lyndsiesal

[Resolved] Missing transaction logs/PayPal IPN

97 posts in this topic

:) yes lol...what safe to leave or change back :naughty:

1 person likes this

Share this post


Link to post
Share on other sites

Sorry.. I'm flat out doing 55 things at once. Leave it false for now. 

1 person likes this

Share this post


Link to post
Share on other sites
31 minutes ago, bsandall said:

Perhaps also checked against a whitelisted set of allowed URLs? Since, you know, CSRF is exactly that - an attack by a remote server. ;)

EDIT: And by whitelisted URLs, I mean internal (CubeCart) ones that are allowed to be called remotely without a CSRF token.

That explains why my MailChimp plugin is creating subscriptions from the Newsletter Subscription tab in CC customer account, but can't handle an unsubscribe from MailChimp. There needs to be some way to allow certain remote actions that plugins, etc., might need.

Share this post


Link to post
Share on other sites
5 hours ago, foz1234 said:

Many thanks for your order! The order status is currently pending but it will automatically update to processing once payment is confirmed. Normally this is automated and will happen within the hour but please do contact us if you require more information.

I rolled back our plushcatalog store to a GitHub commit from early March (basically back to 6.1.5). I then took an order all the way to payment and, unlike my usual testing, I actually paid for it with a different account debit card. I used a different domain email address. And all the payment process worked properly. And the refund from PP processed correctly on CC as well.

I DID see the part I've quoted from your comment, @foz1234 But by the time I checked in admin, it had Processed.

All the CSRF changes are what I don't have in my live code.

I DO still have captcha turned off, thanks to all the changes in that coding that my plugins and edits don't have yet.

Share this post


Link to post
Share on other sites
I have had two calls this morning from customers who after filling in their details at checkout, found that when they clicked on the 'secure checkout' button were unable to proceed!  I did a test purchase while they were on the phone and I too could not get past this stage...
I had changed the config.xml as per yesterdays advice from @Al Brookbanks but after changing <csrf>false</csrf> back to <csrf>true</csrf> everything seems to be working again...

Share this post


Link to post
Share on other sites

yes there is a thread about this here

 

Share this post


Link to post
Share on other sites

Are you planning on releasing 6.1.8 to include this ?

Share this post


Link to post
Share on other sites

Just order status change automatically from payment status responses.

1 person likes this

Share this post


Link to post
Share on other sites

Glad to see this progress with gateways, for sure. But I have a MailChimp API plugin that communicates both ways with the store that apparently isn't able to communicate back to the store at this time on 6.1.7, thanks to CSRF. So there's still more to be done here. I understand CC is trying to shut down unauthorized server access to our stores, and that's a good thing. We just need a way to tell the code what is allowed through. Windows does the same thing with allowed exceptions in Defender. (I think it's Defender that does that - maybe something else?)

Share this post


Link to post
Share on other sites

Has anyone had a successful purchase via PayPal or some other gateway that automatically changed to Processing within CC?

Share this post


Link to post
Share on other sites
13 minutes ago, Dirty Butter said:

Has anyone had a successful purchase via PayPal or some other gateway that automatically changed to Processing within CC?

After I capture payment from the authorizations, it will go from pending to processing.

Share this post


Link to post
Share on other sites

Thanks for that, Christopher. Good to hear!!

Hoping for feedback about automatically changing to Processing, so I can change this thread back to Resolved. :)

Share this post


Link to post
Share on other sites

i can confirm DB its working as it should, I've just purchased one of my own products lol

Share this post


Link to post
Share on other sites
16 hours ago, Dirty Butter said:

Thanks for that, Christopher. Good to hear!!

Hoping for feedback about automatically changing to Processing, so I can change this thread back to Resolved. :)

I wish I could get it to go to processing at authorization, and complete at capture though :)

Share this post


Link to post
Share on other sites
5 minutes ago, Christopher Short said:

I wish I could get it to go to processing at authorization, and complete at capture though :)

I wish I understood all this well enough to be of help, but I certainly do not. Maybe it would be best to make a new thread about what you need, since this thread has gotten so long.

Share this post


Link to post
Share on other sites
3 hours ago, Dirty Butter said:

I wish I understood all this well enough to be of help, but I certainly do not. Maybe it would be best to make a new thread about what you need, since this thread has gotten so long.

I already had one, it got almost nothing for replies

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now