Guest Posted December 15, 2005 Share Posted December 15, 2005 Can anyone shine any light on the issue we are having at Our Store We have discovered 2 orders from clients that we had no knowledge of and only found out because we checked our HSBC payment processor 'back end' We had no confirmation e-mails from the store after completed orders and doubt the customers did either. In the admin, we have absolutely no record of these orders either, yet we have records of the customers creating accounts. Also, after trying out a test purchase, we discovered the item was still in the cart when we returned to store, even though it was paid for (genuinly) at the HSBC module. Just to let you know, we do not have 'Purchase Without Account' installed, and according to our hosting company, believe it's a database issue. Are we wasting our time searching through the checkout files or can anyone indicate whether its a known issue in database?? We have quite a modified osc store, so re-installing the default osc sql file is not an option. Many thanks in advance to anyone who can help Link to comment Share on other sites More sharing options...
♥Vger Posted December 15, 2005 Share Posted December 15, 2005 includes/modules/payment/hsbc.php check these two lines are correct: 'CpiDirectResultUrl'=>tep_href_link('checkout_process.php', '', 'SSL', true), 'CpiReturnUrl'=>tep_href_link('hsbc_return.php', '', 'SSL', true), Check in the root level hsbc_return.php file that it says: if ($CpiResultsCode=='0') { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); Vger Link to comment Share on other sites More sharing options...
Guest Posted December 15, 2005 Share Posted December 15, 2005 includes/modules/payment/hsbc.php check these two lines are correct: 'CpiDirectResultUrl'=>tep_href_link('checkout_process.php', '', 'SSL', true), 'CpiReturnUrl'=>tep_href_link('hsbc_return.php', '', 'SSL', true), Check in the root level hsbc_return.php file that it says: if ($CpiResultsCode=='0') { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); Vger Thanks Vger The first one was set to "false" and the 2nd file (hsbc_return.php) is not quite so obvious so posting a snippet below to show you some of it is commented out ! Also, why would these files change anyway. We have recently changed hosting companies who have transferred our files from old to new host/server. $MerchantData = $_POST['MerchantData']; if ($CpiResultsCode=='0' || $CpiResultsCode=='8' || $CpiResultsCode=='9') { if ($order_hash!=$hash) die ("Hacking atempt!"); tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL', false, false).'?osCsid='.$MerchantData.'&orderid='.$GLOBALS["OrderId"]); } /* if ($CpiResultsCode=='9') { if ($order_hash!=$hash) die ("Hacking atempt!"); tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL', false, false).'?osCsid='.$MerchantData.'&orderid='.$GLOBALS["OrderId"].'&state=review&result='.$CpiResultsCode); } */ $error=MODULE_PAYMENT_HSBC_TEXT_ERROR1; Thank you Link to comment Share on other sites More sharing options...
Guest Posted December 15, 2005 Share Posted December 15, 2005 Rhea Just tried a 'test' hsbc purchase and all seems fine now, with e-mails coming out and records in orders in the admin. I only changed the first file from false to true and left the hsbc_return.php as it was - can you see any probs with it - above? Confusing thing is though, 2 customers made orders whilst "false" was set to ssl in includes/modules/payment/hsbc.php, and i would have thought the bank would have 'thrown it back' Thank you for your advice - brilliant. Regards Steve Link to comment Share on other sites More sharing options...
Garyp Posted January 27, 2007 Share Posted January 27, 2007 includes/modules/payment/hsbc.php check these two lines are correct: 'CpiDirectResultUrl'=>tep_href_link('checkout_process.php', '', 'SSL', true), 'CpiReturnUrl'=>tep_href_link('hsbc_return.php', '', 'SSL', true), Check in the root level hsbc_return.php file that it says: if ($CpiResultsCode=='0') { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); Vger The HSBC CPI Specification states that CpiDirectResultUrl is for returning data to the merchant. The CpiReturnUrl is the webpage to be shown on the customers browser after transaction completion. The code snippet above is therefore wrong (in fact reversed) ie CpiDirectResultUrl should have the value hsbc_return.php and CpiReturnUrl the value checkout_process.php As I understand the code in ver 3.0 of the hsbc contribution, half the hsbc_return.php code (ie the redirects) is unnecessary since what the 'purchaser' sees comes from the checkout_process.php call sent from hsbc. One impact of the error above is that purchasers will see 'Your shopping cart is empty' after tranasction completion which is correct but misleading. I would welcome hearing anyone else's views or thoughts on this. Gary Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.