Page 3 of 5
Re: No order after payment
Posted: Sun Aug 09, 2009 8:01 am
by Daniel
RaymondBeaudoin wrote:Daniel wrote:you don't need to explain about no email or product quanitiy. just say the order is not there.
Check if your server has curl enabled.
CURL is the first method that is tried to contact PayPals server. fsocket is the second method.
if both are blocked then you are stuffed.
please post a link to your site.
My site is
http://jennysgems.com
I have checked and curl is enabled. Did a second test just to make sure, same issue.
I knwo why!!!!
remove the ' from your store name!
Re: No order after payment
Posted: Sun Aug 09, 2009 8:09 am
by RaymondBeaudoin
There must be some other way! Some safe way of using it on the main pages? Without the ' it looks so wrong. Is there any way I can hardcode the apostrophe into all of the main pages, email and such?
Would this be of any help?
http://www.wallpaperama.com/forums/how- ... -t514.html
I see in the settings database where the site name is kept.
Re: No order after payment
Posted: Sun Aug 09, 2009 8:32 am
by Daniel
you only need to remove it from the paypal part.
i'm looking into this now.
its not actually the ' that is the problem its that it gets turned into '
i will come up with a solution for the next release.
Re: No order after payment
Posted: Sun Aug 09, 2009 8:41 am
by RaymondBeaudoin
Alrighty, well thanks! Let me know if you get the code, I would more than appreciate it! My sitename without an apostrophe is just not right!
Also, I found an interesting note on the MySQL forums.
Refer your developer to the documentation on mysql_real_escape_string(), a PHP function that helps to make sure strings have the correct \ characters to avoid this problem.
See:
http://www.php.net/mysql_real_escape_string
If you use PHP 5, you have another choice. You can bind PHP variables to SQL query parameters in a prepared query. This is an even better way to avoid problems of apostrophes in strings, because you don't have to use \ at all. But it requires the "mysqli" functions in PHP 5; it doesn't work with the "mysql" functions.
See:
http://www.php.net/manual/en/function.m ... repare.php
Regards,
Bill K.
Apparently the mysql_real_escape_string() may lead to sql injections though.
http://us2.php.net/mysql_real_escape_string
Anyways, I am sure you already know, but just in case!
Re: No order after payment
Posted: Sun Aug 09, 2009 9:03 am
by Daniel
actually its to stop cross site scripting attacks.
but if you want it fixed you can do this;
$this->data['item_name'] = html_entity_decode($this->config->get('config_store'), ENT_QUOTES, 'UTF-8');
in the catalog/controller/payment/paypal
Re: No order after payment
Posted: Sun Aug 09, 2009 9:27 am
by RaymondBeaudoin
Well I sent it another order, but it didn't show in the system. I added the specified code to pp_standard.php.
Sandbox said everything finished, but nothing on my side. I must really be screwing something up.
Edit: I removed the apostrophe from the site and tried a test purchase, but nothing showed after the purchase. No order again. So even without the apostrophe it is not communicating properly.
I did check curl and all..
phinx:~# apt-get install php5-curl
Reading package lists... Done
Building dependency tree
Reading state information... Done
php5-curl is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 22 not upgraded.
sphinx:~#
Re: No order after payment
Posted: Sun Aug 09, 2009 9:57 am
by Daniel
pm me your admin and ftp login details.
Re: No order after payment
Posted: Sun Aug 09, 2009 10:27 am
by RaymondBeaudoin
Done and thanks again!
Re: No order after payment
Posted: Sun Aug 09, 2009 2:26 pm
by Qphoria
Ok, now out of 4 customers today.. 3 of them had no status but had successful payments. I have my authorize.net module which uses fsock and my usps module which uses curl on this same site, So I know there is no blocking problem there. I'm using the new code you posted.
I'll debug a bit in the morning.
Re: No order after payment
Posted: Sun Aug 09, 2009 7:55 pm
by Leon
Would it help for me to post the contents of the old paypal files that i used to use on my old shopping cart?
I'll do so anyway:
transfer.inc.php
Code: Select all
<?php
/*
+--------------------------------------------------------------------------
| transfer.php
| ========================================
| Core functions for the PayPal Gateway
+--------------------------------------------------------------------------
*/
/*
//////////////////////////
// PAYPAL GATEWAY
//////////////////////////
// L@@K AT ALL THE LOVELY
// VARIABLES WE HAVE TO
// PLAY WITH!!
//////
//////////////////////////
// IN THE REPEATED REGION
//////
$orderInv['productId'] - product id as an integer
$orderInv['name'] - product name as a varchar
$orderInv['price'] - price of each product (inc options)
$orderInv['quantity'] - quantity of products as an integer
$orderInv['product_options'] - products attributes as test
$orderInv['productCode'] - product code as a varchar
$i - This is the current incremented integer starting at 0
/////////////////////////
// FIXED VARS
///////
$cart_order_id - cart order id as a varchar
$ccUserData[0]['email'] - Customers email address
$ccUserData[0]['title'] - Customers title (Mr Miss etc...)
$ccUserData[0]['firstName'] - Customers first name
$ccUserData[0]['lastName'] - Customers last name
$ccUserData[0]['add_1'] - Invoice Address line 1
$ccUserData[0]['add_2'] - Invoice Address line 1
$ccUserData[0]['town'] - Invoice Town or city
$ccUserData[0]['county'] - Invoice County or state
$ccUserData[0]['postcode'] - Invoice Post/Zip Code
$ccUserData[0]['country'] - Invoice country Id we can look up the country name like this
countryName($ccUserData[0]['country']);
$ccUserData[0]['phone'] - Contact phone no
$ccUserData[0]['mobile'] - Mobile/Cell phone number
$basket['delInf']['title'] - Delivery title (Mr Miss etc...)
$basket['delInf']['firstName'] - Delivery customers first name
$basket['delInf']['lastName'] - Delivery customers last name
$basket['delInf']['add_1'] - Delivery Address line 1
$basket['delInf']['add_2'] - Delivery Address line 1
$basket['delInf']['town'] - Delivery Town or city
$basket['delInf']['county'] - Delivery County or state
$basket['delInf']['postcode'] - Delivery Post/Zip Code
$basket['delInf']['country'] - Delivery country Id we can look up the country name like this
countryName($basket['delInf']['country']);
$basket['subTotal'] - Order Subtotal (exTax and Shipping)
$basket['grandTotal'] - Basket total which has to be paid (inc Tax and Shipping).
$basket['tax'] - Total tax to pay
$basket['shipCost'] - Shipping price
////////////////////////////////////////////////////////
*/
$module = fetchDbConfig("PayPal");
function repeatVars(){
return FALSE;
}
function fixedVars(){
global $module, $basket, $ccUserData, $cart_order_id, $config, $GLOBALS;
$amount = sprintf("%.2f",$basket['subTotal']+$basket['tax']);
$hiddenVars = "<input type='hidden' name='cmd' value='_xclick' />
<input type='hidden' name='business' value='".$module['email']."' />
<input type='hidden' name='item_name' value='Cart Order No: ".$cart_order_id."' />
<input type='hidden' name='item_number' value='".$cart_order_id."' />
<input type='hidden' name='amount' value='".$amount."' />
<input type='hidden' name='shipping' value='".$basket['shipCost']."' />
<input type='hidden' name='invoice' value='".$cart_order_id."' />
<input type='hidden' name='first_name' value='".$ccUserData[0]['firstName']."' />
<input type='hidden' name='last_name' value='".$ccUserData[0]['lastName']."' />
<input type='hidden' name='currency_code' value='".$config['defaultCurrency']."' />
<input type='hidden' name='address1' value='".$ccUserData[0]['add_1']."' />
<input type='hidden' name='address2' value='".$ccUserData[0]['add_2']."' />
<input type='hidden' name='city' value='".$ccUserData[0]['town']."' />
<input type='hidden' name='state' value='".$ccUserData[0]['county']."' />
<input type='hidden' name='zip' value='".$ccUserData[0]['postcode']."' />
<input type='hidden' name='day_phone_a' value='".$ccUserData[0]['phone']."' />
<input type='hidden' name='add' value='1' />
<input type='hidden' name='rm' value='2' />
<input type='hidden' name='no_note' value='1' />
<input type='hidden' name='upload' value='1' />";
if($module['method']=="std"){
$hiddenVars .="<input type='hidden' name='return' value='".$GLOBALS['storeURL']."/confirmed.php?act=conf&oid=".base64_encode($cart_order_id)."' />\r\n
<input type='hidden' name='cancel_return' value='".$GLOBALS['storeURL']."/confirmed.php?act=conf&f=1&oid=".base64_encode($cart_order_id)."' />";
}
return $hiddenVars;
}
function success(){
global $db, $glob, $module, $basket;
if($module['method']=="std"){
if( (base64_decode($_GET['oid']) == $basket['cart_order_id']) && !isset($_GET['f']) ) {
return TRUE;
} else{
return FALSE;
}
} elseif($module['method']=="ipn") {
############################################################################################
// Following line updated for Sir William's PayPal AutoReturn Fix
// $result = $db->select("SELECT status FROM ".$glob['dbprefix']."CubeCart_order_sum WHERE cart_order_id = ".$db->mySQLSafe($basket['cart_order_id']) );
$result = $db->select("SELECT status FROM ".$glob['dbprefix']."CubeCart_order_sum WHERE sec_order_id = ".$db->mySQLSafe($_GET['tx']) );
############################################################################################
if($result[0]['status']==2){
return TRUE;
} else {
return FALSE;
}
}
}
///////////////////////////
// Other Vars
////////
if($module['testMode']==1){
$formAction = "https://www.sandbox.paypal.com/cgi-bin/webscr";
$formMethod = "post";
$formTarget = "_self";
} else {
$formAction = "https://www.paypal.com/cgi-bin/webscr";
$formMethod = "post";
$formTarget = "_self";
}
if($module['method']=="std"){
$transfer = "auto";
$stateUpdate = TRUE;
} else {
$transfer = "auto";
$stateUpdate = FALSE;
}
?>
ipn.php
Code: Select all
<?php
/*
+--------------------------------------------------------------------------
| ipn.php
| ========================================
| IPN for the PayPal Gateway
+--------------------------------------------------------------------------
*/
include("../../../includes/ini.inc.php");
include("../../../includes/global.inc.php");
require_once("../../../classes/db.inc.php");
$db = new db();
include_once("../../../includes/functions.inc.php");
$config = fetchDbConfig("config");
include_once("../../../language/".$config['defaultLang']."/lang.inc.php");
include("../../../includes/currencyVars.inc.php");
$module = fetchDbConfig("PayPal");
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
if($module['testMode']==1){
$ipnUrl = "www.sandbox.paypal.com";
} else {
$ipnUrl = "www.paypal.com";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ($ipnUrl, 80, $errno, $errstr, 30);
if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
$fail = FALSE;
$summary = $db->select("SELECT prod_total, comments FROM ".$glob['dbprefix']."CubeCart_order_sum WHERE cart_order_id = ".$db->mySQLsafe($_POST['invoice']));
// check the payment_status is Completed
if($_POST['payment_status']!=="Completed"){
$fail = TRUE;
// add auto paypal status to comments of order
$ppComment = "";
switch($_POST['payment_status']){
case "Canceled_Reversal":
$ppComment = "Canceled Reversal - This means a reversal has been canceled; for example, you, the merchant, won a dispute with the customer and the funds for the transaction that was reversed have been returned to you.";
break;
case "Denied":
$ppComment = "Denied - You, the merchant, denied the payment. This will only happen if the payment was previously pending due to one of the following pending reasons.";
break;
case "Failed":
$ppComment = "Failed - The payment has failed. This will only happen if the payment was attempted from your customer’s bank account.";
break;
case "Pending":
$ppComment = "Pending - The payment is pending; see the pending_reason variable for more information. Please note, you will receive another Instant Payment Notification when the status of the payment changes to
\"Completed,\" \"Failed,\" or
\"Denied.\"";
break;
case "Refunded":
$ppComment = "Refunded - You, the merchant, refunded the payment.";
break;
case "Reversed":
$ppComment = "Reversed - This means that a payment was reversed due to a chargeback or other type of reversal. The funds have been debited from your account balance and returned to the customer. The reason for the reversal is given
by the reason_code variable.";
break;
default:
$ppComment = "Unspecified Error.";
break;
}
if(empty($summary[0]['comment'])){
$updateComment['comment'] = "PayPal Comment: ".$ppComment;
} else {
$updateComment['comment'] = $summary[0]['comment']."\r\n\r\nPayPal Comment: ".$ppComment;
}
$update = $db->update($glob['dbprefix']."CubeCart_order_sum", $updateComment,"cart_order_id=".$db->mySQLSafe($_POST['invoice']));
}
// check that txn_id has not been previously processed
$txn_id = $db->select("SELECT * FROM ".$glob['dbprefix']."CubeCart_order_sum WHERE sec_order_id = ".$db->mySQLsafe($_POST['txn_id']));
if($txn_id == TRUE){
$fail = TRUE;
} else {
$updateOrderTxn['sec_order_id'] = $db->mySQLSafe($_POST['txn_id']);
$update = $db->update($glob['dbprefix']."CubeCart_order_sum", $updateOrderTxn,"cart_order_id=".$db->mySQLSafe($_POST['invoice']));
}
// check that receiver_email is your Primary PayPal email
if($_POST['receiver_email']!==trim($module['email'])){
$fail = TRUE;
}
// make sure amount paid is same as in database
if($_POST['mc_gross']!==$summary[0]['prod_total']){
$fail = TRUE;
}
// process payment
if($fail==FALSE){
$cart_order_id = $_POST['invoice'];
include("../../../includes/orderSuccess.inc.php");
}
} elseif (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
?>
Re: No order after payment
Posted: Sun Aug 09, 2009 7:56 pm
by Leon
orderSucess.inc.php
Code: Select all
<?php
/*
+--------------------------------------------------------------------------
| orderSuccess.inc.php
| ========================================
| Fulfill the order
+--------------------------------------------------------------------------
*/
if (eregi(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || eregi(".inc.php",$_SERVER['PHP_SELF'])) {
echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
exit;
}
$cart_order_id = treatGet($cart_order_id);
// get exchange rates etc
if(isset($cart_order_id) && !empty($cart_order_id)){
// build thank you and confirmation email
include_once($glob['rootDir']."/classes/htmlMimeMail.php");
$mail = new htmlMimeMail();
// update order status to payment received
$data['status'] = 2;
$update = $db->update($glob['dbprefix']."CubeCart_order_sum", $data,"cart_order_id=".$db->mySQLSafe($cart_order_id));
$query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_order_sum INNER JOIN ".$glob['dbprefix']."CubeCart_customer ON ".$glob['dbprefix']."CubeCart_order_sum.customer_id = ".$glob['dbprefix']."CubeCart_customer.customer_id WHERE ".$glob['dbprefix']."CubeCart_order_sum.cart_order_id = ".$db->mySQLSafe($cart_order_id);
$order = $db->select($query);
include_once($glob['rootDir']."/includes/currencyVars.inc.php");
$text = sprintf($lang['front']['orderSuccess']['inv_email_body_1'],
$order[0]['name'],
$cart_order_id,
formatTime($order[0]['time']),
$order[0]['name'],
priceFormat($order[0]['subtotal']),
priceFormat($order[0]['total_ship']),
priceFormat($order[0]['total_tax']),
priceFormat($order[0]['prod_total']),
$order[0]['name'],
$order[0]['add_1'],
$order[0]['add_2'],
$order[0]['town'],
$order[0]['county'],
$order[0]['postcode'],
countryName($order[0]['country']),
$order[0]['name_d'],
$order[0]['add_1_d'],
$order[0]['add_2_d'],
$order[0]['town_d'],
$order[0]['county_d'],
$order[0]['postcode_d'],
$order[0]['country_d'],
str_replace("_"," ",$order[0]['gateway']),
str_replace("_"," ",$order[0]['shipMethod']));
if(!empty($order[0]['customer_comments'])){
$text .= sprintf($lang['front']['orderSuccess']['inv_email_body_2'],
$order[0]['customer_comments']);
}
$text .= $lang['front']['orderSuccess']['inv_email_body_3'];
$products = $db->select("SELECT * FROM ".$glob['dbprefix']."CubeCart_order_inv WHERE cart_order_id = ".$db->mySQLSafe($cart_order_id));
if($products==TRUE){
for($i=0;$i<count($products); $i++){
// if the product isn't digital we need to lower the stock if not done so already ;)
$useStock = $db->select("SELECT useStockLevel FROM ".$glob['dbprefix']."CubeCart_inventory WHERE productId = ".$db->mySQLSafe($products[$i]['productId']));
if($products[$i]['digital']==0 && $useStock[0]['useStockLevel']==1 && $products[$i]['stockUpdated']==0){
$query = "UPDATE ".$glob['dbprefix']."CubeCart_inventory SET stock_level = stock_level - ".$products[$i]['quantity']." WHERE productId = ".$products[$i]['productId'];
$update = $db->misc($query);
$query = "UPDATE ".$glob['dbprefix']."CubeCart_order_inv SET stockUpdated = 1 WHERE productId = ".$products[$i]['productId']." AND product_options = '".$products[$i]['product_options']."' AND cart_order_id = '".$products[$i]['cart_order_id']."'";
$update = $db->misc($query);
}
$text .= sprintf($lang['front']['orderSuccess']['inv_email_body_4'],
$products[$i]['name']);
if(!empty($products[$i]['product_options'])){
$text .= sprintf($lang['front']['orderSuccess']['inv_email_body_5'],
str_replace(array("\r","\n")," ",$products[$i]['product_options']));
}
$text .= sprintf($lang['front']['orderSuccess']['inv_email_body_6'],
$products[$i]['quantity'],
$products[$i]['productCode'],
priceFormat($products[$i]['price']));
}
}
if(isset($emailText) && !empty($emailText)) {
$text .= sprintf($lang['front']['orderSuccess']['inv_email_body_7'],$emailText);
}
$mail->setText($text);
$mail->setReturnPath($config['masterEmail']);
$mail->setFrom($config['masterName'].' <'.$config['masterEmail'].'>');
$mail->setSubject($lang['front']['orderSuccess']['inv_email_subject'].$cart_order_id);
$mail->setHeader('X-Mailer', 'CubeCart Mailer');
$send = $mail->send(array($order[0]['email']), $config['mailMethod']);
// Send Email To Access the Digital Download IF Applicable ;o)
$digitalProducts = $db->select("SELECT * FROM ".$glob['dbprefix']."CubeCart_Downloads INNER JOIN ".$glob['dbprefix']."CubeCart_inventory ON ".$glob['dbprefix']."CubeCart_Downloads.productId = ".$glob['dbprefix']."CubeCart_inventory.productId WHERE cart_order_id = ".$db->mySQLSafe($cart_order_id));
if($digitalProducts == TRUE){
$mail = new htmlMimeMail();
// build email with access details
$text = sprintf($lang['front']['orderSuccess']['digi_email_body1'],
$order[0]['name'],
$cart_order_id,
formatTime($order[0]['time']),
formatTime($digitalProducts[0]['expire']),
$config['dnLoadTimes']);
for($i=0;$i<count($digitalProducts); $i++){
$text .= sprintf($lang['front']['orderSuccess']['digi_email_body2'],
$digitalProducts[$i]['name'],
$glob['storeURL'],
$digitalProducts[$i]['productId'],
base64_encode($cart_order_id),
$digitalProducts[$i]['accessKey']);
}
$mail->setText($text);
$mail->setReturnPath($config['masterEmail']);
$mail->setFrom($config['masterName'].' <'.$config['masterEmail'].'>');
$mail->setSubject($lang['front']['orderSuccess']['digi_subject'].$cart_order_id);
$mail->setHeader('X-Mailer', 'CubeCart Mailer');
$send = $mail->send(array($order[0]['email']), $config['mailMethod']);
}
// empty basket
$emptyBasket['basket'] = "''";
$where = "basket LIKE '%".$cart_order_id."%'";
$delete = $db->update($glob['dbprefix']."CubeCart_sessions",$emptyBasket ,$where);
}
?>
Re: No order after payment
Posted: Mon Aug 10, 2009 1:10 am
by Qphoria
Daniel,
With the new code, it doesn't seem to trigger the final order status.
All my orders are still set to "Pending" but when the payment is confirmed, I have them set to "Complete".
This worked with the original 1.3.0 code, but not with the new code from above.
I'll debug it today.
Re: No order after payment
Posted: Mon Aug 10, 2009 5:11 am
by Daniel
RaymondBeaudoin wrote:Done and thanks again!
Ok I just got your site working!
what happened was when you copied and pasted the new class into your paypal class it left big spaces down the side of the whole class.
I removed the spaces and it now seems to work.
Re: No order after payment
Posted: Mon Aug 10, 2009 5:23 am
by RaymondBeaudoin
Thank you! It looks absolutely perfect! I really appreciate it, and I will just have to live without the apostrophe for now!
Thanks again!
Re: No order after payment
Posted: Mon Aug 10, 2009 9:39 pm
by Unknown
Daniel wrote:this shoudl fix peoples problems.
only use it if you are using 1.3.0
Code: Select all
<?php
class ControllerPaymentPPStandard extends Controller {
protected function index() {
$this->data['button_confirm'] = $this->language->get('button_confirm');
$this->data['button_back'] = $this->language->get('button_back');
if (!$this->config->get('pp_standard_test')) {
$this->data['action'] = 'https://www.paypal.com/cgi-bin/webscr';
} else {
$this->data['action'] = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
}
$this->load->model('checkout/order');
$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
$this->data['business'] = $this->config->get('pp_standard_email');
$this->data['item_name'] = html_entity_decode($this->config->get('config_store'));
$this->data['currency_code'] = $order_info['currency'];
$this->data['amount'] = $this->currency->format($order_info['total'], $order_info['currency'], $order_info['value'], FALSE);
$this->data['first_name'] = $order_info['payment_firstname'];
$this->data['last_name'] = $order_info['payment_lastname'];
$this->data['address1'] = $order_info['payment_address_1'];
$this->data['address2'] = $order_info['payment_address_2'];
$this->data['city'] = $order_info['payment_city'];
$this->data['zip'] = $order_info['payment_postcode'];
$payment_address = $this->customer->getAddress($this->session->data['payment_address_id']);
$this->data['country'] = $payment_address['iso_code_2'];
$this->load->library('encryption');
$encryption = new Encryption($this->config->get('config_encryption'));
$this->data['notify_url'] = $this->url->http('payment/pp_standard/callback&order_id=' . $encryption->encrypt(urlencode($this->session->data['order_id'])));
$this->data['email'] = $order_info['email'];
$this->data['invoice'] = $this->session->data['order_id'] . ' - ' . $order_info['payment_firstname'] . ' ' . $order_info['payment_lastname'];
$this->data['lc'] = $this->language->getCode();
if (!$this->config->get('pp_standard_transaction')) {
$this->data['paymentaction'] = 'authorization';
} else {
$this->data['paymentaction'] = 'sale';
}
$this->data['return'] = $this->url->https('checkout/success');
$this->data['cancel_return'] = $this->url->https('checkout/payment');
$this->data['back'] = $this->url->https('checkout/payment');
$this->id = 'payment';
$this->template = $this->config->get('config_template') . 'payment/pp_standard.tpl';
$this->render();
}
public function callback() {
$this->load->library('encryption');
$encryption = new Encryption($this->config->get('config_encryption'));
if (isset($this->request->get['order_id'])) {
$order_id = $encryption->decrypt(urldecode($this->request->get['order_id']));
} else {
$order_id = 0;
}
$this->load->model('checkout/order');
$order_info = $this->model_checkout_order->getOrder($order_id);
if ($order_info) {
$request = 'cmd=_notify-validate';
foreach ($this->request->post as $key => $value) {
$request .= '&' . $key . '=' . urlencode(stripslashes($value));
}
if (function_exists('curl_exec')) {
if (!$this->config->get('pp_standard_test')) {
$ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
} else {
$ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr');
}
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $request);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = curl_exec($ch);
if (strcmp($response, 'VERIFIED') == 0) {
$this->model_checkout_order->confirm($order_id, $this->config->get('config_order_status_id'));
}
curl_close($ch);
} else {
$header = 'POST /cgi-bin/webscr HTTP/1.0' . "\r\n";
$header .= 'Content-Type: application/x-www-form-urlencoded' . "\r\n";
$header .= 'Content-Length: ' . strlen(utf8_decode($request)) . "\r\n\r\n";
$header .= 'Connection: close' ."\r\n\r\n";
if (!$this->config->get('pp_standard_test')) {
$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
} else {
$fp = fsockopen('www.sandbox.paypal.com', 80, $errno, $errstr, 30);
}
if ($fp) {
fputs($fp, $header . $request);
while (!feof($fp)) {
$response = fgets($fp, 1024);
if (strcmp($response, 'VERIFIED') == 0) {
$this->model_checkout_order->confirm($order_id, $this->config->get('pp_standard_order_status_id'));
switch($this->request->post['payment_status']){
case 'Completed':
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_id'), '', TRUE);
break;
case 'Canceled_Reversal':
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_canceled_reversal_id'), '', TRUE);
break;
case 'Denied':
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_denied_id'), '', TRUE);
break;
case 'Failed':
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_failed_id'), '', TRUE);
break;
case 'Pending':
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_pending_id'), '', TRUE);
break;
case 'Refunded':
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_refunded_id'), '', TRUE);
break;
case 'Reversed':
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_reversed_id'), '', TRUE);
break;
default:
$this->model_checkout_order->update($order_id, $this->config->get('pp_standard_order_status_unspecified_id'), '', TRUE);
break;
}
}
}
fclose($fp);
}
}
}
}
}
?>
What file does this go in? And is it just a case of copying and pasting over the original code?
Re: No order after payment
Posted: Mon Aug 10, 2009 10:02 pm
by Leon
Unknown wrote:What file does this go in? And is it just a case of copying and pasting over the original code?
Yeah, replace the code in pp_standard.php with that code.
Re: No order after payment
Posted: Tue Aug 11, 2009 10:44 pm
by Qphoria
Ok, after trying the new code for the past 2 days, the amount of errorneous order states has increased and the final order status doesn't trigger anymore. So I'm going back to the original v130 version.
I have added fpsock error handling debugging so I will try to catch any problems that are occurring.
Re: No order after payment
Posted: Tue Aug 11, 2009 10:54 pm
by Daniel
did you remove the spaces at the side of the page when you copy and past the code fromt he forum?
Re: No order after payment
Posted: Tue Aug 11, 2009 11:37 pm
by Leon
Since the new code, i haven't had any dodgy orders
Re: No order after payment
Posted: Tue Aug 11, 2009 11:49 pm
by Qphoria
Daniel wrote:did you remove the spaces at the side of the page when you copy and past the code fromt he forum?
I'll try to be modest, but cmon.. It's me ... Qphoria!
Anyway, I've figured out the problem... the encryption class
I have "xyz123" set for my encryption code
I added a fwrite under the callback function to log some of the data. Then I ran through the order process multiple times.
This is what is being returned by the notify_url $_GET for the encrypted order id.
------- August 11, 2009, 10:19 am -------
ZK y
------- August 11, 2009, 10:22 am -------
Zmlj
------- August 11, 2009, 10:27 am -------
ZLCr
------- August 11, 2009, 10:29 am -------
ZLCs
------- August 11, 2009, 10:33 am -------
ZD k
In the 2 cases where there was a "space" in the encrypted order id, the script dies when it reaches this line:
$order_id = $encryption->decrypt(@$this->request->get['order_id']);
Which tells me the encryption class threw an error and stopped the script.
This would never be seen since its the background ipn process.