chrometweaks.org

Does anyone know a simple and easy iPage web host to use to build a website?

Click Here To View All Answers...


Question I have... Does anyone know a simple and easy iPage web host to use to build a website? Looking forward for any comment. Another question... I just found something out which I feel is my duty to tell everyone who is using the built in Paypal payment system in OSC..

The problem is this:.

A customer can go onto your iPage site - create a fake account (fake details) - place an order - and select the 'PayPal' methord..

This is where the problem begins:.

He/She will then get sent to the Paypal Payment screen - the link in the browser title bar looks something like this:.

Https://www.paypal.com/cgi-bin/webscr?amount=145.95&x=56&y=9&return=http etc etc....

Notice along the line is the amount for the item (145.95) - customers can just change this (for example 0.01) and press enter - the hey presto - they get the item for 0.01 !!.

Its as easy as that!.

I suggest.

EVERYONE.

Who wishes to use Paypal - uses IPN as this fixes the problem!.

I hope this helps alot of people!.

PS. Also note - this is especally important for people who are offering instant downloads when they complete payment!..

Comments (40)

The answer is Yes, but... you might want to make sure and wait for another commenter to confirm this as I am not sure. Better yet, why don't you give a call to the iPage guys because they can give you an answer better...

Comment #1

Can you explain how to do this (for a newbie) lol..

Comment #2

No this wont work here because when you select a shipping method the rate is queried again...

Comment #3

Im sorry if it has been covered before - but asson as I found out about it I just opened a topic!..

Comment #4

Sometimes it is good to freshen people's memories...besides it brings newcomers such as myself up-to-date kinda..

Thanks to both..

Comment #5

Where do I get the PayPal IPN payment module from - it's not in the list to install ??.

How do I get Paypal to return to the iPage site ??..

Comment #6

You should use the paypal shopping cart ipn contribution v2.6a found.

HERE..

Comment #7

This problem exists with most payment modules as most are using HTTPS forms to post the data to the gateway server..

The only way around this is to use cURL or native SSL communication methods in PHP 4.3, which obviously depends on whether your own server supports such methods..

The following Workboard entry exists for the 2.2 Milestone 3 release to have all payment modules communicate in the most secure way the server is able to support:.

Http://www.oscommerc...ty/workboard,46.

Other than the technical side, there's also the intelligence side of the store owner to confirm/verify their orders before shipping the products...

Comment #8

And when is the user able to modify the information that is provided to UPS?.

Not to mention the fact that the UPS XML rates is UPS' preferred method of connection and provides more accurate quotes...

Comment #9

Harald Ponce de Leon: "Other than the technical side, there's also the intelligence side of the store owner to confirm/verify their orders before shipping the products.".

Exactly, this is a non-problem!..

Comment #10

No, it is not a non-problem, if you sell virtual products...

Comment #11

@Daemonj.

The selected shipping method is quoted again and saved in the session before redirect to the payment page. The user cannot change the rate. The preferred method is irrelevant..

//checkout_shipping.php.

If ( (tep_count_shipping_modules() > 0) || ($free_shipping == true) ) {.

If (isset($_POST['shipping']) && strpos($_POST['shipping'], '_')) {.

$osC_Session->set('shipping', $_POST['shipping']);.

List($module, $method) = explode('_', $osC_Session->value('shipping'));.

If (is_object($$module) || ($osC_Session->value('shipping') == 'free_free')) {.

If ($osC_Session->value('shipping') == 'free_free') {.

$quote[0]['methods'][0]['title'] = FREE_SHIPPING_TITLE;.

$quote[0]['methods'][0]['cost'] = '0';.

} else {.

//.

//Like this ->quote('UPS Ground','UPS');.

$quote = $shipping_modules->quote($method, $module);.

//.

}.

If (isset($quote['error'])) {.

$osC_Session->remove('shipping');.

} else {.

If (isset($quote[0]['methods'][0]['title']) && isset($quote[0]['methods'][0]['cost'])) {.

$shipping = array('id' => $osC_Session->value('shipping'),.

'title' => (($free_shipping == true) ? $quote[0]['methods'][0]['title'] : $quote[0]['module']' ('$quote[0]['methods'][0]['title']')'),.

'cost' => $quote[0]['methods'][0]['cost']);.

$osC_Session->set('shipping', $shipping);.

Tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));.

}.

}.

} else {.

$osC_Session->remove('shipping');.

}.

}.

} else {.

This post has been edited by.

User99999999.

: 06 September 2004, 15:23..

Comment #12

Confirming/verifying is definitely a problem. Or at least an issue. I see at least two obvious reasons for this:.

Since in a way the osC-admin interface may mislead store owners to BELEIVE that orders have been paid..

And if volumes are large, going to some other on-line account to verify payments, may be a time wasting hassle...

Comment #13

I just found something out which I feel is my duty to tell everyone who is using the built in Paypal payment system in OSC..

The problem is this:.

A customer can go onto your iPage site - create a fake account (fake details) - place an order - and select the 'PayPal' methord..

This is where the problem begins:.

He/She will then get sent to the Paypal Payment screen - the link in the browser title bar looks something like this:.

Https://www.paypal.com/cgi-bin/webscr?amount=145.95&x=56&y=9&return=http etc etc....

Notice along the line is the amount for the item (145.95) - customers can just change this (for example 0.01) and press enter - the hey presto - they get the item for 0.01 !!.

Its as easy as that!.

I suggest.

EVERYONE.

Who wishes to use Paypal - uses IPN as this fixes the problem!.

I hope this helps alot of people!.

PS. Also note - this is especally important for people who are offering instant downloads when they complete payment!..

Comment #14

In addition to using the PayPal IPN payment module you should also set in your PayPal account configuration to Automatically Return to iPage site after payment..

Thanks for the post but this has been covered.

Many.

Times in the past..

The same is true that you should be using the UPS XML Rates & Quotes instead of the built-in UPS shipping module..

This post has been edited by.

Daemonj.

: 06 September 2004, 03:47..

Comment #15


This question was taken from a support group/message board and re-posted here so others can learn from it.