Author Topic: Donations not being inserted into database - bad behavior mod  (Read 2383 times)

Offline Resourcez

  • Administrator
  • Hero Member
  • *
  • Posts: 1425
    • Resourcez
Donations not being inserted into database - bad behavior mod
« on: September 23, 2011, 05:26:13 PM »
PayPal IPN return sends an empty User Agent (UA) which unfortunately is also a spammer tool.  Bad Behavior allows you to block visitors with an empty UA.

However, from what I see in the code, bad behavior will always reject PayPal, regardless of your empty UA selection.  It rejects the PayPal request method before it even gets to check on the basis of your empty UA choice and if that method doesn't exactly match "POST" and there is also an empty UA, then it rejects.  Much later in the code, it then checks on the basis of your empty UA selection.

There is a way around the problem.  You could do it by whitelisting IPs but PayPal uses many and they can change.  However, bad behavior also allows you to whitelist the return URL i.e. ipntreas.php

Edit the file Sources/bad-behavior/whitelist.ini and add the last 2 lines to the list, as below:
Code: [Select]
; Inappropriate whitelisting WILL expose you to spam, or cause Bad Behavior
; to stop functioning entirely! DO NOT WHITELIST unless you are 100% CERTAIN
; that you should.

; IP address ranges use the CIDR format.

; Digg whitelisted as of 2.0.12
ip[] = ""
ip[] = ""
; RFC 1918 addresses
;ip[] = ""
;ip[] = ""
;ip[] = ""

; User agents are matched by exact match only.

;useragent[] = "Mozilla/4.0 (It's me, let me in)"

; URLs are matched from the first / after the server name up to, but not
; including, the ? (if any). The URL to be whitelisted is a URL on YOUR site.

;url[] = "/example.php"
;url[] = "/openid/server"
; Allow PayPal IPN
url[] = "/ipntreas.php"

If you have everything under control, you're not moving fast enough.
• Apache 2.2.24 • PHP 5.3.24 • MySQL 5.1.68 •


Please Support Us!

Something for Here
Donate with PayPal!
August Goal: $40.00
Due Date: Aug 31
Total Receipts: $0.00
Below Goal: $40.00
Site Currency: USD