After struggling for some time with an issue using the authorize.net payment module I have been able to narrow down an issue on GoDaddy servers. I am curious if others are having the same or a different experience. I have read the many posts on the topic here as well as on CRE Loaded forums, and have worked extensively with CRE Loaded support. Here is what I have learned.
On or about line 260, the file includes/modules/payment/authorizenet.php parses a string and sets a variable equal to the first value and calls it $x_response_code. It then compares that variable to the string literal "1". If there is no match the transaction is voided out and the appropriate error is supposed to be displayed. If it does match the voiding out process is skipped and the transaction is kept.
What I have experienced is simply that in no case will this test ever produce a match between a variable derived from an exploded string and a string literal. Since none of the matches work correctly the "undefined error" message is the only one that ever appears. And since the original code inadvertently eliminates the text message returned by authorize.net no additional information is ever displayed.
To overcome the issue I have simply created a "test set" of variables from a derived array and compare to them rather than to string literals. While this works it is just a very curious thing to me why a derived "abc" would be considered not equal to a string literal "abc". I found this to be the case with all comparison methods, BTW. Everything from strcmp to != acts the exact same way. Anyone with insight is welcome to educate me. For those experiencing the same issue who would like to test my fix, here are my changes (search the code for "YBOTI" to have all changes pointed out:
function before_process() {
global $response,$insert_id;
// Change made by using ADC Direct Connection
// YBOTI - this parses "1" and looses vars [1, 2, and 3] so it is commented out
/*$response_vars = $response[0]);
$x_response_code = $response_vars[0];
$x_response_subcode = $response_vars[1];
$x_response_reason_code = $response_vars[2];
$x_response_reason_text = $response_vars[3];*/
// YBOTI - Build an array of test variables
$possible_vars = explode(',', '"1", "2", "3", ""');
$x_approved = $possible_vars[0];
$x_cvv_error = $possible_vars[1];
$x_declined = $possible_vars[2];
$x_no_reason = $possible_vars[3];
// YBOTI - now build variables with all necessary parameters
$x_response_code = $response[0];
$x_response_subcode = $response[1];
$x_response_reason_code = $response[2];
$x_response_reason_text = $response[3];
//check to see if the value is encapsulated; if so, remove
$x_response_code = str_replace('|', '', $x_response_code);
if ($x_response_code != $x_approved) { // YBOTI - Note variable compared in place of literal
tep_db_query("delete from " . TABLE_ORDERS . " where orders_id = '" . (int)$insert_id . "'"); //Remove order
if($x_response_code == $x_no_reason) { // YBOTI - Note variable compared in place of literal
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode('The server cannot connect to Authorize.net. Please check your cURL and server settings.'), 'SSL', true, false));
} else if($x_response_code == $x_cvv_error) { // YBOTI - Note variable compared in place of literal
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode($x_response_text) . urlencode(' (' . $x_response_reason_text . ') - ') . urlencode(MODULE_PAYMENT_AUTHORIZENET_TEXT_DECLINED_MESSAGE), 'SSL', true, false));
} else if($x_response_code == $x_declined) { // YBOTI - Note variable compared in place of literal
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode('There was an error processing your credit card ') . urlencode(' - (' . $x_response_reason_code . '): ' . $x_response_reason_text), 'SSL', true, false));
} else {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode('There was an unspecified error processing your credit card!'), 'SSL', true, false));
}
}
}