red_fraggle

ok this module says it needs a pre-installed module called "vermonster.com's PHP:FedEx Direct Connect module". I have searched and searched at oscommerce.com for this module and cant find it. can someone PLEASE send me the contribution number it needs!! thanks

Thanks flyingmonkey, already had that one installed, since i did it first. thankyou for he reply

I am trying to find a download location for this module, which i beleive should be http://www.oscommerce.com/community/contributions,2150 however, the file there is corrupt. Anyone have a good download location for this contribution?

This may be more difficult than it sounds. If i am not mistaken, OSC does not assign the "order number" until after checkout confirmation, i.e. after linkpoint runs and gets an approval or deny response. So during checkout there is no order number per se'. This can be tested on your shop by putting this code at the top of the linkpointms1.php located at /includes/modules/payment/linkpointms1.php. print_r($order); exit; This will print the contents of the array $order to your screen and stop everything so you can read it. If the order # does not exist at that point then alot more work will be required. Let me know how it comes out and ill try to assist further.

I dont beleive i EVER said you dont have to worry. There is inherent risk in all that we do, but to be honest. A professional hacker has easier ways than hacking into a DB to get at CC numbers. Starting with finding an open port on your server (which isnt hard) and installing various programs which are to numberous to mention here. All designed to glean any and all information he wants, Just like locks keep honest men out, passwords only keep newbs out. If doing business on the internet were risk free, SSL sellers would not offer insurence. So to answer your question, yes you should worry, and take all neccessary precautions short of becoming a paranoid freak who only ever thinks about who is trying to get him. If life gets to this point, its time to quit and get a regular job and stop trying to make it big on the net. But then again, if you do that, you will have to watch who works with you, they could steal from the till and blame you! It all boils down to this, how big of a target are you? Every hacker i ever heard about was trying to get something that might make him getting pinched worth it, is your site worth it, or in fact is your site exactly the same or smaller than 40 million other sites? There is a trade off between security and cost effectiveness, thats why your all using FREEWARE! Your server or hosting company has more to do with your security than you do with your linkpoint files and .HTACCESS files! Ask them when the last time they paid someone to do a security audit was. Ya take precautions, everyone you can. But relax and take a vacation, cause whats it worth owning your own business if you cant enjoy it.

IF you want to not sotre the CC # in the database, use something similar to this in checkout_process.php look for the code: 'cc_number' => $order->info['cc_number'], I cant guarantee this will work, BACK UP FIRST. Theoretically the "cc_number" string could be removed and would store an empty string in the DB. I would make other changes as well, I.E. remove your admin folder to outside the web folder, get ZEND Optimizer and encode your configure.php files so they are not readily readable, so on and so on.

Clifton Murphy here, co-author of the module. It operates as designed. The database is secure and therefore stores the entire number. Would you rather it not? If you dont store the entire number in the database you would not be able to checkout as the cashiering process happens after the data is stored in the database. If we didnt store the number, there would be no data to send to linkpoint. Besides that, what if there was a problem with linkpoint? what if you had no data such as card number to verify you actually took the order in the first place? How would you be able to cross reference with linkpoint which customer actually purchased using which card? It is illegal in the US to store CVV codes and as such none is stored. It is also a security risk to send the whole credit card number via email, so we only send the first and last numbers as a reference to let the store owner quickly find the correct order, credit card and pair them up if need be. We can make custom modifications to this if you like and get it to do whatever you wish. The module was written with the majority in mind and works very well for most people. If you are not one of those peoploe please contact our offices for a customization. Visit us online for information on our module installation and customization services.

Hi Clifton Murphy here, I actually wrote the files your all talking about. As per instruction if you decide to use linkpointms1_without_option.php, you MUST RENAME IT to linkpointms1.php and overwrite the one in the same directory it comes packaged with. *Commercial advertising

I helped write the link point module, you dont need any of those libraries with our contribution. *Solicitation commercial

We have these scripts for testing our linkpoint installation (i helped write the module for linkpoint) We charge $9.95 to run tests and $40.00 to install and configure module for you.

After Helping author the linkpoint module, i think i can figure this one out :) Hyperactive Co. Will install ANY module at the OSC contributions center for $49.95, $29.95 if you host with us! We also write custom modules for $35.00 per hour.

That's odd, we run CURL compiled into PHP with OpenSSL and we dont have issue with our servers :) Hey Durran :P

what three have you enabled so i can try to duplicate this issue.

We can write this module for you. Please visit our website for pricing and contact information.

Put both your store and authorize.net in LIVE mode. Test it with the test credit card number. You should get an error such as "There has been an error processing your credit card, DECLINED" If you need assistance, give me a shout i can help.