Contributions

Changes/Fixes
----------------
1. Changed language on step 8 of readme.html from “LinkPoint API” to “Secure Credit Card Transaction” because this is the language actually used in the code. We chose this phrase for several practical reasons but some installers may not have realized that it will actually show up in the admin panel as “Secure Credit Card Transaction” . Problem noted by Mike Keranen.

We were VERY disappointed to find that a newbie, anitaa, had take the original code from v1.00 on May 22, 2006 and reposted it with no documentation and no notes. Because this appeared as the newest version, installers were often using this version which omitted ALL of the many fixes and code changes performed by djalex and ourselves. Without these code changes the original module lacked the most basic of security checks and had several bugs. Please do not interpret anitaa's version of the module as a newer version of the as it is in fact the oldest and least updated of all the available versions of this contribution! Ironically asteck, having not looked through the code history or performed comparisons, posted the same code fix on April 6, 2007 that djalex had posted on June 22, 2006 but without djalex's many other fixes!

As a result of this, we have decided to re-post this module as a complete module with far more diagnostic information and automatic emails to the store owner as noted in our prior updates v1.2 and 1.2a. Always compare code and look at the modules, especially when someone posts "new" code without any update notes or information.

Changes/Fixes
----------------
1. More filtering on XML data. A line like richmond µ + &, Virginia 123455 µ + will work after filtering. Linkpoint will fail transactions with µ and & in the company name if these are not filtered.

-removed lphp.php from includes/languages/english/modules/payment/ as this was accidentally included in the last zip upload
-installer noted that several lines use a variable improperly. This occurred because our web stores use an abbreviated checkout system which requires less steps than oscommerce normally does. For the purpose of making this more compatible, these variables were changed back to their more common name (from CHECKOUT_SHIPPING to CHECKOUT_PAYMENT

We were VERY disappointed to find that a newbie, anitaa, had take the original code from v1.00 on May 22, 2006 and reposted it with no documentation and no notes. Because this appeared as the newest version, installers were often using this version which omitted ALL of the many fixes and code changes performed by djalex and ourselves. Without these code changes the original module lacked the most basic of security checks and had several bugs. Please do not interpret anitaa's version of the module as a newer version of the as it is in fact the oldest and least updated of all the available versions of this contribution! Ironically asteck, having not looked through the code history or performed comparisons, posted the same code fix on April 6, 2007 that djalex had posted on June 22, 2006 but without djalex's many other fixes!

As a result of this, we have decided to re-post this module as a complete module with far more diagnostic information and automatic emails to the store owner as noted in our prior updates v1.2 and 1.2a. Always compare code and look at the modules, especially when someone posts "new" code without any update notes or information.

Changes/Fixes
----------------
1. More filtering on XML data. A line like richmond µ + &, Virginia 123455 µ + will work after filtering. Linkpoint will fail transactions with µ and & in the company name if these are not filtered.

-removed lphp.php from includes/languages/english/modules/payment/ as this was accidentally included in the last zip upload

We were VERY dissappointed to find that a newbie, anitaa, had take the original code from v1.00 on May 22, 2006 and reposted it with no documentation and no notes. Because this appeared as the newest version, installers were often using this version which omitted ALL of the many fixes and code changes performed by djalex and ourselves. Without these code changes the original module lacked the most basic of security checks and had several bugs. Please do not interpret anitaa's version of the module as a newer version of the as it is in fact the oldest and least updated of all the available versions of this contribution! Ironically asteck, having not looked through the code history or performed comparisons, posted the same code fix on April 6, 2007 that djalex had posted on June 22, 2006 but without djalex's many other fixes!

As a result of this, we have decided to re-post this module as a complete module with far more diagnostic information and automatic emails to the store owner as noted in our prior updates v1.2 and 1.2a. Always compare code and look at the modules, especially when someone posts "new" code without any update notes or information.

Changes/Fixes
----------------
1. More filtering on XML data. A line like richmond µ + &, Virginia 123455 µ + will work after filtering.

The last version posted by anitaa works fine.
Only one problem, if your totalcharge is over 1000$,
it gives you the folowing error
SGS-020003: Invalid XML
I fixed this bug and also make the form for the credit infos looks like the patch one which is much nicer.

Install:
replace catalog/includes/modules/payment/linkpoint_api.php
and put the others files inside /catalog/images/

It should works fine.

This is similar to patch 1.2 with the following changes:

1. Changed SALE transaction to POSTAUTH. SALE / PREAUTH creates 2 sets of what appears to 'charges' on a credit card even though the first charge (PREAUTH) is not actually completed. When speaking with LinkPoint initially they did not state that this methodology would create two seperate charges. POSTAUTH does not create a second entry.
2. Mail outbound data w/ vital CC details removed to store owner for debugging.
3. RFC Time/Date stamp subject lines for inbound and outbound data emails

See Patch 1.2 for more details about this update. We recommend that if you updated or are planning to use 1.2 that you use 1.2a instead. Simple to update to either version as just 1 code file is overwritten. There is a CVV helper popup included as well in both version which makes up the remainder of the zip.

This is not the most clean and best job done for a contribution and we aren't setting any records with instruction clarity but we feel this should be enough to get you setup with the changes we have provided in a timely fashion. After we talked to linkpoint and looked through the existing code base we realized how easy it was to commit fraud via this contribution a simple test charge or two confirmed our suspicions. There were a number of glaring holes and such that needed to be plugged. We're not saying you HAVE to use this but we would highly recommend it. Hopefully someone with more time can come along and clean this up and make this an official full install at some point but now that it is finished and working on our sites we do not have more time to invest in it than this at present. If you need help you can reach us at sales@iofast.com and we will do our best to give you help/advice.

Here are more details from the first block comment in the main file that is changed:

Extended by Jared De Blander and James Ballenger of IOFAST.com
Version 1.2 Patch
Changes/Fixes
----------------
1. Most of the bulk code changes occur around lines 289-355.
2. Preauth verifictaion is now FORCED and CHECKED before a SALE is processed. If preauth passes, sale will be automatically processed. The linkpoint panel will show your preauth and sale events.
3. If preauth fails detailed error descriptions are given to the user based on the AVS/CVV & Expiration return code from the preauth.
4. Name is still pulled from BILLING info and is therefore pointless to have a card holder name so the text box was removed.
5. Commented out line 254 to prevent linkpoint from sending unecessary automated receipts to customers
6. Commented out line 71 and 74-77. The JavaScript to handle card name is not needed as it was never used.
7. CVV code is actually used now. This code was never being passed.
8. Store owner email address receives an email containing the preauth response values. See line 302 to change this.
9. Added a spot for you to put a CVV helper popup. Feel free to use the images from iofast.com. See line 108.
10. Filter & symbol in company name as it is not allowed by linkpoint. They claimed to be getting us a full list of disallowed symbols but never heard back from them.
11. Cleaned up and properly formatted most of the code using tab spacing.

I just installed the LPC API and everything worked perfectly, except the error messages didn't appear in the checkout_payment.php if there was a card error.

After spending close to a week digging through the support forum(s) I found the code necessary to insert into my checkout_payment.php to get the error messages to show up in the browser – and not just in the URL.

Open checkout_payment.php.

Find this bit of code:
<?php
if (isset($HTTP_GET_VARS['payment_error']) && is_object(${$HTTP_GET_VARS['payment_error']}) && ($error = ${$HTTP_GET_VARS['payment_error']}->get_error())) {
?>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2" class="infoBoxNotice">
<tr>
<td class="main"><b><?php echo tep_output_string_protected($error['title']); ?></b></td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBoxNotice">
<tr class="infoBoxNoticeContents">
<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
<td class="main" width="100%" valign="top"><?php echo tep_output_string_protected($error['error']); ?></td>
<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
</tr>
<?php
}
?>

Replace it with this:
<?php
//credit card denial message
if (isset($_GET['error_message'])){
$error = $_GET['error_message'];
?>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td class="main"><b>Processing Error</b></td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBoxNotice">
<tr class="infoBoxNoticeContents">
<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
<td class="main" width="100%" valign="top"><?php echo tep_output_string_protected($error); ?></td>
<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
</tr>
<?php
}
?>


The package only contains the above snippets of code, since it would only be applicable to those that experienced the error problems that I did.

Fixed CVV2 code (last 3 or 4 digits on credit card)

Fixed XML error when total amount is over $1000

CHANGES:
- Product description sent to Linkpoint limited to 100 characters
- Product price rounded to 2 decimal places
- Added debug option to module for troubleshooting errors

This module will work for both LinkPoint and Yourpay API accounts. Only requirement is that you need to have a SSL certificate on the web server.
www.error1002.com