Support » Plugin: WordPress Simple PayPal Shopping Cart » Error! The Price Validation Failed

  • Resolved keueram72

    (@keueram72)



    I am inserting the form code for the WP pay button into a PH template using this code:

    sprintf( '<div class="wp_cart_button_wrapper">
    <form method="post" class="wp-cart-button-form" action="" style="display:inline" onsubmit="return ReadForm(this, true);" >
    <input type="submit" value="Add to Cart" />
    <input type="hidden" name="wspsc_product" value="%s" />
    <input type="hidden" name="price" value="%s" />
    <input type="hidden" name="shipping" value="0" />
    <input type="hidden" name="addcart" value="1" />
    <input type="hidden" name="cartLink" value="%s" />
    <input type="hidden" name="product_tmp" value="%s" />
    <input type="hidden" name="item_number" value="" />
    <input type="hidden" name="hash_one" value="09b3f19e800005e8dee4821e4afde850" /></form></div>', $booktitle, $trimmedprice, $fullurl, $booktitle);

    Everything works perfect among anything priced 19.95 I have a set for 100 but the Error pops up on this item.

    I am assuming it has to do with the “hash one” value, but I do not know what this hash is actually a hash of, and I tried deleting this field altogether, but then the error popped up on every item.

    Any help would be appreciated.

    https://wordpress.org/plugins/wordpress-simple-paypal-shopping-cart/

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi check the following support thread. Someone did something similar to what you are trying to do.

    keueram72

    (@keueram72)

    It looks like that support thread does explain what I am looking to do, but it does not work for the latest version of the plugin(V4.1.0) since it added “robust price validation checks.”

    As you can see from my code in the earlier post, a “hash_one” value is now required. This is generated from within wordpress-simple-paypal-shopping-cart/wp_shopping_cart.php:

    $_POST['wspsc_product'] = strip_tags($_POST['wspsc_product']); //for PHP5.2 use filter_var($_POST['wspsc_product'], FILTER_SANITIZE_STRING);
            $_POST['item_number'] = strip_tags($_POST['item_number']);
            if (isset($_POST['price'])){
                $_POST['price'] = strip_tags($_POST['price']);
                //Validate price
                $hash_once_p = strip_tags($_POST['hash_one']);
                $p_key = get_option('wspsc_private_key_one');
                $hash_one_cm = md5($p_key.'|'.$_POST['price']);
                if($hash_once_p != $hash_one_cm){//Validation failed
                    wp_die('Error! The price validation failed.');
                }
            }

    If you comment this section out, hash_one value is not required, but clearly the price check does not work. Any thoughts on how I could generate this hash value, since I am inserting fields like “wspc_product” “price” “cartlink” and “product_tmp” through the use of generated variables within the template depending on what book is being displayed?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, one of the plugin developers will investigate your issue further.

    Regards

    Plugin Author mra13

    (@mra13)

    The best option for what you are trying to do would be the following:

    Option 1) Use the following function in your template file to generate the button. Here is an example snippet of code:

    <?php
    do_shortcode('[wp_cart_button name="Test Product" price="19.95"]');
    ?>

    Option 2) Use the add to cart shortcode of this plugin on a test page. This will generate the button with all the correct info. Then you can view the HTML source and then copy paste the HTML code and use it on your template file.

    Hello, I use JavaScript to set the price, based on the selection of a drop-down box.
    In this case there’s no way to pass the hash check.
    So I temporarily commented out the line wp_die('Error! The price field may have been tampered. Security check failed.');
    I would be grateful if you could add an option in preferences to disable the price check, in my case it would be very useful.
    Thank you

    Plugin Author mra13

    (@mra13)

    Are you able to do an ajax query to the server from your JS code?

    That will allow me to introduce a clean solution for you.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Error! The Price Validation Failed’ is closed to new replies.