foz1234 Posted April 25, 2017 Posted April 25, 2017 Thanks Al, it maybe purely coincidental but i did not have any PP issues until i updated from 6.1.1 to 6.1.7 on Friday. if i compare the IPN messages before and after the upgrade i don't see any difference they all say sent and no reattempts the url is the same 1 Quote
havenswift-hosting Posted April 25, 2017 Posted April 25, 2017 18 minutes ago, [email protected]. said: @Al Brookbanks this isn't just a PP issue which is why so many of us believe it to be a CC issue... I also dont believe this is a PayPal issue - there are lots of reports of different and odd behaviour from upgraded sites that are intermittent even on the same site. 1 Quote
keat Posted April 25, 2017 Posted April 25, 2017 In an attempt to ditch 'store email at the pending stage', I've been hoping for a fix for IPN, so I can put the site in to 'store email at processing'. I don't get many failed IPN's but enough not to warrant switching the email notifications. I've just updated the PayPal Standard gateway to 1.0.5, lets seee if this helps. Quote
Dirty Butter Posted April 25, 2017 Posted April 25, 2017 Hopefully the PayPal upgrade will fix this. I'll do mine as soon as I can get on my computer. Quote
Al Brookbanks Posted April 25, 2017 Posted April 25, 2017 Are you all using stock Foundation skin from 6.1.7 or a mixture? Quote
[email protected]. Posted April 25, 2017 Posted April 25, 2017 Been using PP1.0.5 for ages no difference again I don't believe this is a PP issue Version 1.0.5 Last Updated 29th Jun 2016, 12:19 Quote
Dirty Butter Posted April 25, 2017 Posted April 25, 2017 Hmmm Wonder why didn't I get a notice of a new version on the dashboard...... Quote
[email protected]. Posted April 25, 2017 Posted April 25, 2017 2 minutes ago, Dirty Butter said: Hmmm Wonder why didn't I get a notice of a new version on the dashboard...... Maybe your IPN wasn't configured properly Sorry, if I don't make light of these things they can drive me to distraction... PS love the bible quote at the side Quote
keat Posted April 25, 2017 Posted April 25, 2017 My main site is using Mican skin. Like I say, I don't get many IPN failures, 1 in every 50, but that equates to at least 1 per day. Quote
Al Brookbanks Posted April 25, 2017 Posted April 25, 2017 I'm wondering if for those stores with CSRF turned on on the front end payment gateway data is failing as there is no CSRF token. Quote
foz1234 Posted April 25, 2017 Posted April 25, 2017 Hi Al, if you would like me to test a with a purchase on my store i am happy to test, if you tell me what you would like me to change. Quote
Al Brookbanks Posted April 25, 2017 Posted April 25, 2017 5 minutes ago, foz1234 said: Hi Al, if you would like me to test a with a purchase on my store i am happy to test, if you tell me what you would like me to change. Isn't your issue intermittent? If so my thoughts are not relevant. It would be all or nothing. Quote
[email protected]. Posted April 25, 2017 Posted April 25, 2017 Mine isn't intermittent - but I haven't a clue where the CSRF off switch is @havenswift-hosting Quote
foz1234 Posted April 25, 2017 Posted April 25, 2017 (edited) 9 minutes ago, Al Brookbanks said: your issue intermittent? If so my thoughts are not relevant. It would be all or nothing. no Al, mine is on every payment, Payments are being made via PayPal i get email from PP but CC not changing to processing and sending emails out, has worked fine when i was on 6.1.1 until i updated to 6.1.7 on Friday. i too wouldn't know how to turn CSRF on or off lol Edited April 25, 2017 by foz1234 Quote
Al Brookbanks Posted April 25, 2017 Posted April 25, 2017 Ok can you change; https://github.com/cubecart/v6/blob/master/skins/foundation/config.xml#L20 <csrf>true</csrf> To: <csrf>false</csrf> Quote
foz1234 Posted April 25, 2017 Posted April 25, 2017 (edited) No Al i get this message now which i don't remember seeing before in the customer checkout Many thanks for your order! The order status is currently pending but it will automatically update to processing once payment is confirmed. Normally this is automated and will happen within the hour but please do contact us if you require more information. nothing in the transaction logs, Order status for admin email notifications set to - processing so no email from the store, still showing as pending in unsettled orders FYI i turned off the IPN settings in PayPal as you said they are not needed. just checked the IPN log on PP this time i did not get a http response code 200 it was blank i maybe should have left the IPN settings to on the status no says off i will test again with it turned on Edited April 25, 2017 by foz1234 Quote
bsandall Posted April 25, 2017 Posted April 25, 2017 My IPN history also all show as successful, despite orders being stuck in Pending until manually resolved. Using PayPal_Pro 1.1.7. Orders paid for by credit card seem less prone to this error than those paid for by PayPal Express Checkout, though I can't confirm at this time whether the former never has this problem. Of note is that I have had this problem intermittently for at least the last few months, so for me it is not isolated to CC 6.1.7. Quote
Al Brookbanks Posted April 25, 2017 Posted April 25, 2017 Card payments on site and not IPN dependant for status. 1 Quote
bsandall Posted April 25, 2017 Posted April 25, 2017 4 minutes ago, Al Brookbanks said: Card payments on site and not IPN dependant for status. That would explain then why they don't suffer from this issue! Never did get around to looking at the code for it, so thanks for that tip. Quote
foz1234 Posted April 25, 2017 Posted April 25, 2017 (edited) i am happy to say i think that's worked Al the new order has changed to processing and admin email received. that's with the IPN settings turned on in PP and the csrf set to false Edited April 25, 2017 by foz1234 Quote
Al Brookbanks Posted April 25, 2017 Posted April 25, 2017 2 minutes ago, foz1234 said: i am happy to say i think that's worked Al the new order has changed to processing and admin email received. that's with the IPN settings turned on in PP and the csrf set to false So the CSRF test needs exceptions for remote server calls. Quote
bsandall Posted April 25, 2017 Posted April 25, 2017 (edited) 7 minutes ago, Al Brookbanks said: So the CSRF test needs exceptions for remote server calls. Perhaps also checked against a whitelisted set of allowed URLs? Since, you know, CSRF is exactly that - an attack by a remote server. EDIT: And by whitelisted URLs, I mean internal (CubeCart) ones that are allowed to be called remotely without a CSRF token. Edited April 25, 2017 by bsandall Quote
foz1234 Posted April 25, 2017 Posted April 25, 2017 shall i change this back to 1 hour ago, Al Brookbanks said: <csrf>true</csrf> or is it safe to leave as a temporary fix? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.