Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.


  • Content count

  • Joined

  • Last visited

1 Follower

About ribs

  • Birthday 02/12/1976

Profile Information

  • Real Name
    Neil Westlake
  • Gender
  • Location
  • Interests
    I specialise in HSBC secure e-payments integration with osCommerce. Both CPI & API modules developed
  • Website
  1. Hi Dave, They are correct, why would you want to pay twice? You'll pay HSBC £25 pm for the merchant account but you won't use their gateway, and then you'll pay ProTX £20 pm to provide a gateway. The only reason I can see why you would use ProTX in the first place is if your bank doesn't have their own gateway. HSBC does and it works really well. Like you said, their are paid for modules out there that integrate into HSBC's API system, this is far superior to the CPI system that has been discussed over 50 odd pages here. The API doesn't require HASH keys or hidden posts back from HSBC to work. Look at it this way, if you use HSBC and ProTX you'll be paying £45 pm (£20 extra) just because a Free module for ProTX is available, in the first year its going to cost you £240.00. Why not save that money and just put it towards a proper supported API module that works with osCommerce and HSBC. Regards Neil
  2. Hi, The debate about which payment module is the best would go on forever and there would never be a clear winner. We have developed professional payment modules that use the HSBC API system and the ProTX Direct method. Both have their advantages. I have a customer that's currently using SecPay who is changing to HSBC because of problems with SecPay. There are two sides of every story, if your using an open source payment module to integrate with either of these services then ProTX Direct wins, this doesn't mean ProTX is better it's just that no one has developed an open source integration for HSBC API. As a developer I neither favor HSBC or ProTX, they are both excellent payment systems. ProTX does come out on top slighlty as it has a better testing environment. As a user, they are both the same as far as usage, they take the customers payment and put the money in your bank. The main difference here is the reliability, as Rhea stated ProTX have had some really bad unforgivable problems lately, whereas HSBC as far as I know have only had one problem I'm aware of in the past 3 years. So in summary, if you're developing a module from scratch then ProTX direct is much easier. If you're an end user then HSBC seems more reliable but doesn't have a free open module. Hope this helps. Regards Neil Westlake PS. I'm comparing ProTX direct to HSBC API. Not the ProTX Form to HSBC CPI. ProTX Direct and HSBC API allows for total integration into your store, including accepting, settling and credting payments all from within your store. ProTX Form and HSBC CPI requires customers to enter their payment details on either ProTX's or HSBC's site. You must then login to the relevent merchant site to settle or credit payments.
  3. Ribs, you're the man.

  4. Hi Tamlyn, The problem you're having is very common with the HSBC CPI system. What is happening is the return (hidden) post from HSBC which executes checkout_process.php is either not getting there (not likely) or it's not able to complete the script correctly. The most common problems are: java/ in your spiders.txt file Check IP address is set to true backend (configuration|sessions) An error in your checkout_process.php script. Your on a 1and1 server, I could never get it to work with them, maybe things have changed. If after going through thoses suggestions you are still having problems then you may want to get some help. Regards Neil Westlake
  5. Ok I have to confess that I have no experience with downloadable products as I have never used them in an osCommerce store. But it does sound logical, if the product is downloadable then there is obviously no need for a delivery address. I think Ali has hit the nail right on the head with this one. Don, I think you'll need to do some testing to figure exactly where and why the problem occurs. Your HSBC module is setup incorreclty but is probably done this way because the return post that updates the order never gets received (1and1 servers have this problem). Regards Neil Westlake
  6. The HSBC module should automatically update the order in osCommerce regardless of whether or not the customer returns from HSBC. If the delivery address is empty then you've got a bug that is causing the delivery address details not to populate correctly. As far as I know there is no way for the customer to have a blank delivery address. Regards Neil Westlake
  7. What you could do, is install the master password contribution (Master Password) then try logging in as the problem customer. You'll see on the checkout confirmation page if the delivery address is missing or not. Neil Westlake
  8. Rhea, That post has nothing to do with Johns problem, in fact it's the complete opposite. My understanding is he has the money but no order. The post you link to refers to a problem where there is an order but no money. This problem and similar has been around for a while now but is not an issue if the payment module is written correctly. Neil Westlake
  9. Hi John, It seems highly unlikely that someone is using your account to process payments. If they are then they would need the following to do it: Your HSBC Merchant ID Your Hash Key Have you contacted the purchaser as this sounds more like a failed return from HSBC which has caused the order not to show up in the backend. Check if there is an account matching the order in osCommerce. If there is no account for the customer then I would be worried. Neil Westlake
  10. Hi, If your managing to get to HSBC then you can probably assume your hash key is working correctly. It sounds like your missing the return error message, check the url as it should be there. This will give you a better idea what is wrong. It's most likely that you have an "Invalid Data Error", if this is the case call HSBC and find out what the invalid data is. Best of Luck Neil Westlake
  11. Ted, If you don't have control over the server and the PHP setup allows it then you must use the putenv("LD_LIBRARY_PATH=$path"); statment. Regards Neil Westlake By the way, you only need to use libCcCpiTools.so and testhash.e.
  12. Lynda, We had a similar problem a while ago when one of servers rebooted the time was an hour out. Check to make sure the time on the server is correct as HSBC only allow a 1 hour difference. Saying that, this normally causes an invalid data error. Neil Westlake
  13. Hi, If they don't match then that's the problem. The hacking attempt it only displayed if either the hash doesn't match or doesn't get generated (which is basically the same thing as it doesn't match). It's not uncommon for HSBC to issue incorrect HASH keys, check to make sure the hash key you entered is exactly the same as the one provided by HSBC as even a one character difference will cause this problem. Neil Westlake
  14. Your configure file should be set as follows: define('HTTP_SERVER', 'http://www.chillows.co.uk'); // define('HTTP_CATALOG_SERVER', 'http://www.chillows.co.uk'); define('HTTPS_CATALOG_SERVER', 'https://www.chillows.co.uk'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module It doesn't matter if you use a non trusted root certifcate, all HSBC is interested in is seeing a post from a https URL. Neil Westlake
  15. Hi, The SSL error you are getting is exactly as you said. The SSL was issued to chillows.co.uk but your site's URL is www.chillows.co.uk. You could change the configure.php file and remove the www from the HTTPS_CATALOG_SERVER path, this will at least cure that problem. With regards to the HSBC hacking attempt problem, unfortunately the SSL is not the problem and this is most likely caused by the Hash key not be generated or is incorrect. Good luck Neil Westlake