Jump to content
Latest News: (loading..)
mcmannehan

PayPal App v5.000

Recommended Posts

But if paypal payment method is choice and payment is complete it redirects to checkout_process.php so that would send the mail. I think it isn't sent correctly as paypal_standard.php uses $order_id and checkout_process.php uses $insert_id

About the "Verifiy SSL" In OSCOM_PayPal.php if I set curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);  to false it works but for security question I think that isn't the correct solution.

CURLOPT_SSL_VERIFYPEER - verify the peer's SSL certificate -> https://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html

I'm still trying to check what is going on. Also I'm running PHP 7 and this files uses old constructors (stills works) but are just been deprecated and will trigger warnings.

Share this post


Link to post
Share on other sites

I think I might found the issue. At OSCOM_PayPal.php if "Verify SSL" option is true it does this:

        if ( (substr($server['host'], -10) == 'paypal.com') && file_exists(DIR_FS_CATALOG . 'ext/modules/payment/paypal/paypal.com.crt') ) {
          curl_setopt($curl, CURLOPT_CAINFO, DIR_FS_CATALOG . 'ext/modules/payment/paypal/paypal.com.crt');
        } elseif ( file_exists(DIR_FS_CATALOG . 'includes/cacert.pem') ) {
          curl_setopt($curl, CURLOPT_CAINFO, DIR_FS_CATALOG . 'includes/cacert.pem');
        }

The problem resides at ext/modules/payment/paypal/paypal.com.crt and copied from mine cacert.pem (which is a updated version). Make sure you get from here http://curl.haxx.se/ca/cacert.pem or this one from paypal -> https://raw.githubusercontent.com/paypal/TLS-update/master/php/cacert.pem

Share this post


Link to post
Share on other sites

I have Verify SSL set true and it works.  If you are failing on that, make sure the paypal certs on your site are up to date.  I haven't messed with this much since I set it up, but you can look through the https://library.oscommerce.com/Package&en&paypal documentation and it has a lot of info.  Most of my sales come through Authorize.net. 


I'm not really a dog.

Share this post


Link to post
Share on other sites

Mine is missing the last two certs on that list.  Did that fix your problem and do you pass now?


I'm not really a dog.

Share this post


Link to post
Share on other sites

Yes now for me it's fixed. The file ext/modules/payment/paypal/paypal.com.crt was the issue. I've replaced with a updated and now works. If someone could check and if indeed that's the problem that should be replaced with a updated one.

Now for me I can set "Verify SSL" to true and both connection returns success.

Share this post


Link to post
Share on other sites

Thanks @sinopia, that did it and i'm getting success now.  I thought the certs I had were up to date.  I didn't really think about the cert being out of date already.  Everyone should pay attenetion to your post.

 


I'm not really a dog.

Share this post


Link to post
Share on other sites

Maybe you should make a post about the updated Certs for Paypal.  Not everyone follows this but a lot of people use it.  Funny thing is I've been getting orders with verify SLL set to true.


I'm not really a dog.

Share this post


Link to post
Share on other sites

One note on certs that has been a problem with A.net is copying with BOM when it should be no BOM.  Most good editors can flag that and remove it.  I didn't have the problem but someone else ran into that causing failure. 


I'm not really a dog.

Share this post


Link to post
Share on other sites

About the mails I've also fixed it. I've edited those files:

includes/modules/payment/paypal_standard.php
ext/modules/payment/paypal/standard_ipn.php

For those who use mail manager or something like that I commented the tep_mail and done this:

      //tep_mail($order->customer['name'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
      if (file_exists(DIR_WS_MODULES.'mail_manager/order_confirm.php')){
        include(DIR_WS_MODULES.'mail_manager/order_confirm.php'); 
      } else { 
        tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); 
      }

and at includes/modules/mail_manager/order_confirm.php added this to be sure that variables from paypal files:

// Fix for PayPal
if (strpos($order->info['payment_method'], 'PayPal') !== false) {
  $insert_id = $order_id;
}

Now it's sending as it should. 

Share this post


Link to post
Share on other sites

I can confirm on my set up that I needed to add

DigiCert High Assurance EV Root CA
=======================================================
-----BEGIN CERTIFICATE-----
MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
+OkuE6N36B9K
-----END CERTIFICATE-----

DigiCert Global Root G2 (SHA-256)
=======================================================
-----BEGIN CERTIFICATE-----
MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
MrY=
-----END CERTIFICATE-----

to the end of the cert in ext/modules/payment/paypal

Now I get a success when testing ssl connection inside the app

Share this post


Link to post
Share on other sites

Well it's for sure certificate ext/modules/payment/paypal/paypal.com.crt should be updated. 

You will need to ensure that your environment supports the use of the SHA-256 signing algorithm and discontinue the use of SSL connections that rely on the VeriSign G2 Root Certificate.

And also to avoid those warnings __construct() should be used a lot of files for example:

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; OSCOM_PayPal_LOGIN has a deprecated constructor in /home/website/public_html/includes/apps/paypal/modules/LOGIN/LOGIN.php on line 13
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; OSCOM_PayPal_HS has a deprecated constructor in /home/website/public_html/includes/apps/paypal/modules/HS/HS.php on line 13
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; OSCOM_PayPal_EC has a deprecated constructor in /home/website/public_html/includes/apps/paypal/modules/EC/EC.php on line 13
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; OSCOM_PayPal_DP has a deprecated constructor in /home/website/public_html/includes/apps/paypal/modules/DP/DP.php on line 13
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; OSCOM_PayPal_PS has a deprecated constructor in /home/website/public_html/includes/apps/paypal/modules/PS/PS.php on line 13

And much more of this type of warnings. I think that's the only thing that should be updated.

Edited by sinopia

Share this post


Link to post
Share on other sites

Hi,
I'm using PayPal Standard v5.010 -> v5.018 and, from the begining, there is and issue with the subtotal of product (framed in red in the picture) from PayPal Activity Details account.

Registered thus, the subtotal corresponds to the addition of the price of the product + delivery cost (?!?)

Does anybody know how to fix it ?

Thanks.

subtotal_paypal_wrong.jpg

Edited by milerwan

Osc v2.3.4 BS "custom"

Share this post


Link to post
Share on other sites

If you enable the COD module and place an order, does the subtotal show the same way?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×