Need help with 500 error on PHP setup using the sample code from github

Hi Guys,
I’m trying to get some help on finding out why I’m getting a 500 error. My Apache error logs & php error reporting are not giving me much to go on. I’ve already confirmed my info in the .env file, I also have it set for sandbox. Here’s the process-card.php file:

<?php

// Note this line needs to change if you don't use Composer:
// require('square-php-sdk/autoload.php');
require 'vendor/autoload.php';

use Dotenv\Dotenv;
use Square\Models\Money;
use Square\Models\CreatePaymentRequest;
use Square\Exceptions\ApiException;
use Square\SquareClient;

// dotenv is used to read from the '.env' file created for credentials
$dotenv = Dotenv::create(__DIR__);
$dotenv->load();

// Pulled from the .env file and upper cased e.g. SANDBOX, PRODUCTION.
$upper_case_environment = strtoupper(getenv('ENVIRONMENT'));

// The access token to use in all Connect API requests.
// Set your environment as *sandbox* if you're just testing things out.
$access_token =  getenv($upper_case_environment.'_ACCESS_TOKEN');    

// Initialize the Square client.
$client = new SquareClient([
  'accessToken' => $access_token,  
  'environment' => getenv('ENVIRONMENT')
]);

// Helps ensure this code has been reached via form submission
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
  error_log('Received a non-POST request');
  echo 'Request not allowed';
  http_response_code(405);
  return;
}

// Fail if the card form didn't send a value for `nonce` to the server
$nonce = $_POST['nonce'];
if (is_null($nonce)) {
  echo 'Invalid card data';
  http_response_code(422);
  return;
}

    $fname = test_input($_POST["fname"]);
    $lname = test_input($_POST["lname"]);
    $email = test_input($_POST["email"]);
    $total = test_input($_POST["total"]) * 100;
    $departments=array_combine($_POST["dept"],$_POST["deptamt"]);

$payments_api = $client->getPaymentsApi();

// To learn more about splitting payments with additional recipients,
// see the Payments API documentation on our [developer site]
// (https://developer.squareup.com/docs/payments-api/overview).

$money = new Money();
  // Monetary amounts are specified in the smallest unit of the applicable currency.
  // This amount is in cents. It's also hard-coded for $1.00, which isn't very useful.
$money->setAmount($total);
$money->setCurrency('USD');

  // Every payment you process with the SDK must have a unique idempotency key.
  // If you're unsure whether a particular payment succeeded, you can reattempt
  // it with the same idempotency key without worrying about double charging
  // the buyer.
$create_payment_request = new CreatePaymentRequest($nonce, uniqid(), $money);

// The SDK throws an exception if a Connect endpoint responds with anything besides
// a 200-level HTTP code. This block catches any exceptions that occur from the request.
try {
  $response = $payments_api->createPayment($create_payment_request);
  // If there was an error with the request we will
  // print them to the browser screen here
  if ($response->isError()) {
    echo 'Api response has Errors';
    $errors = $response->getErrors();
    echo '<ul>';
    foreach ($errors as $error) {
        echo '<li>❌ ' . $error->getDetail() . '</li>';
    }
    echo '</ul>';
    exit();
  }
  echo '<pre>';
  // $resp_arr = json_decode($response, true);
  // $transid = $resp_arr["id"];
  print_r($response);
  echo '</pre>';
} catch (ApiException $e) {
  echo 'Caught exception!<br/>';
  echo('<strong>Response body:</strong><br/>');
  echo '<pre>'; var_dump($e->getResponseBody()); echo '</pre>';
  echo '<br/><strong>Context:</strong><br/>';
  echo '<pre>'; var_dump($e->getContext()); echo '</pre>';
  exit();
}

    $to = $email;
    $header = "From: <[email protected]>";
    $subject = "Thank you for giving to the Greater Joy Temple family!";
    $adminto = "[email protected]";
    $adminheader = "From: <[email protected]>";
    $adminsubject = "Someone submitted a new Donation!";

    $msg = "Hello $fname,
         Thank you for your generosity!  Please see below for the details of your donation:

    Department(s):
    " + foreach($departments as $dept => $deptamt) {echo "$dept - \$$deptamt \n"}
    + "Total Donation: \$$total



    May God Bless You & Keep You,

    Greater Joy Temple COGIC
    Finance Team
    https://gjt-sa.com/donations
    [email protected]";

    $adminmsg = "Donation Details:

    Name: $fname $lname
    Email: $email

    Department(s):
    " + foreach($departments as $dept => $deptamt) {echo "$dept - \$$deptamt \n"}
    + "Total Donation: \$$total



    May God Bless You & Keep You,

    Greater Joy Temple COGIC
    Web Team
    https://gjt-sa.com
    [email protected]";

    mail($to,$subject,$msg,$header);
    mail($adminto,$adminsubject,$adminmsg,$adminheader);
    
  }
  function test_input($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
  }
  echo error_reporting(E_ALL);

Also the sq-payment-form.js file:
(Note that I have some areas not filled in, not sure if it’s what’s causing the 500 error. Could definitely use some help in that area as well. I do more Server Admin work. I am not a full-time coder, but WP Easy Pay does not work properly on my Wordpress install, so I am trying to build & code a custom form from scratch, learning as I go along.)

/**
 * Define callback function for "sq-button"
 * @param {*} event
 */
function onGetCardNonce(event) {

  // Don't submit the form until SqPaymentForm returns with a nonce
  event.preventDefault();

  // Request a nonce from the SqPaymentForm object
  paymentForm.requestCardNonce();
}

// Initializes the SqPaymentForm object by
// initializing various configuration fields and providing implementation for callback functions.
var paymentForm = new SqPaymentForm({
  // Initialize the payment form elements
  applicationId: applicationId,
  locationId: locationId,
  inputClass: 'sq-input',

  // Customize the CSS for SqPaymentForm iframe elements
  inputStyles: [{
    backgroundColor: 'transparent',
    color: '#333333',
    fontFamily: '"Helvetica Neue", "Helvetica", sans-serif',
    fontSize: '16px',
    fontWeight: '400',
    placeholderColor: '#8594A7',
    placeholderFontWeight: '400',
    padding: '16px',
    _webkitFontSmoothing: 'antialiased',
    _mozOsxFontSmoothing: 'grayscale'
  }],

  // Initialize Google Pay button ID
  googlePay: {
    elementId: 'sq-google-pay'
  },

  // Initialize Apple Pay placeholder ID
  applePay: {
    elementId: 'sq-apple-pay'
  },

  // Initialize Masterpass placeholder ID
  masterpass: {
    elementId: 'sq-masterpass'
  },

  // Initialize the credit card placeholders
  cardNumber: {
    elementId: 'sq-card-number',
    placeholder: '•••• •••• •••• ••••'
  },
  cvv: {
    elementId: 'sq-cvv',
    placeholder: 'CVV'
  },
  expirationDate: {
    elementId: 'sq-expiration-date',
    placeholder: 'MM/YY'
  },
  postalCode: {
    elementId: 'sq-postal-code'
  },

  // SqPaymentForm callback functions
  callbacks: {

    /*
     * callback function: methodsSupported
     * Triggered when: the page is loaded.
     */
    methodsSupported: function (methods) {
      if (!methods.masterpass && !methods.applePay && !methods.googlePay) {
        var walletBox = document.getElementById('sq-walletbox');
        walletBox.style.display = 'none';
      } else {
        var walletBox = document.getElementById('sq-walletbox');
        walletBox.style.display = 'block';
      }

      // Only show the button if Google Pay is enabled
      if (methods.googlePay === true) {
        var googlePayBtn = document.getElementById('sq-google-pay');
        googlePayBtn.style.display = 'inline-block';
      }

      // Only show the button if Apple Pay for Web is enabled
      if (methods.applePay === true) {
        var applePayBtn = document.getElementById('sq-apple-pay');
        applePayBtn.style.display = 'inline-block';
      }

      // Only show the button if Masterpass is enabled
      if (methods.masterpass === true) {
        var masterpassBtn = document.getElementById('sq-masterpass');
        masterpassBtn.style.display = 'inline-block';
      }
    },

    /*
     * callback function: createPaymentRequest
     * Triggered when: a digital wallet payment button is clicked.
     */
    createPaymentRequest: function () {

      var paymentRequestJson = {
        requestShippingAddress: false,
        requestBillingInfo: true,
        shippingContact: {
          familyName: "CUSTOMER LAST NAME",
          givenName: "CUSTOMER FIRST NAME",
          email: "[email protected]",
          country: "USA",
          region: "CA",
          city: "San Francisco",
          addressLines: [
            "1455 Market St #600"
          ],
          postalCode: "94103",
          phone:"14255551212"
        },
        currencyCode: "USD",
        countryCode: "US",
        total: {
          label: "MERCHANT NAME",
          amount: "1.00",
          pending: false
        },
        lineItems: [
          {
            label: "Subtotal",
            amount: "1.00",
            pending: false
          }
        ]
      };

      return paymentRequestJson;
    },

    /*
     * callback function: validateShippingContact
     * Triggered when: a shipping address is selected/changed in a digital
     *                 wallet UI that supports address selection.
     */
    validateShippingContact: function (contact) {

      var validationErrorObj ;
      /* ADD CODE TO SET validationErrorObj IF ERRORS ARE FOUND */
      return validationErrorObj ;
    },

    /*
     * callback function: cardNonceResponseReceived
     * Triggered when: SqPaymentForm completes a card nonce request
     */
    cardNonceResponseReceived: function(errors, nonce, cardData, billingContact, shippingContact) {
      if (errors){
        var error_html = "";
        for (var i =0; i < errors.length; i++){
          error_html += "<li> " + errors[i].message + " </li>";
        }
        document.getElementById("error").innerHTML = error_html;
        document.getElementById('sq-creditcard').disabled = false;

        return;
      }else{
        document.getElementById("error").innerHTML = "";
      }

      // Assign the nonce value to the hidden form field
      document.getElementById('card-nonce').value = nonce;

      // POST the nonce form to the payment processing page
      document.getElementById('nonce-form').submit();

    },

    /*
     * callback function: unsupportedBrowserDetected
     * Triggered when: the page loads and an unsupported browser is detected
     */
    unsupportedBrowserDetected: function() {
      /* PROVIDE FEEDBACK TO SITE VISITORS */
    },

    /*
     * callback function: inputEventReceived
     * Triggered when: visitors interact with SqPaymentForm iframe elements.
     */
    inputEventReceived: function(inputEvent) {
      switch (inputEvent.eventType) {
        case 'focusClassAdded':
          /* HANDLE AS DESIRED */
          break;
        case 'focusClassRemoved':
          /* HANDLE AS DESIRED */
          break;
        case 'errorClassAdded':
          /* HANDLE AS DESIRED */
          break;
        case 'errorClassRemoved':
          /* HANDLE AS DESIRED */
          break;
        case 'cardBrandChanged':
          /* HANDLE AS DESIRED */
          break;
        case 'postalCodeChanged':
          /* HANDLE AS DESIRED */
          break;
      }
    },

    /*
     * callback function: paymentFormLoaded
     * Triggered when: SqPaymentForm is fully loaded
     */
    paymentFormLoaded: function() {
      /* HANDLE AS DESIRED */
    }
  }
});

Is the 500 error coming from Square? Could you provide your application id so I can check our logs?

I do see a few things (just skimmed, didn’t read everything):

1. $access_token = getenv($upper_case_environment.’_ACCESS_TOKEN’); <- why are you appending “_ACCESS_TOKEN”? This is not needed, as that’s not part of your access token. (this would not cause a 500, though, would cause a 401)
2. In your payment form, are you supplying the application or location id anywhere? If not, it would cause the form to not load (and if the variables don’t exist, it could cause more problems since the code would error out).

Hi Stephen,
This is the part of the code I left alone. The comments above that explain that it pulls the token from the .env file:

// dotenv is used to read from the '.env' file created for credentials
$dotenv = Dotenv::create(__DIR__);
$dotenv->load();

// Pulled from the .env file and upper cased e.g. SANDBOX, PRODUCTION.
$upper_case_environment = strtoupper(getenv('ENVIRONMENT'));

// The access token to use in all Connect API requests.
// Set your environment as *sandbox* if you're just testing things out.
$access_token =  getenv($upper_case_environment.'_ACCESS_TOKEN'); 

I built on top of this:

My Sandbox Application ID: sandbox-sq0idp-LKPp0FurnziwmRDLVLJ8vw

The Form front end index.php:

<?php
require 'vendor/autoload.php';

use Square\Environment;
// dotenv is used to read from the '.env' file created for credentials
$dotenv = Dotenv\Dotenv::create(__DIR__);
$dotenv->load();

// Pulled from the .env file and upper cased e.g. SANDBOX, PRODUCTION.
$upper_case_environment = strtoupper(getenv('ENVIRONMENT'));

?>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<html>
<head>
  <title>GJT Donations Form</title>
  <script src=js/addInput.js language="javascript" type="text/javascript"></script>
  <script src="js/jquery-3.5.1.min.js" language="javascript" type="text/javascript"></script>
  <!-- link to the SqPaymentForm library -->
  <script type="text/javascript" src=
    <?php
        echo "\"";
        echo ($_ENV["ENVIRONMENT"] === Environment::PRODUCTION)  ?  "https://js.squareup.com/v2/paymentform"
                                            :  "https://js.squareupsandbox.com/v2/paymentform";
        echo "\"";
    ?>
  ></script>
  <script type="text/javascript">
    window.applicationId =
      <?php
        echo "\"";
        echo getenv($upper_case_environment.'_APP_ID');
        echo "\"";
      ?>;
    window.locationId =
    <?php
      echo "\"";
      echo getenv($upper_case_environment.'_LOCATION_ID');
      echo "\"";
    ?>;
  </script>

  <!-- link to the local SqPaymentForm initialization -->
  <script type="text/javascript" src="js/sq-payment-form.js"></script>
  <!-- link to the custom styles for SqPaymentForm -->
  <link rel="stylesheet" type="text/css" href="css/donationform.css">
  <link rel="stylesheet" type="text/css" href="css/sq-payment-form.css">
</head>
<body>
  <!-- Begin Payment Form -->
  <div class="sq-payment-form">
  <h1>GJT Donation Form</h1>
    <div id="sq-ccbox">
      <!--
        You should replace the action attribute of the form with the path of
        the URL you want to POST the nonce to (for example, "/process-card").

        You need to then make a "Charge" request to Square's Payments API with
        this nonce to securely charge the customer.

        Learn more about how to setup the server component of the payment form here:
        https://developer.squareup.com/docs/payments-api/overview
      -->
      <form id="nonce-form" class="donations" novalidate action="process-card.php" method="post">
    <table class="name-email">
      <tr>
        <td class="leftcol"><label for="fname"><span class="req">*</span>First Name: </label></td>
	<td><input type="text" name="fname" id="fname" pattern="[A-Za-z]" required><br></td>
      </tr>
      <tr>
        <td class="leftcol"><label for="lname"><span class="req">*</span>Last Name: </label></td>
        <td><input type="text" name="lname" id="lname" pattern="[A-Za-z]" required><br></td>
      <tr>
        <td class="leftcol"><label for="email"><span class="req">*</span>Email: </label></td>
        <td><input type="email" name="email" id="email" required><br></td>
      </tr>
    </table>
    <hr>
    <label for="dept">Department(s): </label><br>
    <div id="dynamicInput">
      <span class="req">*</span><select name="dept[]" class="dept" required>
        <option value="General Offering" selected>General Offering</option>
        <option value="Tithe">Tithe</option>
        <option value="Building Fund">Building Fund</option>
        <option value="Pastor's Aid">Pastor's Aid</option>
        <option value="Youth">Youth</option>
        <option value="Men's Department">Men's Department</option>
        <option value="Women's Department">Women's Department</option>
        <option value="Choir">Choir</option>
        <option value="Hospitality">Hospitality</option>
        <option value="Missionaries Circle">Missionaries Circle</option>
        <option value="Pastor & Wife">Pastor & Wife</option>
        <option value="Sunday School">Sunday School</option>
        <option value="Bible Band">Bible Band</option>
        <option value="Consecrational">Consecrational/Seed</option>
      </select> &nbsp;
      <div class="deptamt" style="display: inline;">
        <label for="deptamt">Amount: $</label>
        <input type="number" name="deptamt[]" id="deptamt" class="form-control prc" required/><br>
      </div>
    </div>
    <input type="button" class="addbtn" value="Add Another Department" onClick="addInput('dynamicInput');">
    <hr class="half-line">
    <div class="amtadd">
      <label>Total Donation: $</label>
      <output id="total_amount"></output>
    </div>
    <div id="total" style="visibility: hidden;">
    </div>
    <p />
    <hr>
    <p />
    <!--
      Square's JS will automatically hide these buttons if they are unsupported
      by the current device.
    -->
    <div id="sq-walletbox">
      <button id="sq-google-pay" class="button-google-pay"></button>
      <button id="sq-apple-pay" class="sq-apple-pay"></button>
      <button id="sq-masterpass" class="sq-masterpass"></button>
      <div class="sq-wallet-divider">
        <span class="sq-wallet-divider__text">Or</span>
      </div>
    </div>
        <div class="sq-field">
          <label class="sq-label">Card Number</label>
          <div id="sq-card-number"></div>
        </div>
        <div class="sq-field-wrapper">
          <div class="sq-field sq-field--in-wrapper">
            <label class="sq-label">CVV</label>
            <div id="sq-cvv"></div>
          </div>
          <div class="sq-field sq-field--in-wrapper">
            <label class="sq-label">Expiration</label>
            <div id="sq-expiration-date"></div>
          </div>
          <div class="sq-field sq-field--in-wrapper">
            <label class="sq-label">Postal</label>
            <div id="sq-postal-code"></div>
          </div>
        </div>
        <div class="sq-field">
          <button id="sq-creditcard" class="sq-button" onclick="onGetCardNonce(event)">
            Donate Now
          </button>
        </div>
        <!--
          After a nonce is generated it will be assigned to this hidden input field.
        -->
        <div id="error"></div>
        <input type="hidden" id="card-nonce" name="nonce">
      </form>
    </div>
  </div>
  <!-- End Payment Form -->
</body>
</html>

Gotcha, I misread on that first point, my apologies, it is correct. So when are you receiving the 500 error? Once it hits CreatePayment or sometime before? What is the full error?

Browser:

This page isn’t working
donations.gjt-sa.com is currently unable to handle this request.
HTTP ERROR 500

Apache Logs:

$ cat /var/log/httpd/donations.gjt-sa.com-requests.log
172.69.35.83 - - [17/Aug/2020:18:33:42 -0500] "GET /phpsample/ HTTP/1.1" 401 381 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.35.83 - - [17/Aug/2020:18:33:44 -0500] "GET /phpsample/ HTTP/1.1" 401 381 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.35.83 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/ HTTP/1.1" 200 5489 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.110 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/sq-payment-form.css HTTP/1.1" 200 7457 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.114 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/donationform.css HTTP/1.1" 200 1493 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.238 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/js/sq-payment-form.js HTTP/1.1" 200 6332 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.33.251 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/js/addInput.js HTTP/1.1" 200 1678 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.33.71 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/js/jquery-3.5.1.min.js HTTP/1.1" 200 89476 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.48 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/fonts/Adorable.woff HTTP/1.1" 200 27332 "https://donations.gjt-sa.com/phpsample/css/donationform.css" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.220 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/fonts/Romance_Fatal.woff HTTP/1.1" 200 20744 "https://donations.gjt-sa.com/phpsample/css/donationform.css" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.174 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/fonts/times.woff HTTP/1.1" 200 610164 "https://donations.gjt-sa.com/phpsample/css/donationform.css" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.108 - - [17/Aug/2020:18:33:52 -0500] "GET /favicon.ico HTTP/1.1" 401 381 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.108 - ZTec [17/Aug/2020:18:33:52 -0500] "GET /favicon.ico HTTP/1.1" 404 209 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.35.83 - ZTec [17/Aug/2020:18:34:19 -0500] "POST /phpsample/process-card.php HTTP/1.1" 500 - "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"

I see a couple of 401s in there. Possibly because I have it restricted with my apache config & .htpasswd?

Browser:

This page isn’t working
donations.gjt-sa.com is currently unable to handle this request.
HTTP ERROR 500

Apache Log:

$ cat /var/log/httpd/donations.gjt-sa.com-requests.log
172.69.35.83 - - [17/Aug/2020:18:33:42 -0500] "GET /phpsample/ HTTP/1.1" 401 381 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.35.83 - - [17/Aug/2020:18:33:44 -0500] "GET /phpsample/ HTTP/1.1" 401 381 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.35.83 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/ HTTP/1.1" 200 5489 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.110 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/sq-payment-form.css HTTP/1.1" 200 7457 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.114 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/donationform.css HTTP/1.1" 200 1493 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.238 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/js/sq-payment-form.js HTTP/1.1" 200 6332 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.33.251 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/js/addInput.js HTTP/1.1" 200 1678 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.33.71 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/js/jquery-3.5.1.min.js HTTP/1.1" 200 89476 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.48 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/fonts/Adorable.woff HTTP/1.1" 200 27332 "https://donations.gjt-sa.com/phpsample/css/donationform.css" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.220 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/fonts/Romance_Fatal.woff HTTP/1.1" 200 20744 "https://donations.gjt-sa.com/phpsample/css/donationform.css" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.174 - ZTec [17/Aug/2020:18:33:51 -0500] "GET /phpsample/css/fonts/times.woff HTTP/1.1" 200 610164 "https://donations.gjt-sa.com/phpsample/css/donationform.css" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.108 - - [17/Aug/2020:18:33:52 -0500] "GET /favicon.ico HTTP/1.1" 401 381 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
108.162.215.108 - ZTec [17/Aug/2020:18:33:52 -0500] "GET /favicon.ico HTTP/1.1" 404 209 "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.35.83 - ZTec [17/Aug/2020:18:34:19 -0500] "POST /phpsample/process-card.php HTTP/1.1" 500 - "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"

I see a couple of 401s in there. Possibly because I have restricted access configured with .htpasswd?

Well my response was hidden by akismet. Possibly because of my Apache logs.

Browser just gives me 500. I see a couple of 401s before it hits the 500. Is it possibly caused by restricted access configured with .htpasswd?

EDIT:
Reworked my config. Found that somehow I had a double setup with my apache vhost config AND the .htaccess file with the same restriction code. I left it to the .htaccess file & added the necessary settings in the Directory block in my vhost config. Now the logs look better:

172.69.34.62 - ZTec [17/Aug/2020:18:47:00 -0500] "GET /phpsample/ HTTP/1.1" 200 5489 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.62 - ZTec [17/Aug/2020:18:47:01 -0500] "GET /phpsample/ HTTP/1.1" 200 5489 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
172.69.34.62 - ZTec [17/Aug/2020:18:47:22 -0500] "POST /phpsample/process-card.php HTTP/1.1" 500 - "https://donations.gjt-sa.com/phpsample/" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"

I also turned on php error reporting, but it’s not posting any errors.

EDIT:
I removed the access restrictions, but still getting a 500. You can view the page & try to process a sandbox payment:
https://donations.gjt-sa.com/phpsample/

BTW, I added the SANDBOX_LOCATION_ID variable to the .env file since it was missing & I got Google Pay & Masterpass options showing up now, which they didn’t before.

I don’t have a username/password to access your web page. The 500 errors above:

    This page isn’t working
    donations.gjt-sa.com is currently unable to handle this request.
    HTTP ERROR 500

looks like is coming from your page, not Square. I also took a look at our logs for your sandbox application id and do not see the CreatePayment request ever. I do see create card nonce requests, but the last one happened on August 15, so not the last few days (and they were reporting 401 authentication errors which implies you’re using the wrong application id or domain (sandbox vs production).

My apologies Stephen. I didn’t realize apache set the .htaccess configuration on the phpsample directory as well. I’ve removed the restrictions.

I also double-checked my credentials and compared with my .env file. I just tried to submit again, can you check the logs please?

Still nothing in our logs. Did a test on your site, and the 500 error is coming from your site, not Square. It sounds like something is erroring out on your process-card.php page and causing it to surface a 500 error?

Yeah, I’m tryijng to figure out where it’s erroring out, though. I didn’t edit any of the existing code, but added additional code.

I might have narrowed it down.

process-card.php has this line:

$create_payment_request = new CreatePaymentRequest($nonce, uniqid(), $money);

sq-payment-form.js has this function:

 createPaymentRequest: function () {

      var paymentRequestJson = {
        requestShippingAddress: false,
        requestBillingInfo: true,
        shippingContact: {
          familyName: "CUSTOMER LAST NAME",
          givenName: "CUSTOMER FIRST NAME",
          email: "[email protected]",
          country: "USA",
          region: "CA",
          city: "San Francisco",
          addressLines: [
            "1455 Market St #600"
          ],
          postalCode: "94103",
          phone:"14255551212"
        },
        currencyCode: "USD",
        countryCode: "US",
        total: {
          label: "MERCHANT NAME",
          amount: "1.00",
          pending: false
        },
        lineItems: [
          {
            label: "Subtotal",
            amount: "1.00",
            pending: false
          }
        ]
      };

      return paymentRequestJson;
    },

Okay, I was able to get help from a dev friend of mine & found where the issue was in my code. Once I fixed that, I was able to get output and responses to the page. I’m working on a couple of other issues because of the way I customized the code, but at least I know my credentials work & it processes the payments.

Describe the bug
As soon as I login (brand new install), it give a 500 Server Error.

To Reproduce
Steps to reproduce the behavior:

1. Install Kimai2 on localhost (Ubuntu 18.04 LTS with Apache 2.4+) using standard instructions (replace wwwdata with standard user) with MySQL database. Installed under /var/www/kimai2.
2. Setup Virtual Host in /etc/apache2/sites-enabled/kimai.conf/ (for kimai.local) and add entry in /etc/hosts mapping 127.0.0.1 to kimai.local
3. Try to login.

Expected behavior
Display timesheet / dashboard? (It’s trying to reach
insta stalker

Screenshots
Blank screen. Header shows it was redirected from kimai.local (302) --> /en (301) -> /en/timesheet/ (302 --> /en/login (500)

Output from kimai-access.log:
127.0.0.1 - - [05/Oct/2018:23:09:38 -0500] “GET / HTTP/1.1” 302 531 “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0”
127.0.0.1 - - [05/Oct/2018:23:09:39 -0500] “GET /en/timesheet/ HTTP/1.1” 302 663 “-” "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox$
127.0.0.1 - - [05/Oct/2018:23:09:39 -0500] “GET /en/login HTTP/1.1” 500 185 “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0”

Error log is showing nothing.

Desktop (please complete the following information):

• OS: Ubuntu 18.04 LTS
• Browser: Firefox
• Version: 61

Are you trying to access your square app using kimai? Which function are you using? Payments? This thread was created for assistance specifically with the Payments API. My issue was inside my custom PHP code, so you will want to check your php error log. Should be somewhere in /var/log

Question, if I may…The ACCESS_TOKEN is in the env file, where I would have expected it to be. Why do the API docs on github say " * WARNING: never upload .env with your credential/access_token"?

Access tokens are considered to be private secrets (much like a password). If you were to upload the env file with the access token in it, to a public repo, then anyone who looks at the repo would now have your access token and could access your Square account via the APIs (making payments/refunds, deleting data, etc). Typically they would be something that lives within your server, but not be uploaded with your project (like adding it to the gitignore file for example).

Great, thanks. I had thought you meant never to put the access_token into .env file.
My .env file is about web root so I’m led to believe that is OK. I don’t submit to github.