Period pass not working -- Pay per View does not receive confirmation of order

When purchasing a period pass, everything appears to work fine up until we press the return to Mental Case 101 button on the final Paypal confirmation page. When we press this button, Firefox gives us the message:

"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party."

Pressing continue returns us to the site, but the Pay per View plugin has no record of the transaction and the user does not get access to the site. The transaction itself does go through in Paypal.

  • Michael Bissett

    Hey @Janice! :slight_smile:

    Hmm... odd, I'm not able to replicate this on my own site (with the Sandbox text credentials that I mentioned in the other thread you opened today), I'm seeing the transaction noted inside of Pay Per View when I try doing a test signup with the Period Pass option.

    One question on my mind... as a quick test, have you tried refreshing the permalink structure by going to:

    Settings -> Permalinks

    And clicking on the "Save Changes" button there? And then try doing another test transaction?

    If that doesn't do anything though, I'd like to have a closer look at what's going on here, could you please enable Support Access to your site? :slight_smile:

    https://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Kind Regards,
    Michael

  • Janice

    Michael,

    Alright, I've enabled support access. With difficulty, I managed to get a Paypal Sandbox setup (we had been testing on a live implementation before (and access to the site was blocked from the public)). We still get the same issues, though.

    Before we switched over to the Sandbox, we got this email from Paypal:
    "Please check your server that handles PayPal Instant Payment Notifications (IPN). IPNs sent to the following URL(s) are failing:
    http://www.mentalcase101.com/wp-admin/admin-ajax.php?action=ppw_paypal_ipn"

    If you cannot do everything that needs to be done using support access, just let me know what we need to test on Paypal. Perhaps you could tell me how to test the IPN?

    We are really eager to get this site working, so hopefully you can help us out! Thank again!

    Janice

  • Michael Bissett

    Hey @Janice,

    When I try visiting that link you shared here, I get a 500 Internal server error, which I'm not able to reproduce on my own site.

    As a simple test, if you were to disable the other plugins on your site, and switch to a default theme (temporarily), and then try doing another test purchase, does this still come up? We're going to want to check to see if there's a conflict taking place here.

    If that still doesn't turn up anything, then we'll want to check out your site's error log. If you're not sure how to access that on your end, I would advise contacting your host.

    We'll want to see what's in that log file, and see what clues that gives us here. :slight_smile:

    Kind regards,
    Michael

  • Janice

    Michael,

    Thanks for you help. I tried disabling all plugins but the WPMU DEV management console and, of course, Pay per View. I still experience the exact same symptoms. I get the warning when returning from the Paypal page about the unencrypted connection (which we should not be getting), and then there is no record of the transaction in Pay per View.

    I am looking into getting server error logs, but I'm not sure if I can get my hands on them, because we are not on a VPS. Nonetheless, I have contacted my hosting provider.

    Thanks again

  • Janice

    Okay, this is the error that is generated when a Paypal purchase is made:

    20150428T191506: http://www.mentalcase101.com/wp-admin/admin-ajax.php
    PHP Warning:  log() expects parameter 1 to be double, string given in /hermes/bosnaweb03b/b1170/dom.mentalcase101com/public_html/wp-content/plugins/pay-per-view/pay-per-view.php on line 1196
    PHP Catchable fatal error:  Object of class PayPerView could not be converted to string in /hermes/bosnaweb03b/b1170/dom.mentalcase101com/public_html/wp-content/plugins/pay-per-view/pay-per-view.php on line 1196
  • Michael Bissett

    Hey @Janice,

    Perhaps you can tell me what the IPN handler URL should be. Is it the same as the one that returns the HTTP Error 500?

    It should be the one mentioned in that email from PayPal:

    http://www.mentalcase101.com/wp-admin/admin-ajax.php?action=ppw_paypal_ipn

    So the correct URL's being referred to. However, the only time I'm able to get that notice you mentioned in your most recent comment is when I'm trying to access that link directly (without having any POST data from PayPal).

    It seems like something we'll need to call in our second level support for, but in the meantime, could you please send in the following via our secure contact form:

    - Mark to my attention, the subject line should contain only: ATTN: Michael Bissett
    - Do not include anything else in the subject line, doing so may delay our response due to how email filtering works.
    - Link back to this thread
    - Include WordPress admin access details (login address, username & password)
    - Include FTP log-in details (hostname, username & password)
    - Include any relevant URLs for your site

    On the contact form (linked to below), please select "I have a different question", this ensures it comes through and gets assigned to me.

    https://premium.wpmudev.org/contact/

    Thanks a bunch! :slight_smile:

    Kind Regards,
    Michael

  • Hoang Ngo

    Hi @Janice,

    I hope you are well today.

    The warning "Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.". This is because you are redirect from an SSL connection to normal connection (HTTPS to HTTP). For fix this issue, you will need to enable the HTTPS for your return page, in this case, is your post.
    Here is a hot fix, it will force the return value of your PayPal to HTTPS, please give it a try. Please add this code to your theme functions.php or use mu-plugins

    add_action('wp_footer', 'ppv_return_ssl');
    function ppv_return_ssl()
    {
        ?>
        <script type="text/javascript">
            jQuery(document).ready(function ($) {
                var ret = $('.ppw_inner').find('input[name="return"]');
                if (ret) {
                    ret.val(ret.val().replace('http://', 'https://'));
                }
            })
        </script>
    <?php
    }

    For the IPN issue, when you send the information which Mike requested above, please send some screenshot of the IPN history and IPN detail too. You can find it in PayPal->History->IPN History.

    I'm sorry for this inconvenience and many thanks for your patience.

    Best regards,
    Hoang

  • Janice

    I've sent off the details that you have requested through the contact form.

    After adding the above code to functions.php, I get a message that "This Connection is Untrusted" when returning to the site. Am I correct in saying that we will need to setup SSL in order to get this working securely? And that would involve purchasing an SSL certificate, etc?

    When looking at the IPN history, I discovered that Paypal had to be set up to use a specific IPN handler URL.

    I've attached an image of the IPN transaction details.

    Thanks.

  • Hoang Ngo

    Hi @Janice,

    After adding the above code to functions.php, I get a message that "This Connection is Untrusted" when returning to the site. Am I correct in saying that we will need to setup SSL in order to get this working securely? And that would involve purchasing an SSL certificate, etc?

    Yes, currently your SSL certificate is self host I think, so you will need to purchase one.

    The 406 error usually come from Apache Security Module, when PayPal IPN return to your server, for some reason, Mod Security has blocked the request, and that's the reason why Pay Per View not working properly.

    Can you please check with your hosting provider about Security Mode & PayPal IPN?

    Best regards,
    Hoang

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.