Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

DPS not redirecting to checkout_success.php


asgc

Recommended Posts

I"m using DPS_PxPay_v1.3 for the credit card payment.

 

When i fill out the merchant page. It will return to checkout_confirmation.php. Once i clicked the "confirm order" at the right bottom page, it keep return back to the credit card payment interface.

 

Meanwhile i will receive an e-mail saying:

 

Payment could not be completed - reference not found

 

Invalid length for a Base-64 char array.

 

I've Tried to search the forum but non of them works.

 

The SSL in configuration.php under catalog and admin are set on false.

 

I've tried to change the general.php and checkout_success.php with tep_redirect

 

but non of them works.

Link to comment
Share on other sites

Judy,

 

Your return path should be to checkout_process.php NOT checkout_confirmation.php, however I don't believe this will correct the issue. You should contact DPS for their latest API requirements.

 

 

 

 

Chris

Link to comment
Share on other sites

Hi Chris:

 

Thank you for reply. I've already contact DPS and they are looking into it but don't know how long it takes.

 

From my understanding the checkout step goes to:

Checkout_shipping ->

Checkout_payment ->

Checkout_confirmation ->

Checkout_Progress (which links to DPS merchant website, once it go through) ->

Checkout_Success which will complete the whole order progress.

 

Now, the problem is Checkout_Progress redirect back to Checkout_confirmation each time but not Checkout_Success.

Meanwhile i will receive an e-mail saying

 

Quote:

Payment could not be completed - reference not found

Invalid length for a Base-64 char array.

 

Somehow i have a feeling it was my side that was having problem because my website got hacked not long ago so i got someone to do the cleaning up for me. This issue happened after the re-store website as he changed some path direction (i think)

 

The guy who did the website is hard to get hold with. I've copy the progress and confirmation.php code underneath.

 

So your help will be much appreciated, thank you

 

<?php
/*
 $Id: checkout_process.php,v 1.128 2003/05/28 18:00:29 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2007 osCommerce

 Released under the GNU General Public License
*/

 include('includes/application_top.php');

// if the customer is not logged on, redirect them to the login page
 if (!tep_session_is_registered('customer_id')) {
   $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));
   tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
 }

 if (!tep_session_is_registered('sendto')) {
   tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
 }

 if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {
   tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
}

// avoid hack attempts during the checkout procedure by checking the internal cartID
 if (isset($cart->cartID) && tep_session_is_registered('cartID')) {
   if ($cart->cartID != $cartID) {
     tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
   }
 }

 include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS);

// load selected payment module
 require(DIR_WS_CLASSES . 'payment.php');
 $payment_modules = new payment($payment);

// load the selected shipping module
 require(DIR_WS_CLASSES . 'shipping.php');
 $shipping_modules = new shipping($shipping);

 require(DIR_WS_CLASSES . 'order.php');
 $order = new order;

 require(DIR_WS_CLASSES . 'order_total.php');
 $order_total_modules = new order_total;

 $order_totals = $order_total_modules->process();

// load the before_process function from the payment modules
 $payment_modules->before_process();

 $sql_data_array = array('customers_id' => $customer_id,
                         'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],
                         'customers_company' => $order->customer['company'],
                         'customers_street_address' => $order->customer['street_address'],
                         'customers_suburb' => $order->customer['suburb'],
                         'customers_city' => $order->customer['city'],
                         'customers_postcode' => $order->customer['postcode'], 
                         'customers_state' => $order->customer['state'], 
                         'customers_country' => $order->customer['country']['title'], 
                         'customers_telephone' => $order->customer['telephone'], 
                         'customers_email_address' => $order->customer['email_address'],
                         'customers_address_format_id' => $order->customer['format_id'], 
                         'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 
                         'delivery_company' => $order->delivery['company'],
                         'delivery_street_address' => $order->delivery['street_address'], 
                         'delivery_suburb' => $order->delivery['suburb'], 
                         'delivery_city' => $order->delivery['city'], 
                         'delivery_postcode' => $order->delivery['postcode'], 
                         'delivery_state' => $order->delivery['state'], 
                         'delivery_country' => $order->delivery['country']['title'], 
                         'delivery_address_format_id' => $order->delivery['format_id'], 
                         'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 
                         'billing_company' => $order->billing['company'],
                         'billing_street_address' => $order->billing['street_address'], 
                         'billing_suburb' => $order->billing['suburb'], 
                         'billing_city' => $order->billing['city'], 
                         'billing_postcode' => $order->billing['postcode'], 
                         'billing_state' => $order->billing['state'], 
                         'billing_country' => $order->billing['country']['title'], 
                         'billing_address_format_id' => $order->billing['format_id'], 
                         'payment_method' => $order->info['payment_method'], 
                         'cc_type' => $order->info['cc_type'], 
                         'cc_owner' => $order->info['cc_owner'], 
                         'cc_number' => $order->info['cc_number'], 
                         'cc_expires' => $order->info['cc_expires'], 
                         'date_purchased' => 'now()', 
                         'orders_status' => $order->info['order_status'], 
                         'currency' => $order->info['currency'], 
                         'currency_value' => $order->info['currency_value']);
 tep_db_perform(TABLE_ORDERS, $sql_data_array);
 $insert_id = tep_db_insert_id();
 for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
   $sql_data_array = array('orders_id' => $insert_id,
                           'title' => $order_totals[$i]['title'],
                           'text' => $order_totals[$i]['text'],
                           'value' => $order_totals[$i]['value'], 
                           'class' => $order_totals[$i]['code'], 
                           'sort_order' => $order_totals[$i]['sort_order']);
   tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
 }

 $customer_notification = (SEND_EMAILS == 'true') ? '1' : '0';
 $sql_data_array = array('orders_id' => $insert_id, 
                         'orders_status_id' => $order->info['order_status'], 
                         'date_added' => 'now()', 
                         'customer_notified' => $customer_notification,
                         'comments' => $order->info['comments']);
 tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);

// initialized for the email confirmation
 $products_ordered = '';
 $subtotal = 0;
 $total_tax = 0;

 for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
// Stock Update - Joao Correia
   if (STOCK_LIMITED == 'true') {
     if (DOWNLOAD_ENABLED == 'true') {
       $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename 
                           FROM " . TABLE_PRODUCTS . " p
                           LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa
                            ON p.products_id=pa.products_id
                           LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
                            ON pa.products_attributes_id=pad.products_attributes_id
                           WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";
// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
       $products_attributes = $order->products[$i]['attributes'];
       if (is_array($products_attributes)) {
         $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";
       }
       $stock_query = tep_db_query($stock_query_raw);
     } else {
       $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
     }
     if (tep_db_num_rows($stock_query) > 0) {
       $stock_values = tep_db_fetch_array($stock_query);
// do not decrement quantities if products_attributes_filename exists
       if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {
         $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
       } else {
         $stock_left = $stock_values['products_quantity'];
       }
       tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
       if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {
         tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");
       }
     }
   }

// Update products_ordered (for bestsellers list)
   tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

   $sql_data_array = array('orders_id' => $insert_id, 
                           'products_id' => tep_get_prid($order->products[$i]['id']), 
                           'products_model' => $order->products[$i]['model'], 
                           'products_name' => $order->products[$i]['name'], 
                           'products_price' => $order->products[$i]['price'], 
                           'final_price' => $order->products[$i]['final_price'], 
                           'products_tax' => $order->products[$i]['tax'], 
                           'products_quantity' => $order->products[$i]['qty']);
   tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
   $order_products_id = tep_db_insert_id();

//------insert customer choosen option to order--------
   $attributes_exist = '0';
   $products_ordered_attributes = '';
   if (isset($order->products[$i]['attributes'])) {
     $attributes_exist = '1';
     for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
       if (DOWNLOAD_ENABLED == 'true') {
         $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename 
                              from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa 
                              left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
                               on pa.products_attributes_id=pad.products_attributes_id
                              where pa.products_id = '" . $order->products[$i]['id'] . "' 
                               and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' 
                               and pa.options_id = popt.products_options_id 
                               and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' 
                               and pa.options_values_id = poval.products_options_values_id 
                               and popt.language_id = '" . $languages_id . "' 
                               and poval.language_id = '" . $languages_id . "'";
         $attributes = tep_db_query($attributes_query);
       } else {
         $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");
       }
       $attributes_values = tep_db_fetch_array($attributes);

       $sql_data_array = array('orders_id' => $insert_id, 
                               'orders_products_id' => $order_products_id, 
                               'products_options' => $attributes_values['products_options_name'],
                               'products_options_values' => $attributes_values['products_options_values_name'], 
                               'options_values_price' => $attributes_values['options_values_price'], 
                               'price_prefix' => $attributes_values['price_prefix']);
       tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);

       if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
         $sql_data_array = array('orders_id' => $insert_id, 
                                 'orders_products_id' => $order_products_id, 
                                 'orders_products_filename' => $attributes_values['products_attributes_filename'], 
                                 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 
                                 'download_count' => $attributes_values['products_attributes_maxcount']);
         tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
       }
       $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
     }
   }
//------insert customer choosen option eof ----
   $total_weight += ($order->products[$i]['qty'] * $order->products[$i]['weight']);
   $total_tax += tep_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty'];
   $total_cost += $total_products_price;

   $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";
 }

// lets start with the email confirmation
 $email_order = STORE_NAME . "\n" . 
                EMAIL_SEPARATOR . "\n" . 
                EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" .
                EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" .
                EMAIL_TEXT_DATE_ORDERED . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n";
 if ($order->info['comments']) {
   $email_order .= tep_db_output($order->info['comments']) . "\n\n";
 }
 $email_order .= EMAIL_TEXT_PRODUCTS . "\n" . 
                 EMAIL_SEPARATOR . "\n" . 
                 $products_ordered . 
                 EMAIL_SEPARATOR . "\n";

 for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {
   $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
 }

 if ($order->content_type != 'virtual') {
   $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" . 
                   EMAIL_SEPARATOR . "\n" .
                   tep_address_label($customer_id, $sendto, 0, '', "\n") . "\n";
 }

 $email_order .= "\n" . EMAIL_TEXT_BILLING_ADDRESS . "\n" .
                 EMAIL_SEPARATOR . "\n" .
                 tep_address_label($customer_id, $billto, 0, '', "\n") . "\n\n";
 if (is_object($$payment)) {
   $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" . 
                   EMAIL_SEPARATOR . "\n";
   $payment_class = $$payment;
   $email_order .= $order->info['payment_method'] . "\n\n";
   if ($payment_class->email_footer) { 
     $email_order .= $payment_class->email_footer . "\n\n";
   }
 }
 tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

// send emails to other people
 if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
   tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
 }

// load the after_process function from the payment modules
 $payment_modules->after_process();

 $cart->reset(true);

// unregister session variables used during checkout
 tep_session_unregister('sendto');
 tep_session_unregister('billto');
 tep_session_unregister('shipping');
 tep_session_unregister('payment');
 tep_session_unregister('comments');

 tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));

 require(DIR_WS_INCLUDES . 'application_bottom.php');
?>

 

and

 

<?php
/*
 $Id: checkout_confirmation.php,v 1.139 2003/06/11 17:34:53 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');

// if the customer is not logged on, redirect them to the login page
 if (!tep_session_is_registered('customer_id')) {
   $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));
   tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
 }

// if there is nothing in the customers cart, redirect them to the shopping cart page
 if ($cart->count_contents() < 1) {
   tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
 }

// avoid hack attempts during the checkout procedure by checking the internal cartID
 if (isset($cart->cartID) && tep_session_is_registered('cartID')) {
   if ($cart->cartID != $cartID) {
     tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
   }
 }

// if no shipping method has been selected, redirect the customer to the shipping method selection page
 if (!tep_session_is_registered('shipping')) {
   tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
 }

 if (!tep_session_is_registered('payment')) tep_session_register('payment');
 if (isset($HTTP_POST_VARS['payment'])) $payment = $HTTP_POST_VARS['payment'];

 if (!tep_session_is_registered('comments')) tep_session_register('comments');
 if (tep_not_null($HTTP_POST_VARS['comments'])) {
   $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);
 }

// load the selected payment module
 require(DIR_WS_CLASSES . 'payment.php');
 $payment_modules = new payment($payment);

 require(DIR_WS_CLASSES . 'order.php');
 $order = new order;

 $payment_modules->update_status();

 if ( ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) || (is_object($$payment) && ($$payment->enabled == false)) ) {
   tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
 }

 if (is_array($payment_modules->modules)) {
   $payment_modules->pre_confirmation_check();
 }

// load the selected shipping module
 require(DIR_WS_CLASSES . 'shipping.php');
 $shipping_modules = new shipping($shipping);

 require(DIR_WS_CLASSES . 'order_total.php');
 $order_total_modules = new order_total;
 $order_total_modules->process();

// Stock Check
 $any_out_of_stock = false;
 if (STOCK_CHECK == 'true') {
   for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
     if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {
       $any_out_of_stock = true;
     }
   }
   // Out of Stock
   if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {
     tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
   }
 }

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_CONFIRMATION);

 $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
 $breadcrumb->add(NAVBAR_TITLE_2);
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="0" cellpadding="0">
 <tr>
   <td class="col_left">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
   </td>
<!-- body_text //-->
   <td width="100%" class="col_center"><table border="0" width="100%" cellspacing="0" cellpadding="0">
     <tr>
       <td>
<?php
 if (isset($$payment->form_action_url)) {
   $form_action_url = $$payment->form_action_url;
 } else {
   $form_action_url = tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL');
 }

 echo tep_draw_form('checkout_confirmation', $form_action_url, 'post');
?>

<? tep_draw_heading_top();?>

<? new contentBoxHeading_ProdNew($info_box_contents);?>

<? tep_draw_heading_top_1();?>

	<br style="line-height:1px;"><br style="line-height:10px;">

<?php echo tep_draw_infoBox_top();?>

	<table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
<?php
 if ($sendto != false) {
?>
           <td width="30%" valign="top">
		<table border="0" width="100%" cellspacing="4" cellpadding="2">
             <tr>
               <td class="main"><?php echo '<b>' . HEADING_DELIVERY_ADDRESS . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td>
             </tr>
             <tr>
               <td class="main"><?php echo tep_address_format($order->delivery['format_id'], $order->delivery, 1, ' ', '<br>'); ?></td>
             </tr>
<?php
   if ($order->info['shipping_method']) {
?>
             <tr>
               <td class="main"><?php echo '<b>' . HEADING_SHIPPING_METHOD . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td>
             </tr>
             <tr>
               <td class="main"><?php echo $order->info['shipping_method']; ?></td>
             </tr>
<?php
   }
?>
           </table>
		</td>
<?php
 }
?>
           <td class="infoBox"><?php echo tep_draw_separator('spacer.gif', '1', '1'); ?></td>
           <td width="<?php echo (($sendto != false) ? '70%' : '100%'); ?>" valign="top">
		<table border="0" width="100%" cellspacing="4" cellpadding="0">
             <tr>
               <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
 if (sizeof($order->info['tax_groups']) > 1) {
?>
                 <tr>
                   <td class="main" colspan="2"><?php echo '<b>' . HEADING_PRODUCTS . '</b> <a href="' . tep_href_link(FILENAME_SHOPPING_CART) . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td>
                   <td class="smallText" align="right"><b><?php echo HEADING_TAX; ?></b></td>
                   <td class="smallText" align="right"><b><?php echo HEADING_TOTAL; ?></b></td>
                 </tr>
<?php
 } else {
?>
                 <tr>
                   <td class="main" colspan="3"><?php echo '<b>' . HEADING_PRODUCTS . '</b> <a href="' . tep_href_link(FILENAME_SHOPPING_CART) . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td>
                 </tr>
<?php
 }

 for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
   echo '          <tr>' . "\n" .
        '            <td class="main" align="right" valign="top" width="30">' . $order->products[$i]['qty'] . ' x</td>' . "\n" .
        '            <td class="main" valign="top">' . $order->products[$i]['name'];

   if (STOCK_CHECK == 'true') {
     echo tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty']);
   }

   if ( (isset($order->products[$i]['attributes'])) && (sizeof($order->products[$i]['attributes']) > 0) ) {
     for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
       echo '<br><nobr><small> <i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value'] . '</i></small></nobr>';
     }
   }

   echo '</td>' . "\n";

   if (sizeof($order->info['tax_groups']) > 1) echo '            <td class="main" valign="top" align="right">' . tep_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n";

   echo '            <td class="main" align="right" valign="top">' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . '</td>' . "\n" .
        '          </tr>' . "\n";
 }
?>
               </table></td>
             </tr>
           </table>
           </td>
         </tr>
       </table>

<?php echo tep_draw_infoBox_bottom();?>

		<br style="line-height:1px;"><br style="line-height:10px;">
     <table cellpadding="0" cellspacing="0" border="0"><tr>
       <td class="main"><b><?php echo HEADING_BILLING_INFORMATION; ?></b></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr></table>

<?php echo tep_draw_infoBox_top();?>

	<table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td width="30%" valign="top"><table border="0" width="100%" cellspacing="4" cellpadding="2">
             <tr>
               <td class="main"><?php echo '<b>' . HEADING_BILLING_ADDRESS . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT_ADDRESS, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td>
             </tr>
             <tr>
               <td class="main"><?php echo tep_address_format($order->billing['format_id'], $order->billing, 1, ' ', '<br>'); ?></td>
             </tr>
             <tr>
               <td class="main"><?php echo '<b>' . HEADING_PAYMENT_METHOD . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td>
             </tr>
             <tr>
               <td class="main"><?php echo $order->info['payment_method']; ?></td>
             </tr>
           </table></td>
           <td class="infoBox"><?php echo tep_draw_separator('spacer.gif', '1', '1'); ?></td>
           <td width="70%" valign="top" align="right">
		<table border="0" cellspacing="4" cellpadding="2">
<?php
 if (MODULE_ORDER_TOTAL_INSTALLED) {
   echo $order_total_modules->output();
 }
?>
           </table></td>
         </tr>
       </table>

<?php echo tep_draw_infoBox_bottom();?>

<?php
 if (is_array($payment_modules->modules)) {
   if ($confirmation = $payment_modules->confirmation()) {
?>
     <table cellpadding="0" cellspacing="0" border="0"><tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
     <tr>
       <td class="main"><b><?php echo HEADING_PAYMENT_INFORMATION; ?></b></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr></table>


<?php echo tep_draw_infoBox_top();?>

       <table border="0" cellspacing="0" cellpadding="2">
             <tr>
               <td class="main" colspan="4"><?php echo $confirmation['title']; ?></td>
             </tr>
<?php
     for ($i=0, $n=sizeof($confirmation['fields']); $i<$n; $i++) {
?>
             <tr>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td class="main"><?php echo $confirmation['fields'][$i]['title']; ?></td>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td class="main"><?php echo $confirmation['fields'][$i]['field']; ?></td>
             </tr>
<?php
     }
?>
        </table>

<?php echo tep_draw_infoBox_bottom();?>


<?php
   }
 }
?>
	<br style="line-height:1px;"><br style="line-height:10px;">
<?php
 if (tep_not_null($order->info['comments'])) {
?>
     <table cellpadding="0" cellspacing="0" border="0"><tr>
       <td class="main"><?php echo '<b>' . HEADING_ORDER_COMMENTS . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr></table>


<?php echo tep_draw_infoBox_top();?>

	<table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td class="main"><?php echo nl2br(tep_output_string_protected($order->info['comments'])) . tep_draw_hidden_field('comments', $order->info['comments']); ?></td>
             </tr>
       </table>

<?php echo tep_draw_infoBox_bottom();?>

		<br style="line-height:1px;"><br style="line-height:10px;">
<?php
 }
?>

	<table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td align="right" class="main bg_input">
<?php
 if (is_array($payment_modules->modules)) {
   echo $payment_modules->process_button();
 }

 echo tep_image_submit('button_confirm_order.gif', IMAGE_BUTTON_CONFIRM_ORDER) . "\n";
?>
           </td>
         </tr>
       </table>

		<br style="line-height:1px;"><br style="line-height:10px;">		

	<table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
             <tr>
               <td width="50%" align="right"><?php echo tep_draw_separator('pixel_silver.gif', '1', '5'); ?></td>
               <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td>
             </tr>
           </table></td>
           <td width="25%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td>
           <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
             <tr>
               <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td>
               <td><?php echo tep_image(DIR_WS_IMAGES . 'checkout_bullet.gif'); ?></td>
               <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td>
             </tr>
           </table></td>
           <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
             <tr>
               <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td>
               <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '1', '5'); ?></td>
             </tr>
           </table></td>
         </tr>
         <tr>
           <td align="center" width="25%" class="checkoutBarFrom"><?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '" class="checkoutBarFrom">' . CHECKOUT_BAR_DELIVERY . '</a>'; ?></td>
           <td align="center" width="25%" class="checkoutBarFrom"><?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL') . '" class="checkoutBarFrom">' . CHECKOUT_BAR_PAYMENT . '</a>'; ?></td>
           <td align="center" width="25%" class="checkoutBarCurrent"><?php echo CHECKOUT_BAR_CONFIRMATION; ?></td>
           <td align="center" width="25%" class="checkoutBarTo"><?php echo CHECKOUT_BAR_FINISHED; ?></td>
         </tr>
       </table>

<? tep_draw_heading_bottom_1();?>

<? tep_draw_heading_bottom();?>

	</td>
     </tr>
   </table></form></td>
<!-- body_text_eof //-->
   <td class="col_right">
<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->
   </td>
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //--></body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

Link to comment
Share on other sites

It could be something more to do with the server configuration than a change in site code. After the floating point denial of service attack bug that was found in PHP, many web hosts after upgrading, installed Suhosin which is a module that hardens the security of PHP. In doing so they also put an end to a webserver receiving a long query string by limiting the length to 512 characters by default.

 

If I remember correctly the DPS Px Pay server tries to send a base64 encoded string back to the server to confirm the order. That string can be up to and over 2000 characters long. If Suhosin has been installed it will clip that string to the first 512 characters which will in fact render it corrupted, which is I think, the message you are receiving.

 

If you have phpinfo() access in your admin panel, have a look through the PHP settings for any mention of Suhosin.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...