Jump to content

Paypal update from SSL 3.0 to TLS


anne101
 Share

Recommended Posts

PayPal  Merchant Technical Services merchant centre contacted me today.  They said there is a  Poodle vulnerability issue so are cancelling SSL3.0 and changing to TLS on dec 3rd. They said I need to contact my ecommerce platform providers to ensure there is no problem. Is there anything which needs changing or adapting before this happens?

  • Like 1

Share this post


Link to post
Share on other sites

I think I managed to implement the solution for Prestashop 1.6.0.9, module PayPal v3.7.2 for Express checkout using API. I'm not sure whether this will work for everyone or not, but it seems to be working for me. Note that you need to test using SANDBOX where Paypal has implemented this new change and NOT testing using paypal live site. I could see the difference when testing using SANDBOX - i got an error message in my checkout initially when clicking 'pay with paypal' and after implementing this, i could go through the checkout successfully with no error page.

 

Based on this instruction: https://ppmts.custhelp.com/app/answers/detail/a_id/1191

I modified this file:

modules/paypal/api/paypal_connect.php

line 88 - change number 3 to 4 for CURLOPT_SSLVERSION:

from: @curl_setopt($ch, CURLOPT_SSLVERSION, 3);

to @curl_setopt($ch, CURLOPT_SSLVERSION, 4);

 

IMPORTANT - You would need to TEST this using Paypal Sandbox to see if it's working for your site:

1. Create a sandbox business/merchant account: https://developer.paypal.com/webapps/developer/applications/accounts and insert the sandbox merchant API credentials in your prestashop paypal module config

2. Also in your paypal module config: Use a Sandbox > set to 'test mode'  - to activate sandbox

3. Clear your prestashop cache: performance > advanced parameters > smarty > force compilation & cache: No

4. Try going through checkout to test - if you can reach paypal page successfully, that means it seems to be working. Otherwise you wouldn't even reach paypal page and see an error message

5. Don't forget to revert everything back except for the paypal_connect.php file

6. Test your checkout again in live site environment to make sure everything works properly

  • Like 2

Share this post


Link to post
Share on other sites

Well, the changes will not be made until december 3, so testing now is a non sense.... My shop´s paypal as of today is working fine

 

Duh, that's why we are testing using SANDBOX as per Paypal instructions. Live site won't be affected until 3rd Dec, but Sandbox already has this change implemented for those who want to get prepared early.

Share this post


Link to post
Share on other sites

I think I managed to implement the solution for Prestashop 1.6.0.9, module PayPal v3.7.2 for Express checkout using API. I'm not sure whether this will work for everyone or not, but it seems to be working for me. Note that you need to test using SANDBOX where Paypal has implemented this new change and NOT testing using paypal live site. I could see the difference when testing using SANDBOX - i got an error message in my checkout initially when clicking 'pay with paypal' and after implementing this, i could go through the checkout successfully with no error page.

 

Based on this instruction: https://ppmts.custhelp.com/app/answers/detail/a_id/1191

I modified this file:

modules/paypal/api/paypal_connect.php

line 88 - change number 3 to 4 for CURLOPT_SSLVERSION:

from: @curl_setopt($ch, CURLOPT_SSLVERSION, 3);

to @curl_setopt($ch, CURLOPT_SSLVERSION, 4);

 

IMPORTANT - You would need to TEST this using Paypal Sandbox to see if it's working for your site:

1. Create a sandbox business/merchant account: https://developer.paypal.com/webapps/developer/applications/accounts and insert the sandbox merchant API credentials in your prestashop paypal module config

2. Also in your paypal module config: Use a Sandbox > set to 'test mode'  - to activate sandbox

3. Clear your prestashop cache: performance > advanced parameters > smarty > force compilation & cache: No

4. Try going through checkout to test - if you can reach paypal page successfully, that means it seems to be working. Otherwise you wouldn't even reach paypal page and see an error message

5. Don't forget to revert everything back except for the paypal_connect.php file

6. Test your checkout again in live site environment to make sure everything works properly

 

Hi, thanks for sharing. I have changed the "3" to "4" from the paypal_connect

 

When i checked out from website as customer after the above modification, i could enter paypal page and proceed with payment as usual. However, when i tested website to check out from sandbox mode, i have issue to pay. It will never lead me to paypal page at all. Is that normal and fine? Because i could still receive payment on Live Mode.

Please advise and share with me if there is anything i have missed out during modification. Thank you

Share this post


Link to post
Share on other sites

live mode has not yet been discontinued, only sandbox test mode, so i think that the problem is still on...on your module...

 

hi, may i know if there is something i could do? i have modified the "3" to "4" from paypal_connect

Share this post


Link to post
Share on other sites

Just found this email for one site I look after...
    
Prestashop version: 1.4.7.3
PayPal module: v2.8.6

Live site is fine for now... naturally, so tested in Sandbox mode and receive the following error:

    PayPal response:
    TIMESTAMP -> 2014-11-12T15:14:56Z
    L_ERRORCODE0 -> 10002
    L_SHORTMESSAGE0 -> Security error
    L_LONGMESSAGE0 -> Security header is not valid
    L_SEVERITYCODE0 -> Error
    PayPal returned error
    

Taking a look at /modules/paypal/api/paypal_connect.php  I can't find the line:

    @curl_setopt($ch, CURLOPT_SSLVERSION, 3);


Closest I can see is one of these:


    @curl_setopt($ch, CURLOPT_POST, true);
    @curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
    @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    @curl_setopt($ch, CURLOPT_HEADER, false);
    @curl_setopt($ch, CURLOPT_TIMEOUT, 30);
    @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
    @curl_setopt($ch, CURLOPT_VERBOSE, true);


In another site I manage Prestashop version: 1.5.3.1 & PayPal module: v3.5.5 I CAN see the line:

    @curl_setopt($ch, CURLOPT_SSLVERSION, 3);

    
So, I'm thinking... do I add the following line to the Prestashop version: 1.4.7.3 site and amend the Prestashop version: 1.5.3.1 one which does have the line to 4:

    @curl_setopt($ch, CURLOPT_SSLVERSION, 4);
    

Hope that makes sense... just thought I'd put this out there to see what the gurus think... I don't want to break anything :)

Share this post


Link to post
Share on other sites

This line. as it is in the last stable version of the Paypal module,

@curl_setopt($ch, CURLOPT_SSLVERSION, 3);

will curently work with Live Mode but not with Test mode. Thats because SSL3 is already deacivated in the Test Mode from Paypal. From the 3rd of december on SSL3 will also be deactivated in Live Mode and replaced with TLS.

 

There are several solutions to make the Test Mode work. One of them is to replace this above line with

@curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_DEFAULT);

I cant tell you if this solution is also applicable for the Live Mode from the 3.12 onwards.

 

As tuk66 mentioned, deleting the whole line, should force the module to use auto-negotiation of the SSL version.

 

Also to mention is that "CURLOPT_SSLVERSION, 4" will not work on some old php/curl versions. So be aware of this.

 

But indeed the PrestaShop team should give some input here.

 

 

EDIT:

Just had a look at the PayPal github page, and it seems like they just released an update for the API LINK.

They are using from now on these lines:

CURLOPT_SSL_CIPHER_LIST, TLSv1
CURLOPT_SSLVERSION, 1

There is also a merchant guide for this issue handed out by Paypal LINK

And a topic in the PayPal subforum here on Prestashop LINK

 

And a link to the solution page from PayPal LINK all fixes are mentioned here.

Edited by thepan (see edit history)
  • Like 2

Share this post


Link to post
Share on other sites

I'm using PS 1.5.6.2 and PayPal module version 3.6.6 (3.6.5 on another shop)

 

So, should I use this new code on my PayPal API?

 

new code in red.

 

@curl_setopt($ch, CURLOPT_POST, true);
@curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@curl_setopt($ch, CURLOPT_HEADER, false);
@curl_setopt($ch, CURLOPT_TIMEOUT, 30);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
@curl_setopt($ch, CURLOPT_SSLVERSION, 1);
@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
@curl_setopt($ch, CURLOPT_VERBOSE, true);

Share this post


Link to post
Share on other sites

Hi, thanks for sharing. I have changed the "3" to "4" from the paypal_connect

 

When i checked out from website as customer after the above modification, i could enter paypal page and proceed with payment as usual. However, when i tested website to check out from sandbox mode, i have issue to pay. It will never lead me to paypal page at all. Is that normal and fine? Because i could still receive payment on Live Mode.

Please advise and share with me if there is anything i have missed out during modification. Thank you

 

Hi Meimeisi,

 

Did you change 2 things when testing?

 

Change these 2 things in your prestashop paypal module config:

 

1. You have to use a sandbox merchant account API instead of using your real API when testing.

Create a sandbox merchant account - and insert the API credentials into the paypal module:

https://developer.paypal.com/docs/classic/lifecycle/sb_create-accounts/

 

2. Use a Sandbox > set to 'test mode'

 

Then try ordering something, and see if the error is still there.

Share this post


Link to post
Share on other sites

Hi all,

In the paypal_connect.php file commented out the SSL line as below.

Sandbox and live tested and everything seems ok.

Hope this helps

 

@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

@curl_setopt($ch, CURLOPT_HEADER, false);
@curl_setopt($ch, CURLOPT_TIMEOUT, 30);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
/*@curl_setopt($ch, CURLOPT_SSLVERSION, 3);*/
@curl_setopt($ch, CURLOPT_VERBOSE, false);

 

 

  • Like 1

Share this post


Link to post
Share on other sites

 

I'm using PS 1.5.6.2 and PayPal module version 3.6.6 (3.6.5 on another shop)

 

So, should I use this new code on my PayPal API?

 

new code in red.

 

 
@curl_setopt($ch, CURLOPT_POST, true);
@curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@curl_setopt($ch, CURLOPT_HEADER, false);
@curl_setopt($ch, CURLOPT_TIMEOUT, 30);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
@curl_setopt($ch, CURLOPT_SSLVERSION, 1);
@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
@curl_setopt($ch, CURLOPT_VERBOSE, true);

 

could someone assist for this? thank you.

Share this post


Link to post
Share on other sites

Hi,

 

I just fired up my test shop which hasn't been touched in months 1.5.6.1 paypal 3.6.1 and payments to sandbox weren't working. Changed the file with:

@curl_setopt($ch, CURLOPT_SSLVERSION, 1);

@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
 
Now Sandbox test payments working again.
Changed site to Live and live credentials and still works :)
 
If it's any help to anyone.
  • Like 1

Share this post


Link to post
Share on other sites

 

Hi,

 

I just fired up my test shop which hasn't been touched in months 1.5.6.1 paypal 3.6.1 and payments to sandbox weren't working. Changed the file with:

@curl_setopt($ch, CURLOPT_SSLVERSION, 1);

@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
 
Now Sandbox test payments working again.
Changed site to Live and live credentials and still works :)
 
If it's any help to anyone.

 

Cool!! Thanks for the information.

 

I did that too and both live and sandbox test are working. The website could direct me to paypal page for checkout.

Thank you so much.

Share this post


Link to post
Share on other sites

 

Hi all,

In the paypal_connect.php file commented out the SSL line as below.

Sandbox and live tested and everything seems ok.

Hope this helps

 

@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

@curl_setopt($ch, CURLOPT_HEADER, false);
@curl_setopt($ch, CURLOPT_TIMEOUT, 30);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
/*@curl_setopt($ch, CURLOPT_SSLVERSION, 3);*/
@curl_setopt($ch, CURLOPT_VERBOSE, false);

 

i tried this earlier but it does not work for my shop.

Share this post


Link to post
Share on other sites

Hi Meimeisi,

 

Did you change 2 things when testing?

 

Change these 2 things in your prestashop paypal module config:

 

1. You have to use a sandbox merchant account API instead of using your real API when testing.

Create a sandbox merchant account - and insert the API credentials into the paypal module:

https://developer.paypal.com/docs/classic/lifecycle/sb_create-accounts/

 

2. Use a Sandbox > set to 'test mode'

 

Then try ordering something, and see if the error is still there.

 

Hi, i have no idea of that. But both of live mode and sandbox mode are working perfectly. I have changed the file as follow (red).

Thank you

 

@curl_setopt($ch, CURLOPT_POST, true);
@curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@curl_setopt($ch, CURLOPT_HEADER, false);
@curl_setopt($ch, CURLOPT_TIMEOUT, 30);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
@curl_setopt($ch, CURLOPT_SSLVERSION, 1);
@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
@curl_setopt($ch, CURLOPT_VERBOSE, true);

Share this post


Link to post
Share on other sites

So if I place this code: 

@curl_setopt($ch, CURLOPT_SSLVERSION, 1);

@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');

 

 

In the space of the code bellow, I fix the problem?:: 

 

curl_setopt($ch, CURLOPT_VERBOSE, 0);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

 

 

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

curl_setopt($ch, CURLOPT_POST, true);

curl_setopt($ch, CURLOPT_POSTFIELDS, 'PARTNER='.urlencode(Configuration::get('PAYPAL_USA_MANAGER_PARTNER')).'&VENDOR='.urlencode

Edited by Anthony DeLa Riviere (see edit history)

Share this post


Link to post
Share on other sites

Hi all!

 

2 options:

 

1-wait for a paypal module update

2-follow the instruction given on the links inside the message sent by paypal (need an expert for this)

 

Option #1 is the best option, as we will make an update available for the PayPal module early next week. It's being developed as we speak.

 

Option #2 might work for the most skilled but we seriously advide that you wait for our update.

 

Thanks!

  • Like 2

Share this post


Link to post
Share on other sites

Hi all!

 

 

Option #1 is the best option, as we will make an update available for the PayPal module early next week. It's being developed as we speak.

 

Option #2 might work for the most skilled but we seriously advide that you wait for our update.

 

Thanks!

That's awesome. However i am afraid of the new bug for new paypal module. So can i check with you if i would be fine to stick with old module with new api content as follows?

 

new code in red.

 

 
@curl_setopt($ch, CURLOPT_POST, true);
@curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@curl_setopt($ch, CURLOPT_HEADER, false);
@curl_setopt($ch, CURLOPT_TIMEOUT, 30);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
@curl_setopt($ch, CURLOPT_SSLVERSION, 1);
@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
@curl_setopt($ch, CURLOPT_VERBOSE, true);

 

It works fine for me. Hope to hear from you soon.

 

Thank you

Share this post


Link to post
Share on other sites

Hi,

 

I got same email from Paypal. We're on PrestaShop™ 1.5.6.0 and was wondering if changing from 3 to 4 on the fix mentioned above will start working on live from now. Even tough they haven't removed 3.0 from live yet does it work with 4 already?

Anyone tried this fix on 1.5.6.0?

 

Thanks

 

I tried this on Prestashop 1.5.4 (test and real mode) and 1.6 (test mode), it works good :

 

In modules\paypal\api\paypal_connect.php

replace line 84

-- @curl_setopt($ch, CURLOPT_SSLVERSION, 3);

by

++ @curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');

Share this post


Link to post
Share on other sites

Does someone knows about the PayPal Pro module wich accepts credit cards on the merchant website instead of redirecting to PayPal website?  Do we have to replace code?

 

We have looked in the PayPal Pro module's code and can't find any occurence of "CURLOPT_SSLVERSION" to replace.

 

We have searched on PrestaShop Addons to see if there is an updated version and the module doesn't seem to be there anymore.

 

Anyone got a clue on this?

 

Thank you

Share this post


Link to post
Share on other sites

Hi everybody, 

Thank you for your interest in our module.

 

We have seen recently the following problem:

 the SSL v3 issue (also known as POODLE) was identified on October 14, PayPal has been hard at work to mitigate any potential impact to our customers and has thus decided to completely disable SSL 3.0 support on December 3, 2104 at 12:01 a.m. Pacific Standard Time.

 

POODLE is an internet security vulnerability that impacts the Secure Sockets Layer (SSL) 3.0 protocol, which was designed to ensure secure connections when surfing on the Internet.

 

As a consequence all PayPal merchant customers using PrestaShop will need to update their PayPal integration by upgrading their PayPal module on PrestaShop before December 3rd, 2014 in order to disable SSL 3.0 for their client interactions.

 

This update will be available on Tuesday November 18th, 2014 on Addons (version 3.8.0 to come).

Please make sure to upgrade your module on the latest version once available.

 

If you do not upgrade your PayPal module on PrestaShop by this date, you may face interruptions to your ability to accept payments with PayPal.
 
To make sure your integration is protected against this vulnerability and to keep accepting PayPal payments beyond this date, you need to upgrade your PayPal module to version 3.8.0 by following these steps: 
 
 
Users of version 1.5 and 1.6 of PrestaShop

1. Go to PrestaShop back office in the list of modules installed

2. Click on the « Update it » button next to PayPal module  

 
en-pp1.png
 
The upgrade to version 3.8.0 will then complete.  If it doesn’t, please follow the steps below. 
 
Users of version 1.4 of PrestaShop
 

1. Go to the PrestaShop Addons website  and download the latest version of the PayPal module (version 3.8.0)

2. You need to carry out a manual update of the module. Please go to the “Modules” section in the Back Office of your store 

3. Click on “Upload the module from your computer” , you should get the screen below: 

 

 

en-pp.png

 

4. Insert the downloaded file in zip format

5. Click on « Upload this module »

The upgrade to version 3.8.0 will then complete.

 

We make every effort to help you as quickly as possible and we apologize for any inconvenience due to this problem.

 

Regards, 

202 ecommerce.

  • Like 2

Share this post


Link to post
Share on other sites

Hi,

I'm using prestashop 1.4.4.1 for my web store www.waterfilterforfridge.com.au and I'm using Paypal as the payment system for my online store.

 

However, they will disable the SSL 3.0 in December and I need to update SSL3.0 to TLS.

 

I read through forums and found out that there are 2 ways to solve this problem.

 

option #1. wait for the new version of paypal to be released (released on tuesday 18th november)

option #2. manually develop your older version of paypal to TLS.

 

I'm not a developer, so I avoid going through option #2, even with any guides provided with paypal. (they provided with pdf file guide lines but I have no knowledge in developing modules.)

 

Therefore I've waited the new version of paypal module to release and they only released the EUROPE version of paypal (3.8.0).

 

My webstore is based in Australia (Oceania) and if I use the Europe version of Paypal 3.8.0, I was told by Paypal that I may have to provide necessary information like your Australia account in order to verify my account. In example Social numbers, Confirm my bank account and others.

 

They said it's best to contact Prestashop, as the module was prepared by Prestashop.

 

I was wondering if they are going to release the module for Australia (Oceania) soon? or What are my options now?

 

Can anybody advice me?

 

Thanks.

 

Regards,

 

Reina.

  • Like 1

Share this post


Link to post
Share on other sites

Currently using PayPal module 3.4.1 Prestashop version 1.5.2 

I'm not seeing an  update button on the pay pal module and I didn't see the paypal module in addons.

I see the one for PayPal Europe   but not an update for those of us not in Europe using the generic module just named PayPal module. Where do I get the update?

  • Like 3

Share this post


Link to post
Share on other sites

Sorry maybe I am out of topic.

There is some one can provide me a zip file paypal module 3.4.4 or link for download please?

I had before the 3.4.4. version, I updated to 3.7.2 first and after to 3.8, but i am having problem with 

 

PHP Fatal error: Call to a member function getPageLink() on a non-object in /home/xxxxxx/public_html/classes/Mail.php on line 251

 

I tried to fix this problem without succesful and therefore I wanna restore the old paypal module version but it's not simple find it on internet.

 

my p mail is zucca25 at hotmail dot com

 

thank you in advance

Share this post


Link to post
Share on other sites

I use Prestashop 1.4.4.1 after you upgrade of Paypal Module to version 3.8.0 I find the following notice in modules tab:

 

" - PayPal - In order to use the module you need to install the backward compatibility"

 

how can I fix it? I don't know if I've problems with transactions

thanks

Share this post


Link to post
Share on other sites

Post #49 stated

This update will be available on Tuesday November 18th, 2014 on Addons (version 3.8.0 to come).

Please make sure to upgrade your module on the latest version once available.

 

If you do not upgrade your PayPal module on PrestaShop by this date, you may face interruptions to your ability to accept payments with PayPal.
 
To make sure your integration is protected against this vulnerability and to keep accepting PayPal payments beyond this date, you need to upgrade your PayPal module to version 3.8.0 by following these steps: 
 
 
Users of version 1.5 and 1.6 of PrestaShop

1. Go to PrestaShop back office in the list of modules installed

2. Click on the « Update it » button next to PayPal module  

 
en-pp1.png
 
 
 
 
It is now Nov 21 and I still don't see this update.  When will this be available for the PayPal module - i only see the paypal europe module
I really don't like to modify the code my self
  • Like 1

Share this post


Link to post
Share on other sites

Hi all,

 

Same problem here, I have received a message from paypal and from Prestashop that advise me to upgrade the paypal module, I see there is an upgraded version 3.8.0 of the module on prestashop addons but there is no update button in prestashop backoffice. I have Prestashop version 1.6.0.9 and Paypal module version 3.7.2. It may be fortuity but since I upgrade Prestashop from version 1.6.0.5 to 1.6.0.9 I haven't received module updates any more. Perhaps a bug or something else? I need to update my Paypal module manually?

 

Thanks for help and replies

 

brennino

 

 

 

Post #49 stated

This update will be available on Tuesday November 18th, 2014 on Addons (version 3.8.0 to come).

Please make sure to upgrade your module on the latest version once available.

 

If you do not upgrade your PayPal module on PrestaShop by this date, you may face interruptions to your ability to accept payments with PayPal.
 
To make sure your integration is protected against this vulnerability and to keep accepting PayPal payments beyond this date, you need to upgrade your PayPal module to version 3.8.0 by following these steps: 
 
 
Users of version 1.5 and 1.6 of PrestaShop

1. Go to PrestaShop back office in the list of modules installed

2. Click on the « Update it » button next to PayPal module  

 
en-pp1.png
 
 
 
 
It is now Nov 21 and I still don't see this update.  When will this be available for the PayPal module - i only see the paypal europe module
I really don't like to modify the code my self

 

Share this post


Link to post
Share on other sites

Hi! I have version 1.4.9 ... someone who has this version has already tried to make the changes recommended by paypal?
 
Users of version 1.4 of PrestaShop
1- Go to the PrestaShop Addons website and download the latest version of the PayPal module (version 3.8.0)
 
2- You need to carry out a manual update of the module. Please go to the “Modules” section in the Back Office of your store
 
3- Click on “Upload the module from your computer”
 
4- Insert the downloaded file in zip format
 
5- Click on « Upload this module »
 
The upgrade to version 3.8.0 will then complete. 
 
 
Thanks  :) 

Edited by elfetta84 (see edit history)

Share this post


Link to post
Share on other sites

Ho installato la Paypal 3.8.0 e utilizzo PS 1.4.4.1

 

a quanto ho capito questo aggiornamento di Paypal si porta dietro un bug naco con aggiornamento 3.6 e mai risolto che noi che utilizziamo Prestashop 1.4 non avevamo. Il probema è serio, perchè con questo nuovo aggiornamento si offrono le spedizioni gratis a random. Se ne parla qui

http://www.prestashop.com/forums/topic/311094-problemi-col-campo-provincia-quando-si-iscrive-un-cliente/

 

Spero si risolva, nel giro di 2 giorni ho dato via già 2 spedizioni "omaggio" senza alcuna promozione in corso  :wacko:

Share this post


Link to post
Share on other sites

Hi everyone,

 

I'm kind of lost here.  I am using Paypal USA Canada module 1.3.4 (on PS 1.6.0.8) and I can't find the API folder everyone is referring to. (There is no such folder in the module)  I received an email directly from Paypal informing me that my shop WILL BE affected on December 3rd.  Yet I can't find anywhere a fix for my module.

I prefer NOT to upgrade my module because everytime I did in the past, it was a total mess.

 

Please help !!!

 

Carly

Share this post


Link to post
Share on other sites

The following code is the closest to the one everyone is talking about and it's located in my Paypal.php file.  Can anyone let me know what I should be changing or adding ?  I also saw this code in other files in the module - should I be changing those as well?

 

Thanks in advance

 

$ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, 'https://api-3t..(Configuration::get(PAYPAL_USA_SANDBOX') ? 'sandbox.' : '').'paypal.com/nvp');
  curl_setopt($ch, CURLOPT_VERBOSE, 0);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ch, CURLOPT_POST, true);
  curl_setopt($ch, CURLOPT_POSTFIELDS, 'METHOD='.urlencode($method_name).'&VERSION=98&PWD='.urlencode(Configuration::get('PAYPAL_USA_API_PASSWORD')).'&USER='.urlencode(Configuration::get('PAYPAL_USA_API_USERNAME')).'&SIGNATURE='.urlencode(Configuration::get('PAYPAL_USA_API_SIGNATURE')).$params.'&BUTTONSOURCE=PrestashopUS_Cart');
  $response = curl_exec($ch);
  curl_close($ch);

Share this post


Link to post
Share on other sites

Thanks KevinNash for your reply.

 

The link you are referring to clearly saids that the Paypal USA module hasn't been checked yet.

 

I don't understand then that Paypal would send me the email to update my connection if there is no issue.  I really think there is.

 

Unfortunately, it seems to me that because less people use the Paypal USA Canada module (vs. the Europe one), it is less of a priority.  We're 10 days away from the date that the Paypal module might become unusable and it's a critical part of the website.  I find it a little alarming that there is no clear answer. 

 

If anyone has some info - Please help !

Share this post


Link to post
Share on other sites

I tried this on Prestashop 1.5.4 (test and real mode) and 1.6 (test mode), it works good :

 

In modules\paypal\api\paypal_connect.php

replace line 84

-- @curl_setopt($ch, CURLOPT_SSLVERSION, 3);

by

++ @curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');

my modification

 

            @curl_setopt($ch, CURLOPT_POST, true);

            @curl_setopt($ch, CURLOPT_POSTFIELDS, $body);

            @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

            @curl_setopt($ch, CURLOPT_HEADER, false);

            @curl_setopt($ch, CURLOPT_TIMEOUT, 30);

            @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

            @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

            @curl_setopt($ch, CURLOPT_SSLVERSION, 1);

            @curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');

            @curl_setopt($ch, CURLOPT_VERBOSE, true);

 

So far seems ok.

  • Like 1

Share this post


Link to post
Share on other sites