BluePay

[Sheryl]

Before BluePay will verify our account, I need to hide the BMC being passed to them when using the form method post. Is there code available for this? I am lost and having been spending waaaay to many hours trying to do this. Please help!!! :unsure:

[Guest]

http://www.oscommerce.com/community/contributions,993/page,2

 

The_Bear

[Sheryl]

Wonderful!!! Thank you so much for your speedy response!!! :D

[Sheryl]

:( Unfortunately, this is the module that I had installed. My problem is that this prints as a hidden tag the merchant BMC code, so that anyone doing a view source can retrieve the BMC. BluePay is now requiring that this information be hidden or saved to hidden file not accessable through the browser. Is there such a fix available?

[anti_flag_666]

I am having the same problem. Obviously somebody has got the bluepay modules to work... please share with us.

[Sheryl]

Hi Craig. I received your email. We are still in the same boat. I have inquired for help with a programmer friend and this is his response to the problem.

 

"Can you run perl scripts on the server? If so, I think I can do this. I found some cgi scripts which will read and write form data to a database file in CSV format.

 

Since (I assume) there could conceivably be multiple orders taking place simultaneously, the database would be necessary (instead of a single file posted). We can tag the DB entries with the order number so that they can be retrieved. The fields in the DB would be the hidden input values. The database can be hidden on the server at any path location using chmod. I'm not exactly sure how to pull the .php files back into this, but I can figure that out."

 

I know, sorry not much help. Please let me know if you find a solution for this!! Much appreciated!!!!

[Guest]

Whats a BMC? I run bluepay but they havent said anything to me

[anti_flag_666]

BMC is the Merchant code. It's one of the hidden fields that is sent to ODC, it tells which account to process the transactions under.

 

You've had no problems? What kind of setup do you have? (server os, php version etc...) I'm almost ready to pay to have this exposed merchant code thing figured out.

 

-Craig

[Guest]

I am currently working on a fix for this problem. It may involve putting a script on a secure server which receives the form fields from the checkout page and adds the BMC code before "posting" to Bluepay. This may meet their requirements. More later.

[Guest]

I don't understand why people say that somebody can see the hidden field if the page is displayed in SSL (HTTPS) ?

 

If you try to get the source of that you can't.

 

Is that right or am I missing something here ?

[tanda5]

you are wrong. The person that is logged intot the ssl can right click and choose view source or edit>view source and see the info in the hidden fields in the html code. The hidden tag only means it does not appear on the form only in the source. I wrote a encrypt php page and i encrypted the page and every thing is secure and it still send info to Bluepay. But for some reason i am unable to get the redirect back to eith the success or decline pages.