Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Recommended Posts

Posted

Before BluePay will verify our account, I need to hide the BMC being passed to them when using the form method post. Is there code available for this? I am lost and having been spending waaaay to many hours trying to do this. Please help!!! :unsure:

Posted

:( Unfortunately, this is the module that I had installed. My problem is that this prints as a hidden tag the merchant BMC code, so that anyone doing a view source can retrieve the BMC. BluePay is now requiring that this information be hidden or saved to hidden file not accessable through the browser. Is there such a fix available?

  • 4 weeks later...
Posted

Hi Craig. I received your email. We are still in the same boat. I have inquired for help with a programmer friend and this is his response to the problem.

 

"Can you run perl scripts on the server? If so, I think I can do this. I found some cgi scripts which will read and write form data to a database file in CSV format.

 

Since (I assume) there could conceivably be multiple orders taking place simultaneously, the database would be necessary (instead of a single file posted). We can tag the DB entries with the order number so that they can be retrieved. The fields in the DB would be the hidden input values. The database can be hidden on the server at any path location using chmod. I'm not exactly sure how to pull the .php files back into this, but I can figure that out."

 

I know, sorry not much help. Please let me know if you find a solution for this!! Much appreciated!!!!

Posted

Whats a BMC? I run bluepay but they havent said anything to me

Posted

BMC is the Merchant code. It's one of the hidden fields that is sent to ODC, it tells which account to process the transactions under.

 

You've had no problems? What kind of setup do you have? (server os, php version etc...) I'm almost ready to pay to have this exposed merchant code thing figured out.

 

-Craig

  • 2 months later...
Posted

I am currently working on a fix for this problem. It may involve putting a script on a secure server which receives the form fields from the checkout page and adds the BMC code before "posting" to Bluepay. This may meet their requirements. More later.

  • 2 weeks later...
Posted

I don't understand why people say that somebody can see the hidden field if the page is displayed in SSL (HTTPS) ?

 

If you try to get the source of that you can't.

 

Is that right or am I missing something here ?

Posted

you are wrong. The person that is logged intot the ssl can right click and choose view source or edit>view source and see the info in the hidden fields in the html code. The hidden tag only means it does not appear on the form only in the source. I wrote a encrypt php page and i encrypted the page and every thing is secure and it still send info to Bluepay. But for some reason i am unable to get the redirect back to eith the success or decline pages.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...