I set up IPN address and received back an authorization string but I see no where in the PayPal IPN module to put it? Where does this string go. I am assuming that it will not work without it.
Was there an updated to PayPal that I missed.
C
I set up IPN address and received back an authorization string but I see no where in the PayPal IPN module to put it? Where does this string go. I am assuming that it will not work without it.
Was there an updated to PayPal that I missed.
C
Please explain in more detail what you "did", and what you got back.
Also, what version of Zen Cart are you using?
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
I click save after entering the link into the box on the
Instant Payment Notification Preferences Page
It returned me to the front page of the profile and in a yellow box was a string of 59 numbers and letters and in the box it said thanks whatever name on the account.
Something about not losing the string --- what is that for??? I am sure it must go in somewhere.
C
Look at the PDT Configuration steps in the PayPal patch document posted here:
http://www.zen-cart.com/forum/showth...071#post372071
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
If you want *any* PayPal module to be able to notify your site that the status of a given payment has changed (ie: an echeck clearing), you will need to let it send its notifications to your site. Your site will not just blindly accept the notification; it must send the details back to Paypal as an acknowledgement. It uses the fopen() infrastructure to do this. If allow_url_fopen is disabled, you will not be able to receive these notices. That means that anytime you receive an email that an echeck has cleared, you'll have to manually go and find the related order in your admin area and mark it as cleared so that it can be shipped.
I have no idea how your particular server is configured or what its security models are, so really am not qualified to speak to the security risks imposed by making such a change to your server. Suffice it to say that some server administrators turn it off because they don't use any other measures to protect the server from mis-use, or because they know their servers are frequented by hackers. If your server has a solid security plan in place and is not a regular target for hackers, you might consider enabling the feature so that this and other scripts can talk to external resources directly from the server. You might hit the search engines for more thoughts on allow_url_fopen and its suitability for your server.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
The Paypal Express Checkout module seems to use cURL. Isn't it possible to rewrite the Paypal IPN module with cURL as well? I don't know much about these things, but it's my understanding that having allow_url_fopen enabled can have security ramifications.
Last edited by phreakymonkey; 16 Jul 2007 at 11:32 PM.
Bookmarks