asgc Posted April 29, 2011 Share Posted April 29, 2011 I"m using DPS_PxPay_v1.3 for the credit card payment. When i fill out the merchant page. It will return to checkout_confirmation.php. Once i clicked the "confirm order" at the right bottom page, it keep return back to the credit card payment interface. Meanwhile i will receive an e-mail saying: Payment could not be completed - reference not found Invalid length for a Base-64 char array. I've Tried to search the forum but non of them works. The SSL in configuration.php under catalog and admin are set on false. I've tried to change the general.php and checkout_success.php with tep_redirect but non of them works. Link to comment Share on other sites More sharing options...
Guest Posted April 29, 2011 Share Posted April 29, 2011 Judy, Your return path should be to checkout_process.php NOT checkout_confirmation.php, however I don't believe this will correct the issue. You should contact DPS for their latest API requirements. Chris Link to comment Share on other sites More sharing options...
asgc Posted April 30, 2011 Author Share Posted April 30, 2011 Hi Chris: Thank you for reply. I've already contact DPS and they are looking into it but don't know how long it takes. From my understanding the checkout step goes to: Checkout_shipping -> Checkout_payment -> Checkout_confirmation -> Checkout_Progress (which links to DPS merchant website, once it go through) -> Checkout_Success which will complete the whole order progress. Now, the problem is Checkout_Progress redirect back to Checkout_confirmation each time but not Checkout_Success. Meanwhile i will receive an e-mail saying Quote: Payment could not be completed - reference not found Invalid length for a Base-64 char array. Somehow i have a feeling it was my side that was having problem because my website got hacked not long ago so i got someone to do the cleaning up for me. This issue happened after the re-store website as he changed some path direction (i think) The guy who did the website is hard to get hold with. I've copy the progress and confirmation.php code underneath. So your help will be much appreciated, thank you <?php /* $Id: checkout_process.php,v 1.128 2003/05/28 18:00:29 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2007 osCommerce Released under the GNU General Public License */ include('includes/application_top.php'); // if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT)); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } if (!tep_session_is_registered('sendto')) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } // avoid hack attempts during the checkout procedure by checking the internal cartID if (isset($cart->cartID) && tep_session_is_registered('cartID')) { if ($cart->cartID != $cartID) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); } } include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS); // load selected payment module require(DIR_WS_CLASSES . 'payment.php'); $payment_modules = new payment($payment); // load the selected shipping module require(DIR_WS_CLASSES . 'shipping.php'); $shipping_modules = new shipping($shipping); require(DIR_WS_CLASSES . 'order.php'); $order = new order; require(DIR_WS_CLASSES . 'order_total.php'); $order_total_modules = new order_total; $order_totals = $order_total_modules->process(); // load the before_process function from the payment modules $payment_modules->before_process(); $sql_data_array = array('customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']); tep_db_perform(TABLE_ORDERS, $sql_data_array); $insert_id = tep_db_insert_id(); for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']); tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); } $customer_notification = (SEND_EMAILS == 'true') ? '1' : '0'; $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $order->info['comments']); tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); // initialized for the email confirmation $products_ordered = ''; $subtotal = 0; $total_tax = 0; for ($i=0, $n=sizeof($order->products); $i<$n; $i++) { // Stock Update - Joao Correia if (STOCK_LIMITED == 'true') { if (DOWNLOAD_ENABLED == 'true') { $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename FROM " . TABLE_PRODUCTS . " p LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa ON p.products_id=pa.products_id LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad ON pa.products_attributes_id=pad.products_attributes_id WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"; // Will work with only one option for downloadable products // otherwise, we have to build the query dynamically with a loop $products_attributes = $order->products[$i]['attributes']; if (is_array($products_attributes)) { $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'"; } $stock_query = tep_db_query($stock_query_raw); } else { $stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); } if (tep_db_num_rows($stock_query) > 0) { $stock_values = tep_db_fetch_array($stock_query); // do not decrement quantities if products_attributes_filename exists if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) { $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty']; } else { $stock_left = $stock_values['products_quantity']; } tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) { tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); } } } // Update products_ordered (for bestsellers list) tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'"); $sql_data_array = array('orders_id' => $insert_id, 'products_id' => tep_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']); tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array); $order_products_id = tep_db_insert_id(); //------insert customer choosen option to order-------- $attributes_exist = '0'; $products_ordered_attributes = ''; if (isset($order->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad on pa.products_attributes_id=pad.products_attributes_id where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'"; $attributes = tep_db_query($attributes_query); } else { $attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'"); } $attributes_values = tep_db_fetch_array($attributes); $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']); tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array); if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) { $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']); tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array); } $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name']; } } //------insert customer choosen option eof ---- $total_weight += ($order->products[$i]['qty'] * $order->products[$i]['weight']); $total_tax += tep_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty']; $total_cost += $total_products_price; $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n"; } // lets start with the email confirmation $email_order = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n"; if ($order->info['comments']) { $email_order .= tep_db_output($order->info['comments']) . "\n\n"; } $email_order .= EMAIL_TEXT_PRODUCTS . "\n" . EMAIL_SEPARATOR . "\n" . $products_ordered . EMAIL_SEPARATOR . "\n"; for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) { $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n"; } if ($order->content_type != 'virtual') { $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . tep_address_label($customer_id, $sendto, 0, '', "\n") . "\n"; } $email_order .= "\n" . EMAIL_TEXT_BILLING_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . tep_address_label($customer_id, $billto, 0, '', "\n") . "\n\n"; if (is_object($$payment)) { $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" . EMAIL_SEPARATOR . "\n"; $payment_class = $$payment; $email_order .= $order->info['payment_method'] . "\n\n"; if ($payment_class->email_footer) { $email_order .= $payment_class->email_footer . "\n\n"; } } tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); // send emails to other people if (SEND_EXTRA_ORDER_EMAILS_TO != '') { tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } // load the after_process function from the payment modules $payment_modules->after_process(); $cart->reset(true); // unregister session variables used during checkout tep_session_unregister('sendto'); tep_session_unregister('billto'); tep_session_unregister('shipping'); tep_session_unregister('payment'); tep_session_unregister('comments'); tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> and <?php /* $Id: checkout_confirmation.php,v 1.139 2003/06/11 17:34:53 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); // if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT)); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } // if there is nothing in the customers cart, redirect them to the shopping cart page if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); } // avoid hack attempts during the checkout procedure by checking the internal cartID if (isset($cart->cartID) && tep_session_is_registered('cartID')) { if ($cart->cartID != $cartID) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); } } // if no shipping method has been selected, redirect the customer to the shipping method selection page if (!tep_session_is_registered('shipping')) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); } if (!tep_session_is_registered('payment')) tep_session_register('payment'); if (isset($HTTP_POST_VARS['payment'])) $payment = $HTTP_POST_VARS['payment']; if (!tep_session_is_registered('comments')) tep_session_register('comments'); if (tep_not_null($HTTP_POST_VARS['comments'])) { $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']); } // load the selected payment module require(DIR_WS_CLASSES . 'payment.php'); $payment_modules = new payment($payment); require(DIR_WS_CLASSES . 'order.php'); $order = new order; $payment_modules->update_status(); if ( ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) || (is_object($$payment) && ($$payment->enabled == false)) ) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL')); } if (is_array($payment_modules->modules)) { $payment_modules->pre_confirmation_check(); } // load the selected shipping module require(DIR_WS_CLASSES . 'shipping.php'); $shipping_modules = new shipping($shipping); require(DIR_WS_CLASSES . 'order_total.php'); $order_total_modules = new order_total; $order_total_modules->process(); // Stock Check $any_out_of_stock = false; if (STOCK_CHECK == 'true') { for ($i=0, $n=sizeof($order->products); $i<$n; $i++) { if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) { $any_out_of_stock = true; } } // Out of Stock if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); } } require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_CONFIRMATION); $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="col_left"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </td> <!-- body_text //--> <td width="100%" class="col_center"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td> <?php if (isset($$payment->form_action_url)) { $form_action_url = $$payment->form_action_url; } else { $form_action_url = tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'); } echo tep_draw_form('checkout_confirmation', $form_action_url, 'post'); ?> <? tep_draw_heading_top();?> <? new contentBoxHeading_ProdNew($info_box_contents);?> <? tep_draw_heading_top_1();?> <br style="line-height:1px;"><br style="line-height:10px;"> <?php echo tep_draw_infoBox_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <?php if ($sendto != false) { ?> <td width="30%" valign="top"> <table border="0" width="100%" cellspacing="4" cellpadding="2"> <tr> <td class="main"><?php echo '<b>' . HEADING_DELIVERY_ADDRESS . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td> </tr> <tr> <td class="main"><?php echo tep_address_format($order->delivery['format_id'], $order->delivery, 1, ' ', '<br>'); ?></td> </tr> <?php if ($order->info['shipping_method']) { ?> <tr> <td class="main"><?php echo '<b>' . HEADING_SHIPPING_METHOD . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td> </tr> <tr> <td class="main"><?php echo $order->info['shipping_method']; ?></td> </tr> <?php } ?> </table> </td> <?php } ?> <td class="infoBox"><?php echo tep_draw_separator('spacer.gif', '1', '1'); ?></td> <td width="<?php echo (($sendto != false) ? '70%' : '100%'); ?>" valign="top"> <table border="0" width="100%" cellspacing="4" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <?php if (sizeof($order->info['tax_groups']) > 1) { ?> <tr> <td class="main" colspan="2"><?php echo '<b>' . HEADING_PRODUCTS . '</b> <a href="' . tep_href_link(FILENAME_SHOPPING_CART) . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td> <td class="smallText" align="right"><b><?php echo HEADING_TAX; ?></b></td> <td class="smallText" align="right"><b><?php echo HEADING_TOTAL; ?></b></td> </tr> <?php } else { ?> <tr> <td class="main" colspan="3"><?php echo '<b>' . HEADING_PRODUCTS . '</b> <a href="' . tep_href_link(FILENAME_SHOPPING_CART) . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td> </tr> <?php } for ($i=0, $n=sizeof($order->products); $i<$n; $i++) { echo ' <tr>' . "\n" . ' <td class="main" align="right" valign="top" width="30">' . $order->products[$i]['qty'] . ' x</td>' . "\n" . ' <td class="main" valign="top">' . $order->products[$i]['name']; if (STOCK_CHECK == 'true') { echo tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty']); } if ( (isset($order->products[$i]['attributes'])) && (sizeof($order->products[$i]['attributes']) > 0) ) { for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) { echo '<br><nobr><small> <i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value'] . '</i></small></nobr>'; } } echo '</td>' . "\n"; if (sizeof($order->info['tax_groups']) > 1) echo ' <td class="main" valign="top" align="right">' . tep_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n"; echo ' <td class="main" align="right" valign="top">' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . '</td>' . "\n" . ' </tr>' . "\n"; } ?> </table></td> </tr> </table> </td> </tr> </table> <?php echo tep_draw_infoBox_bottom();?> <br style="line-height:1px;"><br style="line-height:10px;"> <table cellpadding="0" cellspacing="0" border="0"><tr> <td class="main"><b><?php echo HEADING_BILLING_INFORMATION; ?></b></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr></table> <?php echo tep_draw_infoBox_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="30%" valign="top"><table border="0" width="100%" cellspacing="4" cellpadding="2"> <tr> <td class="main"><?php echo '<b>' . HEADING_BILLING_ADDRESS . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT_ADDRESS, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td> </tr> <tr> <td class="main"><?php echo tep_address_format($order->billing['format_id'], $order->billing, 1, ' ', '<br>'); ?></td> </tr> <tr> <td class="main"><?php echo '<b>' . HEADING_PAYMENT_METHOD . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td> </tr> <tr> <td class="main"><?php echo $order->info['payment_method']; ?></td> </tr> </table></td> <td class="infoBox"><?php echo tep_draw_separator('spacer.gif', '1', '1'); ?></td> <td width="70%" valign="top" align="right"> <table border="0" cellspacing="4" cellpadding="2"> <?php if (MODULE_ORDER_TOTAL_INSTALLED) { echo $order_total_modules->output(); } ?> </table></td> </tr> </table> <?php echo tep_draw_infoBox_bottom();?> <?php if (is_array($payment_modules->modules)) { if ($confirmation = $payment_modules->confirmation()) { ?> <table cellpadding="0" cellspacing="0" border="0"><tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main"><b><?php echo HEADING_PAYMENT_INFORMATION; ?></b></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr></table> <?php echo tep_draw_infoBox_top();?> <table border="0" cellspacing="0" cellpadding="2"> <tr> <td class="main" colspan="4"><?php echo $confirmation['title']; ?></td> </tr> <?php for ($i=0, $n=sizeof($confirmation['fields']); $i<$n; $i++) { ?> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $confirmation['fields'][$i]['title']; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $confirmation['fields'][$i]['field']; ?></td> </tr> <?php } ?> </table> <?php echo tep_draw_infoBox_bottom();?> <?php } } ?> <br style="line-height:1px;"><br style="line-height:10px;"> <?php if (tep_not_null($order->info['comments'])) { ?> <table cellpadding="0" cellspacing="0" border="0"><tr> <td class="main"><?php echo '<b>' . HEADING_ORDER_COMMENTS . '</b> <a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL') . '"><span class="orderEdit">(' . TEXT_EDIT . ')</span></a>'; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr></table> <?php echo tep_draw_infoBox_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><?php echo nl2br(tep_output_string_protected($order->info['comments'])) . tep_draw_hidden_field('comments', $order->info['comments']); ?></td> </tr> </table> <?php echo tep_draw_infoBox_bottom();?> <br style="line-height:1px;"><br style="line-height:10px;"> <?php } ?> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td align="right" class="main bg_input"> <?php if (is_array($payment_modules->modules)) { echo $payment_modules->process_button(); } echo tep_image_submit('button_confirm_order.gif', IMAGE_BUTTON_CONFIRM_ORDER) . "\n"; ?> </td> </tr> </table> <br style="line-height:1px;"><br style="line-height:10px;"> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%" align="right"><?php echo tep_draw_separator('pixel_silver.gif', '1', '5'); ?></td> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> </tr> </table></td> <td width="25%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td><?php echo tep_image(DIR_WS_IMAGES . 'checkout_bullet.gif'); ?></td> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> </tr> </table></td> <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '1', '5'); ?></td> </tr> </table></td> </tr> <tr> <td align="center" width="25%" class="checkoutBarFrom"><?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '" class="checkoutBarFrom">' . CHECKOUT_BAR_DELIVERY . '</a>'; ?></td> <td align="center" width="25%" class="checkoutBarFrom"><?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL') . '" class="checkoutBarFrom">' . CHECKOUT_BAR_PAYMENT . '</a>'; ?></td> <td align="center" width="25%" class="checkoutBarCurrent"><?php echo CHECKOUT_BAR_CONFIRMATION; ?></td> <td align="center" width="25%" class="checkoutBarTo"><?php echo CHECKOUT_BAR_FINISHED; ?></td> </tr> </table> <? tep_draw_heading_bottom_1();?> <? tep_draw_heading_bottom();?> </td> </tr> </table></form></td> <!-- body_text_eof //--> <td class="col_right"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--></body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Link to comment Share on other sites More sharing options...
asgc Posted May 2, 2011 Author Share Posted May 2, 2011 Still waiting for help. Thank you Link to comment Share on other sites More sharing options...
asgc Posted May 5, 2011 Author Share Posted May 5, 2011 can anyone help? still waiting Link to comment Share on other sites More sharing options...
Taipo Posted May 12, 2011 Share Posted May 12, 2011 It could be something more to do with the server configuration than a change in site code. After the floating point denial of service attack bug that was found in PHP, many web hosts after upgrading, installed Suhosin which is a module that hardens the security of PHP. In doing so they also put an end to a webserver receiving a long query string by limiting the length to 512 characters by default. If I remember correctly the DPS Px Pay server tries to send a base64 encoded string back to the server to confirm the order. That string can be up to and over 2000 characters long. If Suhosin has been installed it will clip that string to the first 512 characters which will in fact render it corrupted, which is I think, the message you are receiving. If you have phpinfo() access in your admin panel, have a look through the PHP settings for any mention of Suhosin. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.