Paypal Ipn And Google Recaptcha (Addon From Ecom Labs) Stoped Working

Store Builder Questions
41

Thanks for fix. In this thread

https://forum.cs-cart.com/topic/53445-paypal-express-problem/?fromsearch=1

I have pointed that I am getting 302 on

on HTTP/2.0

"GET /index.php?dispatch=payment_notification.notify&payment=paypal_express&order_id=XXXX&token=EC-XXXXXXXXXXXXXXX&PayerID=XXXXXXXXXX HTTP/2.0" 302

Note that E.Qi.Librium is using 4.3.9 Flow.

There are several differences in the file but it appears this is what CSC added to E.Qi.Librium's file /app/Tygh/http.php:

Find

    /**
     * Parse response contents to split headers
     * @param  string $content response contents
     * @return string contents without headers
     */
    private static function _parseContent($content)
    {
        while (strpos(ltrim($content), 'HTTP/1') === 0) {
            list(self::$_headers, $content) = preg_split("/(\r?\n){2}/", $content, 2);
        }

    return $content;
}</pre>



Replace:


    /**
     * Parse response contents to split headers
     * @param  string $content response contents
     * @return string contents without headers
     */
    private static function _parseContent($content)
    {
        while (strpos(ltrim($content), 'HTTP/1') === 0) {
            list(self::$_headers, $content) = preg_split("/(\r?\n){2}/", $content, 2);
        }

    while (strpos(ltrim($content), 'HTTP/2') === 0) {
        list(self::$_headers, $content) = preg_split("/(\r?\n){2}/", $content, 2);
    }

    return $content;
}</pre>
42

Thanks for fix. In this thread

https://forum.cs-cart.com/topic/53445-paypal-express-problem/?fromsearch=1

I have pointed that I am getting 302 on

on HTTP/2.0

"GET /index.php?dispatch=payment_notification.notify&payment=paypal_express&order_id=XXXX&token=EC-XXXXXXXXXXXXXXX&PayerID=XXXXXXXXXX HTTP/2.0" 302

it seems that the issue has been fixed :

https://forum.cs-cart.com/tracker/issue-7298-paypal-addon-does-not-handle-ipn-because-curl-settings-are-missing-user-agent-header/

43

Note that E.Qi.Librium is using 4.3.9 Flow.

There are several differences in the file but it appears this is what CSC added to E.Qi.Librium's file /app/Tygh/http.php:

Yep, noticed that. Thanks for pointing out the part that fixes the issue :)

44

Just found this thread. I'm experiencing the same paypal issue. Just applied the patch so I'll let you know if it fixes the problem for me too.

45
Thank you everyone for the help/fix with this one! (And especially CS-Cart Support, "E.Qi.Librium" for the modified Http.php file and "The Tool" for making it super easy to find and copy/paste the updated piece of code) Well done!
Teaching/Learning moment: Please correct me if I'm wrong, but it seems like changes on the server (in most cases here, the WHM update) caused the cart to no longer recognize and fully respond to the newer network protocol (HTTP/2) being used. While code was needed in the cart to update this issue of course, the problem did originate during the server update. Am I missing anything here?
46

Hello,

The issue has been fixed, the fix will be included into the next version of CS-Cart
You may want to apply the fix by yourself, since it is available in unified diff format:

https://gist.github.com/incrize/afa73c98348ea82ab3bdb4469e29f371
47

Yeah, that defect affected Recaptha as well. Quite surprised that they didn't generate a service pack for that change since it affects so many merchants.

48

Yeah, that defect affected Recaptha as well. Quite surprised that they didn't generate a service pack for that change since it affects so many merchants.

These changes will be included in the upcoming CS-Cart 4.9.2

49

That doesn't help the merchants that are caught unaware that Recaptcha and Paypal (and probably other responses that use HTTP/2 headers) will now all fail. You've released service packs for issues with far less impact. I had to wait for a customer to report to me to tell me they couldn't checkout or submit a contact-us form. Not good for business..

50

The issue is that Paypal uses Google API's which now use HTTP/2 headers. In addition to PayPal, Google Recaptcha is also broken on cs-cart.

Cs-cart is making the fix available in the next release of cs-cart but has refused to generate a service pack for the current release or an addon that will apply the fix to older versions of V4 cs-cart. You can dig out the patch in bugtracker if you know where to look!

You can install this free addon that will apply the patch on all sites where the app/Tygh/Http.php file exists. It is a free addon and after you install it once, you should uninstall it and throw it away.

You can install it from the URL or download it to your PC and install it as 'local'. The addon should patch all V4 sites that utilize the Http.php module. It will detect if the fix has already been applied or not ans act accordingly.

The URL is: https://ez-ms.com/private/http2_fix_v1.0.zip

I find it extremely annoying that cs-cart did not address this issue for all V4 sites by issuing a security patch type of addon release or to notify customers that this issue exists. It impacts Google Recaptcha as well as PayPal. Hence if you use Recaptcha on checkout, your users won't be able to even get to paypal.

Suggest you install the addon to fix the issue and send cs-cart a nasty-gram for not stepping up to the issue.

51

Weird, my recaptcha kept working, but my geolocation add-on did have issues resulting in error messages (couldn't define location or something like that).

52

Hello,

The issue has been fixed, the fix will be included into the next version of CS-Cart
You may want to apply the fix by yourself, since it is available in unified diff format:

Tested this fix - had around 60 orders paid with paypal, still 2 stayed on open instead of going to processed.

53

Weird, my recaptcha kept working, but my geolocation add-on did have issues resulting in error messages (couldn't define location or something like that).

Could be a regional thing. I.e. maybe the new API's haven't been rolled out to Europe within Google yet (or at least Google Recaptcha sites)? Who knows...

I just find it extremely annoying that cs-cart thinks that all they have to do is fix it in an upcoming release. There are far more cs-cart customer on older releases than there are on the newest. The issue will affect almost everyone running V4 of cs-cart.

54

So whoos fix is better from cs-cart or Tool? I have applied fix from Tool and all seems to be working.




Tested this fix - had around 60 orders paid with paypal, still 2 stayed on open instead of going to processed.

55

Same problem here with open status orders from paypal. Very complicate to manage

56

So whoos fix is better from cs-cart or Tool? I have applied fix from Tool and all seems to be working.

I am thinking about going back to the first fix, because I had another 10 or so open orders this morning that were paid :(

57

If you want to patch, use the diff listed in the bugtracker.

If that is outside your capability/desire/interest, use the addon we built. They both apply the same changes to Http.php. One get done automaticaly when you install the addon, the other you need to insert the code changes.

Note: that the Github fix published by cs-cart is different from the one posted in bugtracker and the one I included in the addon. the addon was built for those who are not comfortable editing php file and/or who simply wanted a quick and easy way to apply the patch.

58

I am thinking about going back to the first fix, because I had another 10 or so open orders this morning that were paid :(


What type of paypal u use? Website payments or express checkout?
59

What type of paypal u use? Website payments or express checkout?

Express - and I don't know what it is, but there are simply days where some payments stay on open. And then all is well for days, and then suddenly the issue is back again....

60

yes, its seems that the fix stopped working