Sandbox Testing with 'Live' Merchant account Works but using Sandbox Merchant Account Fails

Question

Some background: Am trying to get Paypal Standard to work with Paid memberships Pro WordPress Plugin. Am not getting too much help there, which is why I'm here.

Orders are set to 'Review' and stay that way, there is no ipn debug log via email even though debug is turned on. Also tried setting debug so it would create a debug log file, but it doesn't create one. The Paypal IPN details are:

Original/Resent: Original

Latest delivery date/time: ---

Notification URL: http://example.com/wp-admin/admin-ajax.php?action=ipnhandler

HTTP response code:

Delivery status: Disabled

Number of retries: 0

IPN Type: transaction made

The IPN Message itself looks good.

Have done the following tests:

1 - With debugging turned on, I visit the IPN URL and get this: Logged On: 01/02/2017 13:20:34 Array ( ) FP! Array ( [headers] => plus a whole long page of info, and I received the ipn debug log via email.

2 - I set up an HTML form with action set to the ipn handler url and get VERIFIED

3 - Used the IPN Simulator with the same ipn handler url, transaction type set to Web Accept, Payment Status set to Completed and everything else was default except I removed the Custom field. The IPN log said VERIFIED.

4 - Tested in the Sandbox - I used one of the sandbox buyer accounts for the Buyer, and used my developer email address as the Merchant mistakenly (it does happen to be a Business Paypal account), but I got VERIFIED! Checkout Processed - Success.

5 - I repeated that test except I used the sandbox Merchant account, but this time got the same results as the live system - order status is 'review', no ipn debug log, etc.

6 - Repeated the Sandbox test again and used the client's Merchant account email address and I got VERIFIED! The order was successful.

Other things I've tried: - changing the Language Encoding from Windows to UTF-8 in my clients merchant account - no difference - installed the TLS 1.2 Compatibility Test plugin: "TLS 1.2 Enabled. Your site should work fine when making calls to gateways and APIs that require TLS 1.2. Endpoint is https://tlstest.paypal.com/ (PayPal) PayPal_Connection_OK; PHP Version 5.5.38 cURL version 7.34.0 or higher detected.

This is the code for the handler:

function pmpro_ipnValidate() {
//read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

//generate string to check with PayPal
foreach ( $_POST as $key => $value ) {
    $value = urlencode( stripslashes( $value ) );
    $req .= "&$key=$value";
}

//post back to PayPal system to validate
$gateway_environment = pmpro_getOption( "gateway_environment" );
if ( $gateway_environment == "sandbox" ) {
    $paypal_url = 'https://www.' . $gateway_environment . '.paypal.com/cgi-bin/webscr';
} else {
    $paypal_url = 'https://www.paypal.com/cgi-bin/webscr';
}

$paypal_params = array(
    "body"        => $req,
    "httpversion" => "1.1",
    "Host"        => "www.paypal.com",
    "Connection"  => "Close",
    "user-agent"  => PMPRO_USER_AGENT
);

$fp = wp_remote_post( $paypal_url, $paypal_params );

//log post vars
ipnlog( print_r( $_POST, true ) );

//assume invalid
$r = false;

if ( empty( $fp ) ) {
    //HTTP ERROR
    ipnlog( "HTTP ERROR" );

    $r = false;
} elseif ( ! empty( $fp->errors ) ) {
    //error from PayPal
    ipnlog( "ERROR" );
    ipnlog( "Error Info: " . print_r( $fp->errors, true ) . "\n" );

    //log fb object
    ipnlog( print_r( $fp, true ) );

    $r = false;
} else {
    ipnlog( "FP!" );

    //log fb object
    ipnlog( print_r( $fp, true ) );

    $res = wp_remote_retrieve_body( $fp );
    ipnlog( print_r( $res, true ) );

    if ( strcmp( $res, "VERIFIED" ) == 0 ) {
        //all good so far
        ipnlog( "VERIFIED" );
        $r = true;
    } else {
        //log for manual investigation
        ipnlog( "INAVLID" );
        $r = false;
    }
}

/**
 * Filter if an ipn request is valid or not.
 *
 * @since 1.8.6.3
 *
 * @param bool $r true or false if the request is valid
 * @param mixed $fp remote post object from request to PayPal
 */
$r = apply_filters( 'pmpro_ipn_validate', $r, $fp );

return $r;
}

What else can I do to find out why I can't get successful Paypal Standard payments on the live site with the client's Paypal account but it works in the Sandbox?

Answer 1

Turns out that I needed to enable IPN and set an IPN URL in the Paypal account, which was against PMPRO's instructions.