I am using the PHP Toolkit for PayPal v0.51
I have setup Pay Pal sandbox accounts and done a test to the ipn.php that comes back as working ok.
I have set the config.inc.php to suit my settings
PHP Version 5.3.3-7+squeeze15 mysql and cURL installed all is working fine.
When using with IE
everything works fine, the transaction is returned to the success.php and in the ipn_success.php
I have it updating the database with the information posted back from Pay Pal.
When using Firefox
Everything works fine till I get to the part where it returns me back to the success.php
I get a Security Warning box open up with the below information within it.
Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.
Are you sure you want to continue sending this information?
If I click the warning straight away I get the information posted back and the database is updated.
If I leave this warning for a few seconds, I lose all the information that is posted back to the site for the database.
How can I stop this security warning from showing when using Firefox
The website is using http and not using https so Pay Pay is posting back to a non ssl site.
This is actually a known issue with FireFox that we are currently looking into. If you would like to be notified once the issue is resolved, you can open up a ticket with PayPal's Merchant Technical Support. PPXO-7400
I have old Sandbox business & personal accounts that stopped working. I have to go back and test a site I developed two years ago. I saw a reference to importing these accounts on the new site but every link seems to go in circles. I certainly can't afford time to rewrite all my client's api's even if they would pay me just to go into testing mode.
Can someone suggest how I might revive these accounts.
There are currently some issues that are being addressed to resolve this issue. As a workaround try using FireFox or Chrome if you were using IE. Clear your cookies and chache prior to opening up that browhwer. Then go to developer.paypal.com and log in with your live PayPal account email address. Then try importing your accounts. There have been more issues with IE than the other browsers.
This question already has answers here:
Please login to use the PayPal sandbox feature
(5 answers)
Closed 9 years ago.
DISCLAIMER: This question is specifically for the Paypal forum.
I have two Sandbox test accounts. parijat_kalia#hotmail.com (PERSONAL) and parijat_kalia-facilitator#hotmail.com (BUSINESS). The second one has the API credentials and I am using the NVP API to test our e-commerce subscription plan
. The response I get is :
10501: Invalid Configuration This transaction cannot be processed due to an invalid merchant configuration. Occurs when the billing agreement is disabled or inactive.
Hence, to activate it, I presume I need to log in with this sandbox account into the sandbox website so as to activate the billing agreement. The steps I follow are pretty basic.
Login to developers.paypal.com
Click on Applications tab in the horizontal menu
Click on Sandbox accounts in the vertical menu
Click on the specific accounts 'parijat_kalia-facilitator#hotmail.com' dropdown arrow button.
Click on Sandbox site
When i click on sandbox site, it loads in the PERSONAL account in the email i.e 'parijat_kalia#hotmail.com'. I obviously change this and try to login with the business account credentials. However it does not log me in whatsoever. I have changed the password, literally copy pasted it, but it does not work. Nor does deleting the cookies/clearing the cache and terminating the history help. Also, I am using Chrome, not IE.
Also, I presume this error is with Paypal's sandbox website, since the API call is technically logging me in with the credentials (I infer this since I am getting error 10501).
Can you please tell me what is going wrong?
I had an issue similar to that the other day. I was trying to switch from one developer account to another, but it kept logging me in as the first one. So, I couldn't use any of the sandbox accounts for the 2nd account.
I circumvented this issue by switching to private browsing mode in chrome (ctrl+shift+N) and logging in that way.
I can't guarantee this will fix your issue because it's not the same as mine, but it might help.
Misplacedme's answer worked for me, but I don't have enough rep yet, so I'll reply and add some info.
Chrome: Use an Incognito Window (ctrl+shift+N)
Opera: Use a New Private Window (ctrl+shift+N)
IE: No need for special window. It works as it used to.
Firefox: No need for special window. It works as it used to.
Safari: No need for special window. It works as it used to.
Note: These are all on a Windows 8 PC (sorry, I know most people in their right mind aren't using win8 much less developers)
I am trying to send emails from Django using an email configured by Google Apps, my configuration at the settings.py file looks something like this:
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'contact#mydomain.com'
EMAIL_HOST_PASSWORD = 'password'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
When I try to send an email using:
from django.core.mail import send_mail
send_mail("Happy new year", "We wish you the best for 3001",
"contact#mydomain.com", ["someuser#gmail.com"])
I get the following error:
SMTPAuthenticationError:
(535, '5.7.1 Please log in with your web browser and then try again.
Learn more at
5.7.1 https://support.google.com/mail/bin/answer.py?answer=78754 k2sm758604obl.14')
Since I'm working on a remote server with no graphical user interface, I cannot even try to login from the browser.
Just go to
https://accounts.google.com/DisplayUnlockCaptcha
and click "continue". This is going to allow access from other servers.
I've been messing with this for a couple of hours within a cucumber/capybara/selenium test - discovered something stupid which will fix this error for good, guaranteed
The all too familiar error:
Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure) (Net::IMAP::NoResponseError)
As it turns out, there are TWO "Allow Less Secure Apps" toggles which need to be changed to allow logins from unknown devices/IMAP.
One here: https://myaccount.google.com/security?pli=1#connectedapps (bottom of the page)
And one here: https://www.google.com/settings/security/lesssecureapps
BOTH OF THESE GODFORSAKEN TOGGLES need to be changed to get rid of this error message.
edit: from user Milothicus (https://stackoverflow.com/users/3538026/milothicus): in myaccount.google.com, under 'Sign-in & Security', select 'Connected apps & sites'. this also has an option to 'Allow less secure apps'. after turning this one on, my server could now send me an automated email.
When I tried to access my account I was sent this email consisting of this link.
https://www.google.com/settings/security/lesssecureapps
You can turn-on then possibly turn-off after you've done testing.
I got the following response from Google Apps support:
You need to turn on your Outbound relay. To do this:
Log into your account at google.com/a/yourdomain.com
Click the Settings tab and then select Email in the left column.
In the Outbound relay section, select Allow users to send mail through an external SMTP when configuring a "from" address hosted
outside your domain.
Click Save changes.
They also provided a help link: http://support.google.com/a/bin/answer.py?hl=en&answer=176054
After turning on Outbound relay and using the proxy to login to the webmail one more time (thanks to #DaniloBargen and #joshcartme) the issue was resolved. I've read the link explaining what the Outbound relay is and I'm not really sure why would I need it (I don't believe I'm using an external SMTP server).
Since I'm not really sure this is what solved the issue I won't mark the response as accepted until I get some confirmation.
Set up an ssh tunnel to the server in question so that you could, from your home computer, log in to the gmail web client using the server's IP. You probably need to tunnel port 80 and port 443, maybe just 443. After logging in through the web client the problem should go away according to knowledge base article listed in the SMTPAuthenticationError.
Here's an example of how to set up the tunnel:
http://www.noah.org/wiki/SSH_tunnel#simple_port_forwarding_.28SSH_tunneling.29
Option #1 (this worked for me):
After getting the error Please log in with your web browser and then try again. Learn more etc. when trying to send email from my web application, I logged in to the email via browser from my local computer.
After I logged in, there was a yellow notification bar on top which asking me if I want to allow external application access my mail. I confirmed this and Google asked me to log in to the account from the application within the next 10 mins. This will white-list the application.
Option #2:
If Option #1doesn't work for you, try this: http://www.rocketideas.com/2012/05/gmail-error-password-not-accepted-from-server-solved/
etusm provided two locations to turn on less secure apps:
One here: https://myaccount.google.com/security?pli=1#connectedapps
(bottom of the page)
And one here: https://www.google.com/settings/security/lesssecureapps
both were turned on, but my headless server still couldn't send me an email. based on JohnPang's google+ recommendation, i found a third location where i had to allow access to less secure apps:
in myaccount.google.com, under 'Sign-in & Security', select 'Connected apps & sites'. this also has an option to 'Allow less secure apps'. after turning this one on, my server could now send me an automated email.
I found the solution at: https://support.google.com/accounts/answer/185833?hl=en and finally https://security.google.com/settings/security/apppasswords
If you are testing your project on a local machine, you should go to the latter link, and enable "Access for less secure apps".
Do you have two factor authentication enabled for the apps account ? Then you might need to use an application specific password for that application.
All of the above doesn't help in my case (weird). But this link might help you:
https://security.google.com/settings/security/activity
You can access it via Google Plus
Open Google+
Select "Security" from the top
Under "Recent activity" click "View all events"
You will see a list of "Unusual Activity"
It shows "Application / device sign-in attempt (prevented) Singapore" as I'm using AWS from Singapore
Click on "Change" > "Yes, that was me!"
Retry again. Done!
As of now (look at my post date) there is only one "Allow less secure apps" toggle in the Gmail account admin UI:
https://myaccount.google.com/u/0/security#connectedapps
It'll work from your local computer (Mac or PC) after that.
To allow access from Amazon EC2 (and I suspect other Cloud-located hosts), there is yet another flag to set in Google's never ending battle with spammers:
https://accounts.google.com/b/0/DisplayUnlockCaptcha
Recently, I have found that this issue can be resolved by confirming that the activity has originated from a request I initiated, by visiting Google Account
I had to confirm, under Security Events, that the suspicious activity was in-fact me, even though the originating server from where the request came from was cloud hosted, and therefore over 1000 km away. After clicking this step, and setting less secure apps, I was able to use getmail to retrieve my mail, over ssl using either imap or pop.
Just want to highlight Danilo Bargen's comment:
An easier way to connect to the other network using tunnels is to use a dynamic tunnel (ssh -D 6789 remotehost) and then to set localhost:6789 as SOCKS5-Proxy in Firefox. Then you are basically in the remote network with your browser and localhost is the remote host
Also I want to add that SOCKS Proxy method also works with Chrome. As a result you can log in with your local web browser as if you are on a server.
change your settings at https://www.google.com/settings/security/lesssecureapps so that your account is no longer protected by modern security standards.
This is occuring due to some apps are marked as less secure apps by google. So to use those apps, you need to give access for those apps. to do that follow http://www.codematrics.com/your-imap-server-wants-to-alert-you-to-the-following-please-login-via-your-web-browser-gmail/
Hope this will solve your issue.
In my case, when i tried to login to the google account via web, it asked me for a captcha. I entered the captcha and then the automation worked.
Well, I am a non-Facebook developer, and a normal .NET programmer who have created a Facebook application for a regular website around one year ago using FBML. I have no time to read the roadmap every day and know what will be next. So I had no idea about OAuth and HTTPS till yesterday.
All of a sudden I received an email yesterday saying (27 Sep) upgrade to OAuth 2.0 and HTTPS,
otherwise the application will be disabled from 1st Oct.
Now, I read about OAuth 2.0 the whole day yesterday, and think I can get around it now chaining things, but I found that the site which currently host my Facebook application doesn't have SSL (HTTPS support) or dedicated IP address and I found that I need to invest around 20$ to get SSL and another $20 for a dedicated IP address. I am ready to pay
for it, but as you know a response from hosting are not that quick.
Now I have emailed my hosting to make arrangement for it, but sadly they have not responded yet, and I now only have one day left (I don't know they will respond or not).
So how can I save my application? I don't have any server that support HTTPS for now. Even if I get some free SSL I am not able to implement it as I don't have a dedicated IP address.
Is there some way I can put a "will be back soon" kind of message. Or how can I save the application now?
I think I need to update that HTTPS canvas page in the setting anyhow.
FBML applications are not required to migrate and support HTTPS and signed requests.
Source: http://developers.facebook.com/blog/post/567/
Also, be aware that Facebook will stop supporting FBML apps at the end of the year.