Community Support Forums

[Luke]

Hi everyone,

Using s2Member, whenever I test a paypal payment, I don't get an email with a link to register. All the paypal settings are correct, and sandbox mode is off. I'm using version 3.0.4, and have tried turning off all my plugins, and erasing and reinstalling s2Member.

My paypal-ipn.log file reads:
array (
's2member_log' =>
array (
0 => 'Unable to verify POST vars. Possibly caused by a fraudulent request. If this error continues, please run IPN tests against your server from a PayPal® Sandbox account. They provide special diagnostic tools that may assist you.',
),
)

My paypal-rtn.log file reads:
array (
's2member_log' =>
array (
0 => 'No Return-Data from PayPal®. Customer must wait for Email Confirmation.',
1 => 'Redirecting Customer to the Home Page.',
),
)

The website is http://cbmonline.com.au .

Thanks in advance for your help!

[luke]

Just as a follow up, when I use a one off payment with no trial days I get a different error in the form of an alert box. It says the same thing as the log file.

The return url I get is: http://cbmonline.com.au/?s2member_paypa ... V9zu9ho%3d

You can sign up here to test: http://cbmonline.com/membership

Also, the account is business and verified.

Help? (thanks!)

[Jason Caldwell]

Hi Luke. Please try v3.0.9. This bug has been corrected.
~Thank you, and I'm very sorry for the extremely delayed response.

[jerpatvas]

We have the same problem and we have the latest version which is:

3.5.2

So did the bug come back in this later version?

Please help with this problem if anyone can.

[Jason Caldwell]

There is a new variation of this error that has come about with a new service offered by PayPal®. It's called ERP ( Enhanced Recurring Payments ). There is a particular scenario when it is still possible for this error to be issued without warrant in current releases. That is not to say it won't still appear though. If connections from your server to PayPal over an HTTPS connection are failing, you will also get this error. Please see this thread: viewtopic.php?f=4&t=1067#p4139

That being said, here is the scoop on the latest bug fix coming in s2Member v3.5.3+.
~ This is going to be released this week sometime very soon.

**(s2Member v3.5.3 Changelog excerpt). Bug fix.** s2Member's Auto-Return/PDT handler was sometimes triggering the error `unable to verify POST vars` under special circumstances that are applicable with PayPal's Enchanced Recurring Billing service, and sometimes with Subscriptions that are paid for by credit card, instead of through a PayPal account; again related to PayPal's ERP add-on service. This has been resolved in s2Member v3.5.3+. In some special cases, PayPal® does not provide any data through PDT ( Payment Data Transfer ) and so s2Member must recover gracefully by asking the Customer to check their email. This does not affect s2Member's ability to process a Customer's transaction, but it does require s2Member's processing to take place entirely behind-the-scene via the IPN service, instead of immediately after checkout ( in a very few special cases ). This bug fix may or may not affect you, depending on what you're selling, and depending on whether you're using PayPal's ERP service or not.

In the mean time, it won't hurt to run these updated test files that we've put together. You can upload both of these PHP scripts to your server and open them in a web browser. At least one of these should succeed. If the FOPEN test fails, you will need to set `allow_url_fopen = on` in your php.ini file.

curl-fopen-tests.zip

(1.39 KiB) Downloaded 35 times

Test #1. curl-test-https-paypal.php. You should see ( Test succeeded Lookin' good here. )
Test #2. fopen-test-https-paypal.php You should see ( Test succeeded Lookin' good here. )

Please check this thread for details regarding the "ideal" server configuration.

[Jason Caldwell]

The ideal PHP configuration is this:
PHP 5.2+ with cURL enabled on a Linux/Unix operating system.
This is the default configuration by most hosting companies ( not all, but most ).
In your php.ini file, you'll want to have this line in case cURL is not enabled by your hosting provider:

Code: Select all

allow_url_fopen = On

This is the default on most servers ( allow_url_fopen = On ).

s2Member will try to use cURL first. If cURL is not available, s2Member will try to use the FOPEN method, in which case the allow_url_fopen = On setting will be required.

If you're running WordPress on a Windows server:
You'll want to disable the cURL extension because Windows servers usually do not play nice with cURL over the HTTPS protocol. So instead, you can just disable the cURL extension. This way s2Member will use the FOPEN method; in which case you will need to have this in your php.ini file:

Code: Select all

;extension=php_curl.dll
extension=php_openssl.dll
allow_url_fopen = On

The cURL extension is commented out ( disabled ).

In ALL CASES, your installation of PHP must be compiled with support for HTTPS connections. If you're racking your brain over problems connecting to PayPal, it's probably because your installation of PHP is not compiled with the OpenSSL extension. In other words, your server can't connect to any URL that starts with https://. Almost ALL major hosting companies come with OpenSSL pre-compiled. That being said... if you're running your own server, you may have forgotten. The best way to test this, is to load this file on your server and open it in a browser. If OpenSSL was not compiled, you will get an error to that affect.

Code: Select all

<?php
ini_set("display_errors", true);
ini_set("error_reporting", E_ALL);
echo file_get_contents("https://www.paypal.com/");
?>

[jerpatvas]

Jason,
I have had my support team at my hosting check the php.ini and that is set correctly.

We have ran tests on the 2 files that is in the zip file and they both came back successful. We have a Linux server.

I sent you an email with the Wordpress login information, to see if you could take a look at it. Did you get that email?

If not, please send me an email to: jerome.h.benton@lmco.com and then I will respond with that access information.

I really want to get this working. My wife purchased it the other day so we can get our site launched, but we can't launch it until this is working.

Please help us!!!

Thanks,

[Jason Caldwell]

Investigating now.

[Jason Caldwell]

Investigation completed. You should be good now Jerome. I've completed successful tests on your server after having corrected the issue for you. The issue on your installation was related to this bug, which is being knocked out in the release of s2Member v3.5.3+.

(s2Member). Bug fix. A common error that site owners see in s2Member's log file is `unable to verify POST vars`. This is due to issues with various hosting companies not being configured with either cURL and/or `allow_url_fopen = on`. However, we recently discovered that WordPress® ( i.e. via `WP_Http` class ) will attempt to officially verify the SSL certificate issued through remote connections to Payment Gateways integrated with s2Member. This can cause an additional roadblock on some servers, because often they are not capable of officially verifying SSL certificates. They lack the extended configuration necessary to do so. In other words, this default behavior in the `WP_Http` class file can ultimately lead to `unable to verify POST vars` in s2Member. To workaround this compatibility issue, s2Member now specifies `sslverify = false` in communications to Payment Gateways. This should work to further eliminate sightings of this error in your log files. Also important to note; this does NOT pose a security issue, because all communications with Payment Gateways have authentication mechanisms already in place. Either through explicit API Key validation or through checksum verifications.

For anyone that wants to patch their existing installation of s2Member v3.5.2, you can download this zip file and upload the /utils-urls.inc.php file it contains, to your /s2member/includes/classes/ directory. Let it overwrite your existing copy.

utils-urls.inc.php.zip

(1.44 KiB) Downloaded 29 times

[jerpatvas]

THANK YOU THANK YOU THANK YOU!!!

Wife is happy and so everyone is happy:)

We tested and everything works perfectly.

[Jason Caldwell]

You're very welcome. Thanks for reporting back, it is much appreciated.