XF 2.0 Account upgrades not working with PayPal

[PumpinIron]

Okay, the weirdest thing just happened.

I have account upgrades setup on my forum with PayPal as the payment processor.

Up until earlier today, everything worked just fine and had been working for months.

Today when a user tries to go to upgrade their account, they are redirected to the PayPal website (https://www.paypal.com/csplog/api/log/csp?cHJwPXJwdA=) and get a white screen with the following:

{"ack":"success","data":{"status":"success","count":1},"meta":{"calc":"e1fb772ba60d2","rlog":"cDFzXtcTGaYcx%2B7saD2iIgER3c%2FOOdlq1IyOKxh7m76pm1rGtXGL2HmP3lI%2F%2F%2BHb4mbNatCn6YtFpR1Lq%2Fzeig_1681c1e07d9"}}

What does this mean? Is anyone else having this issue?

There are no errors in the XenForo error log or the payment log.

 

[PumpinIron]

Okay, it looks like this was the fix:



I had to turn that from "On" to "Off" and it solved the issue.

Is this a thing with XenForo, where the "Purchase" buttons are not encrypted using one of the methods?

 

[webbouk]

Surely turning Off encrypted website payments is a security risk and opens your site up to fraudsters?

 

[Mike]

Is this a thing with XenForo, where the "Purchase" buttons are not encrypted using one of the methods?

Correct.

Surely turning Off encrypted website payments is a security risk and opens your site up to fraudsters?

No, not really. It's about preventing someone from manipulating certain code (I believe by using an extra hash). There's no point in attempting to manipulate this in XF though, as we validate that the components are what we expect (the amount paid, person paid, etc).

 

[PumpinIron]

Correct.


No, not really. It's about preventing someone from manipulating certain code (I believe by using an extra hash). There's no point in attempting to manipulate this in XF though, as we validate that the components are what we expect (the amount paid, person paid, etc).

Thanks for confirming this Mike! I thought I was going crazy.

Glad I was able to resolve this one! Lesson learned!