• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[solved] $config['csrf_protection'] and Paypal


when $config['csrf_protection'] is TRUE Paypal IPN does not work.

So do you solve it? Check by IP addreses in the config file and the set to true or false accordingly?

I tried getting sandbox.paypal.com IP with $_SERVER['REMOTE_ADDR'] and get

I also googled for IPs and found such thing:


But there is no such IP address, so that means that the table is not updated or something. So I cannot trust it. And what if they decide to change the IP (for some reason) ? then I will also have to change IPs in config file.

How do you solve this problem?


Found the solution in another thread:
if (isset($_SERVER["REQUEST_URI"]))
    if(stripos($_SERVER["REQUEST_URI"],'/mypage') === FALSE)
        $config['csrf_protection'] = TRUE;
        $config['csrf_protection'] = FALSE;
    $config['csrf_protection'] = TRUE;

[eluser]Jacob Graf[/eluser]
Worked for me! Here is a link to the original solution.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.