Jump to content

Customers keep receiving 'error message' and cannot access a p


Recommended Posts

Nearly 25% - 50% of the customers that try to order from my store have issues accessing a payment gateway.  It most often seems to be PayPal but occasionally PrintOrderForm does not work either.  Sometimes they try again and it works other times they try multiple times with no effect and have to email me.  It is starting to cause problems and scare customers away.  I am not sure what it could be as when I upgraded my store it was fine and seems to be a problem that is worsening.. (?) which is strange.  Any help appreciated!!! 



Link to comment
Share on other sites

  • 6 months later...

Still having this problem, I am using V5, I received the following description from a customer


"Yes I was logged in when I attempted payment. However, after I clicked on 'checkout' and selected 'PayPal', the system signed me out and I was taken to the checkout page 'Already registered? Please log in.' So I tried to sign in again using my email address and a message popped up something like my email address is 'already in use.' Similarly, when I clicked on 'Checkout with PayPal' and had entered my credit card details through the PayPal site, I was automatically 'signed out.'


At this point nearly every customer is having these problems.


I have 'telephone number' set to 'required' in my PayPal settings.

Link to comment
Share on other sites

(Note: You seem to be running version CC522, although you are also using the PayPal_Pro API v74.0 from CC525.)


I've been progressively narrowing down some of your problems.


In your copy of functions.inc.php, line 555 has for $destination, this:

index.php?_a=confirm&token=AA-9AA99999AA9999999&PayerID=AAAAA99AAAA99 (codes are munged)


At line 566, it is this:

/shop/index.php?_a=confirm&token=AA-9AA99999AA9999999&PayerID=AAAAA99AAAA99 (codes are munged)


It is the & that is causing the sanitizer to reject everything after 'confirm'. I think this would cause orders to not be processed properly after paying for them at PayPal.


The if() block at lines 557-560 is not executed.


The if() block at lines 562-571 is executed.


SEO->rewriteUrls is given the good string, but returns the bad string. SEO->rewriteUrls calls SEO->queryString(). queryString() builds the string using http_build_query() and this function relies on arg_separator.output as set in the ini.inc.php file (&).


The above is wanted for XHTML validity, but this is not a good idea for 302 bouncing the browser to a new page.


In your functions.inc.php, I suggest moving the two lines at 554-555:

    $destination    = preg_replace('#([^:])/{2,}#', '$1/', urldecode($destination));
    $destination    = str_replace('amp;', '', html_entity_decode($destination, ENT_COMPAT, 'UTF-8'));
to just above line 581:

    filter_var($destination, FILTER_UNSAFE_RAW)

(or at least copy them to there).


In your PayPal_Pro hook, class.cubecart.construct.confirm.php, line 20, this is where the code 302 bounces your browser to the above URL.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...