[Solved] Customer only paid $0.01 for a $100 order and was able to download

Started by Shawn, January 03, 2013, 14:56:57 PM

Previous topic - Next topic

Shawn

Not sure if it's a VM bug or Paypal or what, but last night a customer placed two orders.  One for $52.49 and one for $104.96...however when I check paypal, he only paid $0.01 and $0.02.  My products are downloadable and the orders were confirmed and show that he already downloaded them all.

Joomla 2.5.6
VM: 2.0.12f

Shawn

I just updated Joomla to 2.5.8 and VM to 2.0.16.  Maybe that'll fix it?

Shawn

Upgrading didn't help...the son of a &%@$ registered another account and got me again...

Milbo

Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/


Milbo

Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

Shawn

Thanks for the reply.

He didn't use a coupon and I don't have any set up atm.  Could it be a bug with the paypal plugin?


Quote from: PRO on January 03, 2013, 23:35:17 PM
IP block
I blocked his IP through cpanel after the second time he got me.

Milbo

Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

veeco

I think he trick the payment plugin plgVmOnPaymentNotification, do you turn on your log , if yes, there should be log files in '/logs/paypal-ipn.log'. Or else, in your paypal generated table, there's field that stored all data that sent by paypal to your site, it is "paypalresponse_raw" , please check that table as well...
Work On Doxa Web Developer Indonesia - http://doxadigital.com |

jjk

Might sound a little bit stupid, but I also would send the customer an email asking him how he did that. Perhaps you are lucky and he lets you know.
Non-English Shops: Are your language files up to date?
http://virtuemart.net/community/translations

jenkinhill

I'd have a look at the access log, as that may indicate if his behaviour was different from a normal purchaser. eg direct access to some BE file?
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

ssc3

The plugin should be checking that the price has not been altered when the IPN is sent.
If not, it should be fairly easy for someone to fix.
Virtuemart Payment Plugins
https://plugins.online-store.co.uk

alatak

Hello

I have contacted Shawn by PM to understand what happened exactly. I am waiting for him.
Meanwhile, we have checked the code.
We found that the call to check that the IPN notification is valid must be done via SSL through the port 443.
When the call was done via a non SSL and to the port 80, then no answer was sent from Paypal, but the IPN was validated.
We have fixed that in version 2.0.16c.

Shawn I still would like that you contact me, to make sure that this was the problem.

alatak

Hello

QuoteThe plugin should be checking that the price has not been altered when the IPN is sent.
If not, it should be fairly easy for someone to fix.

Yes this is done: that the amount and the currency returned by Paypal are the same as the one sent to Paypal.

Shawn

Thanks to Valerie and Max for all your help via skype.

It turns out that I had an older version of the Paypal plugin which is suspected to be the problem.  When updating VM, I didn't realize that I also had to update the AIO component separately.  So, while I was running VM 2.0.16, I actually had v2.0.8 of the AIO.

Per Max's advise, I updated to VM 2.0.16c and also aio to 2.0.16c, and that should be the end of the problem! :)