eCart 4 Site - Moved servers / TLS Complaint / PayPal Issues

I have an old site built in eCart 4. Due to PayPal's requirement to only allow TLS servers, I had to move my site to a new server. Upon doing so, I cannot process any transactions. I'm not sure if this has to do with the new server or PayPal's integration that may have changed June 30th. It's been a long time since I've even looked at this site's code (5+ years) and need to see if there is a quick fix to get it working again without a complete rebuild.

The Checkout and Confirm pages load properly, but when I click the "Checkout Button" on the Confirm Page, I get pushed to the checkout_failure.php page with:

Your transaction could not be completed.

We were not able to authorize this transaction due to one of the following reasons:
(1) Incorrect credit card information
(2) Declined credit card information
(3) Billing address and/or the card verification number did not match
(4) Billing agreement is inactive
(5) Credit card expired
(6) Invalid credit card number
(7) Incorrect billing address
(8) Other.

I'm running PHP 5.2.17

Any ideas how to fix this without upgrading eCart 4?

Add code to the failure page:

<?php

@session_start();

var_dump($_SESSION);

?>

That will show you the actual errors from paypal which may help to diagnose the issue.

Below is the results (masked sensitive details):

array(41) {
["captcha_securityCaptcha"]=> string(5) "wsHh7"
["WAVT_indexA10_598_Errors"]=> string(0) ""
["id_users"]=> string(4) "6635"
["userEmail"]=> string(19) “email@email.com”
["userActivity"]=> string(1) "1"
["userLevel"]=> string(1) "2"
["DL_ATC_ID"]=> string(4) "4644"
["DL_ATC_RS"]=> string(10) "rsFeatured"
["WAVT_index_Errors"]=> string(0) ""
["hbCart_Items"]=> string(225) "4644|WAECART|Test Book|WAECART|This is a test of PayPal.|WAECART|_opt_1.jpg|WAECART|0|WAECART|1|WAECART|0.01|WAECART|1|WAECART|rsFeatured|WAECART|Test Book|WAECART|0|WAECART|0.01|WAECART|1 Test Book (4644)|WAECART|0|WAECART|1"
["WAEC_ContinueRedirect"]=> string(10) "/index.php"
["WAVT_confirm_386_Errors"]=> string(0) ""
["eCartCheckoutForm_shipping_country"]=> string(2) "US"
["eCartCheckoutForm_shipping_postcode"]=> string(5) “ZIP”
["eCartCheckoutForm_shipping_state_province"]=> string(2) “STATE”
["eCartCheckoutForm_shipping_city"]=> string(6) “City”
["eCartCheckoutForm_shipping_street2"]=> string(0) ""
["eCartCheckoutForm_shipping_street1"]=> string(16) “Street Address”
["eCartCheckoutForm_shipping_fax"]=> string(0) ""
["eCartCheckoutForm_shipping_phone"]=> string(10) “Phone Here“
["eCartCheckoutForm_shipping_email"]=> string(19) “email@email.com”
["eCartCheckoutForm_shipping_lastname"]=> string(5) “LastName”
["eCartCheckoutForm_shipping_firstname"]=> string(6) “FirstName”
["eCartCheckoutForm_country"]=> string(2) "US"
["eCartCheckoutForm_postcode"]=> string(5) “ZIP”
["eCartCheckoutForm_state_province"]=> string(2) “STATE”
["eCartCheckoutForm_city"]=> string(6) “City”
["eCartCheckoutForm_street2"]=> string(0) ""
["eCartCheckoutForm_street1"]=> string(16) “Street Address“
["eCartCheckoutForm_fax"]=> string(0) ""
["eCartCheckoutForm_phone"]=> string(10) “Phone”
["eCartCheckoutForm_email"]=> string(19) “email@email.com”
["eCartCheckoutForm_lastname"]=> string(5) “Last”
["eCartCheckoutForm_firstname"]=> string(6) “First”
["eCartCheckoutForm_cvv"]=> string(3) “CVV”
["eCartCheckoutForm_exp_year"]=> string(4) “Year”
["eCartCheckoutForm_exp_month"]=> string(1) “Month”
["eCartCheckoutForm_cc_number"]=> string(16) “CARD NUMBER“
["eCartCheckoutForm_cc_type"]=> string(4) “CardType”
["PP_DirectPayment_postedValues"]=> string(2203) “APIUsernameAPIPasswordAIcDtvu-w4PrV.myZNqAxMuxm32cAS21fmhkqL4qFYlghrHWU3QD4hUk60.0Sale4.0140.01WebAssist.eCartPHP.Pro.DPTest Book0.0114644FirstNameAddressPhoneVisaCARDNUMBERverifiedFIRSTLASTEMAILUS
AddressPhone
62865.74.232.20r9m494elrs5k8drgk2lkrf9c54"
["PP_DirectPayment"]=> string(0) ""
}


I cannot tell from this what is happening.

It looks like their server is refusing your connection. What TLS version does your server use?

Create a test page with this code and post back with the result"

<?php

$ch = curl_init('https://tlstest.paypal.com/');

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);

curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);

curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

$data = curl_exec($ch);

curl_close($ch);

die($data);

?>

I made the file... here are the results:
ERROR! Connection is using TLS version lesser than 1.2. Please use TLS1.2

I talked to the web server support team. Its currently on a 2008 Server which can support TLS 1.2 but cannot force TLS 1.2.
Apparently there is a code change needed to force a 2008 Server to support TLS 1.2. Not sure how to make that code change???

Or they can move it to a Windows 2012 supporting PHP 5.6
Not sure if the eCart 4 code will work on a PHP 5.6 server??

Not sure the best or easiest way to go to get this fixed.

http://hunterbooks.com/wa-test-tls.php
http://hunterbooks.com/tls-win.asp

Here is a link my server support sent me:
https://stackoverflow.com/questions/30145089/tls-1-2-not-working-in-curl

CURL should use the latest TLS version available, so if it supports TLS 1.2 it should be using it. Upgrading to 5.6 is a good option if that is the way your hosting company wants to fix it. The code should work on anything less than php 7.

Talked with the hosting company and we tried to move the site from 5.2.17 PHP server to 5.3 and it broke the site, so we had to roll it back to the 5.2.17 server.

The server team ran the following script:
https://www.hunterbooks.com/tls-test.asp

They said the server supports TLS 1.0, 1.1 and 1.2 and the default preferred is 1.2

I do not know enough about CURL to comment, but they said the script you provided may just check for TLS and if 1.0 or 1.1 exists, the error comes back. Again, i don't know enough to comment, and I don't know what PayPal is looking for when they reject a transaction.

Since the site won't run on anything after 5.2.17, is there anything to fix this?

It should work on php 5.3 or higher. If you update to 5.3 and send me a url to a broken page and give FTP access then I can tell you what is wrong and why it is failing so we can get it working.

Ok I just had the server upgraded to 5.3

http://www.hunterbooks.com/info.php
http://www.hunterbooks.com

info.php loads fine, but site does not.


I've included FTP connection info in the private message box below

It looks like you are using short open tags on your site. Webassist code doesn't do this, but it looks like you have some hand coded IF stataments that use:

<?

instead of:

<?php

This can be enabled in your php.ini file

short_open_tag=On

enabling short tags should get your site working again.