Paypal IPN OCT 2013 http 1.1 fix vm 1.1.9

[Phenotype]

Regarding this topic: https://forum.virtuemart.net/index.php?topic=113426.0

Has anyone implemented a fix for this?  If so, it would be great if you could share the changes that had to be made.

[abcisme]

I believe I figured this out.  In administrator/components/com_virtuemart/notify.php make the following changes:

Change:

Code: [Select]

Line 32: header("HTTP/1.0 200 OK");
To:

Code: [Select]

Line 32: header("HTTP/1.1 200 OK");


Change:

Code: [Select]

$header = "POST $uri HTTP/1.0\r\n";
$header.= "User-Agent: PHP/".phpversion()."\r\n";
$header.= "Referer: ".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].@$_SERVER['QUERY_STRING']."\r\n";
$header.= "Server: ".$_SERVER['SERVER_SOFTWARE']."\r\n";
$header.= "Host: ".$hostname.":80\r\n";
$header.= "Content-Type: application/x-www-form-urlencoded\r\n";
$header.= "Content-Length: ".strlen($workstring)."\r\n";
$header.= "Accept: */*\r\n\r\n";
To:

Code: [Select]

    $header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
    $header.= "User-Agent: PHP/".phpversion()."\r\n";
    $header.= "Referer: ".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].@$_SERVER['QUERY_STRING']."\r\n";
    $header.= "Server: ".$_SERVER['SERVER_SOFTWARE']."\r\n";
    $header.= "Host: www.paypal.com\r\n";
    $header.= "Content-Type: application/x-www-form-urlencoded\r\n";
    $header.= "Content-Length: " . strlen($req) . "\r\n";
// $header.= "Accept: */*\r\n\r\n";
    $header .= "Connection: close\r\n\r\n";

Change:

Code: [Select]

$fp = fsockopen ( $hostname, 80, $errno, $errstr, 30);
To:

Code: [Select]

$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);


Change:

Code: [Select]

if (eregi ( "VERIFIED", $res) || @PAYPAL_VERIFIED_ONLY == '0' ) {
To:

Code: [Select]

if (eregi ( "VERIFIED", trim($res)) || @PAYPAL_VERIFIED_ONLY == '0' ) {


Change:

Code: [Select]

elseif (eregi ("INVALID", $res)) {
To:

Code: [Select]

elseif (eregi ("INVALID", trim($res))) {
My test transaction worked... so I'm hoping it's all set.  If anyone can see anything wrong, please let me know.

[dbzeroone]

I just tried making the code changes above and I'm still having the same issue.

Transactions are processing fine... customer's cards are being charged appropriately, but their order is NOT changing to confirmed in VM Orders.

This is a problem because I'm selling digital downloads and if their payment doesn't change to "Confirmed", they don't get the download link.

Does anyone have any suggestions? I'll try anything at this point!!

PHP 5.3.13
Joomla 1.5.26
Virtuemart 1.1.19
PayPal Website Payment Pro

[abcisme]

Have you tried this?  http://www.b-planet.com/VirtueMart/paypal-patch.html

[ssbuchan]

dbzeroone,

I just replied to another post you made a comment on regarding this issue.  Below is that same reply with a bit more information regarding the HTTP/1.1 headers.

I had this same issue and just resolved it today.  I'm using Hostgator for my hosting and the problem for me was on their end.  They recently made some changes to their system which resulted in Paypal being blocked by a firewall. I started getting 406 error codes returned to Paypal which are logged in the IPN History section in my Paypal account.  The solution was for Hostgator to whitelist my domain so that Paypal could once again communicate with virtuemart and get through the firewall.

Not sure if this will resolve your issue or for anyone else, but I thought it would be worth sharing just in case.

As for the header info:

I basically implemented the same changes that abcisme suggested.  The only difference that I have is the following:

I changed:

Code: [Select]

$header = "POST $uri HTTP/1.0\r\n";
$header.= "User-Agent: PHP/".phpversion()."\r\n";
$header.= "Referer: ".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].@$_SERVER['QUERY_STRING']."\r\n";
$header.= "Server: ".$_SERVER['SERVER_SOFTWARE']."\r\n";
$header.= "Host: ".$hostname.":80\r\n";
$header.= "Content-Type: application/x-www-form-urlencoded\r\n";
$header.= "Content-Length: ".strlen($workstring)."\r\n";
$header.= "Accept: */*\r\n\r\n";
to:

Code: [Select]

$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
$header .= "User-Agent: PHP/" . phpversion() . "\r\n";
$header .= "Referer: " . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . @$_SERVER['QUERY_STRING'] . "\r\n";
$header .= "Server: " . $_SERVER['SERVER_SOFTWARE'] . "\r\n";
$header .= "Host: www.paypal.com:443\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($workstring) . "\r\n";
$header .="Connection: close\r\n\r\n";
Besides that, I made every other change exactly as abcisme suggested.  After I made those changes the problem wasn't rectified.  Once I talked to Hostgator that finally resolved everything.  So, I'm not sure if both solutions are necessary, but I can confirm that the changes I made to notify.php DO work.

Hope this helps you get everything resolved!

[daknoxy]

Hi

I am running Virtuemart 1.1.9 but have been unable to fix the issue, I am with hostgator and continue to get 406 errors. I have tried abcisme fix although I don't see the line
if (eregi ( "VERIFIED", $res) || @PAYPAL_VERIFIED_ONLY == '0' ) {
I can only see the line
if (preg_match ( "/VERIFIED/", $res) || @PAYPAL_VERIFIED_ONLY == '0' ) {
in my version to make the change
I have also tried ssbuchan slightly different fix, but again no result.
I have spoken to hostgator who say there are no firewall issues on the server and I am also running a site with virtuemart 2.22 on the same server with no paypal ipn issues.
Can anyone advise the full notify.php file that they have working with 1.1.9?

HELP!

[AH]

I have the following code working on my test site

Here is the notify.php

## mod

New notify.zip in post below 05 sept 2013

Save old notify.php and overwrite with this one.

[daknoxy]

Thanks Hutson, but still getting a 406 response code error on paypal's IPN report with the new file.

[stinga]

I didn't make any change and it still works.

[AH]

I have not tested on live, and will do so this week.  Will post results back here

[ssbuchan]

There's one thing that I didn't mention before b/c I didn't think it was the root of the problem with the 406 error codes.  When I started having problems I logged into my Paypal account and noticed that the IPN settings were wiped out and not enabled anymore.  Actually, this was the case in more than 1 Paypal account that I have.  I know for certain I didn't disable those settings so it appears that Paypal screwed something up on their end.

You might want to double check your IPN settings in Paypal.  I'm not sure if that would have anything to do with receiving 406 error codes though.  I think your IPN stuff would already have to be set up or Paypal wouldn't be trying to send notifications to your site and then receiving error codes.  Again I'm not certain about this.

[Jörgen]

@hutson
Thanks for the notify.php (post #6). I installed it on my site and it works great 
Maybe line #32 should be changed from

Code: [Select]

header("HTTP/1.0 200 OK");to

Code: [Select]

header("HTTP/1.1 200 OK");
@stinga
According to PayPal the old http/1.0 will stop working October 7 

regards

Jörgen @ Kreativ Fotografi

[AH]

Jorgen

Thanks for that catch! I clearly was focused on the validate part of the code.

I have updated.

Updated Patch now at end of postings

[Jörgen]

You´re welcome

I am grateful for receiving a patch for my current shop. Migrating to 2.0.x is to far away, so I simply have to heed the warning from Paypal in the meantime.

regards

Jörgen @ Kreativ Fotografi

[AH]

I can confirm that this IPN patch is working in a live VM 1.1.9 UK store