Community Support Forums

[Jason Caldwell]

"Unable to verify POST vars"...

This error is usually caused by one of these issues:

1. After you went live, did you update your PayPal Account Details inside s2Member?
( see: s2Member -> PayPal Options -> Account Details )

2. If so, did you also disable Sandbox mode?
In your Dashboard, see: s2Member -> PayPal Options -> Account Details to disable Sandbox mode.

3. Is your PayPal Account, a "Business" account?
You need a PayPal "Business" account. A basic PayPal account used only for making purchases is not enough. You'll need to upgrade to a "Business" status, which is free. This makes you a "Seller" AND a "Buyer" - instead of just a Buyer.

4. Are you using the Shortcode Button, or did you integrate the Full Button Code?
If you integrated the Full Button code, make sure you re-generate your Button Codes after you go live. The Full Button Code MUST be generated with Sandbox mode disabled. Otherwise, you will get this error; because a live transaction is being sent through the Sandbox ( not good ).

5. Are you absolutely sure that you've completed both the IPN and Auto-Return/PDT configuration steps listed under: s2Member -> PayPal Options ? If so, please double-check to make sure you entered the right PDT Identity Token. It MUST match up with the one provided to you by PayPal.

If you rule out all of the above, then the problem is probably related to your server configuration, and/or the hosting company that you're using. This problem can usually be resolved easily. It's related to the `allow_url_fopen = on` directive in your php.ini file. Also, it sometimes has to do with SSL communication to a remote location. Not all servers are equipped with SSL communication by default.

See: viewtopic.php?f=4&t=599&p=3060&hilit=fopen+test#p2625
Here is another related thread: viewtopic.php?f=4&t=414&p=1840#p1718

If all else fails, and you can't get your server to play nice... I highly recommend MediaTemple (gs). http://www.mediatemple.net/go/order/?re ... ks-inc.com

[Jason Caldwell]

The ideal PHP configuration is this:
PHP 5.2+ with cURL enabled on a Linux/Unix operating system.
This is the default configuration by most hosting companies ( not all, but most ).
In your php.ini file, you'll want to have this line in case cURL is not enabled by your hosting provider:

Code: Select all

allow_url_fopen = On

This is the default on most servers ( allow_url_fopen = On ).

s2Member will try to use cURL first. If cURL is not available, s2Member will try to use the FOPEN method, in which case the allow_url_fopen = On setting will be required.

-----------------------------------------------

If you're running WordPress on a Windows server:
You'll want to disable the cURL extension because Windows servers usually do not play nice with cURL over the HTTPS protocol. So instead, you can just disable the cURL extension. This way s2Member will use the FOPEN method; in which case you will need to have this in your php.ini file:

Code: Select all

;extension=php_curl.dll
extension=php_openssl.dll
allow_url_fopen = On

The cURL extension is commented out ( disabled ).

------------------------------------------------

In ALL CASES, your installation of PHP must be compiled with support for HTTPS connections. If you're racking your brain over problems connecting to PayPal, it's probably because your installation of PHP is not compiled with the OpenSSL extension. In other words, your server can't connect to any URL that starts with https://. Almost ALL major hosting companies come with OpenSSL pre-compiled. That being said... if you're running your own server, you may have forgotten. The best way to test this, is to load this file on your server and open it in a browser. If OpenSSL was not compiled, you will get an error to that affect.

Code: Select all

<?php
ini_set("display_errors", true);
ini_set("error_reporting", E_ALL);
echo file_get_contents("https://www.paypal.com/");
?>

[piperides]

I host my page in yahoo and allow_url_fopen PHP configurations are not available and they dont allowt to edit php.ini or do this for me .

is there any other olternative way?

Pleace advice

thanks in advance
Kyriacos

[Jason Caldwell]

Thanks for reporting this.

I host my page in yahoo and allow_url_fopen PHP configurations are not available and they dont allowt to edit php.ini or do this for me .

is there any other olternative way?

Pleace advice

thanks in advance
Kyriacos

According to this article, Yahoo® does support the cURL method by default. In other words, s2Member should work fine in a Yahoo environment. If you've found otherwise, please reply back with any specifics that you can. http://help.yahoo.com/l/us/yahoo/smallb ... hp-33.html

[yolle555]

Hi!
I use s2member but I costumers get this error: Unable to verify POST vars when they buy something through paypal which does not have anything to do with s2member. I mean to say: I also sell subscriptions, which go through s2member, but this particular purchase had nothing to do with s2member. Am I missing something?
And, I still have not been able to get s2member to work properly: Users still are not automatically upgraded when they pay Can anybody direct me to a solution?

[fitch]

I'm having the same issue. Downloaded, installed and activated s2member 3.3.2 today.

I'm able to complete a PayPal transaction. I get to the page where it says the Paypal transaction is complete and it will redirect me in 5 seconds then I get the popup message with:

ERROR: Unable to verify POST vars. Please contact Support for assistance.
This is most likely related to an invalid PayPal configuration. If you are the site owner, please check: s2Member -> PayPal Options

I double-checked and triple-checked my Account settings.
I checked IPN, Auto-Return, PDT and they seems to be all fine.

One thing that might stand out is that my user is not getting an email. The seller is getting an email.
I did not change the Confirmation Email or Specific Post/Page email (since it says it would work).

When I click OK on the error, it takes me to the Login page prompting for username/password. I was expecting the registration link to be available for the Subscription Level 1 that was purchased, but it's not there - just Lost Password link.

I saw some other posts for previous versions. My hosting company placed this in my php.ini file: allow_url_fopen = On - but still having the same issue. They refuse to help me at this point and told me to contact the plugin developer.

Hope someone can help!

Thanks!

[webnola]

fopen only gets used if curl is disabled. Is curl enabled on your php.ini?

[nhsatomom]

I'm experiencing the same issue. I ran the curl test mentioned one viewtopic.php?f=4&t=599&p=3060&hilit=fopen+test#p2625 and the google one failed but the other two were fine.

Am running 3.3.2, have double-checked all the paypal settings. Unlike @fitch, the emails are all working properly, but I'm getting that error code and the member, while added, isn't added into the proper subscription.

[webnola]

Ask your host to make sure your server isn't windows-based. If it is, you may need to switch hosts. That was my issue.

Before you switch hosts, request that curl be disabled. If curl is disabled, s2member will use fopen. If they refuse to disable curl or simply cannot, use a new host.

[nhsatomom]

Thanks, but I'm not going to switch hosts that quickly. I hope a site mod or admin has some advice that would make such a drastic step unneeded.

[webnola]

See the message at the top of each page which says that this is not an official support channel.

Have you tried disabling curl?

[nhsatomom]

Yes, I know. But occasionally they chime in.

I haven't tried disabling curl because I don't know what it does and assume it has some purpose beyond getting in the way of s2Member.

[webnola]

Yes, it does have other purposes besides s2member, but if you don't know what it is, chances are good you aren't using it.

Sorry to be blunt but it looks like you've got a decision to make, and I doubt there's anything else official support will tell you besides that.

[nhsatomom]

Thanks, I know your opinion on the matter is clear. I'd like to leave this thread open, with this message as the last for now, so others stopping in know someone here is interested in additional views.

[benchefe]

Hi Everybody,

right now, s2member is not working for me, cause the return after purchasing via Sandbox PayPal fails (Unable to verify POST vars. This is most likely related to an invalid PayPal® configuration).

My PayPal Options are the right ones, I`ve checked it almost a thousand times.

I`ve tested a few things:

check-my-server.php : works fine!
curl-test-http-google.php: blank page
curl-test-https-paypal.php: blank page
fopen-test-https-paypal.php: works fine!

looks like my host uses a windows server, right? So the Curl should be disabled to use fopen! I´ve already sent a massage to my host, still waiting for an answer.

I like your s2member plugin! This one is exactly what I was looking for! So I hope my Host can help to make these changes...

otherwise I will be back

[webnola]

You may just have a problem with you curl setup. Let us know what your host says.

[mweichert]

One thing I've learnt is that PayPal does not send back PDT vars (such as txn_id) when the user makes a purchase by credit card (if the PayPal Account Optional route is taken) rather than by paying by credit card.

As s2member doesn't account for this, the error message "Unable to verify POST vars" is displayed, which shouldn't be in this case. PayPal still sends IPN notifications, so it's not so much an issue that PDT is unavailable at this point, but it's a significant problem that users are being warned about POST vars being unverified.

Jason, we need to get this one fixed ASAP.

Cheers,
Mike

[mweichert]

Btw, this can be fixed by changing line 384 in includes/separates/paypal-return.php:

From:

Code: Select all

else if ((!isset ($_GET["tx"]) && (empty ($_POST) || $_POST["auth"])) || preg_match ("/ty-email/", $_GET["s2member_paypal_proxy_use"]))

To:

Code: Select all

else if ((!isset ($_GET["tx"]) && (empty ($_POST) || $_POST["auth"] || $_POST['CONTEXT'])) || preg_match ("/ty-email/", $_GET["s2member_paypal_proxy_use"]))

Thanks,
Mike

[webnola]

Is this regarding recurring subscriptions using Paypal ERP with the customer not using a Paypal account? Because I only get the error when doing a non-recurring ERP "Buy Now" fixed-term account with the customer not using a Paypal account.

One thing I've learnt is that PayPal does not send back PDT vars (such as txn_id) when the user makes a purchase by credit card (if the PayPal Account Optional route is taken) rather than by paying by credit card.

As s2member doesn't account for this, the error message "Unable to verify POST vars" is displayed, which shouldn't be in this case. PayPal still sends IPN notifications, so it's not so much an issue that PDT is unavailable at this point, but it's a significant problem that users are being warned about POST vars being unverified.

Btw, this can be fixed by changing line 384 in includes/separates/paypal-return.php:

From:

Code: Select all

else if ((!isset ($_GET["tx"]) && (empty ($_POST) || $_POST["auth"])) || preg_match ("/ty-email/", $_GET["s2member_paypal_proxy_use"]))

To:

Code: Select all

else if ((!isset ($_GET["tx"]) && (empty ($_POST) || $_POST["auth"] || $_POST['CONTEXT'])) || preg_match ("/ty-email/", $_GET["s2member_paypal_proxy_use"]))

Thanks,
Mike

[benchefe]

Well, bad news for me...
My host does not allow to disable cURL
Looks like there is no way for me, to setup s2member correctly.
I would change my host if I could, but right now it is not possible

[benchefe]

I changed the code as Mike said.... there was no error occuring with paypals sandbox right now I am waiting for a friend trying to buy without sandbox mode.... hoping this will work

[benchefe]

Not working!
A friend of mine tried to pay and got the "unable to verify POST vars"
Any ideas?

Logfile:


mydomain-online.com/?s2member_paypal_return=1
array (
's2member_log' =>
array (
0 => 'No Return-Data from PayPal®. Customer must wait for Email Confirmation.',
1 => 'Redirecting Customer to the Home Page.',
),
)

mydomain-online.com/?s2member_paypal_return=1&tx=4R637314PM794372R&st=Completed&amt=0.01&cc=EUR&cm=mydomain%2donline%2ecom&item_number=1::1%20D
array (
's2member_log' =>
array (
0 => 'Unable to verify POST vars. This is most likely related to an invalid PayPal® configuration. Please check: s2Member -> PayPal® Options.',
1 => 'If you\'re absolutely SURE that your PayPal® configuration is valid, you may want to run some tests on your server, just to be sure $_POST variables are populated, and that your server is able to connect to PayPal® over an HTTPS connection.',
2 => 's2Member uses the WP_Http class for remote connections; which will try to use cURL first, and then fall back on the FOPEN method when cURL is not available. On a Windows® server, you may have to disable your cURL extension. Instead, set allow_url_fopen = yes in your php.ini file. The cURL extension (usually) does NOT support SSL connections on a Windows® server.',
3 => 'array (
\'s2member_paypal_return\' => \'1\',
\'tx\' => \'4R637314PM794372R\',
\'st\' => \'Completed\',
\'amt\' => \'0.01\',
\'cc\' => \'EUR\',
\'cm\' => \'mydomain-online.com\',
\'item_number\' => \'1::1 D\',
)',
4 => 'Redirecting Customer to the Login Page, due to an error that occurred.',
),
)

[benchefe]

Hi Folks,
I´ve changed my host, cause there was no solution!

Thanx for your help

right now there is another problem and I will create a new thread...

[aaboukaram]

Good Morning,

I'm receiving this message "Unable to verify POST vars"
This is most likely related to an invalid ClickBank® configuration. If you are the site owner, please check: s2Member -> ClickBank® Options.

I followed all the instructions and I got this error. I want to use CLICKBANK, what shall I do?

Thanks for your help

[kittykatmeowmeow]

Generate a paypal button through Paypal! Don't use the s2member button generator. That is how I fixed the Unable to verify POST vars error message.