RookuhShay

Having experience many of the issue discussed in these threads, I tumbled through the code and cleared up the issues. Perhaps this Authorize.net code will help many users. - Use the contribution Authorize.net code - Replace authorizenet_aim.php module with the code below - Works with PHP 4, not tested in PHP 5 ********************* Begin Code ************************************************************** <?php /* $Id: authorizenet_aim.php 23rd August, 2006 18:50:00 Brent O'Keeffe $ Released under the GNU General Public License osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Original portions copyright 2003 osCommerce Updated portions copyright 2004 Jason LeBaron ([email protected]) Restoration of original portions and addition of new portions Copyright © 2006 osCommerce Updated portions and additions copyright 2006 Brent O'Keeffe - JK Consulting. ([email protected]) Updated portions of file MC January 2009 */ class authorizenet_aim { var $code, $title, $description, $enabled, $response; // class constructor function authorizenet_aim() { $this->code = 'authorizenet_aim'; if ($_GET['main_page'] != '') { $this->title = MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CATALOG_TITLE; // Module title in Catalog } else { $this->title = MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_ADMIN_TITLE; // Module title it Admin } $this->description = MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_DESCRIPTION; // Description of Module in Admin $this->enabled = ((MODULE_PAYMENT_AUTHORIZENET_AIM_STATUS == 'True') ? true : false); // If the module is installed or not $this->sort_order = MODULE_PAYMENT_AUTHORIZENET_AIM_SORT_ORDER; // Sort Order of this payment option on the checkout_payment.php page $this->form_action_url = tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', true); // checkout_process.php - page to go to on completion if ((int)MODULE_PAYMENT_AUTHORIZENET_AIM_ORDER_STATUS_ID > 0) { $this->order_status = MODULE_PAYMENT_AUTHORIZENET_AIM_ORDER_STATUS_ID; } if (is_object($order)) $this->update_status(); } function update_status() { global $order, $db; if ( ($this->enabled == true) && ((int)MODULE_PAYMENT_AUTHORIZENET_AIM_ZONE > 0) ) { $check_flag = false; $check_query = tep_db_query("select zone_id from " . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . MODULE_PAYMENT_AUTHORIZENET_AIM_ZONE . "' and zone_country_id = '" . $order->billing['country']['id'] . "' order by zone_id"); while ($check = tep_db_fetch_array($check_query)) { if ($check['zone_id'] < 1) { $check_flag = true; break; } elseif ($check['zone_id'] == $order->billing['zone_id']) { $check_flag = true; break; } } if ($check_flag == false) { $this->enabled = false; } } } // Validate the credit card information via javascript (Number, Owner, and CVV Lengths) function javascript_validation() { $js = ' if (payment_value == "' . $this->code . '") {' . "\n" . ' var cc_owner = document.checkout_payment.authorizenet_aim_cc_owner.value;' . "\n" . ' var cc_number = document.checkout_payment.authorizenet_aim_cc_number.value;' . "\n"; if (MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV == 'True') { $js .= ' var cc_cvv = document.checkout_payment.authorizenet_aim_cc_cvv.value;' . "\n"; } $js .= ' if (cc_owner == "" || cc_owner.length < ' . CC_OWNER_MIN_LENGTH . ') {' . "\n" . ' error_message = error_message + "' . MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_JS_CC_OWNER . '";' . "\n" . ' error = 1;' . "\n" . ' }' . "\n" . ' if (cc_number == "" || cc_number.length < ' . CC_NUMBER_MIN_LENGTH . ') {' . "\n" . ' error_message = error_message + "' . MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_JS_CC_NUMBER . '";' . "\n" . ' error = 1;' . "\n" . ' }' . "\n"; if (MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV == 'True') { $js .= ' if (cc_cvv == "" || cc_cvv.length < "3" || cc_cvv.length > "4") {' . "\n". ' error_message = error_message + "' . MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_JS_CC_CVV . '";' . "\n" . ' error = 1;' . "\n" . ' }' . "\n" . ' }' . "\n"; } return $js; } // Display Credit Card information on the checkout_payment.php page function selection() { global $order; for ($i=1; $i<13; $i++) { $expires_month[] = array('id' => sprintf('%02d', $i), 'text' => strftime('%B',mktime(0,0,0,$i,1,2000))); } $today = getdate(); for ($i=$today['year']; $i < $today['year']+10; $i++) { $expires_year[] = array('id' => strftime('%y',mktime(0,0,0,1,1,$i)), 'text' => strftime('%Y',mktime(0,0,0,1,1,$i))); } $selection = array('id' => $this->code, 'module' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CATALOG_TITLE, 'fields' => array(array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CREDIT_CARD_OWNER, 'field' => tep_draw_input_field('authorizenet_aim_cc_owner', $order->billing['firstname'] . ' ' . $order->billing['lastname'])), array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CREDIT_CARD_NUMBER, 'field' => tep_draw_input_field('authorizenet_aim_cc_number')), array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CREDIT_CARD_EXPIRES, 'field' => tep_draw_pull_down_menu('authorizenet_aim_cc_expires_month', $expires_month) . ' ' . tep_draw_pull_down_menu('authorizenet_aim_cc_expires_year', $expires_year)))); if (MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV == 'True') { $selection['fields'][] = array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CVV, 'field' => tep_draw_input_field('authorizenet_aim_cc_cvv','',"size=4, maxlength=4")); } return $selection; } // Evaluates the Credit Card Type for acceptance and validity of the Credit Card Number and Expiry Date function pre_confirmation_check() { require_once(DIR_WS_CLASSES . 'cc_validation.php'); $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['authorizenet_aim_cc_number'], $_POST['authorizenet_aim_cc_expires_month'], $_POST['authorizenet_aim_cc_expires_year'], $_POST['authorizenet_aim_cc_cvv']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ( ($result == false) || ($result < 1) ) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_aim_cc_owner=' . urlencode($_POST['authorizenet_aim_cc_owner']) . '&authorizenet_aim_cc_expires_month=' . $_POST['authorizenet_aim_cc_expires_month'] . '&authorizenet_aim_cc_expires_year=' . $_POST['authorizenet_aim_cc_expires_year']; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; } // Display Credit Card Information on the Checkout Confirmation Page function confirmation() { global $order; if (ereg('^4[0-9]{12}([0-9]{3})?$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Visa'; } elseif (ereg('^5[1-5][0-9]{14}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Master Card'; } elseif (ereg('^3[47][0-9]{13}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'American Express'; } elseif (ereg('^3(0[0-5]|[68][0-9])[0-9]{11}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Diners Club'; } elseif (ereg('^6011[0-9]{12}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Discover'; } $confirmation = array('fields' => array(array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CREDIT_CARD_TYPE, 'field' => $cc_type), array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CREDIT_CARD_OWNER, 'field' => $_POST['authorizenet_aim_cc_owner']), array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CREDIT_CARD_NUMBER, 'field' => $_POST['authorizenet_aim_cc_number']), array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CREDIT_CARD_EXPIRES, 'field' => $_POST['authorizenet_aim_cc_expires_month'] . substr($_POST['authorizenet_aim_cc_expires_year'], -2)))); if (MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV == 'True') { $confirmation['fields'][] = array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_CVV, 'field' => $_POST['authorizenet_aim_cc_cvv']); } return $confirmation; } function process_button() { // Hidden fields on the checkout confirmation page $process_button_string = tep_draw_hidden_field('authorizenet_aim_cc_owner', $_POST['authorizenet_aim_cc_owner']) . tep_draw_hidden_field('authorizenet_aim_cc_expires_month', $_POST['authorizenet_aim_expires_month']) . tep_draw_hidden_field('authorizenet_aim_cc_expires_year', $_POST['authorizenet_aim_expires_year'], -2) . tep_draw_hidden_field('authorizenet_aim_cc_type', $this->cc_card_type) . tep_draw_hidden_field('authorizenet_aim_cc_number', $this->cc_card_number) . tep_draw_hidden_field(tep_session_name(), tep_session_id()); if (MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV == 'True') { $process_button_string .= tep_draw_hidden_field('authorizenet_aim_cc_cvv', $_POST['authorizenet_aim_cc_cvv']); } return $process_button_string; } function before_process() { global $HTTP_POST_VARS, $order, $regs, $new_order_id; if (empty($this->cc_card_type)) { $this->pre_confirmation_check(); } // Create a variable that holds the order time $order_time = date("F j, Y, g:i a"); // Calculate the next expected order id MFC $last_order_id = tep_db_query("select * from " . TABLE_ORDERS . " order by orders_id desc limit 1"); $last_inv = tep_db_fetch_array($last_order_id); $new_order_id = $last_inv['orders_id'] + 1; // Populate an array that contains all of the data to be submitted $submit_data = array( 'x_login' => MODULE_PAYMENT_AUTHORIZENET_AIM_LOGIN, // The login name as assigned to you by authorize.net 'x_tran_key' => MODULE_PAYMENT_AUTHORIZENET_AIM_TXNKEY, // The Transaction Key (16 digits) is generated through the merchant interface 'x_relay_response' => 'FALSE', // AIM uses direct response, not relay response 'x_delim_char' => ',', 'x_delim_data' => 'TRUE', // The default delimiter is a comma 'x_version' => '3.1', // 3.1 is required to use CVV codes 'x_encap_char' => '"', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_AIM_AUTHORIZATION_TYPE == 'Authorize' ? 'AUTH_ONLY': 'AUTH_CAPTURE', 'x_method' => 'CC', 'x_amount' => number_format($order->info['total'], 2), 'x_card_num' => $_POST['authorizenet_aim_cc_number'], 'x_exp_date' => $_POST['authorizenet_aim_cc_expires_month'] . substr($_POST['authorizenet_aim_cc_expires_year'], -2), 'x_card_code' => $_POST['authorizenet_aim_cc_cvv'], 'x_email_customer' => MODULE_PAYMENT_AUTHORIZENET_AIM_EMAIL_CUSTOMER == 'True' ? 'TRUE': 'FALSE', 'x_email_merchant' => MODULE_PAYMENT_AUTHORIZENET_AIM_EMAIL_MERCHANT == 'True' ? 'TRUE': 'FALSE', 'x_cust_id' => $_SESSION['customer_id'], 'x_invoice_num' => $new_order_id, 'x_first_name' => $order->billing['firstname'], 'x_last_name' => $order->billing['lastname'], 'x_company' => $order->billing['company'], 'x_address' => $order->billing['street_address'], 'x_city' => $order->billing['city'], 'x_state' => $order->billing['state'], 'x_zip' => $order->billing['postcode'], 'x_country' => $order->billing['country']['title'], 'x_phone' => $order->customer['telephone'], 'x_email' => $order->customer['email_address'], 'x_ship_to_first_name' => $order->delivery['firstname'], 'x_ship_to_last_name' => $order->delivery['lastname'], 'x_ship_to_address' => $order->delivery['street_address'], 'x_ship_to_city' => $order->delivery['city'], 'x_ship_to_state' => $order->delivery['state'], 'x_ship_to_zip' => $order->delivery['postcode'], 'x_ship_to_country' => $order->delivery['country']['title'], 'x_description' => substr(STORE_NAME, 0, 255), 'x_test_request' => (MODULE_PAYMENT_AUTHORIZENET_AIM_TESTMODE == 'Test' ? 'TRUE' : 'FALSE'), 'Date' => $order_time, 'IP' => $_SERVER['REMOTE_ADDR'], 'Session' => tep_session_id()); $tax_value = 0; foreach ($order->info['tax_groups'] as $key => $value) { if ($value > 0) { $tax_value += $this->format_raw($value); } } if ($tax_value > 0) { $submit_data['x_tax'] = $this->format_raw($tax_value); } $submit_data['x_freight'] = $this->format_raw($order->info['shipping_cost']); // concatenate the submission data and put into variable $data foreach ($submit_data as $key => $value) { $data .= $key . '=' . urlencode(trim($value)) . '&'; } // Remove the last "&" from the string $data = substr($data, 0, -1); // Add items ordered to merchants email as merchant defined fields Order - Product model, Product name and Qty ordered MC if (MODULE_PAYMENT_AUTHORIZENET_AIM_EMAIL_MERCHANT == 'True' && MODULE_PAYMENT_AUTHORIZENET_AIM_ADD_ITEMS == 'True') { for ($i=0, $n=sizeof($order->products); $i<$n; $i++) { $x = $i + 1; $data .= '&item' . $x . '=' . urlencode($order->products[$i]['model']) . ' -|- ' . urlencode(substr($order->products[$i]['name'], 0, 255)) . ' -|- ' . urlencode($order->products[$i]['qty']); } } // Post order info data to Authorize.net // cURL must be compiled into PHP // Connection must be https // Test or Live Server address set // using 'Test' or 'Live' mode in // osCommerce admin panel // When working in test mode, a flag that is set to true, indicates transaction is a test. if (MODULE_PAYMENT_AUTHORIZENET_AIM_TESTMODE == 'Test') { $gateway_url = 'https://secure.authorize.net/gateway/transact.dll'; // Changed test mode url MC } else { $gateway_url = 'https://secure.authorize.net/gateway/transact.dll'; } $transaction_response = $this->sendTransactionToGateway($gateway_url, $data); if (!empty($transaction_response)) { $regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $transaction_response); foreach ($regs as $key => $value) { $regs[$key] = substr($value, 1, -1); // remove double quotes } } else { $regs = array('-1', '-1', '-1'); } // If the response code is not 1 (approved) then redirect back to the payment page with the appropriate error message // Added a few more error code values MC if ($regs[0] <> '1') { $ecode = ' Error Code: ' . $regs[2] . '. '; switch ($regs[2]) { case '6': $error = $ecode . ' The credit card number is invalid. '; break; case '7': $error = $ecode . ' The credit card expiration date is invalid. '; break; case '8': $error = $ecode . ' The credit card has expired. '; break; case '17': $error = $ecode . ' The merchant does not accept this type of credit card. '; break; case '28': $error = $ecode . ' The merchant does not accept this type of credit card. '; break; case '78': $error = $ecode . ' The Card Code (CVV2/CVC2/CID) is invalid. '; break; default: $error = $ecode . ' The credit card has a general error. '; break; } tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_DECLINED_MESSAGE1) . urlencode($error) . urlencode(MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_DECLINED_MESSAGE2), 'SSL', true, false)); } } function after_process() { global $regs, $new_order_id; // Store card type, last 4 digits of credit card number and expiration date. CVC code is not stored MFC if ($new_order_id < 1 || !is_array($regs)) return false; if (ereg('^4[0-9]{12}([0-9]{3})?$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Visa'; } elseif (ereg('^5[1-5][0-9]{14}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Master Card'; } elseif (ereg('^3[47][0-9]{13}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'American Express'; } elseif (ereg('^3(0[0-5]|[68][0-9])[0-9]{11}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Diners Club'; } elseif (ereg('^6011[0-9]{12}$', $_POST['authorizenet_aim_cc_number'])) { $cc_type = 'Discover'; } $cc_number = preg_replace('/[^0-9]/', '', $_POST['authorizenet_aim_cc_number']); $cc_number = str_repeat('X', strlen($cc_number) - 4) . substr($cc_number, -4); tep_db_query("UPDATE orders SET cc_type = '" . $cc_type . "', cc_owner = '" . $_POST['cc_owner'] . "', cc_number = '" . $cc_number . "', cc_expires = '" . $_POST['authorizenet_aim_cc_expires_month'] . substr($_POST['authorizenet_aim_cc_expires_year'], -2) . "' WHERE orders_id = " . $new_order_id . " LIMIT 1"); return false; } function get_error() { global $_GET; $error = array('title' => MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_ERROR, 'error' => stripslashes(urldecode($_GET['error']))); return $error; } function check() { if (!isset($this->_check)) { $check_query = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_AUTHORIZENET_AIM_STATUS'"); $this->_check = tep_db_num_rows($check_query); } return $this->_check; } function install() { tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Authorize.net AIM Module', 'MODULE_PAYMENT_AUTHORIZENET_AIM_STATUS', 'True', 'Do you want to accept Authorize.net payments via the AIM Method?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Login Username', 'MODULE_PAYMENT_AUTHORIZENET_AIM_LOGIN', 'Your User Name', 'The login username used for the Authorize.net service', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Transaction Key', 'MODULE_PAYMENT_AUTHORIZENET_AIM_TXNKEY', '16 digit key', 'Transaction Key used for encrypting TP data', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Transaction Mode', 'MODULE_PAYMENT_AUTHORIZENET_AIM_TESTMODE', 'Test', 'Transaction mode used for processing orders', '6', '0', 'tep_cfg_select_option(array(\'Test\', \'Live\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Authorization Type', 'MODULE_PAYMENT_AUTHORIZENET_AIM_AUTHORIZATION_TYPE', 'Authorize/Capture', 'Do you want submitted credit card transactions to be authorized only, or authorized and captured?', '6', '0', 'tep_cfg_select_option(array(\'Authorize\', \'Authorize/Capture\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Customer Notifications', 'MODULE_PAYMENT_AUTHORIZENET_AIM_EMAIL_CUSTOMER', 'False', 'Should Authorize.Net e-mail a receipt to the customer?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Merchant Notifications', 'MODULE_PAYMENT_AUTHORIZENET_AIM_EMAIL_MERCHANT', 'True', 'Should Authorize.Net e-mail a receipt to the merchant?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Merchant Notifications', 'MODULE_PAYMENT_AUTHORIZENET_AIM_ADD_ITEMS', 'True', 'Add items ordered to Merchants email?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Request CVV Number', 'MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV', 'True', 'Do you want to ask the customer for the card\'s CVV number', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_AUTHORIZENET_AIM_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, use_function, set_function, date_added) values ('Payment Zone', 'MODULE_PAYMENT_AUTHORIZENET_AIM_ZONE', '0', 'If a zone is selected, only enable this payment method for that zone.', '6', '2', 'tep_get_zone_class_title', 'tep_cfg_pull_down_zone_classes(', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Order Status', 'MODULE_PAYMENT_AUTHORIZENET_AIM_ORDER_STATUS_ID', '0', 'Set the status of orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('CURL Proxy URL', 'MODULE_PAYMENT_AUTHORIZENET_AIM_CURL_PROXY', 'none', 'CURL Proxy URL. Some hosting providers require you to use their CURL Proxy. Enter the full URL here. If Not necessary, use - none', '6', '0', now())"); } function remove() { tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')"); } function keys() { return array('MODULE_PAYMENT_AUTHORIZENET_AIM_STATUS', 'MODULE_PAYMENT_AUTHORIZENET_AIM_LOGIN', 'MODULE_PAYMENT_AUTHORIZENET_AIM_TXNKEY', 'MODULE_PAYMENT_AUTHORIZENET_AIM_TESTMODE', 'MODULE_PAYMENT_AUTHORIZENET_AIM_AUTHORIZATION_TYPE', 'MODULE_PAYMENT_AUTHORIZENET_AIM_EMAIL_CUSTOMER', 'MODULE_PAYMENT_AUTHORIZENET_AIM_EMAIL_MERCHANT', 'MODULE_PAYMENT_AUTHORIZENET_AIM_ADD_ITEMS', 'MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV', 'MODULE_PAYMENT_AUTHORIZENET_AIM_SORT_ORDER', 'MODULE_PAYMENT_AUTHORIZENET_AIM_ZONE', 'MODULE_PAYMENT_AUTHORIZENET_AIM_ORDER_STATUS_ID', 'MODULE_PAYMENT_AUTHORIZENET_AIM_CURL_PROXY'); //'MODULE_PAYMENT_AUTHORIZENET_AIM_METHOD' } function sendTransactionToGateway($url, $parameters) { $server = parse_url($url); if (isset($server['port']) === false) { $server['port'] = ($server['scheme'] == 'https') ? 443 : 80; } if (isset($server['path']) === false) { $server['path'] = '/'; } if (isset($server['user']) && isset($server['pass'])) { $header[] = 'Authorization: Basic ' . base64_encode($server['user'] . ':' . $server['pass']); } if (function_exists('curl_init')) { $curl = curl_init($server['scheme'] . '://' . $server['host'] . $server['path'] . (isset($server['query']) ? '?' . $server['query'] : '')); // ****** Added for Godaddy shared server ****** curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, TRUE); curl_setopt($curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); curl_setopt($curl, CURLOPT_PROXY, "http://proxy.shr.secureserver.net:3128"); // ****** End Modification ********** curl_setopt($curl, CURLOPT_PORT, $server['port']); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FORBID_REUSE, 1); curl_setopt($curl, CURLOPT_FRESH_CONNECT, 1); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, $parameters); $result = curl_exec($curl); curl_close($curl); } else { exec(escapeshellarg(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_CURL) . ' -d ' . escapeshellarg($parameters) . ' "' . $server['scheme'] . '://' . $server['host'] . $server['path'] . (isset($server['query']) ? '?' . $server['query'] : '') . '" -P ' . $server['port'] . ' -k', $result); $result = implode("\n", $result); } return $result; } // format prices without currency formatting function format_raw($number, $currency_code = '', $currency_value = '') { global $currencies, $currency; if (empty($currency_code) || !$this->is_set($currency_code)) { $currency_code = $currency; } if (empty($currency_value) || !is_numeric($currency_value)) { $currency_value = $currencies->currencies[$currency_code]['value']; } return number_format(tep_round($number * $currency_value, $currencies->currencies[$currency_code]['decimal_places']), $currencies->currencies[$currency_code]['decimal_places'], '.', ''); } } ?> ********************** End Code ************************************ Enjoy, RookuhShay

Hello, If you can find these two lines in your code: $this->response = explode('|', $response); // If the response code is not 1 (approved) then redirect back to the payment page with the appropriate error message if ($this->response[0] != '1') { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode($this->response[3]) . ' - ' . urlencode(MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_DECLINED_MESSAGE), 'SSL', true, false)); } } Change them to this: $this->response = explode(',', $response); // If the response code is not 1 (approved) then redirect back to the payment page with the appropriate error message if ($this->response[0] <> '1') { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode($this->response[3]) . ' - ' . urlencode(MODULE_PAYMENT_AUTHORIZENET_AIM_TEXT_DECLINED_MESSAGE), 'SSL', true, false)); } } Notice explode('|', $response); CHANGED TO explode(',', $response); AND if ($this->response[0] != '1') { CHANGED TO if ($this->response[0] <> '1') { When Authorize.net sends back there response, it's comma delimited not pipe. The != doesn't seem to function correctly on some servers. Hope this help. Enjoy, RookuhShay

Hello, Wondering, is your Athorize.net account in password require mode? Best, RookuhShay

Hello, Please refer to this link. http://www.oscommerce.com/forums/index.php?showtopic=311909 Best, RookuhShay

Hello, I am suggesting that you capture the payment string sent back from authorize.net. How to do this: Right after this lines: $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); if (!empty($transaction_response)) { $regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $transaction_response); Add this script: // begin logging of post variables, authorize.net request, and authorize.net response $myFile = "/home/your-path/file.txt"; $fh = fopen($myFile, 'a') or die("can't open file"); $stringData = "\nSENT: ".$post_string; fwrite($fh, $stringData); $stringData = "\nRESPONSE: ".$transaction_response; fwrite($fh, $stringData); foreach($HTTP_POST_VARS as $key => $value) { $stringData = "\nPOST: $key=$value"; fwrite($fh, $stringData); } fwrite($fh, "\nDone.\n"); fclose($fh); // end logging IMPORTANT!!! In this line... $myFile = "/home/your-path/file.txt"; make sure that you put the correct path. The WHOLE path...NOT JUST "www.mysite.com/catalog..." Its got to include the server path. You can find this information pretty much all over your site, but a quick dirty way to find this path, would be on the admin side. Log into your oscommerce administration and on the left side click: Tools > File Manager Up at the top under the heading "File Manager" you will see your full path. While you are in the file manager, create a new file in the path in which you want to store your logs called "file.txt". Use this path to the file. I recommend adding a few folders to try and hide the info a bit. Once you read the file, if you still need it, copy and past it to your local machine, but DO NOT under any circumstances, leave this info on your live server. That is a hackers paradise. DO NOT LEAVE IT THERE! DELETE IT IMMEDIATELY! Best, RookuhShay

Just Posting my response to interested parties. Hello, Let me go over a little background give a more of an understanding. Authorize.net has a field name x_line_item. You can include each of the line items in the payment string you submit the Authorize.net. Here is a little more information about the field: Itemized Order Information Based on your unique business requirements, you may choose to submit itemized order, or line item, information with each transaction. Itemized order information is not submitted to the processor and is not currently returned with the transaction response. However, this information is displayed on the Transaction Detail page and in the QuickBooks® download file reports in the Merchant Interface. For more information about these features, please see the Merchant Interface Online Help Files (after logging into the Merchant Interface, click the Help link in the top right corner of the page). Unlike most other integration settings for your account, this feature is not configured in the Merchant Interface. Please contact your Web developer for more information on how to submit detailed order information with transactions to the payment gateway. Which concludes this information is not included with the email sent to the merchant. Alternative method would be to include the item sku/model number in the x_description field name. This has it’s limitations. You are restricted to only 255 characters. If the string were to go beyond the 255 character limit, the information could be truncated or even cause credit card authorization issues. Not sure though. It leaves merchants with one last alternative, merchant define fields. Here’s a little bit about the field. Merchant-Defined Fields You may also choose to submit merchant-defined fields to further customize the information that is included with a transaction. Merchant-defined fields are any fields that are not recognized by the payment gateway as standard application programming interface (API) payment form fields. For example, you may want to provide a field in your checkout process where customers may provide specific shipping instructions or product color information. Merchant-defined fields are included with the transaction response and in the merchant confirmation email for the merchant’s records. However, they are not provided on the Transaction Detail page in the Merchant Interface. Contact your Web developer for more information on how to submit merchant-defined fields with transactions to the payment gateway. I added the fields at the end of the payment string that is submitted to Authorize.net. for ($i=0, $n=sizeof($order->products); $i<$n; $i++) { $x = $i + 1; $post_string .= '&item' . $x . '=' . urlencode($order->products[$i]['model']) . '|' . urlencode(substr($order->products[$i]['name'], 0, 255)) . '|' . urlencode($order->products[$i]['qty']); } This is a for loop that adds each of the items ordered to the payment string. ‘&item’ . $x is the defined field name. The x is incremented for each of the products ordered. A placed the above line just above these lines of code: switch (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://secure.authorize.net/gateway/transact.dll'; break; default: $gateway_url = 'https://secure.authorize.net/gateway/transact.dll'; break; } $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); As you can see $post_string is the payment string varible used to send information to Authorize.net. Example of an email: (Full email not shown) ======= ADDITIONAL INFORMATION ====== Tax : Duty : Freight : 6.50 Tax Exempt : PO Number : ========== MERCHANT DEFINED ========= item1 : FC-6235|24% Lead Crystal Cow|3 item2 : FC-1905-SR|24% Lead Crystal Red Rose with Stand|1 item3 : FC-1405-K|24% Lead Crystal Cello|1 The define fields show up in the email just below the Additional Information. Item1, item2 and item3 are the define fields. If a customer ordered 10 products there would be item1 – item10. This email is the email sent to the merchant for authorize.net when an order is placed. Providing the optiion is checked. Best, RookuhShay

Hello, I would take a look at the return string from authorize.net. It may contain the answer to your issue and help solve your problem. Best, RookuhShay

Try uninstalling the module from Oscommerce. Download the original authorizenet_cc_aim.php when you first installed Oscommerce overwriting the authorizenet_cc_aim.php on the server and reinstalled it. I ran into a simular situation, this cured it. RookuhShay

Hello, Have you tried capturing the information sent back from Authorize.net and looking at it? RookuhShay

Could you relay which authorize.net module you are using? RookuhShay

In the Payment module authorizenet_cc_aim.php find the function function before_process() Add // Calculate the next expected order id $last_order_id = tep_db_query("select * from " . TABLE_ORDERS . " order by orders_id desc limit 1"); $last_inv = tep_db_fetch_array($last_order_id); $new_order_id = $last_inv['orders_id'] + 1; Just after line global $HTTP_POST_VARS, $customer_id, $order, $sendto, $currency; Near the top. Then Add line: x_invoice_num => $new_order_id, Just after lines: x_phone => $order->customer['telephone'], x_email => $order->customer['email_address'], x_cust_id => $_SESSION['customer_id'], in the same function. Enjoy, RookuhShay

Hey Everyone, This afternoon I ran into this error: There has been an error processing your credit card. Please try again and if problems persist, please try another payment method. I started to trace through every line of code line for line, I couldn't imagine what was causing this error to appear. Like most programmers I came here researched the problem, found ideas but not a soild solution. I'm using the Authorize.net AIM module bundled in with osCommerce v2.2 RC2a. I had to modify the module a little: curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, TRUE); curl_setopt($curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); curl_setopt($curl, CURLOPT_PROXY, "http://proxy.shr.secureserver.net:3128"); I'm on a Godaddy Server. I came upon a script to see what I was sending and view the respone. From there I was able to determine the exact error. I had to make a couple of other modifications to the module: 1. Added x_password => MODULE_PAYMENT_AUTHORIZENET_CC_AIM_PASSWORD, 2 Added tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Password', 'MODULE_PAYMENT_AUTHORIZENET_CC_AIM_PASSWORD', '', 'The Password for the Authorize.net service', '6', '0', now())"); just under MODULE_PAYMENT_AUTHORIZENET_CC_AIM_LOGIN_ID in the function install() section 3. In function keys() you need to add , 'MODULE_PAYMENT_AUTHORIZENET_CC_AIM_PASSWORD' just after 'MODULE_PAYMENT_AUTHORIZENET_CC_AIM_LOGIN_ID' that is if you decide to place it in the same place as I. You have to save it. Before uploading it to your server. Please be sure to uninstall the unmodified Aim module first. Now upload the modified one to your server and install it. I found, I have my account set in password protected mode. In order to get a transaction through, I need to supply the password. This may be the case for some, if not most users experening this very situation. Best, RookuhShay