PayPal WPP Direct Payments & Express Checkout Support

[SteveDallas]

SteveDallas,

 

I didnt need to make the changes as this is how the file was already written, but I reuploaded the file and this worked! So thanks!

 

Btw, any ideas where i can find the changes i have to make to allow users to use paypal express but without the user having an account on my website?

 

thanks once again. Currently I have the RC2a version, but when clicking on Express Checkout the user has to login or create an account on my website bbefore it goes to the Paypal page.

 

I don't know much about the Express Checkout module that is supplied with RC2a. I can tell you that the Express Checkout portion of the DynamoEffects WPP module implements a procedure similar to the Purchase Without Account (PWA) contribution that allows purchasing without an account. There is a different Express Checkout payment module created by user AlexStudio that is based on this WPP module. It incorporates the PWA functionality, but I don't know how current it is.

 

--Glen

[davespice]

Dave,

It appears that there may be an error in PayPal's documentation in that the card type 'Maestro' is not accepted, but 'Switch' must be used instead.

 

Here is an untested bit of code that should resolve the issue:

 

In catalog/includes/modules/payment/paypal_wpp.php, around line 1583:

 

Change:

       $order_info['PAYPAL_CC_TYPE'] = $cc_type;

To:

       if ($cc_type == 'Maestro') {
         $order_info['PAYPAL_CC_TYPE'] = 'Switch';
       } else {
         $order_info['PAYPAL_CC_TYPE'] = $cc_type;
       }

 

Please try this and let me know if it resolves your issue. If it does, I'll incorporate it into the next release.

 

 

Steve Im so fustrated it still does not work i cant accept Maestro cards in the uk since jan i have lost lots of sales and customers The module provided by paypal is horrible.

 

ive made the changes but i now get this error

Your credit card was declined. Please try another card or contact your bank for more info.

 

Transaction is not compliant due to missing or invalid 3D-secure authentication values (12000)

Transaction is not compliant due to missing or invalid 3D-secure authentication values

 

 

i found a thread where people where having the same problem but im not sure where to make any changes ???

 

https://www.x.com/thread/40271?start=15&tstart=0

 

is there any chance we can get this working ?

Edited March 30, 2010 by davespice

[davespice]

Just wondered if there is a way to disable maestro/switch until it works?

 

Has anybody yet been able to process maestro cards using this module?

 

 

seems like alot of people are having the problem of having the module work for other cards but not maestro cards .

 

if your not sure switch debugging on and see if any failed transactions come back.

Edited March 30, 2010 by davespice

[longhorn1999]

Hi everyone,

 

Has anyone had issues getting discount coupons (v3.34) to work with PayPal Express here? I had a customer who was able to check out direct payment eventually with everything working, but only after failing to get PayPal to work for them as they couldn't find where to enter the coupon code. I have the latest version of Dynamo WPP installed of course. Any ideas?

 

Thanks,

 

Nick

[chooch]

The madness of PCI!!!! After days of trying to work out if I need PCI and if I do which form to complete (SAQ C or PCI SAQ D), I am totally baffled and bamboozled.

 

This what PayPal have said to me on the phone yesterday. After I telephoned them and questioned it today, they put it in an email too:

 

Thank you for contacting PayPal.

As you state clearly on your website that you do not store / hold / keep

financial details of your customers you donot have to be pci compliance.

the finacial process is done by paypal pro.

See also the attachment I have send you earlier (The attachment was their Disclosure Payment Compliance Guidelines.pdf)

 

However in the first email PayPal sent me a day earlier they wrote:

In relation to your query related to PCI the standards apply to all

organizations that store, process or transmit cardholder’s data. Therefore

we can say that applies to your payment card environment not just about the

storage of the information but about how secure your system as website,

hosting service and shopping cart are

 

What they said to me on the phone was that there is no need for a seller to be PCI compliant if they are using PayPal WPP on the condition that there is a 'Privacy Policy' checkbox under the credit card input field that customers must check before the transaction is completed and the Privacy Policy should state "We do not store credit card numbers". PayPal said they are the ones who store, process or transmit cardholder’s data and if a seller decides not to store credit card numbers in the database then there is no need to have PCI but if a seller wanted to store card numbers then without a doubt PCI was needed but PayPal would not give advice on how one should get their PCI but were adamant no PCI is required where card numbers are not written to the database.

 

Does anyone know about PCI using oscommerce and WPP? If I were to remove the parts of this contribution that write the last 4 digits of the card number to database, the admin/orders page and to the checkout_confirmation page then would I need PCI using WPP? I have asked tens of web hosts and asked people from PayPal to PCI assisting organisations and everyone including PayPal seems to be contradicting themselves.

 

If PCI is required then a separate database server and separate application server costs make using WPP unviable as the database cannot have an internet/IP connection, it will be expensive :(

 

However, if no PCI is needed because of these two factors then it means an oscommerce store with WPP can even be used on a shared host making everything cheaper:

 

1) No card numbers and stored

2) A Privacy Policy checkbox is placed under the WPP card input field

 

The madness of it all. Can anyone shed some light please?

Edited April 9, 2010 by chooch

[SteveDallas]

The madness of PCI!!!! After days of trying to work out if I need PCI and if I do which form to complete (SAQ C or PCI SAQ D), I am totally baffled and bamboozled.

 

This what PayPal have said to me on the phone yesterday. After I telephoned them and questioned it today, they put it in an email too:

 

Thank you for contacting PayPal.

As you state clearly on your website that you do not store / hold / keep

financial details of your customers you donot have to be pci compliance.

the finacial process is done by paypal pro.

See also the attachment I have send you earlier (The attachment was their Disclosure Payment Compliance Guidelines.pdf)

 

However in the first email PayPal sent me a day earlier they wrote:

In relation to your query related to PCI the standards apply to all

organizations that store, process or transmit cardholder’s data. Therefore

we can say that applies to your payment card environment not just about the

storage of the information but about how secure your system as website,

hosting service and shopping cart are

 

What they said to me on the phone was that there is no need for a seller to be PCI compliant if they are using PayPal WPP on the condition that there is a 'Privacy Policy' checkbox under the credit card input field that customers must check before the transaction is completed and the Privacy Policy should state "We do not store credit card numbers". PayPal said they are the ones who store, process or transmit cardholder’s data and if a seller decides not to store credit card numbers in the database then there is no need to have PCI but if a seller wanted to store card numbers then without a doubt PCI was needed but PayPal would not give advice on how one should get their PCI but were adamant no PCI is required where card numbers are not written to the database.

 

Does anyone know about PCI using oscommerce and WPP? If I were to remove the parts of this contribution that write the last 4 digits of the card number to database, the admin/orders page and to the checkout_confirmation page then would I need PCI using WPP? I have asked tens of web hosts and asked people from PayPal to PCI assisting organisations and everyone including PayPal seems to be contradicting themselves.

 

If PCI is required then a separate database server and separate application server costs make using WPP unviable as the database cannot have an internet/IP connection, it will be expensive :(

 

However, if no PCI is needed because of these two factors then it means an oscommerce store with WPP can even be used on a shared host making everything cheaper:

 

1) No card numbers and stored

2) A Privacy Policy checkbox is placed under the WPP card input field

 

The madness of it all. Can anyone shed some light please?

 

As the card processor, PayPal makes the determination as to what processes and documentation you need to provide to be PCI compliant. Storing the last four digits of a card number isn't the same as storing a card number, and to the best of my knowledge, is permissible. Don't store the expiration date, either. And, of course, *never* touch the CVV value, except to send it on to PayPal.

 

--Glen

[chooch]

I that case will just go with WPP and put htaccess on the store for PayPal to vet before going live with it. Thanks Steve.

[josh1r]

Does anybody know what exactly this error means?

 

https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_errorcodes

 

15005 Processor Decline -- This transaction cannot be processed. The transaction was declined by the issuing bank, not PayPal. The merchant should attempt another card.

 

I've had 2 customers in the past 2 days get this error. I receive a PayPal Error Dump which indicates the error. I see that both customers are international (I'm a U.S. based merchant). One of them has purchased from me before so I know they are legit and didn't have problems last time. Could it be an address format issue and PayPal is denying it, or is it really being declined by the issuing bank, and not PayPal?

 

Thanks for any thoughts!

[SteveDallas]

Does anybody know what exactly this error means?

 

https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_errorcodes

 

15005 Processor Decline -- This transaction cannot be processed. The transaction was declined by the issuing bank, not PayPal. The merchant should attempt another card.

 

I've had 2 customers in the past 2 days get this error. I receive a PayPal Error Dump which indicates the error. I see that both customers are international (I'm a U.S. based merchant). One of them has purchased from me before so I know they are legit and didn't have problems last time. Could it be an address format issue and PayPal is denying it, or is it really being declined by the issuing bank, and not PayPal?

 

Thanks for any thoughts!

 

This means that the cardholder's bank has declined the transaction. It could be anything. Here are some possible reasons:

 

1. Insufficient credit line (credit card) or available balance (debit card).

2. Error in entering address (though banks usually allow these transactions and you'll get a Gateway Decline instead).

3. Card restricted from international transactions. Customer can usually call their bank to remove the international restriction.

 

--Glen

[josh1r]

This means that the cardholder's bank has declined the transaction. It could be anything. Here are some possible reasons:

 

1. Insufficient credit line (credit card) or available balance (debit card).

2. Error in entering address (though banks usually allow these transactions and you'll get a Gateway Decline instead).

3. Card restricted from international transactions. Customer can usually call their bank to remove the international restriction.

 

--Glen

 

Thanks Glen.

[Guest]

Goodday friends

 

I'm new to oscommerce, and while trying to put in place an online store, I found this:

 

The transaction cannot complete successfully. Instruct the customer to use an alternative payment method.

 

I have tried changing currencies as in some forum I saw this might be the reason, but this hasn't changed anything.

 

Any help / suggestion / hint / tip will be extremely appreciated.

 

Best.

[SteveDallas]

Goodday friends

 

I'm new to oscommerce, and while trying to put in place an online store, I found this:

 

 

 

I have tried changing currencies as in some forum I saw this might be the reason, but this hasn't changed anything.

 

Any help / suggestion / hint / tip will be extremely appreciated.

 

Best.

 

This is the text for a PayPal 10417 error. This error seems to occur when the customer's account has insufficient funds and there is no acceptable backup funding source.

 

It may also occur when the shop is set to require a confirmed address and there is no confirmed address on the account.

 

PayPal doesn't give any detail as to the cause of this error.

 

--Glen

Edited April 19, 2010 by SteveDallas

[cclayton]

I have a site using WPP and Dynamo Checkout and I want to setup another on a different domain - can I use the same Paypal account to transmit too or do I need to setup another, ideally I would use the same.

 

Thanks,

 

Chris

[SteveDallas]

I have a site using WPP and Dynamo Checkout and I want to setup another on a different domain - can I use the same Paypal account to transmit too or do I need to setup another, ideally I would use the same.

 

Thanks,

 

Chris

 

It should work fine, but the name displayed to Express Checkout buyers will be the same for both sites, unless you define a separate page style on PayPal and set the appropriate option in the module preferences. The customers of the new site will see your original account name in their transaction history. As long as this is not confusing to the customers, you'll have no problem.

 

--Glen

[cclayton]

It should work fine, but the name displayed to Express Checkout buyers will be the same for both sites, unless you define a separate page style on PayPal and set the appropriate option in the module preferences. The customers of the new site will see your original account name in their transaction history. As long as this is not confusing to the customers, you'll have no problem.

 

--Glen

 

Perfect - I have the name side covered. Thanks Glen.

[Guest]

I am getting this error:

The credit card information you entered contains an error. Please check it and try again.

 

The first four digits of the number entered are:

If that number is correct, we do not accept that type of credit card.

If it is wrong, please try again.

 

I am using Visa #s from PayPal's sandbox. I notice the first four digits aren't even showing in the error... so what could be causing this?

[Guest]

Found my problem, but I'm not sure how to fix it.

 

I use Fast Easy Checkout (with checkout_shipping.php & checkout_payment.php combined).

 

When I try to install checkout_payment entries to checkout_shipping.php -- nothing happens.

 

If I manually type "mysite.com/checkout_payment.php" into my browser's address bar, fill in a test CC# & try to checkout; it works.

Edited April 23, 2010 by eww

[Guest]

Just spotted this post by dynamoeffects: http://www.oscommerce.com/forums/topic/202604-how-to-take-credit-cards-manually/page__view__findpost__p__1234914

 

* If you're using the latest version of the Header Tags controller and you're storing credit card numbers in your database, anyone can output a list of your customers' data by adding a SQL query to a specific URL parameter.

* Use Fast Easy Checkout? In less than 2 minutes you could be compromised.

 

scary stuff!! Do any of you still use these?

I have header tags controller ( http://addons.oscommerce.com/info/207 ) also & just had a PCI scan run on my server.. curious is anyone else has had issues with these?

Edited April 23, 2010 by eww

[Cyberpunk]

I installed PayPal Website Payments Pro (US/UK) by Dynamo Effects v1.1.2 and I'm getting the following error upon clicking on the "check out express" button:

 

 unable to set private key file: '/home/[user]/public_html/includes/paypal_wpp/cert/cert_key_pem.txt' type PEM (Error No. 58)

 

Diagnostics test:

 

Basic Tests
Using at least PHP 4.3.0? 	Yes
Does your store have an SSL certificate installed and working? 	Yes
Is cURL installed? 	Yes
Does cURL work? (Simple HTTPS test) 	Yes
API Certificate installed? 	Yes
API Certificate directory protected? 	Yes
API Username in place? 	Yes
API Password in place? 	Yes
Database update in place? 	Yes
Payment class modifications in place? 	Yes
Bug in checkout_process.php fixed? [Read More] 	Yes
XML Document "doDirectPayment.xml" exists? 	Yes
XML Document "doExpressCheckout.xml" exists? 	Yes
XML Document "getExpressCheckoutDetails.xml" exists? 	Yes
XML Document "setExpressCheckout.xml" exists? 	Yes
XML Document "transactionSearch.xml" exists? 	Yes
XML Document "doCapture.xml" exists? 	Yes
XML Document "getTransactionDetails.xml" exists? 	Yes
XML Document "refundTransaction.xml" exists? 	Yes
Advanced Diagnostics
Able to connect to PayPal through cURL? 	No
Error received: 58: unable to set private key file: '/home/green007/public_html/includes/paypal_wpp/cert/paypal_cert_pem.txt' type PEM

I double checked the location of the cert file and it is correct. When I remove it completely I get a 'not found' error, so it's definitely not the location issue.

 

Can anyone help me out on this? I've searched this thread and couldn't find an answer.

 

Thank you!

[Cyberpunk]

Just wanted to add to the last post, I turned off Checkout Express option for the time being because I discovered another error.

 

Check out process seems to loop every time using regular paypal direct payment.

checkout_confirmation.php goes back to checkout_shipping.php and so on.

 

I tried enabling force cookies, and turning of SEO URLs and nothing.

 

Can some please help me out with this?

 

Thank you!

[SteveDallas]

Just wanted to add to the last post, I turned off Checkout Express option for the time being because I discovered another error.

 

Check out process seems to loop every time using regular paypal direct payment.

checkout_confirmation.php goes back to checkout_shipping.php and so on.

 

I tried enabling force cookies, and turning of SEO URLs and nothing.

 

Can some please help me out with this?

 

Thank you!

 

You must resolve the CURL error first. It sounds as though your certificate file may be corrupted. Try downloading it from PayPal again and re-installing it on your server.

 

--Glen

[Cyberpunk]

After spending another 8 hours I've finally figured out the problem.

 

Turns out I had incorrect certificate downloaded from PayPal.

 

I already had API username and signature created before by previous programmer so I wasn't aware I have to delete the current API sig/pass and then recreate it to download the new certificate. Maybe this could be mentioned in the read me file.

 

Other than the above issue, plug in is awesome and works flawlessly.

 

Thank you SteveDallas and Brian for your quick replies.

[bcmiw330]

Has anyone gotten Paypal WPP Direct Website Payments Pro to work with One Page Checkout? I have searched everywhere and I can not seem to find an answer.

[longhorn1999]

Has anyone gotten Paypal WPP Direct Website Payments Pro to work with One Page Checkout? I have searched everywhere and I can not seem to find an answer.

 

 

They aren't compatible, though the creator of this PayPal WPP add-on has a one page checkout solution available for sale. I went through the same aggravation of installing both a few months back and only later finding out from each of the two developers that these add-ons don't work in unison.

[rockgirl]

Any ideas as to why this happens?

 

-Customer enters credit card info

-Customer confirms order

-Customer is returned to page 1 of check (shipping details)

 

I've checked the my api cert is correct (even downloaded a new one just to make sure), username/password are correct, I do have a Pro acct with Paypal.

Any other thoughts?