[workaround] SSL stops redirect to Paypal using API

[Rhapsody]

I have a live shop that is currently running 1.4.7.0 and using the stock Prestashop Paypal module V2.8.6. This is configured using the PayPal API and has worked well on all versions since the shop was opened using 1.3.4, and with all the incremental version upgrades.

 

I've had an SSL certificate with a dedicated IP since the shop opened. I noticed after updating to 1.4.7.0 that if I enabled SSL in the BO, that the transaction is unable to get redirected to PayPal when "I confirm my order" is clicked. It works just fine if SSL is disabled in the BO. With SSL enabled, when "I confrim my order" is clicked, the browser activity indicator goes for about 10 seconds and it stays on the confirmation page. I rolled the shop back to 1.4.6.2 and the same thing happens.

 

Some supporting information and things I've tried:

• "Use Cache" is turned off on the performance page
  
• Tried using Smarty "Force Compile" and set the cache to "No" - no change seen
  
• Turned of all the CCC options - no change seen
  
• I'm using friendly URL and regenrated httaccess file - no change seen
  
• Turned off automatic redirect to canonical URL - no change seen
  
• All the shop SSL pages appear to work fine when logged in to the front end looking at the links in the "My Account" block. The https indicator can be seen in both Firefox and IE. There are no error messages.
  
• Enabled debug in config.inc.php and development mode in defines.inc.php but since no errors are generated, can't get any additional information from that.
  
• Paypal API works fine when SSL is turned off - the user is directed to Paypal site when the order conformation button is clicked, then returned to the shop at the completion of the Paypal transaction. All the normal email messages are generated and money flows into the Paypal account... life is good!
  

Configuration information is pasted below:

Server information

Prestashop Version: 1.4.7.0

Server information: Linux #1 SMP Tue Apr 12 18:52:55 EDT 2011 i686

Server software Version: Apache

PHP Version: 5.2.17

MySQL Version: 5.0.92-community

 

I'm stumped - Any ideas out there?

 

Edit: A work around solution is posted further down this thread here

[PhoneMainiac]

Hey,

 

I'm also having the same problem since updating to 1.4.7.0 with SSL turned on it would not re-direct to paypal, with SSL turned off it re-directs.

 

Any ideas??

 

Cheers

 

Steve

[Rhapsody]

I posted a bug report on the forge - #PSCI-4912.

[Rhapsody]

I found it!

 

The 1.4.7.0 release added code to the \classes\FrontController.php file starting on line 87. Below are temporary changes to make until an updated file is issued by the Prestashop team. I grabbed a few lines prior to and after the comments to make it easier to find.

 

  if ($this->ssl AND !Tools::usingSecureMode() AND Configuration::get('PS_SSL_ENABLED'))
 {
  header('HTTP/1.1 301 Moved Permanently');
  header('Location: '.Tools::getShopDomainSsl(true).$_SERVER['REQUEST_URI']);
  exit();
 }
/*
* Rhapsody Commented out offending code that breaks SSL redirect with Paypal
 else if (Configuration::get('PS_SSL_ENABLED') AND Tools::usingSecureMode() AND !($this->ssl))
 {
  header('HTTP/1.1 301 Moved Permanently');
  header('Location: '.Tools::getShopDomain(true).$_SERVER['REQUEST_URI']);
  exit();
 }
* * * end of Rhapsody Commented out offending code that breaks SSL redirect with Paypal **
*/
 ob_start();
 /* Loading default country */
 $defaultCountry = new Country((int)Configuration::get('PS_COUNTRY_DEFAULT'), Configuration::get('PS_LANG_DEFAULT'));
 $cookieLifetime = (time() + (((int)Configuration::get('PS_COOKIE_LIFETIME_FO') > 0 ? (int)Configuration::get('PS_COOKIE_LIFETIME_FO') : 1)* 3600));

[Rolige]

thats work?

[Rhapsody]

thats work?

It worked for me.

[Rolige]

It worked for me.

Ok thank you confirm.

[Zammo]

I can confirm, this work around works

 

Huge thanks Rhapsody!

[keyman]

Thanks so much it finally worked and solved all my issues

[tomerg3]

This was reported and fix posted at http://www.prestashop.com/forums/index.php?/topic/155662-critical-ssl-bug-in-ps-147-fix-inside/

[Slidster]

Thanx. it worked perfectly

[leboutlet]

I used both solutions together and it worked for me.

Now I am going to test the Hipay gateway, hopefully it did not screw it.

[Rhapsody]

Note that this was previously reported on the bug tracker and I tested a fix to #PSCFI-4912

 

It appears that the fixed FrontController.php did not get into the 1.4.7.2 production release. The attached file from SVN can be used to replace the classes\FrontController.php and fix the PayPal redirect when SSL is active.

FrontController.php

[tomerg3]

Note that this was previously reported on the bug tracker and I tested a fix to #PSCFI-4912

 

It appears that the fixed FrontController.php did not get into the 1.4.7.2 production release. The attached file from SVN can be used to replace the classes\FrontController.php and fix the PayPal redirect when SSL is active.

 

What a shame, more people will have this issue, hopefully they will find this post before they lose too many sales.

 

Thanks for letting us know and posting the fixed file.

[Vincent Schoener]

Hi,

 

This has been fixed on the FrontController but not this way.

 

Take a look to the lines 78 to 81 of the file (http://forge.prestashop.com/browse/PSCFI-4912)

 

Best regards

[myopen]

Hi,

 

I have version 1.4.8.2 with site turbopc.com.au and it seems the CSS and java files are http rather than https. Here is what it looks like https://www.turbopc.com.au

 

I have changed the FrontController.php as detailed in this forum but did not work. I am using 1.4.8.2 not version 1.4.7.

 

Will appreciate any help.

[kkim]

Note that this was previously reported on the bug tracker and I tested a fix to #PSCFI-4912

 

It appears that the fixed FrontController.php did not get into the 1.4.7.2 production release. The attached file from SVN can be used to replace the classes\FrontController.php and fix the PayPal redirect when SSL is active.

 

I just replace file you attached.

 

and also Performance - Caching - Use Cache - Disabled.

 

 

// edited not working sorry; didnt solve problem

Edited July 4, 2012 by kkim (see edit history)

[Mr_PayPal]

Hello,

Please check with your hosting provider to see if SSL is supported.

[xoaquina]

I am working with prestashop 1.5.3.1 and paypal api 3.4.5. I was having the same issues but then I went back into my back office and under preference - seo & urls, I realized i had my website ssl address under the ssl domain. I left blank and since I do have SSL already installed It started working just fine, without editing any code. I left shop domain the same, cleared ssl domain name and left base url / ...and that was it. Thought i would share, maybe it will help anyone.

Edited March 1, 2013 by xoaquina (see edit history)

[MMouse]

I have a live shop that is currently running 1.4.7.0 and using the stock Prestashop Paypal module V2.8.6. This is configured using the PayPal API and has worked well on all versions since the shop was opened using 1.3.4, and with all the incremental version upgrades.

 

I've had an SSL certificate with a dedicated IP since the shop opened. I noticed after updating to 1.4.7.0 that if I enabled SSL in the BO, that the transaction is unable to get redirected to PayPal when "I confirm my order" is clicked. It works just fine if SSL is disabled in the BO. With SSL enabled, when "I confrim my order" is clicked, the browser activity indicator goes for about 10 seconds and it stays on the confirmation page. I rolled the shop back to 1.4.6.2 and the same thing happens.

 

Some supporting information and things I've tried:

• "Use Cache" is turned off on the performance page
• Tried using Smarty "Force Compile" and set the cache to "No" - no change seen
• Turned of all the CCC options - no change seen
• I'm using friendly URL and regenrated httaccess file - no change seen
• Turned off automatic redirect to canonical URL - no change seen
• All the shop SSL pages appear to work fine when logged in to the front end looking at the links in the "My Account" block. The https indicator can be seen in both Firefox and IE. There are no error messages.
• Enabled debug in config.inc.php and development mode in defines.inc.php but since no errors are generated, can't get any additional information from that.
• Paypal API works fine when SSL is turned off - the user is directed to Paypal site when the order conformation button is clicked, then returned to the shop at the completion of the Paypal transaction. All the normal email messages are generated and money flows into the Paypal account... life is good!

Configuration information is pasted below:

Server information

Prestashop Version: 1.4.7.0

Server information: Linux #1 SMP Tue Apr 12 18:52:55 EDT 2011 i686

Server software Version: Apache

PHP Version: 5.2.17

MySQL Version: 5.0.92-community

 

I'm stumped - Any ideas out there?

 

Edit: A work around solution is posted further down this thread here

 

I have exactly the same symptom, however I am using:

prestashop 1.5.6.0

Paypal 3.6.1

 

When I run the site in non ssl all works fine.

When I run the site in forced SSL all works fine.

When I run in normal SSL paypal stops working

 

I get a 301 moved permanently when clicking the confirm order button in paypal and get redirected back to my shop. If I change that url to HTTP it works fine.

I have this also for omnikassa ideal. (dutch) But this happens when I should get redirected to the omnikassa page.

I tried .htacces in the module folders of these modules but no luck.

Any suggestions are welcome