I've got a site running "all SSL all the time", as recommended in /includes/configure.php:
Code:
define ('HTTP_SERVER', 'https://www.example.com');
define ('HTTPS_SERVER', 'https://www.example.com');
define ('ENABLE_SSL', 'false');
I configured PayPal Payments Pro (paypaldp) in addition to the already configured PayPal Express Checkout but, to my surprise, that payment method didn't appear on the site's checkout_payment page.
Looking into why, I saw in the check_status function of paypaldp.php:
Code:
if (IS_ADMIN_FLAG === false) {
// if store is not running in SSL, cannot offer credit card module, for PCI reasons
if (!defined('ENABLE_SSL') || ENABLE_SSL != 'true') {
$this->enabled = FALSE;
$this->zcLog('update_status', 'Module disabled because SSL is not enabled on this site.');
}
}
Changing that to
Code:
if (IS_ADMIN_FLAG === false) {
// if store is not running in SSL, cannot offer credit card module, for PCI reasons
//-bof-20170131-lat9-Enable when site is all-ssl-all-the-time, too
// if (!defined('ENABLE_SSL') || ENABLE_SSL != 'true') {
if (!defined('ENABLE_SSL') || (ENABLE_SSL != 'true' && strpos (HTTP_SERVER, 'https://') !== 0)) {
//-eof-20170131-lat9
$this->enabled = FALSE;
$this->zcLog('update_status', 'Module disabled because SSL is not enabled on this site.');
}
}
... and the payment method is now available for use! Note that any of the upper-end payment methods (like authorizenet_aim) will also run into this incompatibility.
Bookmarks