Christopher Short Posted December 22, 2021 Share Posted December 22, 2021 Customers are having problems during checkout with paypal commerce. If they pay with a CC on the site, it takes the info and dumps them back at the page but fails to process the payment. Order becomes pending; Logs have repeated entries as follows: Request Sent (cURL) - https://api.paypal.com/v1/oauth2/tokengrant_type=client_credentials Response received (200 - OK){"scope":"https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/disputes/read-buyer https://uri.paypal.com/services/payments/realtimepayment https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/payment/authcapture openid https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/payments/refund https://api.paypal.com/v1/vault/credit-card https://api.paypal.com/v1/payments/.* https://uri.paypal.com/services/payments/initiatepayment https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/applications/webhooks","access_token":"xxxxxxxx0oLo38qBX8iMA-G0mm5b1SFnuPVZMmHZkthp_9dDkYNACdgDuViHKp-xxxxxxxrT2uWGxBWTuUy9RC8mGs5KH8LuA","token_type":"Bearer","app_id":"APP-xxxxx17238807","expires_in":29369,"nonce":"2021-12-22T05:00:03Zb1VYAfh_6VHuAwgut1b5SyNYoC7Iqsrp8iXPxxxxxxx"} several dozen entries of this each time a customer has an issue. I replaced some characters with xxxxx incase it is sensitive. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted December 22, 2021 Share Posted December 22, 2021 This API request gets an authentication token which it then uses for all other API requests. The successful result which you have carries the access_token which we can see above. Once called the access token is valid for the value in the expires_in response which is 29369 seconds. This means CubeCart should then be using this token for that period of time before renewing. If your store is making this request more often than every 29369 seconds then there has to be a fault in setting/recalling the CubeCart session data. Please refer to the _access_token function of the paypal.class.php file. I would check that the CubeCart_sessions table is not corrupt and that PHP sessions are working properly on the server. Without a deep dive it's impossibly to know what the underlying issue is. Please do also check the error log in the admin control panel and PHP error log. Link to comment Share on other sites More sharing options...
Christopher Short Posted December 23, 2021 Author Share Posted December 23, 2021 I have had several customers run into the same issue, and just tried myself while logged into a customer account using their payment info. It returns to this screen without taking payment. Link to comment Share on other sites More sharing options...
Christopher Short Posted December 27, 2021 Author Share Posted December 27, 2021 Alec looked into the database, no issues. Just had another customer try to buy $800 worth of stuff and guess what, same log files showing and no payment collected. Can you please look into this issue? Link to comment Share on other sites More sharing options...
bsmither Posted December 27, 2021 Share Posted December 27, 2021 In the PayPal_Comerce module, paypal.class.php file, I find the only location where Unspecified error. occurs. This coincides with the following messages logged in CubeCart's Transaction Logs: The combination of liabilityShifted, authenticationStatus & authenticationReason was unexpected. and 3D SECURE FAILURE Those three items listed above can have a few values for each, but when there is a combination of these values not planned for, these messages get logged. Do these messages show up in the Notes column for this order's Transaction Log? Link to comment Share on other sites More sharing options...
Christopher Short Posted December 27, 2021 Author Share Posted December 27, 2021 No, notes don't show anything related to checkout. Link to comment Share on other sites More sharing options...
bsmither Posted December 27, 2021 Share Posted December 27, 2021 Then, maybe the problem is coming from the javascript that the module loads into the HTML presented to the customer. Using your browser's Developer Tools, open them to the Console tab. Click the trash bin icon to clear the Console screen. Start working through making an order with this PayPal module. The Developer Tools Console page will start filling with notices, warnings, and errors. Save the list to an external file for later analysis. Are there any items in the Console Log list that catch your attention? Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 I have tried several now, the logs show nothing. Some go through, some do not. The last one was rejected and gave a 3DS error but the previous customer tried several times, no error and no payment, just looped back to the make payment screen. I tried by logging in as customer and it went through. Today, 19:53 Request Sent (cURL) - https://api.paypal.com/v1/oauth2/tokengrant_type=client_credentials Response received (200 - OK){"scope":"https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/disputes/read-buyer https://uri.paypal.com/services/payments/realtimepayment https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/payment/authcapture openid https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/payments/refund https://api.paypal.com/v1/vault/credit-card https://api.paypal.com/v1/payments/.* https://uri.paypal.com/services/payments/initiatepayment https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/applications/webhooks","access_token":"A21AAPMBXCInJT5w9aWNY8AzlpMooBTrakO83l-bdzdV3MGDwbxV9wIq3rRhmQTF5y3p9NT7budVtNfeo9is4j8dO8clmDzJQ","token_type":"Bearer","app_id":"APP-9S829106T17238807","expires_in":29200,"nonce":"2022-01-04T00:00:02ZcmUXR5uf35GZQDRkvsW5_FnCXro9RjbQZdMHFv0Ssp0"} The request in the admin area is repeated several times with the same info everytime, almost looks like a stuck for loop. Link to comment Share on other sites More sharing options...
bsmither Posted January 4, 2022 Share Posted January 4, 2022 The immediate things I notice are the net::ERR_BLOCKED_BY_CLIENT message, and the 4XX response codes. Please verify that your browser is not blocking anything from PayPal by using a plugin, whole computer-based "web protection" (Avast, Norton, MalwareBytes, etc), or anything that could interfere with the proper transmission and reception of communications from and to the browser. You may have the ability to see what is blocking the request. On the menubar of the developer tools, there could be a mention of a plugin that is doing these kinds of things. For example, AdBlock Plus. Viewing what AdBlock Plus is doing may give a clue as to what could be causing these problems. I also find interesting the "Couldn't find the user-provided function: reCaptchaCallback". Please remind us of the skin the site is using. Examine the skin files content.recaptcha.head.php and content.recaptcha.php. In both files, there should be the statement: var reCaptchaCallback = function() { Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 11 minutes ago, bsmither said: The immediate things I notice are the net::ERR_BLOCKED_BY_CLIENT message, and the 4XX response codes. Please verify that your browser is not blocking anything from PayPal by using a plugin, whole computer-based "web protection" (Avast, Norton, MalwareBytes, etc), or anything that could interfere with the proper transmission and reception of communications from and to the browser. You may have the ability to see what is blocking the request. On the menubar of the developer tools, there could be a mention of a plugin that is doing these kinds of things. For example, AdBlock Plus. Viewing what AdBlock Plus is doing may give a clue as to what could be causing these problems. I also find interesting the "Couldn't find the user-provided function: reCaptchaCallback". Please remind us of the skin the site is using. Examine the skin files content.recaptcha.head.php and content.recaptcha.php. In both files, there should be the statement: var reCaptchaCallback = function() { Ill get this info for you shortly. The issue isn't just my browser or computer, it is many different users that never had problems amd now do. Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 31 minutes ago, bsmither said: The immediate things I notice are the net::ERR_BLOCKED_BY_CLIENT message, and the 4XX response codes. Please verify that your browser is not blocking anything from PayPal by using a plugin, whole computer-based "web protection" (Avast, Norton, MalwareBytes, etc), or anything that could interfere with the proper transmission and reception of communications from and to the browser. You may have the ability to see what is blocking the request. On the menubar of the developer tools, there could be a mention of a plugin that is doing these kinds of things. For example, AdBlock Plus. Viewing what AdBlock Plus is doing may give a clue as to what could be causing these problems. I also find interesting the "Couldn't find the user-provided function: reCaptchaCallback". Please remind us of the skin the site is using. Examine the skin files content.recaptcha.head.php and content.recaptcha.php. In both files, there should be the statement: var reCaptchaCallback = function() { Are we on recaptcha v2 or 3? I am using foundation but also have some custom skin built in. 5[Violation] Added non-passive event listener to a scroll-blocking <some> event. Consider marking event handler as 'passive' to make the page more responsive. See <URL> [Violation] Forced reflow while executing JavaScript took 30ms message?merchant_id=BECJBFSX3YF2Q¤cy=USD&amount=803.72&placement=cart&style={"layout"%3A"text"%2C"logo"%3A{"type"%3A"inline"%2C"position"%3A"left"}%2C"text"%3A{"color"%3A"black"%2C"size"%3A"12"%2C"align"%3A"center"}}&client_id=AfzDtc-4e3mgEKVqWbZ1KiuaJzTwaeDGRM1xYdzfuBGJk0zhEJkc6vYOOF2RnKWTuyUMoV0S4IcngySx&merchant_config=d45c6e1f1ce03b33bc512247a2ccc454e48245e5&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZ6RHRjLTRlM21nRUtWcVdiWjFLaXVhSnpUd2FlREdSTTF4WWR6ZnVCR0prMHpoRUprYzZ2WU9PRjJSbktXVHV5VU1vVjBTNEljbmd5U3gmbWVyY2hhbnQtaWQ9QkVDSkJGU1gzWUYyUSZjdXJyZW5jeT1VU0QmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXImaW50ZW50PWF1dGhvcml6ZSZjb21taXQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsaG9zdGVkLWZpZWxkcyxtZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6IkNVQkVDQVJUTElNSVRFRF9DYXJ0X0N1YmVDYXJ0UENQIiwiZGF0YS11aWQiOiJ1aWRfdHNpcHJhb2h6eHZ1dW1vbW1kcmlnaW1xdXJmZnZxIn19&env=production&version=1.27.1&deviceID=feb9ff2a9f_mtq6ndq6ndi&sessionID=uid_4aa2160231_mdm6mdc6mty&scriptUID=uid_tsipraohzxvuumommdrigimqurffvq&message_request_id=uid_20d859d35b_mdm6mdg6nde&features=no-common:105 [Violation] Avoid using document.write(). https://developers.google.com/web/updates/2016/08/removing-document-write (anonymous) @ message?merchant_id=BECJBFSX3YF2Q¤cy=USD&amount=803.72&placement=cart&style={"layout"%3A"text"%2C"logo"%3A{"type"%3A"inline"%2C"position"%3A"left"}%2C"text"%3A{"color"%3A"black"%2C"size"%3A"12"%2C"align"%3A"center"}}&client_id=AfzDtc-4e3mgEKVqWbZ1KiuaJzTwaeDGRM1xYdzfuBGJk0zhEJkc6vYOOF2RnKWTuyUMoV0S4IcngySx&merchant_config=d45c6e1f1ce03b33bc512247a2ccc454e48245e5&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZ6RHRjLTRlM21nRUtWcVdiWjFLaXVhSnpUd2FlREdSTTF4WWR6ZnVCR0prMHpoRUprYzZ2WU9PRjJSbktXVHV5VU1vVjBTNEljbmd5U3gmbWVyY2hhbnQtaWQ9QkVDSkJGU1gzWUYyUSZjdXJyZW5jeT1VU0QmZW5hYmxlLWZ1bmRpbmc9cGF5bGF0ZXImaW50ZW50PWF1dGhvcml6ZSZjb21taXQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsaG9zdGVkLWZpZWxkcyxtZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6IkNVQkVDQVJUTElNSVRFRF9DYXJ0X0N1YmVDYXJ0UENQIiwiZGF0YS11aWQiOiJ1aWRfdHNpcHJhb2h6eHZ1dW1vbW1kcmlnaW1xdXJmZnZxIn19&env=production&version=1.27.1&deviceID=feb9ff2a9f_mtq6ndq6ndi&sessionID=uid_4aa2160231_mdm6mdc6mty&scriptUID=uid_tsipraohzxvuumommdrigimqurffvq&message_request_id=uid_20d859d35b_mdm6mdg6nde&features=no-common:105 This was from clicking secure checkout Link to comment Share on other sites More sharing options...
bsmither Posted January 4, 2022 Share Posted January 4, 2022 The latest Foundation (since CC640, I think) is using reCaptcha V2 (or OFF). This choice is made in Store Settings, Features tab, Bot Protection section. (You will need to get your own keys). The skin template code is testing for choice #2 or choice #3 (or zero for OFF). Both choices are for Google's reCaptcha V2 -- the difference is just in how the reCaptcha appears on the browser page. Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 6 minutes ago, bsmither said: The latest Foundation (since CC640, I think) is using reCaptcha V2 or OFF. This choice is made in Store Settings, Features tab, Bot Protection section. (You will need to get your own keys). The skin template code is testing for choice #2 or choice #3 (or zero for OFF). Both choices are for Google's reCaptcha V2 -- the difference is just in how the reCaptcha appears on the browser page. Can I send you my skins folder to look at? I appreciate you helping, really need to get this resolved as I cannot keep losing customers at payment as they do not come back. https://drive.google.com/file/d/1k7zL0k5hnXuSNyu0UgAfp3V9R3T94w5u/view?usp=sharing Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 with adblock running with adblock disabled. The popup appeared but gave the same 3ds error Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 4, 2022 Share Posted January 4, 2022 So it very much looks like a 3rd party browser plugin is causing the problem. Can you temporarily disable all of them or one at a time? Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 5 hours ago, Al Brookbanks said: So it very much looks like a 3rd party browser plugin is causing the problem. Can you temporarily disable all of them or one at a time? I did, disabled everything in the second run. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 4, 2022 Share Posted January 4, 2022 Do you have any firewalls or network security tools that could interfere? Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 turned everything off: firewall, virus protection, ad blocker ect by the way, on 3 different machines and 3 different networks, the results are the same. Link to comment Share on other sites More sharing options...
Christopher Short Posted January 4, 2022 Author Share Posted January 4, 2022 Different customer different card type, same issue. Link to comment Share on other sites More sharing options...
Christopher Short Posted January 6, 2022 Author Share Posted January 6, 2022 Just had a customer have an issue with the invisible recaptcha- The following errors were detected: the verification code was incorrect. Please try again Could this also be causing payment related issues? Link to comment Share on other sites More sharing options...
bsmither Posted January 6, 2022 Share Posted January 6, 2022 With the invisible reCaptcha, there should be visible a small-ish 'tag' at the lower-right corner of the web page. If the javascript from Google that makes the determination that the visitor should, or should not, be shown a grid of images is malfunctioning or did not get loaded into the web page (a browser plugin that stops some or all javascript from being fetched - such as NoScript or uMatrix), then the verification code might not be getting sent to your site for comparison - resulting in CubeCart issuing that warning to the visitor. If the visitor's browser is interferring with javascript as a whole, then the PayPal gateway code might also be failing. From above, the 422 log entry has an associated issue in the GitHub: https://github.com/cubecart/v6/issues/2896 I will try to come up with some code edits that will reveal exactly what entity is unprocessable. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 7, 2022 Share Posted January 7, 2022 I've worked with Chris internally on this and found a number of unexpected and undocumented 3D Secure responses which I believe is the root issue. Link to comment Share on other sites More sharing options...
Rosenbaum Posted January 13, 2022 Share Posted January 13, 2022 Same issue here and i cant find any solutions. My CC Pay Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 13, 2022 Share Posted January 13, 2022 1 hour ago, Rosenbaum said: Same issue here and i cant find any solutions Are you using the latest version of the extension? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.