Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Protx Form and Success/Fail Redirect to checkout_payment


sckoobs

Recommended Posts

Ok, my faith in the Protx payment solution is precariously balancing on a knife's edge right now. It would seem that its a 50-50 gamble as to whether an OK status is returned or not, even though the payment appears in the VSP panel and the confirmation email is received.

 

I've been debugging it for an entire evening on the live protx setup and came to the conclusion that the response from protx is not returned in the HTTP_POST_VARS but in the GET parameters. So the before process method of protx_form.php has been changed to:

 

function before_process()
{
$Decoded = $this->SimpleXor(base64_decode($_GET['crypt']), MODULE_PAYMENT_PROTX_FORM_PASSWORD);
$values = $this->getToken($Decoded);

$Status = $values['Status'];
$StatusDetail = $values['StatusDetail'];

if (strtoupper($Status) != 'OK')
{
	tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name() . '=' . $HTTP_POST_VARS[tep_session_name()] . '&error_message=' . urlencode($StatusDetail), 'SSL', false, false));
}
}

 

I was taking a look at the protocol definition and it states that the response is indeed in the GET array. However I can't see how the original $crypt would retrieve this, is it the case that by defining it as global, it picks up the value returned in the URL automatically?

 

For the record I've also tried REQUEST and POST in the place of GET but only GET gives the correct redirect and as confirmed by my debug log output the OK status is present. Also notice the absence of:

 

global $HTTP_POST_VARS, $crypt;

 

Has anyone else encountered this behaviour and could shed some light? I have a ticket open with protx to hear what they say about how the response is returned.

 

As an addendum, here is my before_process function with all the logging code (make sure a debug directory exists with chmod 777 on your root website dir).

 

function before_process()
{
if(!($decode = base64_decode($crypt)))
	$err = "base64_decode failed";

$Decoded = $this->SimpleXor($decode, MODULE_PAYMENT_PROTX_FORM_PASSWORD);
$values = $this->getToken($Decoded);

$Status = $values['Status'];
$StatusDetail = $values['StatusDetail'];

// AM - 05/10/2006 - Debug out change
// report the status of the protx transaction in a debug out log file
$err = "";
$de_crypt = "";
$fileurl = "debug/protx_out.txt";

$fp = fopen($fileurl, "a");

fwrite( $fp , "------------ " . date('l dS \of F Y h:i:s A') . " ------------\n" );
fwrite( $fp , "err:			 (" . strlen($err) . ") " . $err . "\n" );
foreach($_POST as $key => $val)
{
	fwrite( $fp , "POST:			(" . strlen($val) . ") KEY: " . $key . ", VAL: " . $val . "\n" );
}
foreach($_GET as $key => $val)
{
	fwrite( $fp , "GET:			 (" . strlen($val) . ") KEY: " . $key . ", VAL: " . $val . "\n" );
}
foreach($_REQUEST as $key => $val)
{
	fwrite( $fp , "REQUEST:		 (" . strlen($val) . ") KEY: " . $key . ", VAL: " . $val . "\n" );
}
fwrite( $fp , "Crypt:		   (" . strlen($crypt) . ") " . $crypt . "\n" );
fwrite( $fp , "base64_decode:   (" . strlen($$decode) . ") " . $$decode . "\n" );
fwrite( $fp , "Protx Password:  (" . strlen(MODULE_PAYMENT_PROTX_FORM_PASSWORD)  . ") " . MODULE_PAYMENT_PROTX_FORM_PASSWORD . "\n" );
fwrite( $fp , "Decoded:		 (" . strlen($Decoded) . ") " . $Decoded . "\n" );
fwrite( $fp , "Status:		  (" . strlen($Status) . ") " . strtoupper($Status) . "\n" );
fwrite( $fp , "StatusDetail:	(" . strlen($StatusDetail) . ") " . $StatusDetail . "\n\n\n" );

fclose( $fp );

chmod($fileurl, 0777);
// AM - End Change

if (strtoupper($Status) != 'OK')
{
	tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name() . '=' . $HTTP_POST_VARS[tep_session_name()] . '&error_message=' . urlencode($StatusDetail), 'SSL', false, false));
}
}

Link to comment
Share on other sites

Ok, my faith in the Protx payment solution is precariously balancing on a knife's edge right now. It would ...

I feel that your approach is a bit of over-kill. Rather than seeing an open heart surgery, I'd instead like to know what version of protx form module you are using (and where is it coming from?), if there's any error msg, and why you chose to test it on the live server and not the test server, etc, as these would help people who would like to help to understand/identify the problem. IMHO, It's unlikely that, with regard to the protx form modules (say, v1.09), there is something seriously wrong in the protx form module, as there's many people out there are using it w/o reporting any major problem in this forum (to my knowledge).

 

Ken

commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...