Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

ECHO Module - all expiration dates rejected


staceyd

Recommended Posts

I am currently using v1.7.4 of the Echo Module for Payments, and get this error:

The expiry date entered for the credit card is invalid.<br>Please check the date and try again.

 

Here are the modifications to the existing pages:

################# [OPEN] ################# 

catalog/includes/application_top.php 

################# [Find] #################  

?>

########### [ADD THIS BEFORE] ############ 

// BOF: Added for encryption of credit card data
define('TEXT_KEY', 'enter your secret key here');  // this must match the key in admin/includes/application_top.php
// EOF: Added for encryption of credit card data


################# [OPEN] ################# 

catalog/includes/functions/general.php

################# [Find] #################  

?>

########### [ADD THIS BEFORE] ############ 

// BOF: Added for encryption of credit card data
include(DIR_WS_FUNCTIONS . 'encrypt.php');
// EOF: Added for encryption of credit card data


################# [OPEN] ################# 

admin/orders.php

################# [Find] ################# 


	  <tr>
		<td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
		<td class="main"><?php echo $order->info['cc_number']; ?></td>
	  </tr>

########### [ADD THIS BEFORE] ############

<?php
// BOF: Added to decrypt credit card data on the fly
  if (tep_not_null($order->info['cc_number']) && $order->info['cc_number'] != '0000000000000000') { 
	if (strtolower(MODULE_PAYMENT_ECHO_CC_ENC) == 'true') {
	  $cipher_data = $order->info['cc_number'];
	  $order->info['cc_number'] = changedataout($cipher_data, TEXT_KEY);
	}
  }
// EOF: Added to decrypt credit card data on the fly
?>


################# [OPEN] #################

admin/includes/application_top.php 

################# [Find] #################  

?>

########### [ADD THIS BEFORE] ############

// BOF: Added for ECHO Payment Processing
define('TEXT_KEY', 'enter your secret key here');  // this must match the key in catalog/includes/application_top.php
define('FILENAME_ECHO_RESULTS', 'echo_result.php');
// EOF: Added for ECHO Payment Processing


################# [OPEN] #################

admin/includes/functions/general.php 

################# [Find] #################  

?>

########### [ADD THIS BEFORE] ############

// BOF: Added for decryption of credit card data on the fly
include(DIR_WS_FUNCTIONS . 'decrypt.php');
// EOF: Added for decryption of credit card data on the fly


################# [OPEN] #################

admin/includes/languages/english.php 

################# [Find] ################# 

?>

########### [ADD THIS BEFORE] ############

// BOF: Added for ECHO Payment Processing
define('BOX_CUSTOMERS_ORDERS_PROCESS', 'ECHO Processing');
define('MAX_DISPLAY_SEARCH_RESULTS_TRANSACTIONS',15); // display results for echo_result.php
// EOF: Added for ECHO Payment Processing


################# [OPEN] #################

admin/includes/boxes/customers.php

################# [Find] ################# 

 if ($selected_box == 'customers') {
$contents[] = array('text'  => '<a href="' . tep_href_link(FILENAME_CUSTOMERS, '', 'NONSSL') . '" class="menuBoxContentLink">' . BOX_CUSTOMERS_CUSTOMERS . '</a><br>' .
							   '<a href="' . tep_href_link(FILENAME_ORDERS, '', 'NONSSL') . '" class="menuBoxContentLink">' . BOX_CUSTOMERS_ORDERS . '</a>');
 }

############ [Replace With] ##############

 if ($selected_box == 'customers') {
$contents[] = array('text'  => '<a href="' . tep_href_link(FILENAME_CUSTOMERS, '', 'NONSSL') . '" class="menuBoxContentLink">' . BOX_CUSTOMERS_CUSTOMERS . '</a><br>' .
							   '<a href="' . tep_href_link(FILENAME_ORDERS, '', 'NONSSL') . '" class="menuBoxContentLink">' . BOX_CUSTOMERS_ORDERS . '</a><br>' . 
							   '<a href="' . tep_href_link(FILENAME_ECHO_RESULTS, '', 'NONSSL') . '" class="menuBoxContentLink">' . BOX_CUSTOMERS_ORDERS_PROCESS . '</a>');
 }

 

Here's the new credit card php file in the includes/modules/payment folder:

<?php

///////////////////////////////////////////////////////////
// echo_cc.php										   //
// v1.7.4 - last edited 08/20/04						 //
//													   //
//  08/20/04 - added lines to enable sort_order function //
//													   //
//				 (ng from revolution-sales.com)		//
//													   //
//  Released under the GNU General Public License		//
///////////////////////////////////////////////////////////

class echo_cc {
 var $code, $title, $description, $enabled;

// class constructor
 function echo_cc() {
$this->code = 'echo_cc';
$this->title = MODULE_PAYMENT_ECHO_CC_TEXT_TITLE;
$this->description = MODULE_PAYMENT_ECHO_CC_TEXT_DESCRIPTION;
$this->sort_order = MODULE_PAYMENT_ECHO_CC_SORT_ORDER;
$this->enabled = ((MODULE_PAYMENT_ECHO_CC_STATUS == 'True') ? true : false);
 }

// class methods
 function javascript_validation() {
$js = '  if (payment_value == "' . $this->code . '") {' . "\n" .
	  '	var cc_owner = document.checkout_payment.cc_owner.value;' . "\n" .
	  '	var cc_number = document.checkout_payment.cc_number.value;' . "\n" .
	  '	var cnp_security = document.checkout_payment.cnp_security.value;' . "\n" .
	  '	if (cc_owner == "" || cc_owner.length < ' . CC_OWNER_MIN_LENGTH . ') {' . "\n" .
	  '	  error_message = error_message + "' . MODULE_PAYMENT_ECHO_CC_TEXT_JS_CC_OWNER . '";' . "\n" .
	  '	  error = 1;' . "\n" .
	  '	}' . "\n" .
	  '	if (cc_number == "" || cc_number.length < ' . CC_NUMBER_MIN_LENGTH . ') {' . "\n" .
	  '	  error_message = error_message + "' . MODULE_PAYMENT_ECHO_CC_TEXT_JS_CC_NUMBER . '";' . "\n" .
	  '	  error = 1;' . "\n" .
	  '	}' . "\n" .
	  '	if (!(document.checkout_payment.no_cnp_security.checked)) { ' . "\n" .
	  '	   if (cnp_security == "") {' . "\n" .
	  '		 error_message = error_message + "' . MODULE_PAYMENT_ECHO_CC_TEXT_JS_SECURITY .'";' . "\n" .
	  '		 error = 1;' . "\n" .
	  '	   }' . "\n" .
	  '	 }' . "\n" .
	  '  }' . "\n";

return $js;
 }

 function selection() {
global $order;
mt_srand((double) microtime() * 1000000);

for ($i=1; $i<13; $i++) {
  $expires_month[] = array('id' => sprintf('%02d', $i), 'text' => strftime('%B',mktime(0,0,0,$i,1,2000)));
}

$today = getdate(); 

for ($i=$today['year']; $i < $today['year']+10; $i++) {
  $expires_year[] = array('id' => strftime('%y',mktime(0,0,0,1,1,$i)), 'text' => strftime('%Y',mktime(0,0,0,1,1,$i)));
}

$selection = array('id' => $this->code,
				   'module' => $this->title,
				   'fields' => array(array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_CREDIT_CARD_OWNER,
										   'field' => tep_draw_input_field('cc_owner', $order->billing['firstname'] . ' ' . $order->billing['lastname']) . tep_draw_hidden_field('scounter', mt_rand())),
									 array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_CREDIT_CARD_NUMBER,
										   'field' => tep_draw_input_field('cc_number') . ' ' . MODULE_PAYMENT_ECHO_CC_TEXT_WE_ACCEPT),
									 array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_SECURITY,
										   'field' => tep_draw_input_field('cnp_security') . ' <a href="javascript:void(0);" onclick="popup=window.open(\'' . MODULE_PAYMENT_ECHO_CC_HELP_URL . '\' ,\'popupWindow\',\'toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,re
sizable=yes,copyhistory=no,width=600,height=550,top=50,left=100\')">' . MODULE_PAYMENT_ECHO_CC_TEXT_HELP . '</a>'),											 
									 array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_NO_SECURITY,
										   'field' => tep_draw_checkbox_field('no_cnp_security')),
									 array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_CREDIT_CARD_EXPIRES,
										   'field' => tep_draw_pull_down_menu('cc_expires_month', $expires_month) . ' ' . tep_draw_pull_down_menu('cc_expires_year', $expires_year))));

return $selection;
 }

 function pre_confirmation_check() {
global $_POST;

include(DIR_WS_CLASSES . 'cc_validation.php');

$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['cc_number'], $_POST['cc_expires_month'], $_POST['cc_expires_year']);

$error = '';

switch ($result) {
  case -1:
	$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
	break;

  case -2:

  case -3:

  case -4:
	$error = TEXT_CCVAL_ERROR_INVALID_DATE;
	break;

  case false:
	$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
	break;
}

if ( ($result == false) || ($result < 1) ) {
  $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($_POST['cc_owner']) . '&cc_expires_month=' . $_POST['cc_expires_month'] . '&cc_expires_year=' . $_POST['cc_expires_year'];

  tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}

$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
 }

 function confirmation() {
global $_POST;

$confirmation = array('title' => $this->title . ': ' . $this->cc_card_type,
					  'fields' => array(array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_CREDIT_CARD_OWNER,
											  'field' => $_POST['cc_owner']),
										array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_CREDIT_CARD_NUMBER,
											  'field' => substr($this->cc_card_number, 0, 4) . str_repeat('X', (strlen($this->cc_card_number) - 8)) . substr($this->cc_card_number, -4)),
										array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_CREDIT_CARD_EXPIRES,
											  'field' => strftime('%B, %Y', mktime(0,0,0,$_POST['cc_expires_month'], 1, '20' . $_POST['cc_expires_year'])))));

return $confirmation;
 }

 function process_button() {
global $_POST, $order;
$correct_tax_amount = number_format($order->info['tax'], 2);

$process_button_string = tep_draw_hidden_field('cc_owner', $_POST['cc_owner']) .
tep_draw_hidden_field('cc_expires', $_POST['cc_expires_month'] . $_POST['cc_expires_year']) .
tep_draw_hidden_field('cc_expires_month', $_POST['cc_expires_month']) .
tep_draw_hidden_field('cc_expires_year', $_POST['cc_expires_year']) .
tep_draw_hidden_field('cc_type', $this->cc_card_type) .
//	tep_draw_hidden_field('payment', $this->code) .
tep_draw_hidden_field('cc_counter', $_POST['scounter']) .
tep_draw_hidden_field('grand_total', $order->info['total']) .
tep_draw_hidden_field('sales_tax', $correct_tax_amount) .
tep_draw_hidden_field('cc_number', $this->cc_card_number) .
tep_draw_hidden_field('cnp_security', $_POST['cnp_security']);

return $process_button_string;
 }

 function before_process() {
global $_POST, $REMOTE_ADDR, $customer_id, $REMOTE_ADDR, $orders_id, $order, $auth_code, $echo_result, $final_price;

//	if ($_POST['payment'] == $this->code) {
  if ($this->enabled) {
	$merc_id = tep_db_query("select configuration_value as value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_ECHO_CC_MERCHANT_ID'");
	$merc_id = tep_db_fetch_array($merc_id);

	$merc_pin = tep_db_query("select configuration_value as value from " . TABLE_CONFIGURATION . " where configuration_key= 'MODULE_PAYMENT_ECHO_CC_MERCHANT_PIN'");
	$merc_pin = tep_db_fetch_array($merc_pin);

	$temp1 = tep_db_query("select configuration_value as value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_ECHO_CC_ORDER_TYPE'");
	$order_type = tep_db_fetch_array($temp1);

	$temp1 = tep_db_query("select configuration_value as value from ". TABLE_CONFIGURATION ." where configuration_key = 'MODULE_PAYMENT_ECHO_CC_DIRECT_DEPOSIT'");
	$direct_deposit = tep_db_fetch_array($temp1);

	$cc_number = $_POST['cc_number'];

	$include_file = DIR_WS_INCLUDES . 'echo_class.php';
	include($include_file);

	$echoPHP = new EchoPHP;

	$sold_to = tep_db_query("select * from address_book where customers_id='" . $customer_id . "'");
	$sold_to_values = tep_db_fetch_array($sold_to);

	$cust_info = tep_db_query("select * from customers where customers_id='" . $customer_id . "'");
	$cust_info = tep_db_fetch_array($cust_info);

	$echoPHP->set_EchoServer("https://wwws.echo-inc.com/scripts/INR200.EXE");

	if ($direct_deposit['value'] == "N") {
	  $echoPHP->set_transaction_type("AV");
	}

	if ($direct_deposit['value'] == "Y") {
	  $echoPHP->set_transaction_type("EV");
	}

	$echoPHP->set_order_type("S");
	$echoPHP->set_merchant_echo_id($merc_id['value']); // use your own id here
	$echoPHP->set_merchant_pin($merc_pin['value']);		// use your onw pin here

	$echoPHP->set_billing_ip_address($REMOTE_ADDR);

	$echoPHP->set_order_number($orders_id);

	$echoPHP->set_billing_phone($cust_info['customers_telephone']);

	$echoPHP->set_debug("T");

	$echoPHP->set_billing_name($cust_info["customers_firstname"] ." ". $cust_info["customers_lastname"]); 
	$echoPHP->set_billing_address1($sold_to_values["entry_street_address"]);
	$echoPHP->set_billing_city($sold_to_values["entry_city"]);
	$echoPHP->set_billing_state($sold_to_values["entry_state"]);
	$echoPHP->set_billing_zip($sold_to_values["entry_postcode"]);
	$echoPHP->set_billing_email($cust_info["customers_email_address"]);
	$echoPHP->set_cc_number($_POST['cc_number']);
	$echoPHP->set_grand_total($_POST['grand_total']);

	$final_price = $_POST['grand_total'];

	$echoPHP->set_sales_tax($_POST['sales_tax']);
	$echoPHP->set_ccexp_month($_POST['cc_expires_month']);
	$echoPHP->set_ccexp_year($_POST['cc_expires_year']);
	$echoPHP->set_cnp_security($_POST['cnp_security']);
	$echoPHP->set_counter($_POST['cc_counter']);

	$ECHO_ERROR = (!($echoPHP->Submit()));

	if ($ECHO_ERROR) {
	  print(MODULE_PAYMENT_ECHO_CC_ERROR);
	  echo $echoPHP->get_echotype2();
	  die("");
	}

	$auth_code = $echoPHP->get_authorization();
	$echo_result = $echoPHP->get_echotype2();
  } // end if ($this->enabled)
//	} 
 }

 function after_process() {
global $_POST, $insert_id, $cc_middle, $message, $echo_result, $auth_code, $final_price;

$deposit = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_ECHO_CC_DIRECT_DEPOSIT'");
$deposit = tep_db_fetch_array($deposit);

//	if ($_POST['payment'] == $this->code) {
  if ($deposit['configuration_value'] == "Y") {
	$echo_process = "Y";
  } else {
	$echo_process = "N";
  }

  //$echo_sql = "UPDATE " . TABLE_ORDERS . " SET echo_result='$echo_result', auth_code='$auth_code', echo_process='$echo_process', final_price='$final_price' where orders_id='$insert_id'";

  if ($echo_process == "Y") {
	// Deposit processed
	if (strtolower(MODULE_PAYMENT_ECHO_CC_KILL_CC) == 'true') {
	  // Kill the CC number
	  $echo_sql = "UPDATE " . TABLE_ORDERS . " SET echo_result='$echo_result', auth_code='$auth_code', echo_process='$echo_process', final_price='$final_price', cc_number='0000000000000000' where orders_id='$insert_id'";
	} elseif (strtolower(MODULE_PAYMENT_ECHO_CC_ENC) == 'true') {
	  // Encrypt the CC number
	  $encrypted_cc = changedatain($_POST['cc_number'], TEXT_KEY);
	  $echo_sql = "UPDATE " . TABLE_ORDERS . " SET echo_result='$echo_result', auth_code='$auth_code', echo_process='$echo_process', final_price='$final_price', cc_number='$encrypted_cc' where orders_id='$insert_id'";
	} elseif (strtolower(MODULE_PAYMENT_ECHO_CC_PARTIAL_CC) == 'true') {
	  // Store partial CC number - middle numbers are X'd out
	  $echo_sql = "UPDATE " . TABLE_ORDERS . " SET echo_result='$echo_result', auth_code='$auth_code', echo_process='$echo_process', final_price='$final_price', cc_number='" . substr($_POST['cc_number'], 0, 4) . str_repeat('X', (strlen($_POST['cc_number']) - 8)) . substr($_POST['cc_number'], -4) . "' where orders_id='$insert_id'";	
	} else {
	  // Leave CC number alone	
	  $echo_sql = "UPDATE " . TABLE_ORDERS . " SET echo_result='$echo_result', auth_code='$auth_code', echo_process='$echo_process', final_price='$final_price' where orders_id='$insert_id'";
	}
  } else {
	// No deposit
	if (strtolower(MODULE_PAYMENT_ECHO_CC_ENC) == 'true') {
	  // Encrypt the CC number
	  $encrypted_cc = changedatain($_POST['cc_number'], TEXT_KEY);
	  $echo_sql = "UPDATE " . TABLE_ORDERS . " SET echo_result='$echo_result', auth_code='$auth_code', echo_process='$echo_process', final_price='$final_price', cc_number='$encrypted_cc' where orders_id='$insert_id'";  
	} else {
	  // Leave CC number alone	
	  $echo_sql = "UPDATE " . TABLE_ORDERS . " SET echo_result='$echo_result', auth_code='$auth_code', echo_process='$echo_process', final_price='$final_price' where orders_id='$insert_id'";
	}
  }

  tep_db_query($echo_sql);
//	}
 }

 function get_error() {
global $HTTP_GET_VARS;

$error = array('title' => MODULE_PAYMENT_ECHO_CC_TEXT_ERROR,
			   'error' => stripslashes(urldecode($HTTP_GET_VARS['error'])));

return $error;
 }

 function check() {
if (!isset($this->_check)) {
  $check_query = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_ECHO_CC_STATUS'");
  $this->_check = tep_db_num_rows($check_query);
}

return $this->_check;
 }

 function install() {
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Allow Credit Card', 'MODULE_PAYMENT_ECHO_CC_STATUS', 'True', 'Do you want to accept credit card payments?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('ECHO Mechant ID', 'MODULE_PAYMENT_ECHO_CC_MERCHANT_ID', '', 'Please enter your ECHO Merchant ID', '6', '6', now())");
  tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_ECHO_CC_SORT_ORDER', '98', 'Sort order of display. Lowest is displayed first.', '6', '99', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('ECHO Merchant PIN', 'MODULE_PAYMENT_ECHO_CC_MERCHANT_PIN', '', 'Please enter your ECHO Merchant PIN', '6', '6', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Direct Deposit', 'MODULE_PAYMENT_ECHO_CC_DIRECT_DEPOSIT', 'Y', 'Please enter a \"Y\" if you would like direct deposit or a \"N\" if you would like to handle processing of orders yourself.', '6', '6', 'tep_cfg_select_option(array(\'Y\', \'N\'), ', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Encrypt Credit Card Numbers', 'MODULE_PAYMENT_ECHO_CC_ENC', 'True', 'Do you want to encypt credit card numbers?', '6', '6', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Store only partial CC number', 'MODULE_PAYMENT_ECHO_CC_PARTIAL_CC', 'False', 'Do you want to store only partial credit card number after deposit is made? If using encryption, leave False.', '6', '6', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");
tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Kill CC numbers', 'MODULE_PAYMENT_ECHO_CC_KILL_CC', 'False', 'Do you want to kill credit card numbers after deposit is made?', '6', '6', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");
 }

 function remove() {
$keys = '';
$keys_array = $this->keys();

for ($i=0; $i<sizeof($keys_array); $i++) {
  $keys .= "'" . $keys_array[$i] . "',";
}

$keys = substr($keys, 0, -1);

tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in (" . $keys . ")");
 }

 function keys() {
return array('MODULE_PAYMENT_ECHO_CC_STATUS', 'MODULE_PAYMENT_ECHO_CC_MERCHANT_ID', 'MODULE_PAYMENT_ECHO_CC_MERCHANT_PIN', 'MODULE_PAYMENT_ECHO_CC_DIRECT_DEPOSIT', 'MODULE_PAYMENT_ECHO_CC_ENC', 'MODULE_PAYMENT_ECHO_CC_PARTIAL_CC',
'MODULE_PAYMENT_ECHO_CC_KILL_CC', 'MODULE_PAYMENT_ECHO_CC_SORT_ORDER');
 }
}
?>

 

Can anyone see the problem here?

 

thanks,

Stacey

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...