Author Topic: Issues for the Sagepay Payment Extension (Read 27875 times)

andyw · November 21, 2013, 07:04:35 am

Hi lobo,

Sure, thanks for that! - I did suspect as much, but was more just trying to find out if that is the problem, then if so work out the best way round it.

Funny that though - I don't remember this ever being a problem before.

Andy

Generic · November 21, 2013, 07:08:23 am

Hi Andy

My 'profile listings and forms' permission is already set to Public > Allowed.

Is Lobo suggesting that the 'profile create' permission also needs to be Public > Allowed?

andyw · November 21, 2013, 07:24:30 am

Hi Generic,

No, I think lobo was suggesting 'profile create' would be more secure than 'profile listings and forms', but either of those two should work - if neither of those are working then you have a different problem, but like I say, I can get a Joomla set up and try it out on that - might be worth me doing that anyway.

And there are definitely no errors in your ConfigAndLog error log?

Andy

andyw · November 28, 2013, 04:11:33 am

Hi Generic,

I think I've got to the bottom of your problem - as usual, it's not the payment processor - looks like some additional code that's been added to core - causes Joomla Civis to redirect to the homepage instead of serving the ipn.

In /components/com_civicrm/civicrm.php around line 46

Can you change:

Code: [Select]

  // check and ensure that we have a valid session
  if (!empty($_POST)) {
    // the session should not be empty
    // however for standalone forms, it will not have any CiviCRM variables in the
    // session either, so dont check for it
    if (count($_SESSION) <= 1)  {
      $config = CRM_Core_Config::singleton();
      CRM_Utils_System::redirect($config->userFrameworkBaseURL);  
    }
  }

To

Code: [Select]

  // check and ensure that we have a valid session
  if (!empty($_POST)) {
    // the session should not be empty
    // however for standalone forms, it will not have any CiviCRM variables in the
    // session either, so dont check for it
    if (count($_SESSION) <= 1)  {
      // try not to break payment processor ipns in the process if you don't mind  ..
      if (@$_GET['task'] != 'civicrm/payment/ipn') {
        $config = CRM_Core_Config::singleton();
        CRM_Utils_System::redirect($config->userFrameworkBaseURL);
      }
    }
  }

Can you let me know if that does the trick for you? if so, we might be able to put a patch together for it, but we'll have to consider what the most secure way to fix it is.

Many thanks,

Andy

Generic · December 01, 2013, 02:10:29 pm

Hi Andy

Thanks! I will have a look at this and test hopefully this week. I have a client going through renewals at the moment so I'm running their current 4.2 version on our staging server so can't test 4.4 at the moment.

Many Thanks

Generic · March 12, 2014, 08:36:45 am

Hi Andy

Sorry its taken so long to get back to this its been a bit hectic last few months.

I have upgraded CiviCRM to 4.4.4 and the Sagepay processor to version 2.4.

I tried with and without the code change you suggested in civicrm.php which I found in /administrator/components/com_civicrm/civicrm/joomla/site/

Still returning the same failed return URL error from SagePay.

andyw · March 12, 2014, 09:28:20 am

Ok - sorry I couldn't help you on that, I did try my best - but you really do need to get back to people and do your bit if you expect them to try and help you solve problems.

Hope Paypal works out better for you.

Generic · March 26, 2014, 05:37:53 pm

PATCH to fix IPN handler not being triggered in Joomla.

The return url will fail in Joomla CiviCRM version 4.4 (up to Version 4.4.4 to date) resulting in Sagepay 500 and 5006 error.

The problem is with sessions in CiviCRM core and is likely to effect other extension payment processors.
Instead of running the IPN handler to trigger the payment processors ipn file and send a response to Sagepay it will default to your sites home page which will then cause an error in Sagepay.

The Patch

/CRM/Core/Session.php

FIND (around/on line 131)

Code: [Select]

if ($isRead) {
REPLACE WITH

Code: [Select]

if ($isRead && @$_GET['task'] != 'civicrm/payment/ipn') {

Denitz · September 30, 2014, 07:45:04 am

Here my patch for issue with notifyURL issue with Sagepay processor from Circle Interactive.

The problem is that / chars in URL should be escaped, otherwise GET variable is not parsed.

Additionally 'is_test' value is not passed to BaseIPN.

Edit files in media\civicrm\civicrm_ext\uk.co.circleinteractive.payment.sagepay\ (for Joomla):

1. sagepay.php and after

Code: [Select]

$notifyURL = CRM_Utils_System::url('civicrm/payment/ipn', implode('&', $querystring), true, null, false, true, false);
add

Code: [Select]

$notifyURL = str_replace('civicrm/payment/ipn', urlencode('civicrm/payment/ipn'), $notifyURL) . '&test=' . ((strpos($this->_paymentProcessor['url_site'], 'test.sagepay') !== false) ? '1' : '0');

2. ipn.php and after

Code: [Select]

$input['VPSSignature'] = self::retrieve('VPSSignature', 'String', 'POST', false);
add

Code: [Select]

$input['is_test'] = self::retrieve('test', 'String', 'POST', false);

Generic · September 30, 2014, 08:10:25 am

Nice one Denitz I'll give it a try.

Nice to know there's another Joomla SagePay user, I thought I was the only one.

Denitz · September 30, 2014, 08:19:51 am

Same

, we have spent a week or more trying to make it work.

Sagepay simulator helped to realize that homepage is loaded once sage calls IPN, great tool - give it a try if not already.

Denitz · September 30, 2014, 08:21:40 am

Btw does anybody know how to switch payments to test mode?

Is it a setting somewhere in Civicrm, or sage processor settings just have missed parameter 'Test Mode' yes/no

andyw · September 30, 2014, 08:27:05 am

Hi Denitz,

You would want to 'Test Drive' the contribution or event page, rather than using the Live Page.

Thanks very much for the changes by the way, I will take a look.

What problem is this solving though exactly? - is it the case that Sagepay isn't calling the ipn url because the slashes need to be escaped?

Cheers,

Andy

Generic · September 30, 2014, 08:43:49 am

I am familiar with the SagePay simulator. Are you also using my /CRM/Core/Session.php fix on the post before yours?

There's 2 ways to use the test mode for sagepay you can either just change the live url to https://test.sagepay.com/gateway/service/vspserver-register.vsp in the Payment processor settings (this is the test method I prefer) or you have to run your registration/payment page from within CiviCRM Admin using the test option which can be found under the links menu in Manage Payment Pages or Manage Events. SEE SCREENSHOT ATTACHED

Denitz · September 30, 2014, 09:04:18 am

Sagepay calls IPN URL, but looks like unescaped slashes break 'task' variable in URL.

Thanks for info about running test payment.

CiviCRM Community Forums (archive)

News:

Author Topic: Issues for the Sagepay Payment Extension (Read 27875 times)

andyw

Re: Issues for the Sagepay Payment Extension

Generic

Re: Issues for the Sagepay Payment Extension

andyw

Re: Issues for the Sagepay Payment Extension

andyw

Re: Issues for the Sagepay Payment Extension

Generic

Re: Issues for the Sagepay Payment Extension

Generic

Re: Issues for the Sagepay Payment Extension

andyw

Re: Issues for the Sagepay Payment Extension

Generic

Re: Issues for the Sagepay Payment Extension

Denitz

Re: Issues for the Sagepay Payment Extension

Generic

Re: Issues for the Sagepay Payment Extension

Denitz

Re: Issues for the Sagepay Payment Extension

Denitz

Re: Issues for the Sagepay Payment Extension

andyw

Re: Issues for the Sagepay Payment Extension

Generic

Re: Issues for the Sagepay Payment Extension

Denitz

Re: Issues for the Sagepay Payment Extension