| Project: | lm_paypal |
| Version: | 6.x-1.0 |
| Component: | LM Paypal Donations |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
Hi,
I have trouble testing the donations module in the sandbox.
The communication itself is not a problem, I can send IPNs from the sandbox's 'Test Tools' just fine, and it registers on my site, and everything.
But when I want to click on either button (I just c/p'ed the php sample code from the readme), it redirects me to http://www.sandbox.paypal.com/cgi-bin/webscr and tells me to login :(
Of course, if I go to https://developer.paypal.com/ i AM in fact logged into the sandbox. So the cookies are just fine...
I've tried every possible setting. I've changed the business e-mail at admin/settings/lm_paypal/settings to my e-mail address, that i use to log into the sandbox, I've tried it with the email of the seller account. I logged into the sandbox paypal of the seller, and of the buyer... Just.. Nothing works.
If your donations module works in the sandbox, can you please let me know which settings you are using?
This is driving me up the wall, really...
Help MUCH appreciated,
tilmankoester
Comments
#1
i m also facing this problem. does anyone have idea about it? please help on this.
#2
Same here, help much appreciated. Thanks!
#3
Ok, I sort of solved the problem. That is, I know what the problem is.
For hours if not days, I could not make the sandbox to work. Even though I was logged into the sandbox, every time I made a donation, I would get the following message under the address "http://www.sandbox.paypal.com/cgi-bin/webscr":
When I clicked on the link "Sandbox" were I was supposed to log in, I was indeed not prompted for my password, but got to my profile. So I was logged in, but...
The cookie proving this was set by https://developer.paypal.com and set to "secure", meaning that it is only accessible by encrypted sites, see here.
Indeed, chaning the form of the donate button to got to "https://www.sandbox.paypal.com/cgi-bin/webscr" (notice the S in HTTPS), it works!
This makes me wonder why this address is not using SSL by default? Would this not be more secure?
#4
I just had the same thought.
After adding a condition to the lm_paypal_donations.module that would strstr() for sandbox,
I asked myself why bother in the first place?
Since Paypal always uses a secure connection for transactions, why not simply change the http to https?
Hope more details can be brought to the matter but until then, I just use https:// in the
#5
clearing all the browser data (cookies and form data) in a second browser e.g. IE did the trick for me.
#6
I had the same problem with using the Sandbox. Using the SSL URL allowed me to test with the sandbox.
I've also had Safari complain that the form won't be sent securely with the straight http:// URL. I'm sure other browsers will do the same. At any rate, I'd hate to lose donations because the URL didn't specify an SSL connection and a potential donor freaked.
Consequently, I concur it should be an SSL connection. Patch attached.
#7
#8
Automatically closed -- issue fixed for 2 weeks with no activity.