chadcloman

Thank you , thank you, thank you for figuring out that it was a trim issue. Spent hours on this problem for a (non-osCommerce) script that I maintain. EDIT: In my case it appears to be an extra newline, not padded spaces. But trim() works either way.

Found this out today, fortunately before too many orders were missed, and thought I'd post it here. I changed some of the session settings and ran into a problem with Authorize.net processing. What would happen is that the user would go to the Authorize.net screen, enter the data, then would get logged out and be returned to the store's login page. The order would not be finalized by checkout_process.php, and there would be no record of the order in osCommerce. But the customer would be charged by Authorize.net. Turned out that, because of the way the Authorize.net SIM payment module works, certain session settings break the order processing I fixed the problem by changing these session values to false in the osCommerce admin pages: Check SSL Session ID Check IP Address Check User Agent Not totally sure if "Check User Agent" absolutely has to be false, but it's working now and I don't want to break it again.

For those having problems making version 4 work (especially with whitelists), here are the fixes: In catalog/personal/index.php, lines 9, 24, and 40: Change the single quotes surrounding the filename to double quotes Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT) Change "../../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../../") In catalog/includes/secret.php, line 11: Change the single quotes surrounding the filename to double quotes Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT) Change "../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../") Also, there is a problem if the very last entry in the whitelist doesn't have a trailing newline. That entry is skipped. So when you add IPs to the whitelist, be sure the last line has a newline. For better security, I recommend creating an .htaccess file in the "catalog/banned" directory with the following line: Deny from all

The partial approval requirement is what worries me. The version of osCommerce that I'm using (2.2rc2a) does not handle partial payments, at least not that I'm aware of. Is this something that's in a later version (or is in the works)?