Jump to content
Sign in to follow this  
osmosis

PayPal IPN v0.98 for Milestone 2 released!

Recommended Posts

I found that one of them was someone who got to the payment screen and didn't to order anymore so they just closed it.

 

Two others the paypal payment went throught, the contrib just didn't change the status. Dunno about the last one. They finally just sent me the money the old fashion way


Sean Hull

Share this post


Link to post
Share on other sites

Am I missing something, or is there a massive security hole in this module?

 

Try this:

 

- Checkout using IPN, you're redirected to PayPal.

- Modify the URL visible while you're at PayPal - change the cost of the item that you're purchasing to $0.01, then resubmit the URL.

- Complete payment through PayPal

 

PayPal IPN dutifully sends a "payment verified" message to the IPN module on your site. If you've set the IPN module to change the order status, the order status will be changed, although the user has only paid $0.01 for the order.

 

Seems that the IPN module checks only that Paypal has said VERIFIED and that there's an order number that it recognizes - it does not check that the AMOUNT VERIFIED by PayPal is equal to the amount owing on the order.

 

Please tell me I'm doing something wrong. Such a glaring oversight is beyond comprehension.

 

Fortunately, it shouldn't be too much work to fix it. Doing something sensible with these bogus orders (alerting administrator, notifying customer that they underpaid, etc...) would be useful, too.

 

This is paypal IPN v0981_for_milestone_2, BTW.

Share this post


Link to post
Share on other sites

Hi,

 

 

I've just (had to) upgrade from MS1 to MS2 and to get around the fact that hardly anyone managed to press CONTINUE in paypal and actually enter their order with Oscommerce, I installed paypalipn v0.98.

 

This has indeed brought its own set of problems. First up, I just tried amending the amount in the URL payment screen but I couldn't as it wasn't shown. I guess the "security hole" mentioned in a previous post can be fixed be reconfiguring either paypal IPn or oscommerce.

 

But I am getting many "paypal processing" orders. So far, I have managed to ascertain that anyone who doesn't complete the paypal payment but gets as far as the paypal screen gets shown as "paypal processing". Its just now a case of figuring out why so many people don't complete and what can be done about it. So here's where I am:

 

 

1) I added a warning on the payment method selection screen like this (in includes/languages/english/modules/payment/paypalipn.php I think):

 

PayPal IPN (Credit/Debit Cards Accepted **REQUIRES PAYPAL ACCOUNT TO BE SETUP) to warn folks that they will have to fillout another form and open another account. Loads of customers seem to resent doing this, so I figure all best warn them it is going to happen.

 

2) I minimised the information required to open an account in Oscommerce (admin -> mystore), streamlining the process as much as possible. With this in mind, I am trying to pass as much account information to paypal as possible, meaning that when a new customers hits "CLICK HERE" (for new paypal customers) as much of there account data is pre-filled. Obviously, matching your Oscommerce account setup to the paypal account setup is a good idea. This appears to be done in paypalipn.php.... I added

 

."&address2=".urlencode($order->customer['suburb'])

 

to the tep_redirect block at the end of the page and it quite happily passes over the suburb from oscommerce to paypal where it is known as "address2"

 

And here is where I could do with a little help. My store is based in the UK and there are two items I would like to force paypal to recognize/accept. The first is country. It is now, at least, obvious that non_US customers have to slect country, but if there was a way to pass country from Oscommerce to Paypal it would save customers time (a good thing). I haven't yet figured out a way to make this happen. Any help would be apprecciated.

 

The next (and probably more serious) customer tripping hazard is the phone number country code. As only 50% of customers pay attention enough to read what is required, most of them attempt to put their area code into the country code field. I'd imagine that lots of people have no idea what their country code is anyway. If it was possible to prefill this field also, it would cut down on people trying several times and getting error messages from paypal which they don't understand, and then ultimately giving up.

 

Anyway, thats where I'm up to with PaypalIPN. If anyone has any solutions to my two problems (or ideas) then I look forward to hearing them....

 

 

Cheers

 

 

 

Andy

 

 

ps: I did used to use "order logging before payment" and we had huge quantities of non-completions. I think that PaypalIPN shows up these, my point being that its not PaypalIPN thats at fault, it the customer inconvenience factor of using paypal thats to blame. Oh if only Worldpay weren't such a bunch of *******s! (My experience only)

Share this post


Link to post
Share on other sites

found a guide to pre_populating account setup at

 

prepopulate paypal account setup

 

I managed to add the country althoufgh it is hard-coded rather than taken from the customers details.....again I inserted

 

."&lc=".urlencode("GB")

 

into the tep_redirect block at the end of paypalipn.php...

 

I am still strugging to pass in the telephone country code wjhich would help greatly, and also email address.....

 

Cheers

 

 

Andy

Share this post


Link to post
Share on other sites

and this adds customers email....add in the same place as previous post.

 

NB: hardcoded country code again. (And paypal won't reproduce the phone number if part a or b is missing)

 

."&night_phone_a="."44"."&night_phone_b=".$order->customer['telephone']

 

 

Still can't get the email address field to prepopulate, although it should as far as i can see.....

Share this post


Link to post
Share on other sites

I'm using 2.2ms2 with PayPal IPN v0.981 and:

 

All my orders are left at "PayPal Processing"

A TXN Id is not created

The shopping cart is not emptied

No email is sent to the customer from the store

 

The transactions ARE successful because Paypal emails both the store and the customer and debits and credits the right amounts. I have been trying to solve this for the last 2 days and having found this thread can see that someone with similar problems back in August did not appear to get an answer.

I assumed (always a mistake) that Paypal IPN would be a working contribution? If so what I am doing wrong? I have this one problem to solve to get a live site.

I have checked the addresses in osCommerce and in Paypal are set to paypal_notify.php and it seems to make no difference whether or not cURL is enabled.

 

If all else fails who would you recommend as a card processor, with an interface contribution that I can install?

 

Hoping someone can help please

Share this post


Link to post
Share on other sites

i get an error when doing the test:

 

TEST IPN Processed for order #5463461064 - You have an error in your SQL syntax near '' at line 1

 

delete from customers_basket where customers_id=

 

[TEP STOP]

 

whats this mean?

Share this post


Link to post
Share on other sites
Can someone at least confirm they have a working version. At least then I know the problem is with my installation in some way?

Thanks

Can someone at least confirm they have a working version.  At least then I know the problem is with my installation in some way?

 

mine works!

 

there are problems, but I don't think they are with paypalipn module...

 

(see my earlier posts)

Share this post


Link to post
Share on other sites

I'm still doing that "customer research" into paypalipn "paypal processing" failures, and I've found two more reasons as follows:

 

1) The Customer cancelled the order as they didn't know VAT (SALES TAX) was going to be added. This was easily rectified to ensure that paypalipn didn't display tax separately in the admin section

 

2) The Customer arrives at the payal screen and creates themselves a password in the section for existing PAYPAL customers, managing to be completely oblivious of the "CLICK HERE IF YOU HAVE NEVER PAID BY PAYPAL" button. This send them in circles unsurprisingly, and results in failed orders. Not sure how to resolve this one as it is purely down to people not reading anything presented to them.... might sign my site us as an IQ testing forum instead of a shop!

Share this post


Link to post
Share on other sites

Agreed, after some research into the matters, that is exactly what happened here. People either got to that point and canceled, or they realized they didn't have an account and didn't go about getting a new one with proper way.


Sean Hull

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~`Make sure you set up correctly the notify_url parameter in the Payment Module.

This is done from your osCommerce Admin->Modules->Payment->PayPal IPN->notify_url

By default it is prefilled with the "guessed" location of the paypal_notify.php file, but you

have to make sure of that.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

 

I see the instructions telling that we had to add in an URL, but I HAVE no place to add the URL on my IPN???

 

Is this something that I need to get from my client with the login AT Paypal.com to finish.????

 

or did something bork up in the install??

 

Also

If I disable the native module for Paypal, I have NO options at all? I disabled it when I read several posts by people that it shouldnt be running alongside the IPN Module

 

ugh

Edited by Tariq

One of these days, I will actually understand what I just changed...

 

But reading the Manual DEFINATELY helps...

Share this post


Link to post
Share on other sites

and that last paragraph should read with these edits..

 

I have NO Paypal payment options at all? I disabled it when I read several posts by people that it shouldnt be running alongside the IPN Module and now there is no Paypal radio whatsoever, and it says that Auth.net is only payment option.

 

sowwy :(


One of these days, I will actually understand what I just changed...

 

But reading the Manual DEFINATELY helps...

Share this post


Link to post
Share on other sites

Afyter you install the paypalipn module, login to admin->modules->payment->paypalipn ...if you can't login you may need to select the paypalipn module and click install (MS2)... you should then see the Notify URL as 4th entry which you can edit as appropriate...

Share this post


Link to post
Share on other sites

Paypal IPN

Transactions

Send Test IPN

 

That is all I show for it, and when I cllick the IPN itself, it doesn't go anywhere. It stays on the page I am on.

 

There also is no install available, as I said, the page does not alter when I ckick the IPN.

Let me go back though all the steps

bleh...


One of these days, I will actually understand what I just changed...

 

But reading the Manual DEFINATELY helps...

Share this post


Link to post
Share on other sites

Got it :) Missed a step or three trying to do it with no sleep for 26 hours LOL


One of these days, I will actually understand what I just changed...

 

But reading the Manual DEFINATELY helps...

Share this post


Link to post
Share on other sites

Referring back to my problem earlier in this thread:

 

I contacted Pablo, the author of this contribution and...

 

Pablo is the Man!!

 

He contacted me via msn messenger and solved the problem in less than 5 minutes. I would probably never have figured it out.

 

As our site is still under construction I have URL security in place. Remove it and EVERYTHING WORKS FINE

 

This thing has been consuming me for, well for the length of this thread and then some. the store goes live on Sunday

 

Thanks again Pablo :D :D

Share this post


Link to post
Share on other sites

Hey Dave (warrenthewindmill),

 

Glad to see your osc with paypalipn works now! Can you explain what you meant "I have URL security in place. Remove it and EVERYTHING WORKS FINE"? Also do you have to disable your regular paypal payment option in order to use paypalipn? Finally, are your store now live and successfully receiving real orders and payments without any glitches from paypalipn? Thanks for your testimony.

 

KF

Share this post


Link to post
Share on other sites

so many questions so few answers :)

 

i have the same problem a lot of people have been having - the IPN simply doesn't work! the transaction is processed fully by paypal but upon return to the store

 

1. transaction status still says "paypal processing"

2. stock not adjusted

3. no records added to the IPN table in admin

4. cart not emptied

 

this appears to be the same as people before me, but they've apparently solved it with no help from this thread :(

 

5. if i put it into test mode i get the following error (note that after i click on the "test ipn" screen in admin i do not change any of the fields at all, i use whatever defaults are entered) :-

 

Parse error: parse error in /home/storem/public_html/store/paypal_notify.php on line 206

 

can anyone help or direct me to a thread with some answers?

 

I've got cURL turned off, the status is set to be a new status i have created called "Paypal Confirmed", the currencies all seem ok, and the URL in Paypal and OSC is identical - pointing at the same file in my store directory.

 

cheers

Bill

Share this post


Link to post
Share on other sites

oooh possibly solved - thanks to a snippet of code put in this thread by Sharon a few pages back

 

in the ZIP file I downloaded, the paypal_notify.php file had a line (which is about line 206)

 

$sql_data_array = array('orders_status' => $order_status);

 

Sharon's code showed the line to read

 

$sql_data_array = array('orders_status' => MODULE_PAYMENT_PAYPALIPN_ORDER_STATUS_ID);

 

The version of the file in my ZIP is dated 16-07-2003 13:22 - has this been superceded?!

 

I can't think why that line would be different in my file. Still it looks like it is solved now - please note that I was using the copy of the file for those who want to modify their own data, not the one that just overwrites everything. Maybe this zip file didn't have an update done to it?

 

Anyhow the Parse Error Mesg has been replaced by "TEST IPN Processed for order #14"

 

So it looks a bit more promising.

Share this post


Link to post
Share on other sites

oops i'll talk to myself :)

 

It's all working now - all except for it doesn't empty the cart. I'm so close! :rolleyes:

Share this post


Link to post
Share on other sites

Hi,

 

I just installed the latest paypalipn to my store and it showed up the "paypal IPN" payment option. After selecting it and clicking "continue" button, it went to order-confirmation page with the price, tax, shipping, and total info. But, after clicking the "confirm order" button, I got the "This page cannot be found" error! It did not switch to paypal site for making payment. Has anyone experienced this before? Any idea how to fix? Thanks for help.

 

KF

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×