PDA

View Full Version : PayPal Website Payments Standard



oldcelt
08-02-2014, 12:41 AM
The PayPal Website Payments Standard module has the following fields for completion:-

My private key
My public certificate
Paypal's public certificate
My Paypal public certificate ID

I've searched PayPal's website and instructions for ages but I can't find this information. Can somebody please give me a route to the necessary pages?

ridexbuilder
08-02-2014, 09:22 AM
The PayPal Website Payments Standard module has the following fields for completion:-

My private key
My public certificate
Paypal's public certificate
My Paypal public certificate ID

I've searched PayPal's website and instructions for ages but I can't find this information. Can somebody please give me a route to the necessary pages?

Leave blank for Standard - not needed: read the wiki.

oldcelt
08-03-2014, 12:49 AM
Leave blank for Standard - not needed: read the wiki.
Oh, OK, I must have missed that somehow. Can encryption still be used without those fields?

ridexbuilder
08-03-2014, 01:08 AM
Oh, OK, I must have missed that somehow. Can encryption still be used without those fields?
Nope - not for outgoing messages - without enabling it.
Speak to your hosting provider with regards to your own keys. PayPal stuff used to be in Merchant Services/API pages but heck knows where now that they have changed the website.

oldcelt
08-03-2014, 05:35 AM
Nope - not for outgoing messages - without enabling it.
Speak to your hosting provider with regards to your own keys. PayPal stuff used to be in Merchant Services/API pages but heck knows where now that they have changed the website.
PayPal gives a warning on completion of payment that the return is not to a secure address in spite of the fact that I entered the SSL URL in the IPN page of PayPal. Sure enough, it just returns to the standard URL of the catalog provided one ignores PayPal's warning and clicks on the return link. Problem here is that if the buyer is frightened by PayPal's warning and just leaves that tab or closes their browser, the catalog is not updated and their cart isn't emptied. I thought perhaps encryption would solve that problem but I've an idea that there may be a simpler way.

ridexbuilder
08-03-2014, 05:52 AM
Assuming that your SSL is implemented correctly, then it may be that you also have some form of redirection, so that the https is rewritten to http.
This is why 'max code should not interfere with web environments (ref. commented out rubbish in .htaccess).

oldcelt
08-03-2014, 11:46 AM
Assuming that your SSL is implemented correctly, then it may be that you also have some form of redirection, so that the https is rewritten to http.

Thanks - I'll check that out with my hosting provider.

oldcelt
08-05-2014, 12:09 AM
Assuming that your SSL is implemented correctly, then it may be that you also have some form of redirection, so that the https is rewritten to http.
This is why 'max code should not interfere with web environments (ref. commented out rubbish in .htaccess).
Checked my hosting services - nothing is being implemented there.

Isn't this a problem with the call from osCMax to PayPal?

oldcelt
08-07-2014, 12:45 AM
Looking into this more closely, I find PayPal states:
For PayPal Instant Payment Notification (IPN) and Payment Data Transfer (PDT), make sure your script posts back to PayPal over port 443 (https).........
For example, in PHP, you may be set up to post back IPNs for validation with something like this:

$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);

To post back over port 443, change this to:

$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

Now, in osCMax PayPal module we have standard_ipn.php which contains this code:-

if ( (PHP_VERSION >= 4.3) && ($fp = @fsockopen('ssl://' . $server, 443, $errno, $errstr, 30)) ) {
$fsocket = true;
} elseif (function_exists('curl_exec')) {
$curl = true;
} elseif ($fp = @fsockopen($server, 80, $errno, $errstr, 30)) {
$fsocket = true;

However, I cannot find any place in any of the PHP code in the whole of osCMax where the variable $fp is assigned any value!

Can anybody please cast some light on this because if the variable $fp is assigned the value

@fsockopen('ssl://' . $server, 443, $errno, $errstr, 30)
then the return from PayPal should be to an SSL address and that would appear to solve my problem.

Any comments and/or advice gratefully appreciated 'cos I'm confused.

ridexbuilder
08-07-2014, 02:54 AM
Now, in osCMax PayPal module we have standard_ipn.php which contains this code:-

if ( (PHP_VERSION >= 4.3) && ($fp = @fsockopen('ssl://' . $server, 443, $errno, $errstr, 30)) ) {
$fsocket = true;
} elseif (function_exists('curl_exec')) {
$curl = true;
} elseif ($fp = @fsockopen($server, 80, $errno, $errstr, 30)) {
$fsocket = true;


That first line assigns ssl if it is available.

oldcelt
08-07-2014, 04:09 AM
That first line assigns ssl if it is available.
SSL is available and I used the SSL address in IPN setup on paypal as the return address. How can I set up osCMax to send from the SSL address, which it appears not to be doing. Is there a setting in osCMax somewhere where the SSL address can be input?

Thanks for your help - much appreciated.

pgmarshall
08-07-2014, 04:54 AM
Just to be sure can you confirm the version of PHP you are running - I don't think it could possibly be < 4.3 but it is worth checking!

Regards.

oldcelt
08-07-2014, 08:46 AM
Just to be sure can you confirm the version of PHP you are running - I don't think it could possibly be < 4.3 but it is worth checking!

Regards.

Yes, I had checked this. I use Wiserhosting for all my clients (not many shopping carts regrettably) and the PHP version is 5.3.19.
Regards

ridexbuilder
08-07-2014, 03:02 PM
... for all my clients ..
Their Terms of Service makes for interesting reading :|
(I've just had one of those deja vu moments. )
:| :lurk:

oldcelt
08-07-2014, 11:40 PM
Their Terms of Service makes for interesting reading :|
(I've just had one of those deja vu moments. )
:| :lurk:

Sorry, but I didn't understand what you pointing out - assuming you were drawing my attention to something?