Contributions

FROM THE README:

- ** NOTE on eStores Auto-Settle (as mentioned above) **

Apparently, credit cards would AUTOMATICALLY be charged with this feature
enabled, even with INVALID CVV numbers, expiration dates, etc. I have
changed the default setting to FALSE (disabled). After carefully reading
the documentation, this should only be enabled if you are performing digital
deliveries or performing a service.

Just to be safe, please leave this option disabled. You will have to
manually login to your BofA eStore and settle the transactions. I also
noticed that BofA does not VALIDATE the name listed on the Credit Cards. The
ONLY thing that they validate are the CC NUMBER, CVV NUMBER, EXPIRATION DATE,
and BILLING ADDRESS. It would be a good idea for you to use the AVS feature
included with this module to be informed on any possible fraudulent
activities.

- Defined a new constant for the CVV option in
includes/languages/english/modules/payment/bofa.php

and integrated it within

includes/modules/payment/bofa.php

At this moment, this module is setup so that the additional help file must be
named 'cvv.html' and stored in the root <catalog> directory. A sample (with
images) has been included.

- Added a DEBUG feature. If enabled, data will be posted to

https://cart.bamart.com/debug/payment.mart

and no settlement will occur. This will allow you to view the name and value
pairs that are getting passed to BofA.

- Renamed and changed format of the Auto-Settle variable. Instead of inputing
'Y' or 'N' from the admin page, you now have to select 'True' or 'False'.
This will prevent any problems that might occur from entering something
other than 'Y' or 'N'.

- There was an error with the Javascript validation. Apparently, the form was
renamed from 'payment' to 'checkout_payment'. For example, the following was
changed from

document.payment.bofa_cc_number.value

to
document.checkout_payment.bofa_cc_number.value

In addition, validation was added for the new CVV feature.

- Changed Billing information in "process_button()" funtion so that data would
be extracted from $order->billing[] instead of $order->customer[]. That way
if the customer decides to make a change and use data from their Address
book, it will use the appropriate data. The Company and Telephone fields were
added as well.

NOTE: You will have to manually edit your Address Book and AB Format tables
to account for the Telephone field changes. In addition, there were changes
made to several PHP files as well. By default, the Address Book doesn't take
in telephone number entries. So I have designed this module to use the
Customer's DEFAULT phone number in case you choose not to make these changes.
NO SUPPORT WILL BE PROVIDED FOR THIS IMPLEMENTATION.

- The "get_error()" function was modified to use the Rejection description
returned by BofA if the authorization fails.

- Removed the "output_error()" function as this is no longer used in the MS
releases of osC.

Lots of updates with this release. This has been tested with MS 2.

PLEASE MAKE SURE YOU READ THE README!

There have been some issues encountered with that changes made in version 1.1 regarding the session id.

From my observation, the eStores Branded version MAY require the following:

tep_draw_hidden_field('osCsid', $session->id)

while eStores Settle-up MAY NOT need it.

Again, PLEASE READ THE READ ME.


Last, a BIG THANK YOU to Elijah for making the necessary changes to allow this module to function in the Milestone releases. Some things were left out (i.e. Sort Order), but I've added those that were missing in this release.

Modification of bofa v1.1 module to work with Milestone 1. This should work with Milestone 2 as well, but I don't have a live ms2 system to test it on.

I just wanted to say thank you to Micah Toland of WeCreative (wecreative.com)
for finding a bug that prevented customers from completing their order over a
secure site. Apparently, after confirming an order, customers would be sent back
to the login screen. By add ONE line to the process_button() function, the
problem was solve. The only thing that was changed in the version was adding the
following line to the function:

tep_draw_hidden_field('osCsid', $session->id) .

I didn't catch this bug sooner because my client's store wasn't originally
secure. After installing a secure certificate, the problem appeared. Thanks
again Micah for pointing this out.

I also mentioned in the README to use *https* instead of *http* URLs for secure sites.

Please note that this was designed back in September. Because OSC is still in it's beta stages, this may not work for you. You may need to tweak this to operate properly. PLEASE BACK UP YOUR WORK.

osCommerce Bank of America eStores Module is a payment module for the osCommerce open source e-commerce shopping cart, which enables credit card processing via the Bank of America eStores Payment Gateway.

NOTE: This was developed under the eStore Settle-Up version, and NOT the Settle-Up Branded version. To my knowledge, Bank of America provides a Store Front for their Settle-up Branded solutions, making this module (and osCommerce) useless. However, I could be wrong.

In addition, I DO NOT work for Bank of America, nor do I have any association with them. I developed this module for a client to allow interactive payments between this osCommerce shopping cart and their merchant account. Questions relating directly to Bank of America and their respective products should be directed to Bank of America, corp.