blueskiwi Posted August 31, 2005 Share Posted August 31, 2005 Hi, I am trying to use the SecPay module but it seems to be non-functional. 1. I set everything up on the admin screen with valid merchant id, transaction mode: production etc Every time I placed an order it would bounce back to the checkout_payment.php unprocessed, but with no error message. 2. I had a look at the form being submitted to SecPay and found the following: <input type="hidden" name="callback" value="http://www.metalmilitia.co.uk/catalog/checkout_process.php;http://www.metalmilitia.co.uk/catalog/checkout_payment.php?payment_error=secpay"> However in the SecPay docs I couldn't find any mention of supplying two urls separated by a semi-colon. Their example code only used one url. And SecPay seemed to be sending me to the second url every time. 3. I changed the line above to just point to checkout_process.php Now, every order gets processed regardless. No errors from SecPay are taken into account. 4. I found a thread talking about the misuse of GET vars vs POST vars in secpay.php which suggested changing the code to $_REQUEST to catch both. This didn't seem to make any difference. Can someone please tell me straight - does this module work?? Quote Link to comment Share on other sites More sharing options...
blueskiwi Posted October 30, 2005 Author Share Posted October 30, 2005 This was my mistake... my client had not yet completed the setup of his internet merchant account with the bank. However I still have reason to believe the module is non-functional. Now that his account is up and running SecPay are billing people's credit cards but the module is returning an error and no orders are showing up in OsCommerce. I am not the only person with this problem: http://www.oscommerce.com/forums/index.php?sho...72457&hl=secpay http://www.oscommerce.com/forums/index.php?sho...72385&hl=secpay I realise I'm probably talking to myself here... but if anyone out there has been able to get the SecPay module working please let me know! Quote Link to comment Share on other sites More sharing options...
MarcoZorro Posted October 30, 2005 Share Posted October 30, 2005 If you are using the secpay module from the contributions section then make sure that your digest key matches what it set on secpay.. if they are different the payment will be rejected by oscommerce. TBH the code in the contribution doesnt fill me with confidence so I wouldnt use it... it could be easier to take the existing module in oscommerce and add the md5 feature yourself. Quote Link to comment Share on other sites More sharing options...
blueskiwi Posted October 30, 2005 Author Share Posted October 30, 2005 TBH the code in the contribution doesnt fill me with confidence so I wouldnt use it... it could be easier to take the existing module in oscommerce and add the md5 feature yourself. Both versions of the module have the same problem... the credit cards are billed but no orders are taken. Pretty serious. As far as I can tell this module should not be released for use...? Quote Link to comment Share on other sites More sharing options...
MarcoZorro Posted October 30, 2005 Share Posted October 30, 2005 Both versions of the module have the same problem... the credit cards are billed but no orders are taken. Pretty serious. As far as I can tell this module should not be released for use...? I have used the standard module on over 20 sites without any problem. My guess is that your host has disabled reverse lookups. In the module there is a check to make sure that the callback comes from secpay.com this makes sure that callbacks cannot be spoofed. Quote Link to comment Share on other sites More sharing options...
blueskiwi Posted October 31, 2005 Author Share Posted October 31, 2005 Thanks for the tip!! The old module definitely wasn't working. Neither was the new one. I have now used the new 'MD5 hash' version of the SecPay module... but with the hash check commented out. Now it works, phew! I'd like to get the security check back working. The code I commented out used the 'REQUEST_URI' property to make a hash... but that doesn't include the domain part of the path so I don't see the problem being to do with reverse look ups. Haven't looked too hard at it but seems like the way the hash is generated in the secpay module probably doesn't match what is specified in the SecPay docs... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.