halbert Posted July 8, 2003 Share Posted July 8, 2003 I am trying to create a new payment gateway module for OSC and I'm oh-so-close but yet so far... I have modified the Authorize.net module to match the fields and calls I need and in testing it allows me to go through the checkout past the checkout_confirmation page. However, right after that I get the following error: Warning: Cannot add header information - headers already sent by (output started at /www/bcwebnet.com/customer_dir/frozenbert/www.frozenlightning.com/catalog/includes/modules/payment/exact.php:268) in /www/bcwebnet.com/customer_dir/frozenbert/www.frozenlightning.com/catalog/includes/functions/general.php on line 29 The gateway I'm using (E-xact) wants an url sent to it where it returns control back to OSC. It's in the process_button function: function process_button() { global $HTTP_POST_VARS, $order, $customer_id; $timestamp = GetTimeInstance(); // Set ExactID $ExactID = MODULE_PAYMENT_EXACT_LOGIN; // Set type of transaction (from E-xact documentation) $transactiontype = 'Purchase'; // $return_urls is where we want to return to in OSC after sending the // transaction info (ReceiveTransaction.php not required) // *** change to your own website URL *** $return_url = 'https://www.frozenlightning.com/catalog/checkout_process.php'; // get the total to charge to the card $dollaramount = number_format($order->info['total'],2); // get E-xact encryption key $encryptedData = MerchantToExactKey(MODULE_PAYMENT_EXACT_PW, $timestamp, $ExactID, $transactiontype, $dollaramount); /* the following code is from the E-xact documentation. We don't use these calls // but are here for reference // <input type=hidden name='post_password' value='<?php echo($encryptedData); ?>'> // <input type=hidden name='post_datetime' value='<?php echo($timestamp); ?>'> // <input type=hidden name='post_ExactID' value='<?php echo($ExactID); ?>'> // <input type=hidden name='post_transactiontype' value='Purchase'> // <input type=hidden name='post_dollaramount' value='<?php echo($dollaramount); ?>'> // <input type=hidden name='post_method' value='ASP'> // <input type=hidden name='post_return_url' value='<?php echo($return_url); ?>'> // post_cardholdersname, post_card_number, post_expiry_month, post_expiry_year // these fields are not necessary but can be used if needed. If not they // can be deleted -- see E-xact documentation // <input type=hidden name='post_authorization_num' value=''> // <input type=hidden name='post_reference_no' value=''> // <input type=hidden name='post_sequenceno' value=''> // <input type=hidden name='post_verficationstr1' value=''> // <input type=hidden name='post_verficationstr2' value=''> // <input type=hidden name='post_udd1' value=''> // <input type=hidden name='post_udd2' value=''> // <input type=hidden name='post_udd3' value=''> // <input type=hidden name='post_udd4' value=''> // <input type=hidden name='post_udd5' value=''> */ // now we construct the string to send to E-xact $process_button_string = tep_draw_hidden_field('post_password', $encryptedData) . tep_draw_hidden_field('post_datetime', $timestamp) . tep_draw_hidden_field('post_ExactID', $ExactID) . tep_draw_hidden_field('post_transactiontype', $transactiontype) . tep_draw_hidden_field('post_dollaramount', $dollaramount) . tep_draw_hidden_field('post_method', 'ASP') . tep_draw_hidden_field('post_return_url', $return_url) . tep_draw_hidden_field('post_cardholdersname', $order->customer['firstname'] . ' ' . $order->customer['lastname']) . tep_draw_hidden_field('post_card_number', $this->cc_card_number) . tep_draw_hidden_field('post_expiry_month', $this->cc_expiry_month) . tep_draw_hidden_field('post_expiry_year', substr($this->cc_expiry_year, -2)) . tep_draw_hidden_field('post_authorization_num', '') . tep_draw_hidden_field('post_reference_no', '') . tep_draw_hidden_field('post_sequenceno', '') . tep_draw_hidden_field('post_verficationstr1', '') . tep_draw_hidden_field('post_verficationstr2', '') . tep_draw_hidden_field('post_udd1', 'Online Purchases from frozenlightning.com') . tep_draw_hidden_field('post_udd2', 'a division of AMA Gems and Minerals') . tep_draw_hidden_field('post_udd3', '') . tep_draw_hidden_field('post_udd4', '') . tep_draw_hidden_field('post_udd5', ''); // I think this is for OSC's internal security routines $process_button_string .= tep_draw_hidden_field(tep_session_name(), tep_session_id()); return $process_button_string; } The before_process function looks like this: function before_process() { global $HTTP_POST_VARS; // Use ExactToMerchange to check if response is correct $receiveHash = ExactToMerchantKey(MODULE_PAYMENT_EXACT_PW, $HTTP_POST_VARS['rqst_datetime'], $HTTP_POST_VARS['rqst_transaction_approved'], $HTTP_POST_VARS['rqst_authorization_num'], $HTTP_POST_VARS['rqst_dollaramount'], $HTTP_POST_VARS['rqst_AVS']); if ($receiveHash == $HTTP_POST_VARS['rqst_hash_value']) { // Confirmed secure response if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) { // Transaction declined tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_DECLINED_MESSAGE), 'SSL', true, false)); } elseif ($HTTP_POST_VARS['rqst_transaction_approved'] == 1) { // Transaction approved echo ('Transaction Approved!<br><br>' . $HTTP_POST_VARS['rqst_transaction_approved'] . '<br>' . $HTTP_POST_VARS['rqst_CTR']); } } else { // hash values don't match -- transaction not secure so ignore all responses tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_ERROR_MESSAGE), 'SSL', true, false)); } } Now what happens is the before_process function displays the credit transaction receipt, but at the bottom of the screen I get the error. Can anyone suggest why this is happening? My guess is that the return from the E-xact gateway to checkout_process.php is somehow causing this, but my php and OSC skills aren't up to solving this myself. Any help would be appreciated! -al Link to comment Share on other sites More sharing options...
Guest Posted July 8, 2003 Share Posted July 8, 2003 My php skills are that great either, but I belief your problem is in if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) { // Transaction declined tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_DECLINED_MESSAGE), 'SSL', true, false)); } elseif ($HTTP_POST_VARS['rqst_transaction_approved'] == 1) { // Transaction approved echo ('Transaction Approved!<br><br>' . $HTTP_POST_VARS['rqst_transaction_approved'] . '<br>' . $HTTP_POST_VARS['rqst_CTR']); } why if transaction_approved/ Transaction declined Link to comment Share on other sites More sharing options...
halbert Posted July 8, 2003 Author Share Posted July 8, 2003 Ahhh, good point. I had some other code that used to be after the "elseif" statement which I don't need any more. But, alas, I still get the same error. :cry: At least my code is cleaner! :D It now reads: if ($receiveHash == $HTTP_POST_VARS['rqst_hash_value']) { // Confirmed secure response if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) { // Transaction declined tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_DECLINED_MESSAGE), 'SSL', true, false)); } else { // Transaction approved echo ('Transaction Approved!<br><br>' . $HTTP_POST_VARS['rqst_transaction_approved'] . '<br>' . $HTTP_POST_VARS['rqst_CTR']); } } else { // hash values don't match -- transaction not secure so ignore all responses tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_ERROR_MESSAGE), 'SSL', true, false)); } Thanks for your input. -al Link to comment Share on other sites More sharing options...
Guest Posted July 8, 2003 Share Posted July 8, 2003 if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) { // Transaction declined why if transaction_approved/ Transaction declined0 is false, so what this is really saying is if NOT transaction_approved, then transaction is declined. --Matt Link to comment Share on other sites More sharing options...
Guest Posted July 8, 2003 Share Posted July 8, 2003 Have you tried printing all the POST variables to see if they have reasonable values? Good luck, Matt Link to comment Share on other sites More sharing options...
halbert Posted July 9, 2003 Author Share Posted July 9, 2003 Just had another of those AHA moments :shock: Turns out that the function in question is a redirect -- and you can't display anything (ie: text) before calling it. So what was happening is that my echo of the record contents (for debugging) was fouling it up. Removed the echo'd text and it works!! :biggrin: Thanks for your input! -al Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.