search

impress-org / givewp

GiveWP - The #1 Donation Plugin for WordPress. Easily accept donations and fundraise using your WordPress website.
https://givewp.com/
GNU General Public License v3.0
344 stars 191 forks source link

fix(form): Support PayPal Standard Blocking non-encrypted website feature #3523

Closed mathetos closed 6 years ago

mathetos commented 6 years ago

User Story

As a Give Admin, I want to be able to force encryption on all my donations using PayPal Standard. PayPal provides a security feature called "Encrypted Website Payments" that when enabled rejects donations that are sent unencrypted.

Current Behavior

Currently, when that feature in my PayPal account is activated, Give donations are rejected at PayPal with this message:

image

Expected Behavior

I expect Give donations to process correctly and successfully at PayPal.com with this feature enabled.

Steps to Reproduce

  1. Login to a PayPal account, and navigate to “My Profile” -> “My Selling Tools” -> “Website Preferences” -> “Encrypted Website Payments” and turn that setting On
  2. Attempt to make a donation from Give using PayPal Standard and you'll see the error message from the screenshot above.
  3. Disable that same setting and Give donations process correctly.

NOTE: This happens regardless of whether the site has an active SSL certificate loaded over HTTPS properly.

Additionally, you can confirm that it should work as intended using the PayPal button markup while keeping that setting enabled:

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="VK7GL2QWCL6Q8">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>

Visuals

The setting in PayPal: image

Tasks

Related

Multiple users reported this here: https://wordpress.org/support/topic/paypal-error-screen-the-seller-accepts-encrypted-website-payments-only/#post-10528337

jaydeeprami commented 6 years ago

@mathetos and @ravinderk

I have enabled Encrytpted option in paypal.com and able to reproduce this issue in Give.

Also, I have more research and found that WooCommerce has the same issue and they are wontfix.

Below is WooCommerce issue link: https://github.com/woocommerce/woocommerce/issues/19843

mathetos commented 6 years ago

Thanks for the research @jaydeeprami The PayPal comment in their forum that Mike Jolley linked to is compelling evidence that it's not worth attempting to resolve this at all for now.

I've documented this issue on our PayPal Standard FAQ Doc for now: https://givewp.com/documentation/core/payment-gateways/paypal-standard/faq/

Closing.