Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

sending data to merchant account


knifeman

Recommended Posts

we are using this payment module to connect to Sage Payments

http://sage-osc.com/module1.php

 

After awhile of using this module, I found out that there is a slight problem.

If a customer enters an address like this:

512 Mary's Way

 

The address sent to Sage is this:

512 Mary/'s Way

 

That slash messes up the Sage website when it is time to settle our batch. I can post some code if need be, but I am unsure of where to begin preventing the slashes.

 

Can anyone point me in the right direction?

 

Tim

 

 

This is what I believe to be pertinent code from includes/payment/modules...

//Sets the order number and hidden fields
function process_button() {
  global $_POST, $order;
  //assigns an orderID
  $query = tep_db_query("select * from " . TABLE_ORDERS . " order by orders_id desc limit 1");
$last_order_id = tep_db_fetch_array($query);
$new_order_id = $last_order_id['orders_id'];
$new_order_id = ($new_order_id + 1);

   $process_button_string =
						   tep_draw_hidden_field('M_id', MODULE_PAYMENT_NET1_MERCHANT_ID) .
						   tep_draw_hidden_field('M_key', MODULE_PAYMENT_NET1_MERCHANT_KEY) .
						   tep_draw_hidden_field('T_amt', number_format($order->info['total'], 2)) .
						   tep_draw_hidden_field('T_ordernum', $new_order_id) .
						   tep_draw_hidden_field('C_cardnumber', $this->cc_card_number) .
						   tep_draw_hidden_field('C_exp', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) .
						   tep_draw_hidden_field('C_name', $order->billing['firstname'] . ' ' . $order->billing['lastname']) .
						   tep_draw_hidden_field('C_address', $order->billing['street_address']) .
						   tep_draw_hidden_field('C_city', $order->billing['city']) .
						   tep_draw_hidden_field('C_state', $order->billing['state']) .
						   tep_draw_hidden_field('C_zip', $order->billing['postcode']) .
						   tep_draw_hidden_field('C_email', $order->billing['email']) .
						   tep_draw_hidden_field('C_cvv', $_POST['net1_cc_cvv']) .
						   tep_draw_hidden_field('T_code', "02");
 return $process_button_string;

}//end process_button
function before_process() {
   global $_POST;
   $eftsecure_url = 'https://xxxxxxx.net/cgi-bin/eftBankcard.dll?transaction';
 //should be set from the admin panel
$data = "M_id=" . MODULE_PAYMENT_NET1_MERCHANT_ID;  //merchant id
 $data .= "&M_key=" . MODULE_PAYMENT_NET1_MERCHANT_KEY;  //merchant key
 /*Encode data to be sent.
 This stuff was grabbed from the earlier creation of
 the process_button_string (those little hidden input fields)
 */
 $data .= "&T_amt=" . urlencode( $_POST['T_amt'] );
 $data .= "&C_name=" . urlencode( $_POST['C_name'] );
 $data .= "&C_address=" . urlencode( $_POST['C_address'] );
 $data .= "&C_city=" . urlencode( $_POST['C_city'] );
 $data .= "&C_state=" . urlencode( $_POST['C_state'] );
 $data .= "&C_zip=" . urlencode( $_POST['C_zip'] );
 $data .= "&C_email=" . urlencode( $_POST['C_email'] );
 $data .= "&C_cardnumber=" . urlencode( $_POST['C_cardnumber'] );
 $data .= "&C_exp=" . urlencode( $_POST['C_exp'] );
 $data .= "&T_code=02";  //transaction type indicator
 //curl procedures
 $ch = curl_init(); //initialize the CURL library.
 curl_setopt($ch, CURLOPT_URL, $eftsecure_url); // set the URL to post to.
 curl_setopt($ch, CURLOPT_POST, 1); // tell it to POST not GET (you can GET but POST is //preferred)
 curl_setopt($ch, CURLOPT_POSTFIELDS, $data); // set the data to be posted.
 /* this tells the library to return the
  data to you instead of writing it to a file */
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 $res = curl_exec($ch); // make the post.
 curl_close($ch); // shut down the curl library.

Link to comment
Share on other sites

It's happening here with urlencode in your code below:

 

 $data .= "&T_amt=" . urlencode( $_POST['T_amt'] );
 $data .= "&C_name=" . urlencode( $_POST['C_name'] );
 $data .= "&C_address=" . urlencode( $_POST['C_address'] );
 $data .= "&C_city=" . urlencode( $_POST['C_city'] );
 $data .= "&C_state=" . urlencode( $_POST['C_state'] );
 $data .= "&C_zip=" . urlencode( $_POST['C_zip'] );
 $data .= "&C_email=" . urlencode( $_POST['C_email'] );
 $data .= "&C_cardnumber=" . urlencode( $_POST['C_cardnumber'] );
 $data .= "&C_exp=" . urlencode( $_POST['C_exp'] );
 $data .= "&T_code=02";

 

You'll want to check to see if you have magic quotes enabled on your server. If it's not, doing so should resolve the issue. If you are unable to change that setting, you'll need to add a stripslashes() function in there. ;)

 

Hope that helps!

 

Peace,

Chris

Link to comment
Share on other sites

Thanks Chris,

 

I tried exactly what you proposed, but it made no difference.

My Merchant provider was no help, they want me to put a mesasage on my site for customers to not enter special characters. of course that is not the solution either.

 

Tim

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...