Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

No credit card info on Orders


jgmilleriii

Recommended Posts

Credit card info -- card numbers, ccv,exp date, no longer being captured in the database/orders table.

 

Clients are entering the info (tested), but for the last week or so, nothing is being stored in the db.

 

We're on PHP 5 with a not-so-new version of OSC.

 

Any ideas?

 

Thanks!

Link to comment
Share on other sites

When using CC payments, not all of the details are stored in the database.

Half are, and the other half are attached to an email to the stor owner.

Only with both pieces of data can you then process the card payment.

Link to comment
Share on other sites

I am having this same problem...good luck to us both, because everyone is just going to reply about PCI compliance and how evil it is to store that info in the DB.

If you can't "do the time", don't "do the crime"...

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

If you can't "do the time", don't "do the crime"...

 

Well, thank you for your "concern", but it's not like you or anyone on here is going to be held liable. Meanwhile, those of us having these problems sit and wait without getting any help.

Link to comment
Share on other sites

Well, thank you for your "concern", but it's not like you or anyone on here is going to be held liable. Meanwhile, those of us having these problems sit and wait without getting any help.

 

Is part of the data being stored?

Or did you "hack" it so that all data was supposed to be stored inyour DB?

Link to comment
Share on other sites

If I knew the answer, I'd post it (I think).

 

And it looks like you already realize that if you're not PCI compliant, and you get caught, your a$$ is in the sling (not mine).

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

If I knew the answer, I'd post it (I think).

 

And it looks like you already realize that if you're not PCI compliant, and you get caught, your a$$ is in the sling (not mine).

 

Well, not all web stores are created equal. Ours is secondary to our actual, physical store. As a result, we only get a few online orders every day. We could get the CC info and then delete it once we had (manually) run the card. It's not for long term storage...I have a feeling that the other posters I have seen with the same problems have similar situations. Of course, for everyone with this MO, losing the CC info is obviously kind of a big deal. Eh, what can you do.

Link to comment
Share on other sites

Well, not all web stores are created equal. Ours is secondary to our actual, physical store. As a result, we only get a few online orders every day. We could get the CC info and then delete it once we had (manually) run the card. It's not for long term storage...I have a feeling that the other posters I have seen with the same problems have similar situations. Of course, for everyone with this MO, losing the CC info is obviously kind of a big deal. Eh, what can you do.

 

What you can do is get legal and comply to the PCI regulations...

 

And even more importantly you are not alowed to store the CVV / 3 digit security code for any duration of time, ie. not even for a second.

 

You should simply get a payment gateway for your shop.

 

There are even gateways who offer to store the cc info according to the PCI rules on your behalf and then let you access it so that you can process it manually.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...