Jump to content

Archived

This topic is now archived and is closed to further replies.

Guest EliteReef

Checkout error

Recommended Posts

Guest EliteReef

We are stuck on this paypal thing.. cant accept any orders.. while using Direct Payment and Express Checkout, the following error appears:

This is the Direct payment error:

"Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/elite/public_html/cart/pear/Services/PayPal/SOAP/Transport/HTTP.php on line 582

Warning: Cannot modify header information - headers already sent by (output started at /home/elite/public_html/cart/pear/Services/PayPal/SOAP/Transport/HTTP.php:582) in /home/elite/public_html/cart/modules/gateway/DirectPayment/form.inc.php on line 157"

This is the express Checkout eror:

"Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/elite/public_html/cart/pear/Services/PayPal/SOAP/Transport/HTTP.php on line 582"

Nothing was changed or modified before getting this error. Our gateway has been working fine until all of the sudden a few days ago.. Any help would be greatly appreciated.

Thanks,

Matt

Elite Reef Aquatics

Share this post


Link to post
Share on other sites

Guest EliteReef

Not sure what is in safe mode. No settings or code has been changed. This just started happening a few days ago out of the blue.. Could you elaborate more on safe mode? Would it be the server, or the site? These errors are occouring with Paypal Direct Payment and paypal express checkout. Thanks in advance for your reply....

Matt

Share this post


Link to post
Share on other sites
Guest stosh1985

The problem occurs because of a change in PHP 4.4.4, check out the release notes:

http://us3.php.net/release_4_4_4.php

You'll note this line:

Fixed possible open_basedir/safe_mode bypass in cURL extension.

Which in the changelog has:

Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are enabled.

Which means when open_basedir is enabled, as it is on just about any shared web host your CURL calls will not follow Location headers on a page. This is bad news for CubeCart all around. Unfortunately, as of right now I don't know a fix. The bug actually lies within the HTTP Transfer file of the SOAP library, which is a PEAR package and hasn't been updated since June.

I am going to keep playing with this, but I don't think turning this option to false is a viable solution. Unfortunately, we might be screwed until the SOAP library is updated, if it is.

Share this post


Link to post
Share on other sites
Guest stosh1985

Go to:

/pear/Services/PayPal/SOAP/Transport/

In HTTP.php on Line 575 you will find this line:

curl_setopt(CURLOPT_FOLLOWLOCATION, 1);

You can comment it out and the PayPal Gateway will still work. Go ahead and do this and it will solve your problem.

Beware... if you offer other payment methods I have no idea if those will stop working.

Pax.

Share this post


Link to post
Share on other sites
Guest EliteReef

WOW, thanks for the reply.. I have talked to paypal, cubecart, my hosting provider, their support techs, etc., and nobody has figured this out... How do I comment that line out? I only use paypal direct payment and paypal express checkout gateways. No others.. Thanks.

[email protected]

Share this post


Link to post
Share on other sites
Guest stosh1985

WOW, thanks for the reply.. I have talked to paypal, cubecart, my hosting provider, their support techs, etc., and nobody has figured this out... How do I comment that line out? I only use paypal direct payment and paypal express checkout gateways. No others.. Thanks.

Matt,

A simple // infront of the line will do the trick.

FWIW, CubeCart's PayPal error handling is not that stellar, so if you haven't already setup your PayPal account stuff and it doesn't seem to work, let me know - I can show you a trick to dump debug error info and find out what the deal is.

Pax.

Share this post


Link to post
Share on other sites
Guest PhattyMcGee

A simple // infront of the line will do the trick.

When I add the // in front of the line and complete an order it brings me back to the screen saying that my order has not been processed.

...also, note that my line reads like this:

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

Does the additional $ch make any difference compared to what you had posted?

I edited the line as:

//curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

Share this post


Link to post
Share on other sites

In all honestly I don't know the answer. The solution I expect is to turn safe mode off. I frustrates me so many hosts run their servers in safe mode. It disables so many features and there is no need if they look after it preoperly.

I expect there may be info about it here http://www.paypaldev.org/

You *may* (but I doubt it) force safe mode to be off.

Drop a file called .htaccess in the public_html folder of your site with the content:

"php_admin_flag safe_mode Off"

Share this post


Link to post
Share on other sites
Guest jejacks0n

I haven't experienced the payment gateway issue directly, but I had a similar problem on some other stuff -- just happened to be working on a cubecart addition, and when I googled for this error I found this thread by coincidence.

So, here's the thing, what I was trying to do still works, even though I got the warning.. I'm not sure if this is the case with the payment gateway (because the gateway itself might require something that's set in the curl_setopt function), but regardless you can suppress the warning by putting an @ sign before the function call. It's better than commenting it out.

This is not an optimal fix, but should be documented somewhere, because again, it's better to suppress the warning rather than comment the line out -- incase you upgrade servers or whatever.

@curl_setopt(...);

Hope that helps.

Share this post


Link to post
Share on other sites
Guest

Can someone explain what is going on with this error/warning as far as it's implications with Cube Cart? Is it a show stopper, or something to ignore? Even though the message appears, and we can presume that due to the message, the curl option did not get set, other things still go through, and the transaction succeeds enough to send a valid PayPal transfer message.

Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/.../public_html/tienda/pear/Services/PayPal/SOAP/Transport/HTTP.php on line 575

In your CC admin, click on Gateways/PayPal Direct Payment/Configure, make sure that Gateway Server is LIVE and not SANDBOX.

Please someone tell me that this isn't true.

I really don't want to test PayPal with live transactions. :D

From my prior experience, I would think that the main difference

between LIVE and SANDBOX would be the host or server address

that is used, and pretty much nothing else. :D

The solution I expect is to turn safe mode off. It frustrates me so many hosts run their servers in safe mode. It disables so many features and there is no need if they look after it properly.

...

Drop a file called .htaccess in the public_html folder of your site with the content:

"php_admin_flag safe_mode Off"

I tried that, but the web server gives the error: :(

"/.../public_html/.htaccess: php_admin_flag not allowed here"

so it cannot be forced off, at least not using that method.

Also, in Cubecart Admin, Server Info shows

both local and the server with: safe_mode Off Off

So that isn't the problem.

The problem occurs because of a change in PHP 4.4.4, check out the release notes:

http://us3.php.net/release_4_4_4.php

You'll note this line:

Fixed possible open_basedir/safe_mode bypass in cURL extension.

Which in the changelog has:

Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are enabled.

Ok, so we check the Server Info again, and we see: :(

open_basedir

local /home/.../:/usr/lib/php:/usr/local/lib/php:/tmp

server no value

Looks an awful lot like a path-list to me, not a simple 'enabled', so as long as the path-list is kept under the control of CubeCart, where's the security hole? (:'/tmp')? :) [Why are we allowing or using /tmp in a path variable?]

If it has any value, it's enabled. Can CubeCart function without a path-list to find things? (Of course, if this is one of the changes we may see in CC 3.0.13, then it's not so bad.)

Why isn't this a problem with more users? (unless not so many people are using PayPal?)

Sorry about all the questions, this is just holding up completing any more PayPal testing and opening my store to real customers. It's frustrating, and it's not helping my confidence at the moment.

-Carl

Share this post


Link to post
Share on other sites
Guest sevencyn

Can someone explain what is going on with this error/warning as far as it's implications with Cube Cart? Is it a show stopper, or something to ignore? Even though the message appears, and we can presume that due to the message, the curl option did not get set, other things still go through, and the transaction succeeds enough to send a valid PayPal transfer message.

Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/.../public_html/tienda/pear/Services/PayPal/SOAP/Transport/HTTP.php on line 575

In your CC admin, click on Gateways/PayPal Direct Payment/Configure, make sure that Gateway Server is LIVE and not SANDBOX.

Please someone tell me that this isn't true.

I really don't want to test PayPal with live transactions. :(

From my prior experience, I would think that the main difference

between LIVE and SANDBOX would be the host or server address

that is used, and pretty much nothing else. :dizzy:

The solution I expect is to turn safe mode off. It frustrates me so many hosts run their servers in safe mode. It disables so many features and there is no need if they look after it properly.

...

Drop a file called .htaccess in the public_html folder of your site with the content:

"php_admin_flag safe_mode Off"

I tried that, but the web server gives the error: :(

"/.../public_html/.htaccess: php_admin_flag not allowed here"

so it cannot be forced off, at least not using that method.

Also, in Cubecart Admin, Server Info shows

both local and the server with: safe_mode Off Off

So that isn't the problem.

The problem occurs because of a change in PHP 4.4.4, check out the release notes:

http://us3.php.net/release_4_4_4.php

You'll note this line:

Fixed possible open_basedir/safe_mode bypass in cURL extension.

Which in the changelog has:

Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are enabled.

Ok, so we check the Server Info again, and we see: :)

open_basedir

local /home/.../:/usr/lib/php:/usr/local/lib/php:/tmp

server no value

Looks an awful lot like a path-list to me, not a simple 'enabled', so as long as the path-list is kept under the control of CubeCart, where's the security hole? (:'/tmp')? :blink: [Why are we allowing or using /tmp in a path variable?]

If it has any value, it's enabled. Can CubeCart function without a path-list to find things? (Of course, if this is one of the changes we may see in CC 3.0.13, then it's not so bad.)

Why isn't this a problem with more users? (unless not so many people are using PayPal?)

Sorry about all the questions, this is just holding up completing any more PayPal testing and opening my store to real customers. It's frustrating, and it's not helping my confidence at the moment.

-Carl

Does anyone know if there has been a resolution to this problem? I'm just now testing out PayPal Direct and Express and get a similar error (below).

Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/sevencyn/public_html/cubecart/pear/PayPal/SOAP/Transport/HTTP.php on line 575

Warning: Cannot modify header information - headers already sent by (output started at /home/sevencyn/public_html/cubecart/pear/PayPal/SOAP/Transport/HTTP.php:575) in /home/sevencyn/public_html/cubecart/modules/gateway/DirectPayment/form.inc.php on line 177

Any help would be greatly appreciated!

-Cyn

Share this post


Link to post
Share on other sites

×
×
  • Create New...