Last modified: 2013-06-18 16:58:39 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T28340, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 26340 - Time-outs leading to double donations
Time-outs leading to double donations
Status: RESOLVED FIXED
Product: MediaWiki extensions
Classification: Unclassified
DonationInterface (Other open bugs)
unspecified
All All
: Normal enhancement (vote)
: ---
Assigned To: Arthur Richards
: fundraising
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-12-14 22:11 UTC by Arthur Richards
Modified: 2013-06-18 16:58 UTC (History)
3 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Arthur Richards 2010-12-14 22:11:47 UTC 
Including original email thread here for tracking (yes, it is awkwardly in reverse order):

Sorry not to have responded sooner, this thread got burried in my inbox.

Like Tomasz said, PayPal will timeout during our communications, but that doesn't always mean that they did not receive the transaction.  This is clearly problematic, but it's what we have to work with.  Since I recently lost my dragon-slaying sword, I think there's not much chance of us fixing PayPal or preventing 'Anonymous' from DDoS'ing PayPal, so our solution should probably be a user-experience once.

So, we could leave the timeout threshold as it is (we actually used to have it set higher, but typically if PayPal doesn't respond within a couple of seconds, the trxn is going to timeout anyway), but change the user experience so that the user is alerted their transaction is pending or processing (rather than telling them it failed).  We could also send an email about the transaction to the fundraising team, alerting us to the fact that there's a transaction in question to follow up on.  We wouldn't necessarily need to store any more transactional data about the user than we already do - perhaps name, email address, contribution amount and internal tracking id.  And I do not think we'd need any sort of centralized storage for this, we could just pass this info off in an email.  That should be enough info for our team to look up the transaction in the PayPal interface and match it up to a donor.  While a little more difficult than just increasing the timeout threshold, I think this would go a long way to improving the user's experience.

The downside to this approach is that it's possible that a user's transaction will fail (maybe they entered their address or credit card # incorrectly) but won't know about it until the transaction's been reviewed by someone on our team.  But I imagine it would alleviate the double-charge problem.

On 12/11/2010 11:33 AM, Tomasz Finc wrote:
> Adding Arthur
>
> What happens here is that PayPay is not responding to us when we send over a transaction. We need them to respond in order to know if a credit card was valid or not. Typically this takes about 3-5 seconds.
>
> But, we've seen this creeping up as a result of the Wikileaks attacks against PayPal which have drastically degraded their performance.
>
> A couple of options here
>
> 1) If we hit a timeout then surface a "Thanks, were processing your trxn message" and hope for the best
>       pro: simple text change
>       con: we have to store user info while we are waiting and notify them by email if the trxn fails
>
>       medium difficulty
>
> 2) We increase the timeout past a minute
>      pro: simple change
>      con: most people wont wait that long
>
>      easy difficulty
>
> 3) We get the 'Anonymous' group to stop attacking paypal
>       pro: no code changes
>       con: they might ddos us
>
>       there by dragons difficulty
>
> Arthur might have even better ideas ...
>
> --tomasz
>
> On Dec 10, 2010, at 6:13 PM, Josh VanDavier wrote:
>
>> Hey Tomasz --
>>
>> We're still seeing a lot of these time-outs. I spend most of my time in OTRS going through these issues. It looks like the donors submit their information, but the system displays a message that the site has timed out and that they need to re-submit their information. Then they are charged twice (or 3 times if it "times-out" on them again).
>>
>> Any idea what is causing this?
>>
>> Thanks!
>>
>> On Tue, Nov 23, 2010 at 4:17 PM, Josh VanDavier<jvandavier@wikimedia.org>  wrote:
>> Hi Tomasz --
>>
>> We've been getting messages in OTRS regarding donations timing out and donors having to resubmit their information. This seems to happen more often between 5:30pm until we arrive the next day, both here and internationally.
>>
>> Here are a few ticket numbers of some of the donations we've been looking at:
>>
>> Zoom Ticket#: 2010112210025366
>> Zoom Ticket#: 2010112310033873
>> Zoom Ticket#: 2010112310027648
>>
>> Thanks!
>> -- 
>> Joshua VanDavier
>>
>> Community Officer
>> Wikimedia Foundation
>>
>>
>>
>> -- 
>> Joshua VanDavier
>>
>> Development Associate
>> Wikimedia Foundation
Comment 1 Platonides 2010-12-14 22:20:28 UTC 
We could simply be honest about it. "PayPal hasn't answered to our request. It is likely being processed, but you may need to resubmit it in case you don't get charged."
Comment 2 Peter Gehres 2012-06-12 22:33:26 UTC 
Since we did not seem to have any issues with PayPal during the last fundraiser, I think this has been resolved by someone, somewhere, at sometime.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links