Alipay ILLEGAL_SIGN after update

Hi, I just updated the plugin to the latest version and now I can’t make purchase via Alipay due to an ILLEGAL_SIGN error. Here is my code:

add_shortcode('course_confirm', 'course_confirm');
function course_confirm() {
	$gate = $_GET['gate'];
	$amount = $_GET['amount'];
	$course = $_GET['course'];
	$date = $_GET['date'];
	$id = $_GET['id'];
	
	$output = 'You have registered for the following course:
		<table>
		<tr>
			<td>Course:</td>
			<td>' . $course . ' - ' . $date . '</td>
		</tr>
		<tr>
			<td>Payment Method</td>
			<td>';

	$pattern = array(" ", ",", "-");
	$course = str_replace($pattern, '', $_GET['course']);
	$date = str_replace($pattern, '', $_GET['date']);

	if($gate == 'Alipay') {
		$output .= do_shortcode("[s2Member-Pro-AliPay-Button sp='1' ids='618' exp='72' desc='{$course}' custom='centilin.com|{$id}' ra='{$amount}' image='default' output='anchor' /]");
	} else if($gate == 'Paypal') {
		$amount = round($amount / 7);
		$output .= do_shortcode("[s2Member-PayPal-Button sp='1' ids='618' exp='72' desc='{$course}' ps='paypal' lc='' cc='USD' dg='0' ns='1' custom='centilin.com|{$id}' ra='{$amount}' image='default' output='button' /]");
	} else if($gate == 'Cash'){
		$output .= 'Cash';
	}

	$output.= '</td>
		</tr>
		</table>';

	return $output;
}

As you can see, plain and simple. I made sure the spaces between course name would not be a problem. And a sample URL that got me to ILLEGAL_SIGN

https://mapi.alipay.com/gateway.do?body=Arduino_Labs&subject=xxx.com&sign_type=MD5&out_trade_no=51602b0617c59~sp%3A618%3A72~1~184.82.64.121&extra_common_param=xxx.com%7C11&total_fee=1080&paymethod=directPay&partner=PARTNER_ID_REPLACED&notify_url=http%3A%2F%2Fxxx.com%2F&return_url=http%3A%2F%2Fxxx.com%2F%3Fs2member_pro_alipay_return%3D1&sign=785910234ba7c6b5fe94c2d3f8472a8e&_input_charset=utf-8&service=create_direct_pay_by_user&seller_email=zling%40xxx.com&payment_type=1&show_url=http%3A%2F%2Fxxx.com%2F&alipay_exterface_invoke_switch_client_ip=IP_ADD_REPLACED&alipay_exterface_invoke_switch_sign=_fsv_p_wy_a9_i5_jh_i_kjx_meg_s_o_gjg_g_u_eem_n5z_x_m_f_tr8gj_r8pz_l_f_s1_ool_p2_a%3D%3D

I noticed it might be because of some special characters in the description string so no special character at all. Yet I still get the same ILLEGAL_SIGN problem

https://mapi.alipay.com/gateway.do?body=ArduinoLabs&subject=xxx.com&sign_type=MD5&out_trade_no=516186bf97502~sp%3A618%3A72~1~106.2.161.22&extra_common_param=xxx.com%7C11&total_fee=1080&paymethod=directPay&partner=PARTNER_ID_REPLACED&notify_url=http%3A%2F%2Fxxx.com%2F&return_url=http%3A%2F%2Fxxx.com%2F%3Fs2member_pro_alipay_return%3D1&sign=092146b4733d4678b76d054bcb1ffdbe&_input_charset=utf-8&service=create_direct_pay_by_user&seller_email=zling%40xxx.com&payment_type=1&show_url=http%3A%2F%2Fxxx.com%2F&alipay_exterface_invoke_switch_client_ip=IP_ADD_REPLACED&alipay_exterface_invoke_switch_sign=_qc22_owq16i_n_nnrh_hgve8j_k_c_n%2B9184_zbed_xu_q1950z_e0a91pzn2w72_a%3D%3D

Problematic page is on http://centilin.com/course-confirmation/?gate=Alipay&amount=1080&course=Arduino%20Labs&date=April%20-%20May,%202013&id=11

In addition, Paypal is having problems too. You can see that here http://centilin.com/course-confirmation/?gate=Paypal&amount=1080&course=Arduino%20Labs&date=April%20-%20May,%202013&id=11. The paypal error message is “The seller accepts encrypted website payments only. You cannot pay the seller through un-encrypted buttons. Please contact your seller for more details.”

• This topic was modified 3 years, 9 months ago by  zhiling zou. Reason: Paypal issue

Thank you for reporting this important issue.

I’m not familiar with the AliPay error. I’ll take a look into the AliPay documentation regarding this error now.

In the meantime, I am familiar with that PayPal Error. You can disable that from using the instructions provided here:

https://www.paypal-community.com/t5/How-to-use-PayPal-Archive/seller-only-accepts-payments-from-unencrypted-payments/td-p/12931

I reported this issue to our development team. It was recommended that you run the s2Member Server Scanner to check that WordPress is set to run in UTF-8.

See: Knowledge Base » s2Member® Server Scanner