Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Attention ALL Secpay Users


Clint Fern

Recommended Posts

Hi,

 

just found a problem with Secpay that has been caused by their changing IP address on 10th January - basically when the form https:www.secpay.com/java-bin/ValCard is processed it returns the user to the checkout_payment.php page with the warning -

 

There has been an error processing you credit card, please try again.

 

However their payment has already been processed by Secpay and any extra entries will incur extra charges.

 

I'm using a version of secpay.php from 31 May 2002, v2.2 - although the code is the same in recent snapshots at the stage I think is causing the errors...

 

I'm no PHP code expert but I think that the problem is in the secpay.php module on the lines -

 

if ($HTTP_POST_VARS['valid'] == 'true') {

if ($remote_host = getenv('REMOTE_HOST')) {

if ($remote_host != 'secpay.com') {

$remote_host = gethostbyaddr($remote_host);

}

if ($remote_host != 'secpay.com') {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name() . '=' . $HTTP_POST_VARS[tep_session_name()] . '&error_message=' . urlencode(MODULE_PAYMENT_SECPAY_TEXT_ERROR_MESSAGE), 'SSL', false, false));

 

 

I'm guessing that the new IP addresses might not be returning the REMOTE_HOST as secpay.com.

 

I'm trying to work out a solution and if I find one I'll let you know - don't hold your breath though. :? :?

 

Any Secpay code geniuses get cracking!

 

Cheers

Clint

Link to comment
Share on other sites

  • 2 months later...

Hi Steve,

 

I did a bit of a hack on the existing code that has allowed the system to work OK - although I'm not sure if it's best practise. I just commented out the two lines that check that IP address is returning the REMOTE_HOST as Secpay on lines 81 - 88 I replaced -

 

if ($remote_host != 'secpay.com') {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name() . '=' . $HTTP_POST_VARS[tep_session_name()] . '&error_message=' . urlencode(MODULE_PAYMENT_SECPAY_TEXT_ERROR_MESSAGE), 'SSL', false, false));

echo $remote_host;

}

} else {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name() . '=' . $HTTP_POST_VARS[tep_session_name()] . '&error_message=' . urlencode(MODULE_PAYMENT_SECPAY_TEXT_ERROR_MESSAGE), 'SSL', false, false));

echo $remote_host;

}

 

with

 

if ($remote_host != 'secpay.com') {

// tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name() . '=' . $HTTP_POST_VARS[tep_session_name()] . '&error_message=' . urlencode(MODULE_PAYMENT_SECPAY_TEXT_ERROR_MESSAGE), 'SSL', false, false));

echo $remote_host;

}

} else {

// tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name() . '=' . $HTTP_POST_VARS[tep_session_name()] . '&error_message=' . urlencode(MODULE_PAYMENT_SECPAY_TEXT_ERROR_MESSAGE), 'SSL', false, false));

echo $remote_host;

}

 

 

Hope this helps - if anyone else can suggest something better that would be cool.

 

Clint

Link to comment
Share on other sites

Thanks

 

I've got a query running with the guys at Secpay - they're running some test transactions

 

They think that there has been a change (in OSC) since last year (we've got one site up & running in production with a September 2002 snapshot with no issues) which is causing the problem.

 

Will keep you updated.

 

Steve

Link to comment
Share on other sites

Hi Steve,

 

I don't think it's an osC problem - the reason being that I hadn't changed any of the payment module since about June 2002 and the problem appeared for us only after they had changed over servers.

 

In case they need to check details, the shop concerned is www.justcornish.com.

 

Cheers

Clint

Link to comment
Share on other sites

Guys,

 

The problem is that you check the hostname secpay.com. The switch in Jan was to a new infrastructure which includes the new live server as well as hot standby and disaster recovery servers which may come into action at any point if our monitoring systems detect a fault. Each of these has it's own IP address which may not remain the same forever and do not map to the hostname secpay.com.

 

To verify the source of requests you will need to implement the MD5 hash checking as detailed at http://www.secpay.com/sc_api.html#callback beside the section marked "hash".

 

SECPay can't perform this development work due to the potential for it to be seen as preferrential treatment of osCommerce over other shopping cart vendors we work with. If anyone wishes to write the update they can obtain the same help as we would supply to any other vendor from Phil Whittaker who is familiar with osCommerce and a seasoned PHP developer. Phil can be reached by emailing [email protected] marking it for his attention, or phoning the technical support desk (+44 1732 300 200, option 4) and asking for Phil by name.

 

Al Sutton

SECPay Ltd.

Link to comment
Share on other sites

  • 2 months later...

:oops:

 

I have added in the // from Clint Fern (Thanks) but we idealy need somone that knows PHP like making pie to have a look into the secpay module!!!!

 

SO THIS IS A CRY OF HELP!!!!!!!!

 

from my as a wiki php programer please help us sort this problem with the secpay module

 

many thanks Simon

 

mail me at [email protected]

Link to comment
Share on other sites

  • 1 month later...

All,

 

We've just downloaded the latest milestone and found the requirement for secpay.com to be the originating server still exists.

 

We've made an update to our systems to ease the problem, but this is not a long term fix.

 

Al Sutton

Technical Manager

SECPay Ltd.

Link to comment
Share on other sites

  • 1 year later...

I seem to be getting this problem - yet this is an OLD topic!

 

My secpay.php = $Id: secpay.php,v 1.31 2003/01/29 19:57:15 hpdl Exp $

 

Was this fixed? My store is in development and running in test mode with Secpay (auth always successful) but when it comes back to my store from SECpay I still get

 

There has been an error processing your credit card. Please try again.

 

although secpay emails say "Sale Okay" for the purchase.

 

Any help would be much appreciated!

Edited by Marc_J
Link to comment
Share on other sites

  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...