S2members ERROR: Unable to verify $_POST vars

I have downloaded the server scan php script and run it on my server.

I dont understand any of the following errors…with the exception of mcrypt, i believe all of these conditions are already being met on my server

I have setup a phpinfo.php file and the only one in this list that is missing is mcrypt (which i dont even think comes with php 7 anyway.

[ERROR] MySQL Database Extension

Missing MySQL extension. s2Member needs the MySQL extension for PHP. This will add MySQL support to your installation of PHP, allowing MySQL database communication. Please consult with your web hosting company about this message.

[ERROR] Mcrypt/Encryption Extension

Missing Mcrypt extension. s2Member needs the Mcrypt extension for PHP. This will add encryption support to your installation of PHP, with a variety of block algorithms; such as DES, TripleDES, and Blowfish. Please consult with your web hosting company about this message.

[ERROR] cURL Extension / Or fopen() URL

One or more HTTPS connection tests failed when connecting to:
https://www.websharks-inc.com/robots.txt

In order to run s2Member, your installation of PHP needs one of the following…
• Either the cURL extension for remote communication via PHP (plus the OpenSSL extension for PHP).
• Or, set: allow_url_fopen = on in your php.ini file (and enable the OpenSSL extension for PHP).
Please consult with your web hosting company about this message. See also: WordPress recommended hosting platforms.

has anyone got an answer to this?
100% the error is not with my server…its the s2members plugin not reading server information correctly.

Here is what my server says in response to searches for what s1members says are supposedly missing php extensions

s2members says…

[ERROR] MySQL Database Extension

Missing MySQL extension. s2Member needs the MySQL extension for PHP

my server installed package is

php7.3-mysql 7.3.12-1+0~20191128.49+debian9~1.gbp24559b P-T amd64 MySQL module for PHP

s2 members says

[ERROR] Mcrypt/Encryption Extension

Missing Mcrypt extension. s2Member needs the Mcrypt extension for PHP

php7.3 does not have mcrypt (so why are you requiring this?)

s2members says

[ERROR] cURL Extension / Or fopen() URL

server installed package is

curl 7.52.1-5+deb9u9	A-E	amd64 command line tool for transferring data with URL syntax
libcurl3 7.52.1-5+deb9u9	K-O	amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
libcurl3-gnutls 7.52.1-5+deb9u9	K-O	amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
libcurl4-openssl-dev 7.52.1-5+deb9u9	K-O	amd64 development files and documentation for libcurl (OpenSSL flavour)
php-curl 7.3+70+0~20191118.18+debian9~1.gbp66b4ed	P-T	all CURL module for PHP [default]
php5.6-curl 5.6.40-14+0~20191128.24+debian9~1.gbpa5b195	P-T	amd64 CURL module for PHP
php7.0-curl 7.0.33-13+0~20191128.24+debian9~1.gbp832d85	P-T	amd64 CURL module for PHP
php7.2-curl 7.2.25-1+0~20191128.32+debian9~1.gbp108445	P-T	amd64 CURL module for PHP
php7.3-curl 7.3.12-1+0~20191128.49+debian9~1.gbp24559b	P-T	amd64 CURL module for PHP
python3-pycurl 7.43.0-2	P-T	amd64 Python bindings to libcurl (Python 3)

The s2members website is running on php7.3-fpm.
something is wrong with s2members.
How do i fix this please? I have clients trying to use paypal and as soon as they get redirected back to the website, s2members throws the error “Unable to verify $_POST vars”. If no one here can offer a workable solution, then i will have to get a different membership plugin that works as i do not have time to play around, this is a live production website.

Hi Adam.

The server scanner needs to be updated. The MySQL and Mcrypt errors can be ignored in up-to-date PHP installations. I’m not sure about the cURL one, though, haven’t seen it before.

If you have cURL enabled and working on your site, though, you should be fine.

paypal and as soon as they get redirected back to the website, s2members throws the error “Unable to verify $_POST vars”.

Did you verify that the PayPal+s2 integration is complete and correct?

Could you enable logging, do a new live test purchase (10 cents is enough), and see what entries you get in the logs related to it, please? WP Admin > s2Member > Log files

I look forward to your update.

As soon as i enable debugging, things get even worse…

after going to Paypal, it attempts to return back to the website, however, i get the following in web browser…
Wordpress Error
There has been a critical error on your website.

Learn more about debugging in WordPress.

Can i jsut add, initially i set this up with Paypal Sandbox. It stopped working once i changed it back to use production paypal account.

Firstly, just to make sure the usual question doesnt get asked…I went into wordpress and installed a plugin (jetpack) and configured it…so yes that part of wordpress is working perfectly with my apache webserver.

So now, back to the issue…when i check the server apache logs…i notice the following stands out

Got error 'PHP message: PHP Fatal error: Uncaught Error: Class ‘c_ws_plugin__s2member_paypal_return_in’ not found

i suspect this is then triggering a Mod security function on the server…

ModSecurity: Warning. Matched phrase “Stack trace:” at RESPONSE_BODY. [file “/usr/share/modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf”] [line “49”] [id “953100”] [rev “3”] [msg “PHP Information Leakage”]

The full apache log related to this one paypal transaction is shown below. Please note, this is the log with

• wp.config… define( ‘WP_DEBUG’, true );
• enable logging also active in s2members.

[Wed Dec 11 08:51:12.265522 2019] [proxy_fcgi:error] [pid 7181:tid 139695698675456] [client 12.34.56.78:54812] AH01071: Got error ‘PHP message: PHP Fatal error: Uncaught Error: Class ‘c_ws_plugin__s2member_paypal_return_in’ not found in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-return.inc.php:42\nStack trace:\n#0 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(288): c_ws_plugin__s2member_paypal_return::paypal_return(’’)\n#1 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(312): WP_Hook->apply_filters(NULL, Array)\n#2 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/plugin.php(478): WP_Hook->do_action(Array)\n#3 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-settings.php(523): do_action(‘init’)\n#4 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-config.php(166): require_once(’/home/flystanwe…’)\n#5 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-l…’, referer: https://www.paypal.com/webapps/hermes?flow=1-P&ulReturn=true&token=88378133LX226901S&useraction=commit&rm=2&mfid=1576014634106_a5ea93c864f21&country.x=AU&locale.x=en_AU
[Wed Dec 11 08:56:21.799642 2019] [proxy_fcgi:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55052] AH01071: Got error ‘PHP message: PHP Fatal error: Uncaught Error: Class ‘c_ws_plugin__s2member_paypal_return_in’ not found in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-return.inc.php:42\nStack trace:\n#0 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(288): c_ws_plugin__s2member_paypal_return::paypal_return(’’)\n#1 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(312): WP_Hook->apply_filters(NULL, Array)\n#2 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/plugin.php(478): WP_Hook->do_action(Array)\n#3 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-settings.php(523): do_action(‘init’)\n#4 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-config.php(166): require_once(’/home/flystanwe…’)\n#5 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-l…’
[Wed Dec 11 08:56:21.801960 2019] [:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55052] [client 12.34.56.78] ModSecurity: Warning. Matched phrase “Stack trace:” at RESPONSE_BODY. [file “/usr/share/modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf”] [line “49”] [id “953100”] [rev “3”] [msg “PHP Information Leakage”] [data “Matched Data: Stack trace: found within RESPONSE_BODY:
\x0aFatal error: Uncaught Error: Class ‘c_ws_plugin__s2member_paypal_return_in’ not found in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-return.inc.php:42\x0aStack trace:\x0a#0 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(288): c_ws_plugin__s2member_paypal_return::paypal_return(’’)\x0a#1 /home/flystanwel…”] [severity “ERROR”] [ver “OWASP_CRS/3.0.0”] [maturity “9”] [accuracy “9”] [tag “application-multi”] [tag “language-php”] [tag “platform-multi”] [tag “attack-disclosure”] [tag “OWASP_CRS/LEAKAGE/ERRORS_PHP”] [tag “WASCTC/WASC-13”] [tag “OWASP_TOP_10/A6”] [tag “PCI/6.5.6”] [hostname “membership.clientdomain.com”] [uri “/index.php”] [unique_id “XfAUhWic6bwAABwNkKAAAABQ”]
[Wed Dec 11 08:56:21.802351 2019] [:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55052] [client 12.34.56.78] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file “/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf”] [line “32”] [id “959100”] [msg “Outbound Anomaly Score Exceeded (Total Score: 4)”] [tag “anomaly-evaluation”] [hostname “membership.clientdomain.com”] [uri “/index.php”] [unique_id “XfAUhWic6bwAABwNkKAAAABQ”]
[Wed Dec 11 08:56:21.802677 2019] [:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55052] [client 12.34.56.78] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file “/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf”] [line “82”] [id “980140”] [msg “Outbound Anomaly Score Exceeded (score 4): PHP Information Leakage”] [tag “event-correlation”] [hostname “membership.clientdomain.com”] [uri “/index.php”] [unique_id “XfAUhWic6bwAABwNkKAAAABQ”]
[Wed Dec 11 08:58:33.170709 2019] [proxy_fcgi:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55332] AH01071: Got error ‘PHP message: PHP Fatal error: Uncaught Error: Class ‘c_ws_plugin__s2member_paypal_return_in’ not found in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-return.inc.php:42\nStack trace:\n#0 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(288): c_ws_plugin__s2member_paypal_return::paypal_return(’’)\n#1 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(312): WP_Hook->apply_filters(NULL, Array)\n#2 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/plugin.php(478): WP_Hook->do_action(Array)\n#3 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-settings.php(523): do_action(‘init’)\n#4 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-config.php(166): require_once(’/home/flystanwe…’)\n#5 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-l…’, referer: https://www.paypal.com/webapps/hermes?flow=1-P&ulReturn=true&token=3MX6882332563033W&useraction=commit&rm=2&mfid=1576015077752_5c3add47226e3&country.x=AU&locale.x=en_AU
[Wed Dec 11 08:58:33.172346 2019] [:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55332] [client 12.34.56.78] ModSecurity: Warning. Matched phrase “Stack trace:” at RESPONSE_BODY. [file “/usr/share/modsecurity-crs/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf”] [line “49”] [id “953100”] [rev “3”] [msg “PHP Information Leakage”] [data “Matched Data: Stack trace: found within RESPONSE_BODY:
\x0aFatal error: Uncaught Error: Class ‘c_ws_plugin__s2member_paypal_return_in’ not found in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-return.inc.php:42\x0aStack trace:\x0a#0 /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-includes/class-wp-hook.php(288): c_ws_plugin__s2member_paypal_return::paypal_return(’’)\x0a#1 /home/flystanwel…”] [severity “ERROR”] [ver “OWASP_CRS/3.0.0”] [maturity “9”] [accuracy “9”] [tag “application-multi”] [tag “language-php”] [tag “platform-multi”] [tag “attack-disclosure”] [tag “OWASP_CRS/LEAKAGE/ERRORS_PHP”] [tag “WASCTC/WASC-13”] [tag “OWASP_TOP_10/A6”] [tag “PCI/6.5.6”] [hostname “membership.clientdomain.com”] [uri “/index.php”] [unique_id “XfAVCGic6bwAABwNkRAAAABQ”], referer: https://www.paypal.com/webapps/hermes?flow=1-P&ulReturn=true&token=3MX6882332563033W&useraction=commit&rm=2&mfid=1576015077752_5c3add47226e3&country.x=AU&locale.x=en_AU
[Wed Dec 11 08:58:33.172624 2019] [:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55332] [client 12.34.56.78] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file “/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf”] [line “32”] [id “959100”] [msg “Outbound Anomaly Score Exceeded (Total Score: 4)”] [tag “anomaly-evaluation”] [hostname “membership.clientdomain.com”] [uri “/index.php”] [unique_id “XfAVCGic6bwAABwNkRAAAABQ”], referer: https://www.paypal.com/webapps/hermes?flow=1-P&ulReturn=true&token=3MX6882332563033W&useraction=commit&rm=2&mfid=1576015077752_5c3add47226e3&country.x=AU&locale.x=en_AU
[Wed Dec 11 08:58:33.172796 2019] [:error] [pid 7181:tid 139695740638976] [client 12.34.56.78:55332] [client 12.34.56.78] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file “/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf”] [line “82”] [id “980140”] [msg “Outbound Anomaly Score Exceeded (score 4): PHP Information Leakage”] [tag “event-correlation”] [hostname “membership.clientdomain.com”] [uri “/index.php”] [unique_id “XfAVCGic6bwAABwNkRAAAABQ”], referer: https://www.paypal.com/webapps/hermes?flow=1-P&ulReturn=true&token=3MX6882332563033W&useraction=commit&rm=2&mfid=1576015077752_5c3add47226e3&country.x=AU&locale.x=en_AU
[Wed Dec 11 08:58:34.634565 2019] [proxy_fcgi:error] [pid 7181:tid 139695698675456] [client 173.0.81.1:31719] AH01071: Got error ‘PHP message: PHP Notice: Undefined index: s2member_paypal_proxy in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-notify-in-subscr-or-wa-w-level.inc.php on line 458PHP message: PHP Notice: Undefined index: s2member_paypal_proxy in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-notify-in-subscr-or-wa-w-level.inc.php on line 459PHP message: PHP Notice: Undefined index: s2member_paypal_proxy in /home/clientdomain.com/domains/membership.clientdomain.com/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-notify-in-subscr-or-wa-w-level.inc.php on line 460PHP message: PHP Notice: Undefined index: s2member_paypal_proxy in /home/clientdomain.com/domains/membership.clientdomain.coms/public_html/wp-content/plugins/s2member/src/includes/classes/paypal-notify-in-subscr-or-wa-w-level.inc.php on line 624’

I have found a solution to this problem.
It is nothing to do with my server or its configuration at all.
the issue is definately something that has gone wrong in S2members plugin.
I went into Wordpress, deactivated and then deleted the plugin.
without doing anyelse, i went to Add New Plugin, s2members and installed it.
i then checked all of the API etc for Paypal is correct (which all remained as it was prior to deletion).

created a new paypal buy it now button

works perfectly now.

Thanks for the update!

I wonder if some file in your installation had gotten corrupt… Or maybe it was outdated and now you have it up-to-date…

In any case, glad you sorted it out.

I would imagine that almost certainly a file was corrupted. The question is how?
It certainly wasn’t the server that corrupted it. I am thinking that in manipulating s2memberships via wordpress dashboard, somehow that happened.
This would explain a previous forum post about this exact error (from quite a while ago) where I don’t recall any actual resolution being found…other than to reinstall s2members.

anyway, after deleting and reinstalling the plugin (and without changing any of the pre existing Paypal settings from previous install in the wordpress database), and leaving all other settings at their defaults, the paypal integration is now working correctly flawlessly.

clearly something I had done caused the original error, however, I cannot figure out what that was.

I am a happy camper now (and so are my clients who were starting to get feedback from users grumbling about payment system not working properly). If the reinstall had not worked, I would have been forced to immediately change to a competitors plugin…todays effort was the deadline…we were at a cross-roads!