Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

"Cannot add header information" error in general.p


halbert

Recommended Posts

I am trying to create a new payment gateway module for OSC and I'm oh-so-close but yet so far...

 

I have modified the Authorize.net module to match the fields and calls I need and in testing it allows me to go through the checkout past the checkout_confirmation page. However, right after that I get the following error:

 

Warning: Cannot add header information - headers already sent by (output started at /www/bcwebnet.com/customer_dir/frozenbert/www.frozenlightning.com/catalog/includes/modules/payment/exact.php:268) in /www/bcwebnet.com/customer_dir/frozenbert/www.frozenlightning.com/catalog/includes/functions/general.php on line 29

 

The gateway I'm using (E-xact) wants an url sent to it where it returns control back to OSC. It's in the process_button function:

 

    function process_button() {

     global $HTTP_POST_VARS, $order, $customer_id;



     $timestamp = GetTimeInstance();



     // Set ExactID

  $ExactID = MODULE_PAYMENT_EXACT_LOGIN;

  

  // Set type of transaction (from E-xact documentation)

  $transactiontype = 'Purchase';

  

  // $return_urls is where we want to return to in OSC after sending the

  // transaction info (ReceiveTransaction.php not required)

  // *** change to your own website URL ***

  $return_url = 'https://www.frozenlightning.com/catalog/checkout_process.php';



  // get the total to charge to the card

  $dollaramount = number_format($order->info['total'],2);

  

  // get E-xact encryption key

  $encryptedData = MerchantToExactKey(MODULE_PAYMENT_EXACT_PW, $timestamp, $ExactID, $transactiontype, $dollaramount);



    /* the following code is from the E-xact documentation. We don't use these calls

 // but are here for reference

 // <input type=hidden name='post_password' value='<?php echo($encryptedData); ?>'>

    // <input type=hidden name='post_datetime' value='<?php echo($timestamp); ?>'>

    // <input type=hidden name='post_ExactID' value='<?php echo($ExactID); ?>'>

    // <input type=hidden name='post_transactiontype' value='Purchase'>

    // <input type=hidden name='post_dollaramount' value='<?php echo($dollaramount); ?>'>

    // <input type=hidden name='post_method' value='ASP'>

    // <input type=hidden name='post_return_url' value='<?php echo($return_url); ?>'>

    // post_cardholdersname, post_card_number, post_expiry_month, post_expiry_year



    // these fields are not necessary but can be used if needed. If not they

    // can be deleted -- see E-xact documentation

    // <input type=hidden name='post_authorization_num' value=''>

    // <input type=hidden name='post_reference_no' value=''>

    // <input type=hidden name='post_sequenceno' value=''>

    // <input type=hidden name='post_verficationstr1' value=''>

    // <input type=hidden name='post_verficationstr2' value=''>

    // <input type=hidden name='post_udd1' value=''>

    // <input type=hidden name='post_udd2' value=''>

    // <input type=hidden name='post_udd3' value=''>

    // <input type=hidden name='post_udd4' value=''>

    // <input type=hidden name='post_udd5' value=''>

    */

 

     // now we construct the string to send to E-xact

     $process_button_string = tep_draw_hidden_field('post_password', $encryptedData) . 

                           tep_draw_hidden_field('post_datetime', $timestamp) . 

                           tep_draw_hidden_field('post_ExactID', $ExactID) . 

                           tep_draw_hidden_field('post_transactiontype', $transactiontype) . 

                           tep_draw_hidden_field('post_dollaramount', $dollaramount) . 

                           tep_draw_hidden_field('post_method', 'ASP') . 

                           tep_draw_hidden_field('post_return_url', $return_url) . 

                           tep_draw_hidden_field('post_cardholdersname', $order->customer['firstname'] . ' ' . $order->customer['lastname']) . 

                           tep_draw_hidden_field('post_card_number', $this->cc_card_number) . 

                           tep_draw_hidden_field('post_expiry_month', $this->cc_expiry_month) . 

                           tep_draw_hidden_field('post_expiry_year', substr($this->cc_expiry_year, -2)) . 

                           tep_draw_hidden_field('post_authorization_num', '') . 

                           tep_draw_hidden_field('post_reference_no', '') . 

                           tep_draw_hidden_field('post_sequenceno', '') . 

                           tep_draw_hidden_field('post_verficationstr1', '') . 

                           tep_draw_hidden_field('post_verficationstr2', '') . 

                           tep_draw_hidden_field('post_udd1', 'Online Purchases from frozenlightning.com') . 

                           tep_draw_hidden_field('post_udd2', 'a division of AMA Gems and Minerals') . 

                           tep_draw_hidden_field('post_udd3', '') . 

                           tep_draw_hidden_field('post_udd4', '') . 

                           tep_draw_hidden_field('post_udd5', '');



     // I think this is for OSC's internal security routines

     $process_button_string .= tep_draw_hidden_field(tep_session_name(), tep_session_id());



     return $process_button_string;

   }

 

The before_process function looks like this:

    function before_process() {

     global $HTTP_POST_VARS;



     // Use ExactToMerchange to check if response is correct

  $receiveHash = ExactToMerchantKey(MODULE_PAYMENT_EXACT_PW, $HTTP_POST_VARS['rqst_datetime'], $HTTP_POST_VARS['rqst_transaction_approved'], $HTTP_POST_VARS['rqst_authorization_num'], $HTTP_POST_VARS['rqst_dollaramount'], $HTTP_POST_VARS['rqst_AVS']);



      if ($receiveHash == $HTTP_POST_VARS['rqst_hash_value']) { // Confirmed secure response

        if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) {  // Transaction declined

          tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_DECLINED_MESSAGE), 'SSL', true, false));

        }

        elseif ($HTTP_POST_VARS['rqst_transaction_approved'] == 1) { // Transaction approved

          echo ('Transaction Approved!<br><br>' . $HTTP_POST_VARS['rqst_transaction_approved'] . '<br>' . $HTTP_POST_VARS['rqst_CTR']);

        }

      }

   else { // hash values don't match -- transaction not secure so ignore all responses

        tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_ERROR_MESSAGE), 'SSL', true, false));

      }

   }

 

Now what happens is the before_process function displays the credit transaction receipt, but at the bottom of the screen I get the error.

 

Can anyone suggest why this is happening? My guess is that the return from the E-xact gateway to checkout_process.php is somehow causing this, but my php and OSC skills aren't up to solving this myself.

 

Any help would be appreciated!

 

-al

Link to comment
Share on other sites

My php skills are that great either, but I belief your problem is in

 

if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) { // Transaction declined

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_DECLINED_MESSAGE), 'SSL', true, false));

}

elseif ($HTTP_POST_VARS['rqst_transaction_approved'] == 1) { // Transaction approved

echo ('Transaction Approved!<br><br>' . $HTTP_POST_VARS['rqst_transaction_approved'] . '<br>' . $HTTP_POST_VARS['rqst_CTR']);

}

 

why if transaction_approved/ Transaction declined

Link to comment
Share on other sites

Ahhh, good point. I had some other code that used to be after the "elseif" statement which I don't need any more.

 

But, alas, I still get the same error. :cry:

 

At least my code is cleaner! :D

 

It now reads:

       if ($receiveHash == $HTTP_POST_VARS['rqst_hash_value']) { // Confirmed secure response

        if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) {  // Transaction declined

          tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_DECLINED_MESSAGE), 'SSL', true, false));

        }

        else { // Transaction approved

          echo ('Transaction Approved!<br><br>' . $HTTP_POST_VARS['rqst_transaction_approved'] . '<br>' . $HTTP_POST_VARS['rqst_CTR']);

        }

      }

   else { // hash values don't match -- transaction not secure so ignore all responses

        tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_EXACT_TEXT_ERROR_MESSAGE), 'SSL', true, false));

      }

 

Thanks for your input.

 

-al

Link to comment
Share on other sites

if ($HTTP_POST_VARS['rqst_transaction_approved'] == 0) {  // Transaction declined

why if transaction_approved/ Transaction declined
0 is false, so what this is really saying is if NOT transaction_approved, then transaction is declined.

 

--Matt

Link to comment
Share on other sites

Just had another of those AHA moments :shock:

 

Turns out that the function in question is a redirect -- and you can't display anything (ie: text) before calling it. So what was happening is that my echo of the record contents (for debugging) was fouling it up.

 

Removed the echo'd text and it works!!

 

:biggrin:

 

Thanks for your input!

 

-al

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...