Install returns to Install App name

[impactcolor]

Hi I have followed the steps as I perceive them to be and when I click "Continue" on install it goes back to the continue page. My setup is like this: In App Info I have App Url: https://mydomain.com/app/install.php

Whitelisted redirection URL(s) https://mydomain.com/app/oauth.php

"my domain" is just an alias to cover my domain.

I've put all the files from the code here in "app" directory.

[myjanky]

sounds like you have a redirect loop. do you have the patched md5 to hmac is_valid_request() function

[impactcolor]

I tried using the patch for md5. Going off another issue posted here you said this "please try this function in place of is_valid_request(). `public function validateSignature($query). I replaced the is_valid_request with the validateSignature public function and now it just goes to a white screen when I try to run it. I don't get the installation option anymore. One thing also is that the ssl I'm using is from cloud flare since my domain has cloud flare set. They automatically provide the https.

Any other ideas I can try?

[myjanky]

how exactly did you update the function?

also what is on line 31 of oauth.php. this is where you can do a header('path of your app code'); at line 31 instead of the echo... try the get_products.php sample.

[impactcolor]

in shopify.php I removed line 13 - 28 the entire function is_valid_request and I replaced it with the public function validateSignature... that it said on another thread. In line 31 I have this function should I switch it tot the get_products?

[myjanky]

It is not a line by line copy and paste. The library still calls is_valid_request() not validateSignature().

you need to replace the code inside the function and make it work with this library.

[impactcolor]

Ok I fixed that now when I hit install it goes to a white screen with this in the url: https://mydomain.com/app/oauth.php?hmac=0d10db4c9fdbb6bfb8ac173786935ae52e673b7f596e567ca01bb8985c18efdd&shop=citylocs.myshopify.com&timestamp=1500490984

However the app doesn't appear in the installed apps.
Thank you for all your help, for taking the time to answer these questions.

[myjanky]

It should be asking for permission at this point but I do not see the query parameter ?code= in your url. mind sharing the app domain. I can test on a dev shop and see if I can assist.

[impactcolor]

Yup here goes: https://codesto.net/preview/ So install path is https://codesto.net/preview/install.php? etc

[impactcolor]

And also here is the settings in the partner dashboard https://screencast.com/t/4PnSZCQ1nd

[myjanky]

You need a valid SSL cert

[impactcolor]

Fixed the SSL but still not working: https://screencast.com/t/trq4Yuoe

[myjanky]

Try this. Make both app url and redirect url both the same /oauth.php then on line 31 try a redirect to get_products.php like header('Location: /preview/get_products.php');

[myjanky]

[myjanky]

When I click continue I get a 500 server error.

can you look into your php error log and the httpd error log?

[myjanky]

Also what permissions are you giving the app? read orders?

[impactcolor]

the error log says: GET /preview/oauth.php?hmac=75e95e63d10c958369b5abfdc41334cb84892ee253e3dc70ed478bf19e0ca5bd&shop=citylocs.myshopify.com&timestamp=1500495367 HTTP/1.1 and I got this warning: mod_fcgid: stderr: PHP Fatal error: Call to undefined function phpish\shopify\mhash() in /var/www/vhosts/w8ld-gg7p.accessdomain.com/codesto.net/preview/vendor/phpish/shopify/shopify.php on line 30

[impactcolor]

I hadn't got to setting the app permissions yet.

[myjanky]

you need to install mhash on your LAMP install. what does info() return

[myjanky]

http://php.net/manual/en/mhash.installation.php

[impactcolor]

I show this:

hash support

enabled

Hashing Engines

md2 md4 md5 sha1 sha224 sha256 sha384 sha512 ripemd128 ripemd160 ripemd256 ripemd320 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160,4 tiger192,4 snefru snefru256 gost gost-crypto adler32 crc32 crc32b fnv132 fnv1a32 fnv164 fnv1a64 joaat haval128,3 haval160,3 haval192,3 haval224,3 haval256,3 haval128,4 haval160,4 haval192,4 haval224,4 haval256,4 haval128,5 haval160,5 haval192,5 haval224,5 haval256,5

[myjanky]

ok I think that the is_valid_request() might be wrong can you post what you have changed

[myjanky]

you should try the ohShopify library as this one is kinda out dated.

[impactcolor]

is it this one: https://github.com/cmcdonaldca/ohShopify.php ?

[impactcolor]

Here goes: function is_valid_request($query) { if(!is_array($query) || empty($query['hmac']) || !is_string($query['hmac'])) return false; $dataString = array(); foreach ($query as $key => $value) { if(!in_array($key, array('shop', 'timestamp', 'code'))) continue; $key = str_replace('=', '%3D', $key); $key = str_replace('&', '%26', $key); $key = str_replace('%', '%25', $key); $value = str_replace('&', '%26', $value); $value = str_replace('%', '%25', $value); $dataString[] = $key . '=' . $value; } sort($dataString);

    $string = implode("&", $dataString);
    $signatureBin = mhash(MHASH_SHA256, $string, $this->secret);
    $signature = bin2hex($signatureBin);

    return $query['hmac'] == $signature;
}

[impactcolor]

I tried the oh shopify one and it worked. Thank you so much for your help I feel you went above and beyond to help out. THANK YOU!

[myjanky]

Cool I follow that library also so if you need some help otherwise let me know.