|
|
Please see: https://github.com/WebSharks/s2Member/issues/35
This update will come in the next maintenance release. Thanks for reporting this important issue.
|
|
|
Hi Dan :-) Got your email, thank you.
If you have accept="paypal" only, the entire Billing Method section should be hidden. However, it appears there are some other JavaScript errors on the page you linked me too; so this could be causing some hiccups for s2Member also. Please take a look at these and confirm for me (click to enlarge). Thanks!
|
|
|
Lazy-loading is going to default to a value of OFF; starting with the next maintenance release. We’ve seen numerous reports of this causing trouble on sites that use s2Member in more dynamic ways. If you’re having trouble, please turn lazy-load off.
|
|
|
Thanks for reporting this important issue.
Please download and install s2Member and s2Member Pro v131026 to resolve this issue.
Changelog: http://www.s2member.com/changelog/
|
|
|
PayPal confirms this issue is now resolved.
Response from PayPal – 10/14/2013 06:48 AM
We appreciate your patience. This message is to inform you that the issue was resolved through a recent live site update.
Please contact us again if you feel the issue is not resolved and provide additional supporting details to help us identify or reproduce the issue.
PayPal Merchant Technical Services
|
|
|
@Jason, could you confirm that his existing user subscriptions will keep working fine when he starts using Express Checkout? I imagine it’s fine because the PayPal Standard account remains the same, which is not the case when upgrading to PayPal Pro if I remember correctly. Just making sure.
Yes, that is correct. The only time this would be a problem is if the underlying PayPal account changes all together (which is very rare). As long the underlying PayPal account is the same (usually the case); any past Subscriptions created through Standard Buttons will continue to operate as expected even after a site owner begins to use Pro Forms instead of Buttons for new customers.
|
|
|
What I still don’t get is why is this problem unique to S2Member? Is there something about the implementation that has caused this? Maybe it uses some PPal functions that are being deprecated?
This problem is not unique to s2Member; it is a problem with encrypted buttons on the PayPal side of things. We have made attempts to bypass the issue across multiple API versions without success.
Turning off security seems like a very very bad idea these days and I don’t want to really do that.
Some alternatives to this may include:
Use s2Member Pro Forms w/ PayPal Pro instead of Buttons.
http://www.s2member.com/kb/pro-forms/
Or, use a PayPal-generated button that is a “hosted button”; which you can select when you generate a PayPal Button at PayPal.com. These do not need to be encrypted. See also: http://www.s2member.com/kb/using-paypal-created-buttons/
Or, use an unencrypted button and just monitor incoming sales for any fraudulent activity (e.g. incorrect prices, etc). Unencrypted buttons expose their source code, so savvy users who wish to commit fraud may be allowed to do so; if your buttons are unencrypted. This is a risk, but it’s one that can be monitored for fraudulent activity and any fraudulent transactions can be identified; e.g. you should probably terminate their account access if you find that a transaction was indeed fraudulent.
I will continue to update this thread as I receive updates from PayPal on this matter.
|
|
|
Response from PayPal 10/02/2013
Dear Jason Caldwell,
The problem is still ongoing and our developers are working in order to release a fix as soon as possible. The issues you are experiencing are considered a high priority.
As previously mentioned, you may want to use a button without encryption as a workaround for now.
Thanks for your patience regarding this matter.
Federica
PayPal Merchant Technical Services
PayPal, an eBay Company
|
|
|
UPDATE: I have had no further response from PayPal on this since the last acknowledgement that this WAS their problem and not ours. No response since then; but the issue seems to have been corrected from my most recent tests; e.g. these PayPal Buttons (encrypted) are now working as expected: http://gator3104.hostgator.com/~wsksdev/jason/pp-be-test.php
|
|
|
Update from PayPal regarding this issue on: 9/19/2013.
PayPal Button Encryption [Incident: 130823-000193]
Response Via Email (Federica)
Dear Jason,
Thank you for contacting PayPal Merchant Technical Services.
We sincerely apologise for the delay in responding to your query.
We are aware of this issue and our engineers are actively working to resolve these issues. I don’t have a estimated time of arrival for when this issue will be resolved at this time. You will be updated further via this ticket as we receive more information from our engineers. I apologize for the impact this issue is causing. The issues you are experiencing are considered a high priority.
Thanks for your patience regarding this matter.
Federica
PayPal Merchant Technical Services
PayPal, an eBay Company
I will continue to update this thread & KB article as we receive further details from PayPal. I’m looking forward to this being resolved!
|
|
|
Hi Jason, Cristián,
I would like to ask that when you become aware of such a huge problem that possibly affects everyone, please send out a letter to all of your customers notifying them of this.
I was wondering why I didn’t have any subscribers for the last few days, until someone wrote me telling me something is wrong, and yes, none of the buy buttons work on my site anymore. These few days of no sales could have been avoided if you would have kept us up-to-date on such a serious issue.
Tom
This did go out in an email notice to all s2Member users both free and Pro users also.
http://www.s2member.com/kb/paypal-button-encryption-problems/
You can subscribe to updates from your Dashboard, and this notice is also visible in everyone’s Dashboard.
|
|
|
I was in contact with PayPal again today by phone. PayPal is working on a resolution to this, and I’m hoping it will be soon. I will post further updates when I hear back from them.
PayPal techs are investigating two examples I posted here that reproduce the issue.
http://gator3104.hostgator.com/~wsksdev/jason/pp-be-test.php
These are encrypted subscription buttons generated from two different live PayPal accounts. These only work about 1 out of 10 times they are clicked (of course this will hopefully change as PayPal works to resolve the problem). Most of the time when we’ve tested them they result in the following error “Sorry — your last action could not be completed”.
I’ve tested these in different browsers while logged into my PP account; and also while I’m not logged into my PP account. I’ve tried setting required variables only, and I’ve tried setting all possible variables. No difference. I’ve also tried deleting cookies and browser temp files; no difference. I’ve also tried generating these buttons through the Button Manager API, same error: “Sorry — your last action could not be completed”.
If any of you are in contact w/ PayPal to report this issue yourselves, please ask them to also review Support Ticket Reference ID: 130823-000193 (reported by Jason Caldwell w/ s2Member.com). These examples along with other supporting documentation have been made available in that private thread; which also references this thread here at s2Member.com.
Disabling s2Member’s Button Encryption feature is recommended until this is resolved.
See: Dashboard -› s2Member® -› PayPal® Options -› Account Details -› Button Encryption
While Button Encryption is disabled, we recommend that you closely monitor incoming transactions for any fraudulent activity, as the risk of fraud increases slightly without this high level encryption being applied to the HTML output in these PayPal Buttons.
|
|
|
I’m very sorry for the delayed response on this. I’ve been swamped and just got a chance to take another look at this. I would LOVE to have some assistance with this, if that’s still possible. Please submit the details privately to me via this contact form. Thank you!
See: https://www.s2member.com/contact/?s2-ssl=yes&d=support
|
|
|
I just finished researching a specific transaction ID that you sent over. I find log entries in your s2Member® installation that indicate post-processing was a success. However, there is a missing log entry for “subscr_payment” which indicates that registration processing was NOT successful. So upon further review of your reg-handler.log file (which is maintained by s2Member), I found a log entry for this customer and I see the customer had no registration access cookies set in their browser when registration occurred.
'reg_cookies' => false,
'current_role' => 'subscriber',
'role' => 'subscriber',
'level' => '0',
'ccaps' => '',
'login' => 'juliusp',
In looking over your s2Member configuration I find that you have Open Registration enabled. I suspect what is happening here is that you have customers completing checkout and while they are waiting for an email confirmation with a link to register with paid access, they are returning to the home page of your site and completing registration there (which is simply giving them a free account). Thus, the connection between the purchase they made, and their account on your site is broken.
What I would suggest is that you further customize the Approval Page Template that customers see after completing checkout. For further details on this, please see: Dashboard -› s2Member® -› ccBill Options -› ccBill® Approval/Denial URLs -› Optional Customizations.
You will want to be clear about asking the customer to wait for the email confirmation. They need to register with the special link provided in that email so they can gain access.
Why? ccBill does not provide s2Member® with enough details in real-time immediately after checkout. The details we get from ccBill occur behind-the-scene through ccBill® Background Post Integration. Thus, we need to process each transaction behind-the-scene, and the customer receives access via email. You can prevent confusion by customizing your Approval Page Template.
Other possible solutions my include…
– Disabling Open Registration
– Choosing a different Payment Gateway. PayPal (for instance) provides us with enough data to process each transaction in real-time on the site, so the email confirmation is optional. The same is true for ClickBank; and even more so if you choose to integrate with s2Member® Pro Forms via Authorize.Net or PayPal Pro.
|
|
|
Hi there. I sincerely apologize for the delayed response.
I just reviewed your forum thread and your WP installation, along with your ccBill log files. It appears from your log files that everything is running properly for you now. However, if you ARE still having some trouble, please reply back and give me a specific transaction ID and I will track down what actually took place in your log files.
For future reference, please review ccbill-ipn.log and paypal-ipn.log because the -rtn.log files only show what happens live on the site, and not what’s taking place behind-the-scene. Your existing log files indicate that s2Member® is handling post-processing for you.
|
|
|
Details received. Thank you!
Thanks for reporting this important issue.
It looks like this was caused by an edge case related to compatibility with others plugins using shortcodes with dashes in their names. We’ve had this corrected on your installation (you should be good now); and we’ll release a formal update to address this compatibility issue in the next maintenance release.
|
|
|
@cat@momentumoptionstrading.com
Thanks for reporting this important issue.
This appears to be a problem on the PayPal® side of things. There is another bug report here; and PayPal seems to be working on it as this point. I will contact PayPal MTS about this also, but I suggest that each of you do the same, because often times it will take more than a single person having trouble to get something done.
Please report this here: http://www.paypal.com/mts/
When I hear back from PayPal® on this, I will update this thread.
Until then, I suggest turning off the encrypted button feature in s2Member®.
NOTE: This error could not be reproduced against a Sandbox/Developer account; but we DID reproduce the issue against a live PayPal account. Not good, PayPal needs to have this corrected ASAP.
NOTE: I was also able to reproduce this bug against a live PayPal account using a PayPal Button generated not through the BMCreateButton API, but with a button generated through the PayPal Merchant interface even.
|
|
|
Memory has issues. Server reports: 512M which does NOT match up with what s2Member expects: 256M
Ah, so what’s happening here is that your core PHP configuration is set higher than what WordPress® knows about; and this is tripping up the s2Member® upgrade routine. That’s something we can definitely fix. We’ll have this updated and a fix applied to the next release.
However, please NOTE. You’ll have to go through two upgrades before this actually will correct the problem for you. An upgrade from your current version to the next, will use the upgrader from the previous version :-) So it’s not until your next update that you’ll get the new upgrader. Make sense?
If you don’t want to wait, you can install this patch file. Upload this file and allow it to override your existing copy of: /s2member-pro/includes/classes/upgrader.inc.php. Even still, upgrading with this new file now (before it’s actually in the official copy of the software); will ultimately downgrade the upgrader. lol
Better to wait for this to come in the next maintenance release IMO.
DEV COPY: http://d1v41qemfjie0l.cloudfront.net/s2member/uploads/bbpress/2013/08/upgrader.inc.php
|
|
|
Thanks for reporting this important issue.
php.ini is set to use a max of 512M:
phpinfo () returns :
<div class="s2-code-tools"><a href="#" class="s2-code-select-all" onclick="s2_selectAll(jQuery(this).parent().next()); return false;" title="Select All"></a><a href="#" class="s2-code-view-source" onclick="s2_viewSource(jQuery(this).parent().next()); return false;" title="View Source"></a></div><code>memory_limit 512M </code>
here is a sample of wp-config.php:
<div class="s2-code-tools"><a href="#" class="s2-code-select-all" onclick="s2_selectAll(jQuery(this).parent().next()); return false;" title="Select All"></a><a href="#" class="s2-code-view-source" onclick="s2_viewSource(jQuery(this).parent().next()); return false;" title="View Source"></a></div><code>define('WP_MAX_MEMORY_LIMIT', '256M' /* WebSharks™ Core auto-fix. */);
define('WP_MEMORY_LIMIT', '256M');</code>
First, I should point out WHY s2Member needs this much RAM, in this specific case. It’s actually not s2Member which needs the RAM, it’s the core WordPress® unzip routine that s2Member uses. In order to unzip a file it requires quite a bit of RAM to hold the data while it’s processing.
Here is the line that comes straight from s2Member’s pro upgrade routine which checks for memory available.
if(@set_time_limit(0) !== "nill" && @ini_set("memory_limit", apply_filters("admin_memory_limit", WP_MAX_MEMORY_LIMIT)) !== "nill" && @ini_get("memory_limit") === apply_filters("admin_memory_limit", WP_MAX_MEMORY_LIMIT))
In short, having this configured the right way (e.g. to provide enough memory in your configuration); is only the first part of resolving this. The second part requires that you verify that your server is actually following your configuration. If you are setting WP_MAX_MEMORY_LIMIT correctly, but still getting this error, my guess is that your server is not really allowing this, even though you’ve configured it as such.
Here’s how to test it on your server.
Create a new PHP file, just name it ram-test.php and upload it to your root web directory (in the same directory where your wp-config.php file resides). Inside this file, make an attempt to set the memory limit to what you’ve configured WP_MAX_MEMORY_LIMIT with and see what happens.
Here is how I would test it if I were investigating your server.
<?php
require dirname(__FILE__).'/wp-load.php';
if(@set_time_limit(0) !== 'nill'
&& @ini_set('memory_limit', apply_filters('admin_memory_limit', WP_MAX_MEMORY_LIMIT)) !== 'nill'
&& @ini_get('memory_limit') === apply_filters('admin_memory_limit', WP_MAX_MEMORY_LIMIT))
echo 'Memory looks good! Server reports: '.@ini_get('memory_limit').' which DOES match up with what s2Member expects: '.apply_filters('admin_memory_limit', WP_MAX_MEMORY_LIMIT);
else echo 'Memory has issues. Server reports: '.@ini_get('memory_limit').' which does NOT match up with what s2Member expects: '.apply_filters('admin_memory_limit', WP_MAX_MEMORY_LIMIT);
?>
Run this file and please report back and let us know what message you got. If we get some feedback on this test, we can certainly try to improve things further, if possible.
If you need help with this, please submit a Dashboard login privately.
See: s2Member® » Private Contact Form
|
|
|
Thanks that patched did the trick! You’re my hero lol.
I can finally go get some sales.
Thank you for reporting back! You’re very welcome.
|
|
|
@ Andrea Cilento
I’m not sure where 15 days comes from. You posted a private contact form just yesterday, and upon us making an attempt to inspect that site, we found once again that it was impossible to investigate. The site you submitted yesterday was completely offline :-)
The site you posted when this thread was originally started (which was 10 days ago, and not 15 days); was online, but had no log files or anything for us to inspect. We wrote you back within 24 hours, but then 4 days later you wrote back asking for more assistance. We only received a new submission from you yesterday, and as I said, the site was offline.
In this time we have helped another customer in this same thread even, who is using ccBill as well; and seems to be running just fine now after getting some assistance w/ configuration.
Regarding your request for a refund. Please see: s2Member® » Terms » Refund Policy
We have a no refund policy on non-tangible digital items which are irrevocable. We do make special exceptions, but as clearly defined in our refund policy, we ask that you follow all suggestions and advice presented by our support team, and work to resolve the problem with our assistance.
I will leave this thread open for you, but if your next submission is not a site that is online, or a private contact form submission with log files that we can inspect for you, I’m afraid there will be nothing more for us to go on in this case. We find that in cases where there is trouble, it is often related to configuration of the software, or configuration on the ccBill side of things. These are problems that can only be detected through a careful review of your configuration, and by inspecting the log files generated by the s2Member® software.
If you would like to investigate these yourself, please see:
Dashboard -› s2Member® -› Log Files (Debug) -› Logging Configuration
|
|
|
|
|
|
|
Thanks for the heads up on this thread :-)
@ Cory — thank you for reporting this important issue.
User search on child blogs of a Multisite Network appears to have been broken after the latest optimizations were applied in the release of s2Member® v130802. We are having this fixed for the next maintenance release, and I’m attaching a patch file to this thread that can be used until it’s made available.
Please download: http://d1v41qemfjie0l.cloudfront.net/s2member/uploads/2013/08/users-list.inc_.php_.zip
Unzip and extract the users-list.inc.php file. Upload this file to your site via FTP and allow it override the existing copy of /wp-content/plugins/s2member/includes/classes/users-list.inc.php. Please report back with a confirmation of this being corrected for me :-) Thanks!
|
|
|
Please forward on to your development team. This is a huge issue. I don’t see how anyone can actually be using your pitch plus capability since passing both variables does not work.
Thanks for reporting this important issue. So it appears that ClickBank has started reading an empty cbur value where it did not in the past. We’re having this updated for the next maintenance release. However, if you can help us test this further by experimenting with the PATCH I’m attaching here, that would be great :-)
If all works well, these changes will make it into the next release.
Download this ZIP please: http://d1v41qemfjie0l.cloudfront.net/s2member/uploads/2013/08/clickbank-patch.zip
Patch/update an existing release of s2Member® Pro v130802
Unzip and extract two files from the ZIP I linked to above.
Upload and allow this file clickbank-checkout-button.php to override your existing copy of.
/wp-content/plugins/s2member-pro/includes/templates/buttons/clickbank-checkout-button.php
Upload and allow this file clickbank-button-in.inc.php to override your existing copy of.
/wp-content/plugins/s2member-pro/includes/classes/gateways/clickbank/clickbank-button-in.inc.php
|
|
|
Thanks for the heads up on this thread :-)
This first post may have been slightly misleading. The issue here has nothing to do with urlencode so please forget I mentioned that. S2Member reads all the data that clickbank passes just fine. Things like membership level, IP, etc. The only major issue I have is the cbfid and cbur can’t be passed in the same clickbank link.
Right. The urlencoding that ClickBank does on their end, is on purpose. While it may look wrong to the naked eye, that’s actually correct. It’s just a bit odd to see the URL-encoded values all combined into a single variable on the ClickBank side of things (e.g. they combine several vars into vvar= on their side).
I’m investigating the other issue now. One moment please.
|
Pre-Sale FAQs
Video Tutorials
Community Forum
Knowledge Base
News/Updates
s2 Codex / Docs
GPL v2 License
Contact A Human
About Us
Our Customers
Support Policy
Privacy Policy
Old Forums (READ-ONLY): The 
