shahed Posted October 12, 2002 Posted October 12, 2002 While I'm almost ready to launch my site using Oscommerce I found that there is legal issue with Linkpoint CC Gateway. Current linkpoint gateway contribution works but doesn't follow Credit Card rule. Credit card company requires to charge customer after you deliver the product. But current linkpoint contribution charge the card as soon as customer place the order. Now since I deliver product after 4/5 days its a big legal issue for me. So I need to modify some code. I have found this doc which comes with php wrapper which explains what to do. and here is the documentation from linkpoint about php wrapper. www.linkpoint.com/product_solutions/internet/lphp/LPHP10UM.pdf If you go to page 12 or choose "Typical Transaction" from left menu you will see its the option you can set when you make the transaction. So lets say you when customer place the order it should send information as preauth, linkpoint php wrapper comes with this function(CapturePayment), so on linkpoint.php I have this code below: $myresult=$mylpphp->CapturePayment($myorder); // send transaction if ( (defined('MODULE_PAYMENT_LINKPOINT_EMAIL')) && (MODULE_PAYMENT_LINKPOINT_EMAIL != 'NONE') ) { $len = strlen($HTTP_POST_VARS['x_Card_Num']); $new_cc = substr($HTTP_POST_VARS['x_Card_Num'], 0, 4) . substr('XXXXXXXXXXXXXXXX', 0, $len-8) . substr($HTTP_POST_VARS['x_Card_Num'], -4); $GLOBALS['cc_middle'] = substr($HTTP_POST_VARS['x_Card_Num'], 4, $len-8); $GLOBALS['cc_number'] = $new_cc; } # LINKPOINT CODE ENDS HERE So now customer pre approve the order and I want to ship the item and charge it. So on Admin panel after I update the order to "Delivered" I like to call the function <b> ApproveSale</b>. Since I'm not a PHP expert I dont know where to change on order.php. Can anyone tell me atleast what to change... Here are two functions which are on php wrapper: ############################### # CAPTURE_PAYMENT (pre-auth) # ############################### function CapturePayment($mydata) { $mydata["chargetype"]="PREAUTH"; $mynewdata=$this->forward_trans($mydata); $myretv=$this->process($mynewdata,"ALLSTDIN"); if(ereg("APPROVED", $myretv["approved"])) { $myrethash["statusCode"]=1; $myrethash["statusMessage"]=$myretv["error"]; $myrethash["AVSCode"]=$myretv["code"]; $myrethash["trackingID"]=$myretv["ref"]; $myrethash["orderID"]=$myretv["ordernum"]; } else { $myrethash["statusCode"]=0; $myrethash["statusMessage"]=$myretv["error"]; } return $myrethash; } ############################ # AUTHORIZE A SALE (sale) # ############################ function ApproveSale($mydata) { $mydata["chargetype"]="SALE"; $mynewdata=$this->forward_trans($mydata); $myretv=$this->process($mynewdata,"ALLSTDIN"); if(ereg("APPROVED", $myretv["approved"])) { $myrethash["statusCode"]=1; $myrethash["statusMessage"]=$myretv["error"]; $myrethash["AVSCode"]=$myretv["code"]; $myrethash["trackingID"]=$myretv["ref"]; $myrethash["orderID"]=$myretv["ordernum"]; } else { $myrethash["statusCode"]=0; $myrethash["statusMessage"]=$myretv["error"]; } return $myrethash; } [/code]
shahed Posted October 12, 2002 Author Posted October 12, 2002 I think I have to change the following code.. Can anyone help me.. Shahed switch ($HTTP_GET_VARS['action']) { case 'update_order': $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); $status = tep_db_prepare_input($HTTP_POST_VARS['status']); $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']); $order_updated = false; $check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, date_purchased from " . TABLE_ORDERS . " where orders_id = '" . tep_db_input($oID) . "'"); $check_status = tep_db_fetch_array($check_status_query); if ($check_status['orders_status'] != $status) { tep_db_query("update " . TABLE_ORDERS . " set orders_status = '" . tep_db_input($status) . "', last_modified = now() where orders_id = '" . tep_db_input($oID) . "'"); $customer_notified = '0'; if ($HTTP_POST_VARS['notify'] == 'on') { $email = STORE_NAME . "n" . EMAIL_SEPARATOR . "n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "nn" . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]); tep_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . tep_db_input($oID), nl2br($email), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); $customer_notified = '1'; } tep_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, new_value, old_value, date_added, customer_notified) values ('" . tep_db_input($oID) . "', '" . tep_db_input($status) . "', '" . $check_status['orders_status'] . "', now(), '" . $customer_notified . "')"); $order_updated = true; } if (tep_not_null($comments)) { tep_db_query("update " . TABLE_ORDERS . " set comments = '" . tep_db_input($comments) . "' where orders_id = '" . tep_db_input($oID) . "'"); $order_updated = true; } if ($order_updated) { $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success'); } tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=edit')); break; case 'deleteconfirm': $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); tep_remove_order($oID, $HTTP_POST_VARS['restock']); tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')))); break; } if ( ($HTTP_GET_VARS['action'] == 'edit') && ($HTTP_GET_VARS['oID']) ) { $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); $orders_query = tep_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . tep_db_input($oID) . "'"); $order_exists = true; if (!tep_db_num_rows($orders_query)) { $order_exists = false; $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error'); } }
Guest Posted October 13, 2002 Posted October 13, 2002 If this is true for credit cards to only be charged after you deliver the product then that is a very weird rule. I could name many popular places (like amazon, paypal etc etc) that charge a c card and then get ready to ship the product. Makes no sense for someone to charge a card after they deliver the product cus thoe the card my be valid but may have the limit set. Not sure about this thoe cus maybe them CC services check if a card is valid and check if the actual charge amount can be charged. Maybe they keep the card info and when ready to ship they charge and send. If charging before shipping is illegal then the rest of the osC payment modules should be taken a look at.
shahed Posted October 13, 2002 Author Posted October 13, 2002 Makes no sense for someone to charge a card after they deliver the product cus thoe the card my be valid but may have the limit set. Not sure about this thoe cus maybe them CC services check if a card is valid and check if the actual charge amount can be charged. Maybe they keep the card info and when ready to ship they charge and send. If charging before shipping is illegal then the rest of the osC payment modules should be taken a look at. I think you should take a look at this : http://bdbazar.com/Order_Display.gif http://bdbazar.com/order_display_details.gif This is something what I use now, bigstep.com , they actually get pre-auth from card when customer place order, so they know that this ammount is there.. Once you ship it, you can settle it. Also does anyone care about AVS system, I think to Avoid Fraud AVS is handy. I think developer of Oscommerce should read about credit card transaction more..
wizardsandwars Posted October 13, 2002 Posted October 13, 2002 I'd have to see the credit card law that said you had to ship it before you could charge, before I would believe it. It's possible that thousands of online merchants that charge before they ship could be wrong, but I doubt it. ------------------------------------------------------------------------------------------------------------------------- NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit. If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.
Guest Posted October 13, 2002 Posted October 13, 2002 I think you should take a look at this :http://bdbazar.com/Order_Display.gif http://bdbazar.com/order_display_details.gif This is something what I use now, bigstep.com , they actually get pre-auth from card when customer place order, so they know that this ammount is there.. Once you ship it, you can settle it. Also does anyone care about AVS system, I think to Avoid Fraud AVS is handy. I think developer of Oscommerce should read about credit card transaction more.. That is one very useful order handling osC module :shock: Is there a contribution for something like that? It's possible that thousands of online merchants that charge before they ship could be wrong, but I doubt it. My thoughts exactly.
Guest Posted October 13, 2002 Posted October 13, 2002 It's not a "law" per se that you have to deliver the product before you can charge the card but, it is a requirement of most merchant accounts. Did any of you actually read the fine print of the merchant agreement you signed?????
Guest Posted October 13, 2002 Posted October 13, 2002 For me: i havent got a merchant account yet but i will ask about this ship first pay later issue when i sign up.
wizardsandwars Posted October 13, 2002 Posted October 13, 2002 Currently, I only use paypal and 2checkout. Neither of them require that you ship an item before you can charge the credit card. Perhaps it is something I'll have to look into when I am ready to process cards myself, but I still find it hard to believe that you *must* ship an item before you can process the card. Can you provide documentation saying this? ------------------------------------------------------------------------------------------------------------------------- NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit. If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.
Guest Posted October 14, 2002 Posted October 14, 2002 My aren't you lucky...I just happen to have received an update for my Discover Card agreement.... Any other questions??????? In addition, you must get a signature at the time of delivery. Be sure to read your PayPal agreement too...I'll bet there are some delivery requirements.
Guest Posted October 14, 2002 Posted October 14, 2002 I have ordered many times online using a credit card and they always charged me first and then shipped the product. This i know is very true as ive been called by the C company to verify if i allow a amount to be charged at the time of an order. This concerns me as i think i or we would have to update the way osC charges its orders. Will credit card numbers have to be stored in mysql from now on? If yes then how would one change the status of an pending order once set to "Delivered" to charge the customers card? Also, in osC is "Delivered" the same as "Shipped"? or does the customer recieve the product then you charge? Will there be a not only check for a valid card but a check for valid charge amount? I believe what shahed posted ( AVS http://bdbazar.com/Order_Display.gif ) might be one solution to this but there is still concern on my part. If your using a payment gateway then who is responsible for c card fraud? To double check: Who sets these requirements to ship a product and then charge? I know so many questions so sorry be this is a sensitive issue. Maybe being able to proccess C cards on your own is best i dont really know.
humaneasy Posted October 14, 2002 Posted October 14, 2002 Hi Moderators, This ALL subject shouldn't be here. Please Harald move it to the "Developers Room" since this is an issue that should be taken care by developers and/or CC Gateway's contributors. This is NOT commom chit-chat :D 1, 8) Lopo If I helped you, you can help others too. Search Affero Network. Thanks :) -- moving mentalities >> fast forward
wizardsandwars Posted October 14, 2002 Posted October 14, 2002 I've throughly read the paypal and 2checkout agreements, agreements, and I assure you there is no such stipulation. Thanks for providing the documention, I hope you weren't offended that I asked. I am currently researching my merchant account, and this comes as quite a shock, because I havn't heard of it before. In my opinion, that's just another reason why NOT to process cards myself. BTW, how do YOU handle this? ------------------------------------------------------------------------------------------------------------------------- NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit. If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.
Guest Posted October 14, 2002 Posted October 14, 2002 Actually, I was rather offended. There is a lot more to running a business than putting up a web store and having money roll in. Perhaps you should consult and attorney, a banker and a CPA.
shahed Posted October 14, 2002 Author Posted October 14, 2002 Guys I been using Bigstep.com solution for 3 years and I think Bigstep has about 1000+ Store, so they do know what they are doing. I think it wouldn't take much effort to change Oscommece code to work like what Bigstep has. Also when customer charge the card, it pre-autorized, so I think there is nothing to worry about. My store has some order sitting there for 3 months and I can tell my customer that we do not have it now, we will deliver it when we will have it. Customer is not unhappy because I haven't charge his card. Atleast he is not paying interest while he is waiting. I'm sure all merchant has this process. Also I was surprised to see that no one ever brougt out AVS issues. AVS works like a charm against fraud. It tells you that if you have wrong address or mismatch of address, so I take extra pro when I settle the order. also if you actually read page 11/12 on this doc it should be pretty clear http://www.linkpoint.com/product_solutions...hp/LPHP10UM.pdf Shahed
shahed Posted October 14, 2002 Author Posted October 14, 2002 Will credit card numbers have to be stored in mysql from now on?If yes then how would one change the status of an pending order once set to "Delivered" to charge the customers card? Also, in osC is "Delivered" the same as "Shipped"? or does the customer recieve the product then you charge? . Ok you are going to the wrong direction here.. In the first time when customer place the order Oscommerce sends the info to CC gateway, so now credit card info is sitting on your merchant account(Ex:Linkpoint) server. So its pre-auth Now when you deliver the product and change the status on admin panel, it should call linkpoint server and charge customer order. So there is no trick on it
shahed Posted October 14, 2002 Author Posted October 14, 2002 Please take a look at this code which I get it from Linkpoint PHPwrapper, there are clearly 2 functions and I spoke with Technical Support of Linkpoint and they said you have to call first one(CapturePayment) when you get customer order, and when you ship you should call BillOrders. Now my site is live : http://bdbazar.com , Im just calling CapturePayment and than when I ship, I manually charge customer by going to the linkpoint website admin panel. I think we need to talk it over here.. Also I was surprized to see that there is no way you can refund order. Logically there should be a way so when admin cancel order, it should refund the money to customer. How do you cancel a order.. Herald if you are reading I want to know your though about it. ############################### # CAPTURE_PAYMENT (pre-auth) # ############################### function CapturePayment($mydata) { $mydata["chargetype"]="PREAUTH"; $mynewdata=$this->forward_trans($mydata); $myretv=$this->process($mynewdata,"ALLSTDIN"); if(ereg("APPROVED", $myretv["approved"])) { $myrethash["statusCode"]=1; $myrethash["statusMessage"]=$myretv["error"]; $myrethash["AVSCode"]=$myretv["code"]; $myrethash["trackingID"]=$myretv["ref"]; $myrethash["orderID"]=$myretv["ordernum"]; } else { $myrethash["statusCode"]=0; $myrethash["statusMessage"]=$myretv["error"]; } return $myrethash; } ############### # BILL_ORDERS # ############### function BillOrders ($myarg) { $ret=0; $idx=0; $count=count($myarg["orders"]); while ($idx < $count) { $myarg["orders"][$idx]["invalid_a"] = $myarg["invalid_a"]; $myarg["orders"][$idx]["host"] = $myarg["host"]; $myarg["orders"][$idx]["port"] = $myarg["port"]; $myarg["orders"][$idx]["configfile"] = $myarg["configfile"]; $myarg["orders"][$idx]["keyfile"] = $myarg["keyfile"]; $myarg["orders"][$idx]["Ip"] = $myarg["Ip"]; $myarg["orders"][$idx]["result"] = $myarg["result"]; $this->BillOrder(&$myarg["orders"][$idx]); if($myarg["orders"][$idx]["statusCode"] == 1) { $ret++; } $idx++; } return $ret; } [/b]
Guest Posted October 14, 2002 Posted October 14, 2002 Ok you are going to the wrong direction here.. In the first time when customer place the order Oscommerce sends the info to CC gateway, so now credit card info is sitting on your merchant account(Ex:Linkpoint) server. So its pre-authNow when you deliver the product and change the status on admin panel, it should call linkpoint server and charge customer order. So there is no trick on it . My question now is if do the Authorizenet ADC and Paypal modules work like this? If they dont then ill have to use Linkpoint.
shahed Posted October 14, 2002 Author Posted October 14, 2002 I think you should take a look at this : http://bdbazar.com/Order_Display.gif http://bdbazar.com/order_display_details.gif This is something what I use now, bigstep.com , they actually get pre-auth from card when customer place order, so they know that this ammount is there.. Once you ship it, you can settle it. Also does anyone care about AVS system, I think to Avoid Fraud AVS is handy. I think developer of Oscommerce should read about credit card transaction more.. That is one very useful order handling osC module :shock: Is there a contribution for something like that? It's possible that thousands of online merchants that charge before they ship could be wrong, but I doubt it. My thoughts exactly. Wizard Those are from Bigstep.com backend .. I used to use them.. you can virtually do everything using their admin panel, which I think many people here dont realize. I been running my site for 3 years and I know you defenately need those features.
Guest Posted October 14, 2002 Posted October 14, 2002 OK im a bit confused. There is no working payment module that has pre-auth and then charge when shipped? How about accepting C card on your own?
wizardsandwars Posted October 14, 2002 Posted October 14, 2002 Kim, I am sorry you were offended. It was not my intention. I can not begin to tell you the lengths that I have gone through over the past 6 months to become a LLC, get state registered, get my business license, and get online. If I represented myself a guy who overnight put some webshop up and am "watching the money roll in", well then I guess I need to ask less questions....? I have a CPA, I have consulted an attorney, AND an banker. And while all I did was ask you to provide a little documentation to back up you argument, you are insinuating that I haven't invested the time or research to open my business. Who being insulting here? While I am surprised by this discovery, I'm sure there are ways to overcome the problem. Again, Kim, how do you overcome this obstacle? Do you store the customers CC numbers yourself and process them later? To give you the benefit of the doubt and not insult you further, I will assume not. How then, pray tell, do you process credit cards? ------------------------------------------------------------------------------------------------------------------------- NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit. If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.
mattice Posted October 14, 2002 Posted October 14, 2002 How about accepting C card on your own? Depends on your contract. This whole thread is nonsense in Europe as far as I can tell. We've been doing online mailorder business for over 5 years now and have never ever heard you should deliver first and then charge. We do business directly with the cc companies and although they do give the option to authorize first / charge later it is nowhere stated you should deliver first. "Politics is the art of preventing people from taking part in affairs which properly concern them"
Guest Posted October 14, 2002 Posted October 14, 2002 How about accepting C card on your own? Depends on your contract. This whole thread is nonsense in Europe as far as I can tell. We've been doing online mailorder business for over 5 years now and have never ever heard you should deliver first and then charge. We do business directly with the cc companies and although they do give the option to authorize first / charge later it is nowhere stated you should deliver first. Thats exactly as ive thought it is. Never heard of such a way to do business to ship first and pay later. Maybe this is a new thing that soon will become added to most payment gatways like pre-auth was added to smtp for better security. My question now is: Where or who do i go with so that i can accept credit cards with osC without any problems? Order Process: Your order will not ship until we receive payment.
mattice Posted October 14, 2002 Posted October 14, 2002 Just call Visa / Eurocard / American Express and tell them you want a mailorder and / or internet account. You'll have to apply for it, they do not take just anybody. Eurocard is the only one (here in Holland) that has someone else do all their business (InterPay) for them. But then again I believe they are owned by Eurocard :) "Politics is the art of preventing people from taking part in affairs which properly concern them"
mattice Posted October 14, 2002 Posted October 14, 2002 By the way: Look at this scenario... You sell dvd's. Sombody in China buys 6 of 'em. How will you ever know if the guy in China has got your parcel? If you have his/her signature returned you can wait for over two months before it is returned to you. With a shipping time of a week or two on top of that your original authorization code for the China transaction is expired (useless) anyway and you'll have to wait and see if you can still charge the guy.... "Politics is the art of preventing people from taking part in affairs which properly concern them"
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.