safoo Posted August 13, 2006 Share Posted August 13, 2006 Hello,I followed the instructions provided with this module. When I am on the checkout_payment.php page there is no option to use this method for paymet. I double checked to make sure it was enabled in the admin page and it was. Any suggestions? I need to get Authorize.net and osCommerce working together by this Tuesday. Before installing this module, I was trying to use the original Authorize.net module. We processing it returned me to the login page. Here is my phpinfo page http://racewayonline.com/phpinfo.php Thanks, Jeffrey Wray Do you have configutation cache (or "faster page loads,less database queries") installed? If so, in your admin, click configuration -> my store -> edit and then click save. the reason is that you need to update the cached configuration file. This is only if you have that contribution installed. Quote Link to comment Share on other sites More sharing options...
jwray Posted August 14, 2006 Share Posted August 14, 2006 Try uninstalling the Authorise Net AIM module via your admin panel and then reinstalling it. But if the previous module did not work then you probably have your includes/configure.php file set up incorrectly. Both your http and https cookie domain settings should be 'www.racewayonline.com' - neither should have http:// or https:// as part of them - it's a domain and not a url setting. Vger The problem I was having is now fixed. I forgot to remove the Authorize.net module that came with osC. Quote Link to comment Share on other sites More sharing options...
chowpay Posted August 23, 2006 Share Posted August 23, 2006 This contribution is simply awesome! I just have a question about authorize.net's order_id field , For some reason once the orders go through the order id is always "1" instead of what the actual order id is. I'm pretty sure it has something to do with this : but i'm no php expert or sql expert by anymeans // Calculate the next expected order id $last_order_id = tep_db_query("select * from " . TABLE_ORDERS . " order by orders_id desc limit 1"); $new_order_id = $last_order_id->fields['orders_id']; $new_order_id = ($new_order_id + 1); The description and product information passes through to authorize just fine is great, From authroize I can tell what product was orderd which is perfect. Just the order ID is giving me a headache as we use that to reconcile or orders. Any help would be great! Thanks! -Chowpay Quote Link to comment Share on other sites More sharing options...
safoo Posted August 23, 2006 Share Posted August 23, 2006 This contribution is simply awesome! I just have a question about authorize.net's order_id field , For some reason once the orders go through the order id is always "1" instead of what the actual order id is. I'm pretty sure it has something to do with this : but i'm no php expert or sql expert by anymeans // Calculate the next expected order id $last_order_id = tep_db_query("select * from " . TABLE_ORDERS . " order by orders_id desc limit 1"); $new_order_id = $last_order_id->fields['orders_id']; $new_order_id = ($new_order_id + 1); The description and product information passes through to authorize just fine is great, From authroize I can tell what product was orderd which is perfect. Just the order ID is giving me a headache as we use that to reconcile or orders. Any help would be great! Thanks! -Chowpay Comment out that code and use the following: // BOF: Authorize Net AIM Invoice Number Fix // Calculate the next expected order id to pass as x_Invoice_Num $new_order_id = ''; $inv_id = tep_db_query("select orders_id from " . TABLE_ORDERS . " order by orders_id DESC limit 1"); $last_order_id = tep_db_fetch_array($inv_id); $new_order_id = $last_order_id['orders_id']+1; // EOF: Authorize Net AIM Invoice Number Fix Quote Link to comment Share on other sites More sharing options...
chowpay Posted August 23, 2006 Share Posted August 23, 2006 (edited) Comment out that code and use the following: // BOF: Authorize Net AIM Invoice Number Fix // Calculate the next expected order id to pass as x_Invoice_Num $new_order_id = ''; $inv_id = tep_db_query("select orders_id from " . TABLE_ORDERS . " order by orders_id DESC limit 1"); $last_order_id = tep_db_fetch_array($inv_id); $new_order_id = $last_order_id['orders_id']+1; // EOF: Authorize Net AIM Invoice Number Fix [/quote Thanks I'll test this out tonight! I was just looking at the original code, it looked alright to me what was the problem? Thanks again! Edited August 23, 2006 by chowpay Quote Link to comment Share on other sites More sharing options...
bokeeffe Posted August 23, 2006 Share Posted August 23, 2006 (edited) All, I had problems with this and other modules using CURL when I moved from my test server to my provider's server. The root of the problem was that the provider requires the use of their CURL Proxy. Not using this resulted in the server->client connection hanging for about 5 minutes and returning a standard DNS Name not found error in IE. After tracking this down, I decided to add support to one of the modules I found. I selected this module, as it appears the most stable and clean implementation. I just posted the new addition and kept the clean installation that Vger began. The hack is simple, but useful if you are using a provider that requires the use of a CURL Proxy. Regards, Brent Edited August 24, 2006 by wheeloftime Quote Link to comment Share on other sites More sharing options...
Iggy Posted August 24, 2006 Share Posted August 24, 2006 Comment out that code and use the following: // BOF: Authorize Net AIM Invoice Number Fix // Calculate the next expected order id to pass as x_Invoice_Num $new_order_id = ''; $inv_id = tep_db_query("select orders_id from " . TABLE_ORDERS . " order by orders_id DESC limit 1"); $last_order_id = tep_db_fetch_array($inv_id); $new_order_id = $last_order_id['orders_id']+1; // EOF: Authorize Net AIM Invoice Number Fix Doh. Parse error: syntax error, unexpected T_VARIABLE in /includes/modules/payment/authorizenet_aim.php on line 230 Quote Everything's funny but nothing's a joke... Link to comment Share on other sites More sharing options...
chowpay Posted August 24, 2006 Share Posted August 24, 2006 Doh. Parse error: syntax error, unexpected T_VARIABLE in /includes/modules/payment/authorizenet_aim.php on line 230 When did you see this error? Mine ran through ok (I just havent checked a.net yet) Quote Link to comment Share on other sites More sharing options...
Iggy Posted August 24, 2006 Share Posted August 24, 2006 When did you see this error? Mine ran through ok (I just havent checked a.net yet) That was my fault. Picked up some unicode characters on copying from the forum here. Deleted them and ========= ORDER INFORMATION ========= Invoice : 7 Description : Blade Runner - Director's Cut(qty: 1) Amount : 37.46 (USD) Payment Method : Visa Type : Authorization and Capture Thanks, Iggy Quote Everything's funny but nothing's a joke... Link to comment Share on other sites More sharing options...
chowpay Posted August 24, 2006 Share Posted August 24, 2006 Did the order ID carry over for you? after the fix mine is still returning "1" when I log into authorize Any clue? Thanks Quote Link to comment Share on other sites More sharing options...
chowpay Posted August 24, 2006 Share Posted August 24, 2006 Must of been a syntax error.. It works now! but its off by 1 number, is it safe for me to just go +2 instead of +1? Thanks Quote Link to comment Share on other sites More sharing options...
safoo Posted August 25, 2006 Share Posted August 25, 2006 (edited) hmm...it shouldnt be off by one unless you just deleted the most recent order before placing another order.... Edited August 25, 2006 by safoo Quote Link to comment Share on other sites More sharing options...
chowpay Posted August 25, 2006 Share Posted August 25, 2006 hmm...it shouldnt be off by one unless you just deleted the most recent order before placing another order.... That is possible that someone deleted an order from the sql db. in anycase what would you suggest to remedy this? is there a way I can add a bougus order to get the count up? Thanks Quote Link to comment Share on other sites More sharing options...
restep Posted August 26, 2006 Share Posted August 26, 2006 Thanks for this contribution and support thread. This is responding to some earlier posts, sorry to break the continuity. I was getting the default oscommerce message '-Your credit card could not be authorized for this reason. Please correct any information and try again or contact us for further assistance', even after trying all the fixes discussed. I printed out the curl_exec() return value, which was error setting certificate verify locations: CAfile: /usr/local/share/curl/curl-ca-bundle.crt CApath: none Although my certificate was set up properly for my site, my shared web host had not set things up so that curl could verify certificates. I am talking to them about fixing this, but in the meantime I was able to get around the problem by adding the options curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); just before curl_exec() is called. This prevents curl from verifying SSL certificates. The question is whether this fix will compromise security for this module. It seems to me that it shouldn't, since you know exactly who you're communicating with (Authorize.net). Any thoughts on this? I suspect this is a problem many people are having. Having curl compiled in PHP and having SSL working are not sufficent for this module to work. Curl has to be set up with a proper CAfile as well. Quote Link to comment Share on other sites More sharing options...
♥Vger Posted August 26, 2006 Author Share Posted August 26, 2006 Authorize Net requires an https connection with https headers being sent. Provided you get the padlock on https pages it should work, but how secure it is (given that there is no host verification) I don't know. Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted August 26, 2006 Share Posted August 26, 2006 As you can tell from my earlier posts, I have been trying to get this module working since the start of July. I appreciate your help during my earlier posts and would very glad of one last nudge in the right direction. I am having the same problem as many people on this forum in that when I click 'confirm order' I get sent back to checkout_payment.php It seems that people have sorted out this problem, but they never post how they do it. The website in question is www.fliton.com/catalog. It has full SSL set up and working, my base ref is correct. I have my delimiters set up as suggested, PHP is compiled in cURL to the best of my knowledge. Force cookies is off. Please help me out, the money I am being paid for this project does not even begin to reflect the amount of time I have spent on it, I just want to get it working so I don't feel like I have wasted my summer holidays sitting in my garage on the computer. Thank you, Ian Quote Link to comment Share on other sites More sharing options...
♥Vger Posted August 26, 2006 Author Share Posted August 26, 2006 The banner in the footer is hardcoded to an http address, which gives a mixed content 'secure/insecure' warning. If you do not allow it to display you get a secure webpage, but if you alow it to display then you don't get a secure https page. The pathway for the banner just needs to be: 'new/doc/img/inspire_main.gif' See if that helps. Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted August 27, 2006 Share Posted August 27, 2006 (edited) Thanks for spotting the image, that did clear up the whole secure/not secure situation. Unfortunately I still can't process transactions. I have gone through the whole thread and tried to make sure that everything is set up as you suggested, here is my current set-up... I am using my API login and the correct transaction key. My delimiters are set to No, comma and blank (No, comma and double-quote also failed to work). PHP is compiled in cURL and as you can see SSL is working. I have the latest version of Authorize.net AIM installed and running on test mode using the test credit card numbers provided. My authorize.net account is AIM ready, running transaction version 3.1 and I do not have any response/receipt URLs set up. I have forced cookies turned off because they do not seem to work on this site (ie. if I turn them on it thinks that nobody has cookies). When I click 'confirm order' on checkout_confirmation.php I am returned to checkout_payment.php, the session id in the URL is replaced with a blank error message (error_message=). If there is any more information I can provide to make it more likely that you will find the problem just let me know. I am very new to oscommerce so I am probably missing something reaaaaaally obvious. I really am impressed by all the work your put into this module Vger and I appreciate enormously all the help you have given me. Edited August 27, 2006 by UglyNephew Quote Link to comment Share on other sites More sharing options...
♥Vger Posted August 27, 2006 Author Share Posted August 27, 2006 If you have a full ssl certificate and 'Force Cookie Use' does not work then there is something else wrong with your website. Check in your includes/configure.php file to make sure that both http and https_cookie_domain settings are 'fliton.com' with no http:// or https:// and no www. Sorting that out should enable Force Cookie Use to work, but if it doesn't then there is something else wrong. Try setting your Authorize Net osCommerce module to run in Production mode while having your Authorize Net Account set to Test mode. Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted August 30, 2006 Share Posted August 30, 2006 Default field seperator = comma (as some have found out) PLEASE HELP .....i need to change this to PIPE ...because of an existing application that is coded to use PIPE is there anyway to modify the module to do this? i know its the problem cause as soon as i say comma instead of pipe it works thank you !! Quote Link to comment Share on other sites More sharing options...
Guest Posted August 31, 2006 Share Posted August 31, 2006 i just wanted to clarify.......i am referring to the setting in authorize.net direct response that let's you switch what the default field seperator is ....i need the AIM module to accept PIPE instead of a COMMA from authorize.net so i can leave that setting on authorize.net at PIPE. this is because an existing application/site will stop working if i switch it to comma (which i found out today much to the chagrin of everyone) thank you so much for an amazing module and such clear instructions to install!! i hope everyone is sending the author paypal! Default field seperator = comma (as some have found out) PLEASE HELP .....i need to change this to PIPE ...because of an existing application that is coded to use PIPE is there anyway to modify the module to do this? i know its the problem cause as soon as i say comma instead of pipe it works thank you !! Quote Link to comment Share on other sites More sharing options...
borghe Posted August 31, 2006 Share Posted August 31, 2006 so, as I've been working on credit card storage and using some of this module as a basis for my work (I need to authorize the card the first time to verify the cvv value being as I'm not allowed to store it), I noticed a glaring, well not glaring, but somewhat significant flaw in this module. Everything is fine except for the process_button function, where you write as a hidden form field the entire credit card number. Technically you should not be writing the cvv value either as a hidden form field (which you are) or as a plain text display to the customer. Unfortunately my personal fix involves a custom mcrypt-based encryption class, but to outline essentially what can be done to get around this is: in confirmation() remove the cvv display. in process_button(): I am concatenating the card number and cvv value and delimiting them with a | I then 3des encrypt this (using my mycrypt-based class), base64 encode that (so it won't have problems in the html) and write that to the hidden cc_num input field. in before_process(): base64 decode $_POST['cc_num'] decrypt the field and list ($cc_num,$cc_cvv) explode('|',$decoded_cc_num) and I now have a cc_number (and cvv if applicable), all the while never having them in plain text. I only bring this up relating mainly to either someone leaving the checkout confirmation screen on their computer unattended, in which even when their session timed-out someone could still view source and grab the credit card number, or if the page is cached and if they could view source on the cached page and grab it from there. anyway, this post really explains how to do it, you just need to figure out the encryption part. I created my own mcrypt class but if you do a search for mcrypt you will find a few already made classes out there that can handle the encrypting. sure a static in the source isn't the utmost in security either, but at least a lot more secure than the plain text credit card number in the html source itself. Quote Link to comment Share on other sites More sharing options...
borghe Posted August 31, 2006 Share Posted August 31, 2006 i just wanted to clarify.......i am referring to the setting in authorize.net direct response that let's you switch what the default field seperator is ....i need the AIM module to accept PIPE instead of a COMMA from authorize.net so i can leave that setting on authorize.net at PIPE. this is because an existing application/site will stop working if i switch it to comma (which i found out today much to the chagrin of everyone) thank you so much for an amazing module and such clear instructions to install!! i hope everyone is sending the author paypal! oh, I wanted to comment on this post also.. in the before_process() function, simply add x_delim_char => ',', somewhere in the passed data. this will override whatever you actually have set on auth.net actually IMHO this should be set by default in the module. that way customers with existing auth.net accounts using a non-comme delimiter don't have to worry about the module not working out of the box as the module will automatically set comma as the delimiter. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 1, 2006 Share Posted September 1, 2006 Hi there I am in test mode. After submitting my checkout_confirmation.php, I am sent back to the checkout_payment.php page with an error in the red stripe, reagrdless of the number used (I tried all the testing numbers) I got: "- Your credit card could not be authorized for this reason. Please correct any information and try again or contact us for further assistance." Can't get the reason, can't get through. Please note that I receive the email from AN just fine. Does this happen because of the test mode and will run the order all the way through in production? Thanks! Quote Link to comment Share on other sites More sharing options...
♥Vger Posted September 1, 2006 Author Share Posted September 1, 2006 Set the Authorize Net AIM module in osC admin to Production, and set your Authorize Net account to Test. Vger Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.