Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

ttm

Archived
  • Posts

    13
  • Joined

  • Last visited

Everything posted by ttm

  1. Another customer has told me about that problem, there is no OrderHash in the post because it's returning a falta error and the error is that the StoreFrontID is not configured properly, my customer solved it by checking the storefrontID, both in the osCommerce admin panel and in the HSBC CPI, there was something wrong there. You can also modify the hsbc_return.php to show the error when it says hacking attempt. Regards
  2. Hello, To check whether a hash key is valid or not, you must use the TestHash program, there are two versions, the C one and the Java one, if you use them with the same input data and get different result values, then the Hash key provided by HSBC is a duff one, 100% guaranteed. They use the Java version in their servers, I supose there is a problem with the C library and some hash keys. Regards.
  3. Hello, Thanks must go to Lynda Howard, she paid me to develop the module and allowed me to make it public ;-) Also I must thank all the people that has hired me to install and customize the module, I have got a nice revenue from that, so I think is fair to update the module and release it again. Regards.
  4. Hello, Richandzhaoyan is 100% right, the order is stored in oscommerce in a "hidden" post from HSBC to the shop, so the order is stored even the user closes the browser after the payment is done. If it doesn't work for you, check your setup and the modifications you have done to the module because I can guarantee 100% that works that way. Regarding the module, I have performed several modifications I plan to publish soon, also I have made some modifications for a customer to allow him choose which error codes are treated as "pending" orders, that means the order will be stored even if the error code is <> 0. My plan is to release an updated version in 1/2 weeks. Regards.
  5. Just I quick note: If you remove the before_process line from the checkout_process file, your shop will not work with any payment module, just this one because you are processing the order in the return, not in the internal post made by the cpi... Regards.
  6. Hello, I think with few modifications could run, but the time it takes to execute the java version it's infinite higher than the C one, also, most servers (afaik) doesn't run java, so... The portion of code to change is when setting the LD_LIBRARY_PATH (not needed) and executing the testhash.e, I think results dumped out are in the same format. Regards.
  7. Hello, all: I'm Jos? Le?n, the developer of this contribution, here are some clarifications regarding the module: -- Regarding the 2 step on checkout_process.php, this is only valid for Lynda's shop, it has some modifications that vary from the standard code, in any case, that line is to make match the order_id sent to the HSBC CPI with the order is being created when the order is processed, in the standard MS2 code, search for this line in checkout_process.php: $insert_id = tep_db_insert_id(); And add this line just below: if (!empty($_POST['OrderId'])) $insert_id=$_POST['OrderId']; So it will look this way: $insert_id = tep_db_insert_id(); if (!empty($_POST['OrderId'])) $insert_id=$_POST['OrderId']; I don't have tested it throughtly but must work ;-) -- Regarding the path where the TestHash.e is located, is hardcoded into the hsbc.php module, right here: //Path where the TestHash.e executable is located $path='/home/virtual/site131/fst/var/www/cgi-bin'; Yes, this is the path from the root, exactly as PHP sees the file system, so it can find it. If you have a virtual server you can place the executables and .so on any dir, and that dir must have execution permissions for everyone, or at least, for the apache user. The problem with the HSBC Payment module is that you need to use an .so file to generate the HASH based on the user's private key, I have used the TestHash.e ready compiled executable to allow anyone which gets the module to use it, instead to write an entire new C program to generate that HASH. For those of you who doesn't know, there is a C version and a Java version, I supose you will prefer to use the C version in most cases. So TestHash.e is the "production" code, because it just generates the hash, the only thing I need to call the CPI properly. Regarding the Java code..., well, is an option, but is faster to use the C version. -- Regarding what you will need also to make it work, is the CPI kit you get when you contract the HSBC CPI, in this kit you will get the TestHash.e and the .so, needed to generate the hash which authenticates you against the CPI -- I hope it helps! Regards --
×
×
  • Create New...