post
Share on other sites

im sure most are aware, if a user chooses a digital download, and goes thru the checkout process, gets to the paypal page, then comes back and see's their order history, and views the order pending, they are able to download the item, without paying for it.

 

anyone else aware of this matter???

 

is there a fix for it yet??

Share this post


Link to post
Share on other sites

i still see this digital download problem here.

 

when a user selects a digital download, and then goes thru the checkout process, but doesnt pay, and goes to the paypal site...then comes back to site, and views the order history, they are able to download the product.

 

what is the solution for this?

Share this post


Link to post
Share on other sites
...then comes back to site, and views the order history, they are able to download the product...

How they come back to your site? Click cancel on paypal page or just press/click Backspace on keyboard/browser?

 

Ken


commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Share this post


Link to post
Share on other sites
i still see this digital download problem here.

you need download controller - I think AlexStudio has a thread on this - look up his posts on this thread. Terra


My code for combining PayPal IPN with ** QTPro 4.25 ** osC Affiliate ** CCGV(trad)

and how to solve the invoice already paid error

General info: Allow customer to delete order comment ** FTP Programs & Text Editors ** Amending order email **

Share this post


Link to post
Share on other sites
anyone else aware of this matter???

is there a fix for it yet??

 

I am using a turnaround to fix this.

 

First use the http://www.oscommerce.com/community/contri...h,Downloads+boxDownload Page For Pending Downloads[/url]

 

Then, in the file where you have

AND o.orders_status >= '2'

 

add this right after it:

AND o.orders_status != '4'

 

You should replace the 4 by the status id of "Preparing (Paypal)" on your installation (the first column of the orders_status table)

Share this post


Link to post
Share on other sites

Whatever fix you use, what about the "hack" that you simply change in the bowser's address bar the file name checkout_confirmation.php to checkout_process.php, and leave every other bits in the address bar intact, you may be congrat'ed with checkout successful and begin to download, and the "hack" that change the order total to £0.01 and pay & return to your site as normal, and of course, begin to download?

 

I know the above is possible for paypal IPN, although I haven't tested the latest version as yet. By reading the recent posts the thread and looking into the core code I tend not to think it is any different in this regard. (No I am NOT saying paypal IPN is not useful in any way. I myself use it on different sites.)

 

Ken


commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Share this post


Link to post
Share on other sites
Whatever fix you use, what about the "hack" that you simply change in the bowser's address bar the file name checkout_confirmation.php to checkout_process.php, and leave every other bits in the address bar intact, you may be congrat'ed with checkout successful and begin to download,

 

I might misunderstand you, but I haven't been able to reproduce this. Do you mean that, once you've reached "checkout_confirmation", you type "checkout_process" in the browser's address bar? If that's it, I've tested it and it doesn't allow the user to acccess his (unpaid) downloads.

Share this post


Link to post
Share on other sites
I might misunderstand you, but I haven't been able to reproduce this. Do you mean that, once you've reached "checkout_confirmation", you type "checkout_process" in the browser's address bar? If that's it, I've tested it and it doesn't allow the user to acccess his (unpaid) downloads.

This is not my new discovery. while Hack 1 (change order total to pay) was known in the early stage of e-commerce, Hack 2 (enter checkout_process.php on confirmation page) in the circomcetance of oscommerce was known at least two years ago and was again discussed recently as in this thread: http://forums.oscommerce.com/index.php?sho...207589&st=0

 

But be careful: some of the claims in that thread were not true. I happen to be doing some research on this issue and may post the result somewhere in the forum when finished. As I have no/haven't done shops that sell downloads, I am keen to know real examples in a live shop to see if someone has managed to solve this problem (which I doubt if by doing something outside the payment module). I just tested the v1.5 paypal ipn on non-downloadable products, the issue was still there. (the release note does not say to have addressed this issue albeit it may be possible by activating the Encryption feature in all versions).

 

You have been warned! :)


commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Share this post


Link to post
Share on other sites
...circumstance...sorry typo

commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Share this post


Link to post
Share on other sites
This is not my new discovery. while Hack 1 (change order total to pay) was known in the early stage of e-commerce, Hack 2 (enter checkout_process.php on confirmation page) in the circomcetance of oscommerce was known at least two years ago and was again discussed recently as in this thread: http://forums.oscommerce.com/index.php?sho...207589&st=0

 

Ok. I tried what was shown in this thread. When somebody uses this hack, an order is recorded but payment is not received. Actually, the Paypal IPN contribution plays nice with this:

 

1. for all "in advance" payment methods (cash, money order...): since you haven't got the money yet, the order stays "pending", the seller doesn't ship, there is no problem at all.

 

2. with Paypal IPN: the customer doesn't visit the Paypal site, but his order is still listed as "Preparing", not as "Verified" or "Completed". It means that you haven't received the payment, and that the order hasn't gone through. In this case, you just don't ship the goods.

 

In the case of a customers buying downloadable products, the status of the order will stay "pending" or "preparing". By using the modification I mentionned above, the customer can not download his items without having paid for them.

 

So so far, so good. :)

Share this post


Link to post
Share on other sites
Terra

sorry - you are on the wrong track. the order still gets pre-stored on the checkout_confirmation.php page. That's because the module needs the order information in the database so when PayPal sends its payment confirmation it can access it and update it.

 

Alexstudio

The order must be saved before the confirm button been clicked, because customers are not forced to return to complete their orders. If the orders were not saved before sending customers to paypal, and the customers didn't return to store, there won't be any record in database for store owners to deal with.

 

He he, this is going round in circles. I fully understand that the order needs to be saved before sending customers off to PayPal. Whilst my knowledge of PHP is extremely limited, I still have not seen a conclusive answer as to why the order cannot be saved when you click the confirm button (which is before customers are sent to PayPal), as opposed to when the checkout_confirmation loads.

 

Either way, the order still gets created before customers are sent to PayPal.

 

Now, there may be another reason why my logic above doesnt work, and I am open to hearing that. Lets see what Terra thinks about it.

 

I'll check it out - I always thought this wouldn't work but maybe I'm wrong. Oh well - haven't been through the sandbox for 24 hours, so I guess it's time for another test run. Did I mention that this IPN is a pain the backside? Terra

Share this post


Link to post
Share on other sites
He he, this is going round in circles. I fully understand that the order needs to be saved before sending customers off to PayPal. Whilst my knowledge of PHP is extremely limited, I still have not seen a conclusive answer as to why the order cannot be saved when you click the confirm button (which is before customers are sent to PayPal), as opposed to when the checkout_confirmation loads.

 

Either way, the order still gets created before customers are sent to PayPal.

 

Now, there may be another reason why my logic above doesnt work, and I am open to hearing that. Lets see what Terra thinks about it.

The structure of the payment class has these 2 'methods' working when checkout_confirmation.php loaded:

 

Function confirmation()

 

Function process_button()

 

The 1st one confirmation() in this module creates the 'pre-mature' order record in database.

 

The 2nd one process_button() prepares the 'confirm button' with all necessary data to be sent with customers to paypal page.

 

So, if you don't create order record in the confirmation(), then there is no chance to do that job before sending customers to paypal.

 

Is that clear?

Edited by AlexStudio

Super Download Shop, PayPal Express Checkout IPN, Selling Downloads, Visual Validation (preventing robotic flood), phpBB2 Integration

 

Yes, I'm willing to help, but please ask in the right place. Think twice before trying to PM me, it might be ignored.

Share this post


Link to post
Share on other sites
So so far, so good. :)

While it is true that it is not really a problem for non-downloadable goods as you would not receive email from paypal to notify you money has been paid into your account, for downloads thou if your set up doesn't need you to manually update order status then good to you otherwise your customers wont be happy if they have to wait for ypu to update it: they want instant download!

 

And what about Hack 1 as mentioned above? How paypal inp deals with this?

 

Ken


commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Share this post


Link to post
Share on other sites
for downloads thou if your set up doesn't need you to manually update order status then good to you otherwise your customers wont be happy if they have to wait for ypu to update it: they want instant download!

 

They can get it: if they pay via Paypal, once they have actually paid, Paypal IPN communicates with the site, and the status of the order is changed to "completed". As far as I know, the hack above allows the hacker to add an unpaid order (as pending) to the database, but not to change the status of this order to anything above this level. On the other hand, people paying legitimaly via Paypal will get their instant downloads, as soon as they have paid.

Share this post


Link to post
Share on other sites
$parameters['no_shipping'] from 1 to 0 worked.

 

a topic this big reaaaallly needs a faq (and the ability to delete useless posts, like this one!) :D

 

I am having the exact same problem! Inside which file did you need to make the change? B)

 

Never mind, figured it out, it's in the paypal_ipn.php file! :D This module really needs a solid FAQ and Troubleshooting Guide.

Edited by ezfindit

Chris

Share this post


Link to post
Share on other sites

Can anyone help with my previous post?

 

Hiya Guys

 

I was wondering if someone can help me here.

 

I have paypal ipn installed as one of my payment method. ?everything was working fine, orders paid via paypal and customers returning back to site this orders being recorded.

 

A couple of days ago my host upgraded their Mysql so a few modifications had to be made on the site.

 

Now no one that pays via paypal doesn’t come back to the store and their orders are not recorded.

 

Can anyone help in sorting this out. I have no idea as to what part of the contribution is at fault and how to fix it.

 

Much appreciated

 

Costas

Share this post


Link to post
Share on other sites
A couple of days ago my host upgraded their Mysql so a few modifications had to be made on the site. Now no one that pays via paypal doesn’t come back to the store and their orders are not recorded.

Costas - more information would be good. Upgrading MySQL - but to what version???

 

The PayPal IPN has been written / tested in MySQL 4.x so if you are running MySQL 5 then that could be the issue. My knowledge of MySQL5 is zero, so I can't help. But if you publish your EXACT MySQL version on this thread maybe another developer can jump in. Terra


My code for combining PayPal IPN with ** QTPro 4.25 ** osC Affiliate ** CCGV(trad)

and how to solve the invoice already paid error

General info: Allow customer to delete order comment ** FTP Programs & Text Editors ** Amending order email **

Share this post


Link to post
Share on other sites

Thanks Terra

 

Mysql was indeed upgrade.

 

The Mysql version is 5, MySQL was updated with the latest cPanel release of cPanel 11

Share this post


Link to post
Share on other sites
It's working on my server but I see your point regarding naming - I'm currently collecting all feedback / bugs for a version 2.1 realise and have incorporated your suggested change. I will give it a few more days for bugs to surface and then upload the new version.
A few lines below the redeclaration order_status_id gets reset to default and the total value is checked against mc_gross. If it matches the order_status_id is updated to paypal_ipn. When order is redeclared the totals will never match and this condition is not handled so a verified payment is marked as pending and no error is generated.

 

This is my current fix. I'm not sure what the redeclaration does so I just commented it out for now..

if ($result == 'VERIFIED') {

if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && ($_POST['invoice'] > 0)) {

$order_query = tep_db_query("select currency, currency_value from " . TABLE_ORDERS . " where orders_id = '" . $_POST['invoice'] . "' and customers_id = '" . (int)$_POST['custom'] . "'");

if (tep_db_num_rows($order_query) > 0) {

$order = tep_db_fetch_array($order_query);

 

// START: MattR 06/01/07

// Comment the next few lines because they clobber the previous $order declaration

 

// let's re-create the required arrays

// require(DIR_WS_CLASSES . 'order.php');

// $order = new order($_POST['invoice']);

 

// STOP: MATTR

 

require(DIR_WS_CLASSES . 'payment.php');

$payment_modules = new payment(paypal_ipn);

 

// let's update the order status

$total_query = tep_db_query("select value from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . $_POST['invoice'] . "' and class = 'ot_total' limit 1");

$total = tep_db_fetch_array($total_query);

 

$comment_status = $_POST['payment_status'] . ' (' . ucfirst($_POST['payer_status']) . '; ' . $currencies->format($_POST['mc_gross'], false, $_POST['mc_currency']) . ')';

 

if ($_POST['payment_status'] == 'Pending') {

$comment_status .= '; ' . $_POST['pending_reason'];

} elseif ( ($_POST['payment_status'] == 'Reversed') || ($_POST['payment_status'] == 'Refunded') ) {

$comment_status .= '; ' . $_POST['reason_code'];

}

 

$order_status_id = DEFAULT_ORDERS_STATUS_ID;

 

if ($_POST['mc_gross'] == number_format($total['value'] * $order['currency_value'], $currencies->get_decimal_places($order['currency']))) {

if (MODULE_PAYMENT_PAYPAL_IPN_ORDER_STATUS_ID > 0) {

$order_status_id = MODULE_PAYMENT_PAYPAL_IPN_ORDER_STATUS_ID;

}

}

 

// START: MattR 06/01/07

// Send a debug email if order_status_id is not updated as-expected

 

else {

if (tep_not_null(MODULE_PAYMENT_PAYPAL_IPN_DEBUG_EMAIL)) {

$email_body = '$_POST:' . "\n\n";

foreach ($_POST as $key => $value) {

$email_body .= $key . '=' . $value . "\n";

}

$email_body .= "\n" . '$_GET:' . "\n\n";

foreach ($_GET as $key => $value) {

$email_body .= $key . '=' . $value . "\n";

}

 

$email_body .= "\n" . '$_DEBUG:' . "\n\n";

$email_body .= "PayPal IPN VERIFIED but order_status_id has been reset because mc_gross does not match calculated total!\n\n";

 

tep_mail('', MODULE_PAYMENT_PAYPAL_IPN_DEBUG_EMAIL, 'Debug PayPal IPN Results', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

}

}

 

// STOP: MATTR

I hope this helps. If it does not make sense please send me a pm.

 

Cheers,

Matt

Share this post


Link to post
Share on other sites
The structure of the payment class has these 2 'methods' working when checkout_confirmation.php loaded:

 

Function confirmation()

 

Function process_button()

 

The 1st one confirmation() in this module creates the 'pre-mature' order record in database.

 

The 2nd one process_button() prepares the 'confirm button' with all necessary data to be sent with customers to paypal page.

 

So, if you don't create order record in the confirmation(), then there is no chance to do that job before sending customers to paypal.

 

Is that clear?

 

Gotcha, thanks for clearing that up Alex.....

Share this post


Link to post
Share on other sites
I did give you the solution how to add text to the email - I'll see if I can make this a standard in the next version but just for the record, all you guys need to do is add a Constant to the email string .. now come on, PHP isn't that hard ;)

 

http://forums.oscommerce.com/index.php?s=&...st&p=884539

 

Terra

 

Yep, I tried that but it does not work :blush:

 

In the catalog\includes\modules\payment\paypal_ipn.php:

 

if (is_object($$payment)) {
	$email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
					EMAIL_SEPARATOR . "\n";
	$payment_class = $$payment;
	$email_order .= $payment_class->title . "\n\n";
	if ($payment_class->email_footer) {
	  $email_order .= $payment_class->email_footer . "\n\n";
	  $email_order .= EMAIL_TEXT_PAYMENT_PAYPAL. "\n\n";
	}
  }

 

In my dutch/checkout_process.php added this code

 

define('EMAIL_TEXT_PAYMENT_PAYPAL', 'Hartelijk dank voor uw bestelling.' . "\n\n". 'Met vriendelijke groeten, '. STORE_NAME . "\n\n");

 

But the text does not appear in my Order Confirmation :'(


Norman in 't Veldt

 

Moderator

osCommerce The Netherlands

Share this post


Link to post
Share on other sites
if (is_object($$payment)) {
	$email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
					EMAIL_SEPARATOR . "\n";
	$payment_class = $$payment;
	$email_order .= $payment_class->title . "\n\n";
	if ($payment_class->email_footer) {
	  $email_order .= $payment_class->email_footer . "\n\n";
	  $email_order .= EMAIL_TEXT_PAYMENT_PAYPAL. "\n\n";
	}
  }

 

It needs to sit outside the if statement. Try:

if (is_object($$payment)) {
	$email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
					EMAIL_SEPARATOR . "\n";
	$payment_class = $$payment;
	$email_order .= $payment_class->title . "\n\n";
	if ($payment_class->email_footer) {
	  $email_order .= $payment_class->email_footer . "\n\n";
	}
  $email_order .= EMAIL_TEXT_PAYMENT_PAYPAL. "\n\n";
  }

 

Terra


My code for combining PayPal IPN with ** QTPro 4.25 ** osC Affiliate ** CCGV(trad)

and how to solve the invoice already paid error

General info: Allow customer to delete order comment ** FTP Programs & Text Editors ** Amending order email **

Share this post


Link to post
Share on other sites

I think I posted before in the wrong place (hey, I ams till leanring osCommerece and how this forum works) :D

Okay, I have a hard time testing the Paypal module becuase my credit card is already on file with them in my account and it tells me I can't pay myself.

Got my first paypal order yesterday but the customer was not returned to the cart and nothing got recorded. I just got the Paypal notice that I got paid. I have since apologized to customer and am waiting for them to tell me what they bought.

Now on my Paypal account I had it set up to redirect the customer to a Thank-you page (not associated with my shopping cart.) had to change that... what page should they be re-directed to so the order gets saved?

Is it checkout_confirmation.php or something else?

In my Paypal account I have it set-up for auto return with the checkout_confirmation.php page they would get sent to, payment data transfer is turned off (because it talked about cgi scripts), paypal account optional is turned on, and block non-encrypted websites is off. On my Paypal module (in the cart) I set it to: Enable Paypal module (true), put in my email address, currency is USD only, payment zone (none), set order status (processing) and sort order display (0).

My website is http://www.jteverettdesignstudio.com/catalog

Any help is greatly appreciated and please- I am new to php and would need to know the file and particular place to change the code if needed.

Thanks everyone!

Pattie

Share this post


Link to post
Share on other sites
It needs to sit outside the if statement. Try:

if (is_object($$payment)) {
	$email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .
					EMAIL_SEPARATOR . "\n";
	$payment_class = $$payment;
	$email_order .= $payment_class->title . "\n\n";
	if ($payment_class->email_footer) {
	  $email_order .= $payment_class->email_footer . "\n\n";
	}
  $email_order .= EMAIL_TEXT_PAYMENT_PAYPAL. "\n\n";
  }

 

Terra

 

Yep, that did it! ;)

 

Thanks!


Norman in 't Veldt

 

Moderator

osCommerce The Netherlands

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×