Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Paypal Ipn And Google Recaptcha (Addon From Ecom Labs) Stoped Working Rate Topic   - - - - -

 
  • E.Qi.Librium
  • Senior Member
  • Members
  • Join Date: 05-Sep 09
  • 450 posts

Posted 09 November 2018 - 01:02 PM #1

I know this is far fetched and many will say is a server problem, but from my host they say nothing is going on and I have the following 2 issues since yesterday morning):

 

Paypal IPN communication stopped working, order status remains Open with the message "Accepted, awaiting ipn for processing";

 

Google Recaptcha does not work at all, it states that the code is incorrect or missing and does not even show any images.

 

Does anybody have any idea of what may be going on?

 

Thank you,

Tania


4.3.9  


 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 19685 posts

Posted 09 November 2018 - 01:21 PM #2

Do you have any new records in the server error logs?


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    CS-Cart RU                         24500 руб.
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      CS-Cart RU + UniTheme    36000 руб.


 
  • E.Qi.Librium
  • Senior Member
  • Members
  • Join Date: 05-Sep 09
  • 450 posts

Posted 09 November 2018 - 01:23 PM #3

No errors are shown on the logs, this is a complete mistery

4.3.9  


 
  • Flow
  • Super Duper and Amazingly Sexy Senior
  • Members
  • Join Date: 13-Oct 10
  • 2302 posts

Posted 09 November 2018 - 04:11 PM #4

I'm having the same problem with paypal. All orders stay on open since y-day. Captcha works OK though.


When life hands you lemons, bring on the Tequila baby!


 

Posted 09 November 2018 - 06:04 PM #5

Same here with the "Open" PayPal IPN Order Statuses (and PayPal Express Checkout orders) - I did not test Google Recaptcha yet.  Something to note: if the IPN is not "acting" with the cart, when you do refunds, Full Refunds will not change the order status to "Refunded" automatically and Partial Refunds will not add the refund amount/timestamp note in the "Customer notes" area of the order (if you had it setup that way).

I called PayPal earlier today and they mentioned if you can see the IPN history within PayPal, that means the IPN was sent from their side - mine all seemed ok from what I saw (they also said they did not make any recent changes to the setup). Your PayPal IPN History Link is located at (log in first):

https://www.paypal.c...story&nav=0.3.2

 

Something to note: Our VPS host (GoDaddy) mentioned in a prior e-mail: "We'll be performing maintenance on your server Between Tuesday, November 06, 2018 11:30 PM and Wednesday, November 07, 2018 11:30 PM MST" After these patches were installed is when we most likely started having "Open" Order Status issues occurring with successful payments (in the orders, the payment status is stuck on: Open, when two days ago it would automatically be on: Processing - or Refunded if it was refunded). I first tried rebooting the server, then I tried to tweak the Apache ModSecurity rule settings to allow paypal through just in case, but that did not seem to do anything, assuming I added it correctly.

 

Any thoughts on how to get the IPN working with the cart again?



 
  • ecksjay
  • Newbie
  • Trial users
  • Join Date: 09-Nov 18
  • 1 posts

Posted 09 November 2018 - 07:14 PM #6

Hi.

I wanted to shed some light on this issue as I'm having it with almost any addon that makes any external API request. My addons that are affected are instagram, paypal express and authorize.net

In short, header responses are not being filtered (or properly exploded). 

For example, if you look in the CS-Cart logs, you can see responses such as this Instagram call
 

RL: https://api.instagram.com/v1/users/self
Request: 'access_token=[REMOVED]'
Response: HTTP/2 200 content-type: application/json; charset=utf-8 x-ratelimit-limit: 200 x-ratelimit-remaining: 199 cache-control: private, no-cache, no-store, must-revalidate pragma: no-cache expires: Sat, 01 Jan 2000 00:00:00 GMT vary: Accept-Language, Cookie, Accept-Encoding content-language: en date: Fri, 09 Nov 2018 17:31:28 GMT content-length: 544 strict-transport-security: max-age=60 x-frame-options: SAMEORIGIN content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd; worker-src 'self' https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests x-content-type-options: nosniff x-xss-protection: 0 set-cookie: rur=FTW; Domain=.instagram.com; HttpOnly; Path=/; Secure set-cookie: urlgen="{\"74.80.237.92\": 22241}:1gLAcy:vNlmiMiDVzsRMcxCyc9oxybBlwc"; Domain=.instagram.com; HttpOnly; Path=/; Secure set-cookie: mcd=3; Domain=.instagram.com; expires=Mon, 06-Nov-2028 17:31:28 GMT; Max-Age=315360000; Path=/; Secure set-cookie: csrftoken=chF1Oav3OqH98wVGqrwdcN3zVGIj0zYO; Domain=.instagram.com; expires=Fri, 08-Nov-2019 17:31:28 GMT; Max-Age=31449600; Path=/; Secure {"data": {"id": "1297109755", "username": [removed everything after this] 

The area starting at data { should be the only response. However, header information is coming through. I was able to modify our carts authorizenet_aim.php to match what is coming through to allow us to receive CC payments. Paypal works as well but CS-Cart is not processing them. I'm curious if this is an issuing with servers using HTTP/2 

Here's a sample from Paypal as of today
 

Response: HTTP/2 200 server: Apache x-frame-options: SAMEORIGIN http_x_pp_az_locator: dcg12.slc paypal-debug-id: d3d7c8d424da7 cache-control: max-age=0, no-cache, no-store, must-revalidate pragma: no-cache content-type: text/html; charset=UTF-8 dc: ccg11-origin-www-2.paypal.com date: Fri, 09 Nov 2018 17:31:14 GMT content-length: 8 set-cookie: cwrClyrK4LoCV1fydGbAxiNL6iG=LSjDzrrqJyd9BoIKkvvlBOrL5dXJEB9BqqgcuJvcex4vzQtm1nYEGe1Q40N0HNKLvPPOkuz1OGTgI_z15s6QZycBtEwNr5T6nN4v71hUGJWJkHjbE_-JYafYdQt_4uTBRTTEfLAvzr_TfGuS0vIOYoSHhe7oHdkI_4eniu4yikZLau4b1KTVtYVK_eo_Ln2h1CKqnxUbg5udRbwBdyfo4se0az6ig3tCMTZXZhrk-kA0xknXRlqm7sbQxQXkiNQL6ZflZEhi3I6YVtpf3gtAQ-ZwLPfcly1Qhu_iKaoAuPB_HDek1D_54Mb-GA-b1IpWZe2c2o61RBuELlP0WAlv3nKialisxu228CUYGiBQVt_AAsqvvqKlqH4J3hX81JSvd43IPiZGRFHnvmhggtAVJkvGy6CckCDaTW-qoG5PrpdcMUY9y5rkYa9HJOS; domain=.paypal.com; path=/; Secure; HttpOnly set-cookie: cookie_check=yes; expires=Mon, 06-Nov-2028 17:31:14 GMT; domain=.paypal.com; path=/; Secure; HttpOnly set-cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; Secure; HttpOnly set-cookie: navlns=0.0; expires=Sun, 08-Nov-2020 17:31:14 GMT; domain=.paypal.com; path=/; Secure; HttpOnly set-cookie: X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dappdispatcher%26TIME%3D1657070939%26HTTP_X_PP_AZ_LOCATOR%3Ddcg12.slc; Expires=Fri, 09 Nov 2018 18:01:14 GMT; domain=.paypal.com; path=/; Secure; HttpOnly set-cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT set-cookie: AKDC=ccg11-origin-www-2.paypal.com; expires=Fri, 09-Nov-2018 18:01:14 GMT; path=/; secure set-cookie: akavpau_ppsd=1541785274~id=e0971bb86be5723596ffa8a8632bdb3d; Domain=www.paypal.com; Path=/; Secure; HttpOnly strict-transport-security: max-age=63072000 VERIFIED

The only thing that should show up is verified. I have eliminated our servers as an issue as well as third party API's as the issue. It does appear to me that this issue is entirely CS-Cart based. Correct me if I'm wrong. Offer insight on how to fix as well. 


Thanks!



 
  • E.Qi.Librium
  • Senior Member
  • Members
  • Join Date: 05-Sep 09
  • 450 posts

Posted 10 November 2018 - 09:23 AM #7

An update; just fixed the google recaptcha by installing the addon from cart power instead of the one I had. Thanks cart Power!

PayPal problem resists to go away, even if my host (tsohost.uk) states that they have done nothing to the server, I see no other logical explanation for the IPN not coming trough.

Requested help from PayPal technical assistance, they don't see a problem.


4.3.9  


 
  • Flow
  • Super Duper and Amazingly Sexy Senior
  • Members
  • Join Date: 13-Oct 10
  • 2302 posts

Posted 11 November 2018 - 07:46 PM #8

Since we all started to have problems like this on the same day, it can't be a coincidence. Are you all on WHM / Cpanel bu any chance?


When life hands you lemons, bring on the Tequila baby!


 
  • mokeshop
  • Senior Member
  • Members
  • Join Date: 27-Jul 12
  • 1005 posts

Posted 12 November 2018 - 01:24 AM #9

https://forum.cs-car...e-to-processes/

 
  • dotell
  • Junior Member
  • Trial users
  • Join Date: 21-Oct 09
  • 216 posts

Posted 12 November 2018 - 02:32 AM #10

I'm on WHM/Cpanel....any solution yet? All of my paypal express orders remain open until manually changed to processed.



 
  • mokeshop
  • Senior Member
  • Members
  • Join Date: 27-Jul 12
  • 1005 posts

Posted 12 November 2018 - 05:25 AM #11

Security patch with PayPal pre something???

 
  • Flow
  • Super Duper and Amazingly Sexy Senior
  • Members
  • Join Date: 13-Oct 10
  • 2302 posts

Posted 12 November 2018 - 05:59 AM #12

Security patch with PayPal pre something???

 

It's unrelated. This started to happen some days ago without any change to our software, and it's EVERY paypal order, not just an occasional one.


When life hands you lemons, bring on the Tequila baby!


 
  • mokeshop
  • Senior Member
  • Members
  • Join Date: 27-Jul 12
  • 1005 posts

Posted 12 November 2018 - 06:21 AM #13

It's unrelated. This started to happen some days ago without any change to our software, and it's EVERY paypal order, not just an occasional one.


Was just an info, I have uploaded the security patch and enabled Google recaptcha... is it possible that Google recaptcha is preventing paypal to pass the ipn code?

 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 19685 posts

Posted 12 November 2018 - 06:39 AM #14

Was just an info, I have uploaded the security patch and enabled Google recaptcha... is it possible that Google recaptcha is preventing paypal to pass the ipn code?

 

No, it is not possible. Recaptcha is checked in certain controllers only. IPN does not use these controllers


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    CS-Cart RU                         24500 руб.
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      CS-Cart RU + UniTheme    36000 руб.


 
  • Darius
  • Douchebag
  • Members
  • Join Date: 20-Apr 08
  • 3290 posts

Posted 12 November 2018 - 07:57 AM #15

for me problem with open orders are only in iframe mode



 
  • Flow
  • Super Duper and Amazingly Sexy Senior
  • Members
  • Join Date: 13-Oct 10
  • 2302 posts

Posted 12 November 2018 - 12:09 PM #16

for me problem with open orders are only in iframe mode

 

But with you it happens occasionaly, right? With me and I guess the others here, since last week Thursday or so, each and every paypal order stays on open.


When life hands you lemons, bring on the Tequila baby!


 
  • E.Qi.Librium
  • Senior Member
  • Members
  • Join Date: 05-Sep 09
  • 450 posts

Posted 12 November 2018 - 12:16 PM #17

My guess, and I'm no expert, is that PayPal changed something on the IPN calls witch made PayPal Payments addon flawed.

On my paypal IPN history everything seems ok, no errors, the IPNs are being sent (according to paypal), the issue is that cs cart is not receiving them properly.

This is something that should be investigated by cs-cart team, i think...


4.3.9  


 
  • Darius
  • Douchebag
  • Members
  • Join Date: 20-Apr 08
  • 3290 posts

Posted 12 November 2018 - 03:29 PM #18

In paypal ipn history you can re send IPN msg, try if this would change order status open to processed. If so then I do not think its paypal fault.

 

My guess, and I'm no expert, is that PayPal changed something on the IPN calls witch made PayPal Payments addon flawed.

On my paypal IPN history everything seems ok, no errors, the IPNs are being sent (according to paypal), the issue is that cs cart is not receiving them properly.

This is something that should be investigated by cs-cart team, i think...



 
  • E.Qi.Librium
  • Senior Member
  • Members
  • Join Date: 05-Sep 09
  • 450 posts

Posted 12 November 2018 - 03:37 PM #19

That I tried, my PayPal IPN history area does not have that option, to resend IPM, I can only see them. I'm with PayPal Spain.

 

At first I thought it was because I have IPN history off within Paypal (although I can see IPN history all the same), but then cs-cart states on all nstructions that we do not need to have those configurations done on PayPal, that that's what the PayPal Payments addon is for.


4.3.9  


 

Posted 12 November 2018 - 06:32 PM #20

I also have WHM/Cpanel (CentOS) - The issue occurred right after a forced server patch of us.  My money is currently on server side, not PayPal (it would be an impeccably timed event).  What sort of things could prevent the IPN notice from "communicating" to the cart fully?  (and is there any "safe" data that we could provide that would help trouble-shoot the issue more to narrow it down some?)  It looks like more people are realizing an issue and saying something about it... Thanks!