Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Problem Capturing Credit Card Details


thall89553

Recommended Posts

Posted

Hello, I am almost finished setting up this site www.mts-diesel.com and have a problem.

 

During the checkout process when a credit card is entered in the Payment page (checkout_payment.php) page the details of the credit, ie. name, number, exp. date, cvv,etc. are NOT showing up OR getting recorded in the database.

 

BUT...if during the confirmation of the order, checkout_confirmation.php, someone chooses to edit the payment method and goes back to the checkout_payment.php page and reenters a credit card, then that second attempt does go through fine and gets entered in the database w/out a problem.

 

Can someone think why from the first time being entered the credit card does not get included,.but after editing the payment method during the confirmation process it does???

 

The only contribution I believe I've added to my store relative to this issue would be that for the 3 digit cvv number but I'm pretty certain I installed that correctly.

 

Thanks for any and all help & guidance on this.

 

Tom

Posted

PCI Compliance

 

It's a link - click it.

 

Have you read up on the subject before you get your a$$ in the proverbial sling?

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Posted

I may have found the issue. I had customized the form for the payment details and believe left out <input type="radio" name="payment" value="cc" />

 

I changed it to a hidden field and the cc details seem to take now of first attempt. ;-)

 

Would this missing form element be the reason for my problem?

Posted

PCI Compliance

 

It's a link - click it.

 

Have you read up on the subject before you get your a$$ in the proverbial sling?

 

 

Hello Jim,

 

Thank you for bringing this to my attention, you may well have saved my a$$. I've read up on the subject and it seems to me that it is pointless even taking credits cards in the checkout process - IS THAT CORRECT?

 

Am I to understand that the best method of taking payment is to use some 3rd Party company such as Pay Pal,etc?

 

Or could my client take the orders w/out the 3-digit cvv and contact them for it each order?

 

Again thanks for saving my butt.

Posted

PCI compliance isn't cheap or easy.

 

There is a current thread in another part of the forum now that suggests the starting cost may be as high as $10k.

 

That's why most chose an offset processor like Paypal, etc.

 

True, they get a "slice of your pie", but you still get most of the pie.

 

That's better than no pie at all.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Posted

PCI compliance isn't cheap or easy.

 

There is a current thread in another part of the forum now that suggests the starting cost may be as high as $10k.

 

That's why most chose an offset processor like Paypal, etc.

 

True, they get a "slice of your pie", but you still get most of the pie.

 

That's better than no pie at all.

 

I'll be damn... ;-) I've spent quite a bit of time on this project and thought I was almost there. I can only hope that going another route will not be all that difficult for me. Thanks Jim

Posted

You can also use an online payment gateway like for instance authorize.net or PayPal Pro (and there are many other alternative providers too), then the customer enter the cc info on the website but its not stored in the db only transmitted and processed in real time via the payment gateway. This allows you to conform to a "lower" level of PCI compliance which is can be done at much lower "cost".

 

Read this info from someone having gone through that process.

Posted

Hi

In Australia we have a number of banks with their own gateways so there is no in between. I am unsure if this is the case in other places. The customer leaves your site completes transaction at the bank and then returns to your checkout process.

You never touch the card. My customers seem very happy with it as they recognise the branding of a well known bank.

It may be worth contacting some banks direct and see what they offer.

Posted

The easiest way to do this is to set up a merchant account with your bank and buy an SSL certificate for your site, then install any one of the credit card payment modules.

It's all PCI, you're ass is not in some proverbial sling (wtf?). Don't let panic merchants or sling-dwellers tell you otherwise. It's cheap, and it's easy.

OSC User Definitions

"I can add modules to OSC" = I can search, cut and paste. But not well, or I wouldn't be here.

"I start my posting with 'works like a charm' = I'm letting you down gently, nothing works and I have no idea why

"I finish postings with "plzzzz....hlp" = My installation is buggered and I know I'm going to have to pay someone, but I really, really don't want to.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...