Jump to content


  • Content count

  • Joined

  • Last visited

Posts posted by richandzhaoyan

  1. Thanks for the reply Tom.


    Your answers were what I expected, nice to have it confirmed though.


    So far, I am very happy to be making the change from HSBC to Protx and alot of that is down to the simplicity/ease of install of this contribution and the regular updating of this thread by yourself and others (namely Vger).


    Many thanks again for your work on this,



  2. Hi Tom,


    I have taken the plunge and decided to switch from HSBC to Protx.


    After having installed your payment module and now having it working in test mode, I have a couple of questions.


    Firstly, regarding the order number/tx code. Due to the fact that I was using a random order number generator with HSBC, when I reset osC to use the auto increment order numbers, I have had to start from 10000000. This means that the protx tx code was too long. I have reduced your randomly generated number from 32 down to 26. Is there any reason why you opted for a 32 digit number, presumably it was the maximum length you could fit into the tx code, along with the order number. The longest being the most secure. I am guessing that reducing the length should not have any impact on how the module works but would be happier if you could confirm this.


    Secondly, due to the fact that with our business we sometimes have items that we have to order items in to complete orders and on occassions there may be a lengthy delay in completing the backorders, I have opted to use the "Authenticate/Authorise" transaction type rather than "Deffered/Release" (as these transactions automatically cancel after 30 days). Everything seems to be working fine but I have a query about the admin orders page. When the order is made, I can view the order in admin and authorise or cancel it, but after authorising it I only get the option to Repeat it (which I dont need). It is only after trying to Repeat the order (not currently working for me) that I get option to Refund the order. Having looked at admin/orders_protx.php I see that this is how you have designed it and the process is working as it should but is there any reason I cannot skip the Repeat option and jump straight to Refund for an already authorised order?




  3. Thanks for the reply Tom.


    Reading the Protx blurb again, it does only state that "you may be required to undergo an audit" so I guess judging by what they have told you, it is unlikely.


    I am certainly considering the switch from HSBC to Protx as I really need to simplify the payment processing for my site.




  4. I would recommend Direct wholeheartedly - the customer gets a better experience - they never leave your site, you don't need to mess around with custom templates.


    The admin allows you the void/release/repeat/authorise/refund payments etc


    No card details are stored on your site at all so that's still not a problem.


    The only requirements are that you have SSL (dedicated or shared) and cURL installed on the server.





    Hi Tom,


    I am currently using HSBC but am looking to change over to Protx as I really need osC admin to authorise payments (would save a huge amount of time) however I am concerned that the Protx website states that to use VSP Direct you will need:-


    Certification under the PCI audit. As credit card details are collected by you and not by Protx, you may be required to undergo an audit to ensure that credit card data is kept secure.


    I believe that you mentioned above that you had been in contact with Protx about this and that the PCI audit was not a concern... Is this true? And if so why not?


    TIA for any input and thanks for all the work you (and others) have put into this contribution.




  5. Yikes!!!



    Just a warning to others=>


    I had an uninvited spider on my site last night, busy adding items to his cart, so I uploaded the latest version of spiders.txt avaialable from the contributions section.


    Today, NO ORDERS online......


    Ran a test order through as far as reaching the HSBC page earlier in the day with no trouble so figured all was well, just very quiet (put it down to the weather - Kind of warm). Unfortunately I did not carry on to complete the order.


    I was monitoring the user tracking during the day and sure enough it was quiet.


    However, come tonight, happened to just fire up user tracking as someone went through to complete an order - finally I thought.... BUT, no confirmation e-mail sent to me and no order registered in admin.


    So, ran another test order through to completion and sure enough same result - or lack of it!!!


    Replaced the spiders.txt with the one I was using before and ...... no problem, back to normal and working fine.


    There are alot of wildcards used in the latest spiders.txt and one of them must be blocking HSBCs return post. Had a quick look but cant figure which it is but thought it might be worth posting the warning.


    Anyone else come across similar problems?


    Anyhow, luckily only two payments with no order details gone through today so only two customers to phone and explain the problems to in the morning.......




  6. Ok, I dont really want to get involved, but.......


    What exactly is a douche bag?????


    I think it may be best if I point out a couple of things here,


    Posts on this forum by Chemo (Bobby) :- 2000+


    Posts by Tehbizness (Jacob) :- 7 (At leasts three of which are purely relating to something called a douche bag and variously sized vaginas!) :D


    Time for a little respect to the more experienced dont you think??


    Take a look at this contribution..... First made available in January and already up to 46 pages long tells you that it is important. AND, no, it is not because it is difficult to implement, on the contrary, it is one of the quickest and easiest to install. Its just that novices, like myself, have had to ask a few questions to which we have recieved very quick replies, and that it has evolved greatly over a short period of time, thanks again to Bobby, due to other users input.


    As is mentioned everywhere on this forum, osC is community driven, its free for f*cks sake and we owe all the contributors a great deal.


    With this in mind, I appreciate how hard you may be working... I am a shopkeeper trying to set myself up online in my spare time, generally with a couple of hours after 10pm when my lad has gone to bed.... Read some more threads, there are plenty of others doing the same, BUT..... If you have not got the time to read the 46 pages of this thread in full, spare a thought for Bobby before you get into a slanging match..... He has posted around half of this thread. This means he has not only read all of it, he has debugged many peoples sites (bugs not related to this contrib) and modified this contribution 3 or 4 times already!


    Sure, you are entitled to post "please help" threads on the off chance, I have done it myself but if you get an answer count yourself lucky! You know that with thousands of people using osC your question has more than likely been answered before - you just got to spend a few minutes finding that answer.




    Deep Breaths, Im calming down,


    Finally, if you have made it this far, who here has not already found that this contribution is increasing their search engine statistics? AFAICS it is the single most (quickly implented) contribution to higher search engine placings and therefore more traffic.


    With this in mind, how many have scrolled down the instructions to Bobbys Paypal donation box? I know this may sound like a plug, but think about your incoming orders.... Whos responsible? Please send him a small percentage. Not only does he work tirelessly answering your problems, but he also passes some of his donations onto the osC development team. Surely this will benefit us all in the end.


    Ok, I am off to get my coat now, :thumbsup:




  7. Hi guys,


    I have just installed the Quick Update contribution, evolved from the Quick Price Update, and quite frankly it is brilliant. It will save me hours. Many thanks again to anyone who has inputted to this particular contibution.


    The only problem I have is that, being from the UK, I need to work on prices including tax as opposed to excluding tax. ie, gross price as opposed to net.


    I have scoured the forum and most threads related to these contributions ends with somebody asking the same question - can it be used with gross prices - and no answers.


    Therefore, I am guessing that I am going to have to look into it myself!! :'(


    As my coding skills are limited, to say the least, I just thought I would post in the vain hope that somebody has already managed this.


    If not, Ill give it a try......


    Stoke me a clipper, Ill be back for x-mas!




  8. Paul (Paulshutt),


    Yes, its late and I am probably stating the obvious but are you installing the latest version of the mod? See previous posts by Vger with directions, it is available from the Qadram site as opposed to the osC contributions area.


    Have you got this line in your hsbc_return.php


    if (!empty($_POST['MerchantData'])) $_GET['osCsid']=$_POST['MerchantData'];


    just above




    Also, check your config files are set correct. These can cause problems with the session ids - I am confused as to why opening another broswer window should affect things and its making me think that something is amiss in your setup. There are plenty of threads on this in the forums but just let me know if you need an example posted/emailed.


    If all else fails, pm me tomorrow and I will email you my hsbc and hsbc_return files.


    Well, I watched "The Ring" on the box tonight and very bl**dy scary film it maybe, it just doesnt compare on the nightmare front to the nights I spent installing HSBC!! :P




  9. Paul (Fourbit),


    Nice reply - Glad I could be of assistance :thumbsup:


    Now, it seems the both of us are making a couple of assumptions.


    But, if you have 2000+ items, you don't have a clue what the customer wanted


    I do have 2000+ items listed and I dont see what relevance this has to the way HSBC works. As stated above, if you want to know what your customers are doing then (personally) I would use the mod suggested above, recover cart, and the user tracking mod. I dont see how this issue is related to payment as the customer has for whatever reason not paid.


    But, instead, accepted my name as being Jesse James and my address as Tombstone, Az


    This sounds serious - not wanting to jump to any conclusions- have you approched HSBC about it? If so, what was there reply. I am certainly not aware of a problem, any time a different address is entered, or even one that is not in a correct/recognisable state it gets placed in review.


    Now, after all that, have you ever Ok'd a transaction that was put in "review" status? Only to find that the only thing you now know, is the total amount of the transaction. That is fine if all you have is one product. But, if you have 2000+ items, you don't have a clue what the customer wanted. Now, you have a dilemma. If the purchase had been posted before the customer left the site. You would be able to change the order status. And all's well.


    Sorry - I dont have a freakin clue what you are on about in this instance. I "ok" review transactions every day. I know everything about the order because as soon as HSBC accept the order (even if still pending review) the hidden post inserts the order in the DB. Thus, I have the printed orders with the ordered items, customers address, shipping adress, telephone number,etc,etc all sitting in front of me when I make the decision. What is the problem with that??? Where is the dilemma?


    The only situation that I have come across that may be what you are trying to describe is when an order is taken by HSBC and the hidden post does not get back to osC. Since having been with HSBC I have taken in the region of 2000 orders and this has happened twice. (Not a high percentage) Now, what caused these two instances I dont know but with regards to accepting the payment, placed in review or otherwise, well, how can you accept a payment for an order without sending it?? You cant! So, you have the customers name from HSBC, you have there account details so you phone them or e-mail them. Again, no problem.


    If you are p**ssed because this is occurring regularly then I would suggest you take a good look at your setup - it should not be happening.


    Once again, for anyone else considering joining up with HSBC - After 9 months and a couple of thousand transactions, I have had only two attempted chargebacks, both of which fell through (in one case it appeared that the items were ordered by the son/daughter of the cardholder without his knowledge and in the other the customer claimed we had charged twice and this was not the case) and I have had three genuinely fraudulent orders. One as mentioned HSBC did not accept due to the e-mail address - This guy is still e-mailing me asking where his order has got to!! - The other two were placed in review and were pretty obviously high risk - expensive items - a quick phone call was enough to prove that the cardholder did not know anything about the order.


    So, again, I am happy :D - If your not sort it out yourself - As Vger said, your attitude doesnt really entice me to offer any more assistance.


    Rant over, goodnight,



  10. Hi Paul,


    Just to re-emphasise what Vger posted. The HSBC mod does not create an order before the payment has been made - This would not make sense as if the customer chooses to cancel the transaction from the HSBC page then he/she gets returned to the checkout process and you do not need a completed order.


    What does happen is that the minute the customer makes the payment, on the HSBC site, HSBC sends a "hidden post" back to your osC site confirming the transaction and placing the order. This means that althought the customer is prompted to return to your site, they do not need to for the order to be placed.


    With regards to the HSBC review system, once setup correctly, I have to admit it does work rather well. I am guessing that the reason your "dodgy" address went through ok is that you are still running in test mode. I seem to remember that they dont actually check the card or address until you switch to live.


    Basically, HSBC will accept, proivisionally any transaction where any the address is incorrect but they place it in a review state. You have to personally accept it - if in doubt call the customer to verify things. If the card number is known to be fraudulent then they do not accept the transaction at all and you cannot do anything about it.


    Just recently I have had an order placed that was declined by HSBC as the e-mail address of the customer was known to be used before in fraudulent cases - this was useful as there was no way of me knowing.


    All in all, after using them now for about 11 months, and after a lot of initial teething problems, I would indeed sing their praises and say its worth the agro of getting it setup.




  11. Greg,


    Cant think of the answer right now as its late and its been a long time since I installed this but YES, your order numbers should tie up.


    Something is not quite right. If you havent sussed it by tomorrow and nobody else comes up with the answer I will delve back through my workings.


    If your going to be handling alot of orders this is something that needs to be right, trust me!




  12. Hi Bobby,


    Firstly, thanks again for what is now already proving to be a great contribution. Exactly what I was after, product/category names in the URL with an easy install and no great impact on the way osC operates.


    The results are are almost instantly noticeable and one small mod lifts the SEO for every page - in my case 3000+ products and rising rapidly!


    I would just like to ask a couple of questions about the page rank/duplicate content/original page url situation.


    As my site has been fully indexed before fitting this contribution the top categories have a page rank of 4, the sub cats 3 and most products 2.


    Obviously I would like this page rank to cross over to the new urls and I am guessing this will happen in time anyhow but, more importantly, what is the implication of having duplicate urls? I believe you mentioned earlier in the thread that this is something you are looking at but can you explain in reasonably plain english what the concerns/effects of having to seperate urls may be. Obviously I am a bit concerned that the duplicate content problem may render my whole site to be universally dumped by google!!


    Are my concerns misplaced? Can you offer any hope?


    Going on the current improvement in rankings, particularly with msn (which have been awsome) I certainly want to stick with this contribution,


    Thanks again,


  13. Wow Neil,


    That was some quick response with just the answer I was after. Many thanks, I will get the above fix installed straight away to get my orders showing in the correct way. I knew there must be a way of doing this but after having stared at orders.php for a good while I was not too confident about changing things.


    I think I may well change over to your order numbering system as well.


    Cheers again Neil,



  14. Hi Guys,


    Just after a bit of advice regarding order id numbers.


    All is working well with my set up but I am still using the original contribution. This means that my order numbers are created using the format jjjhhmmssr, where j is the three digit juliet number for the day of the year, hh is hour, mm is minute, ss is second and r is random.


    This all worked fine until a couple of months ago when the day of the year got up too high and caused MySql to overload!! This was sorted by changing the Integer to a BigInt which apparently allowed the database to count a bit higher. :D


    Now however, we are into 2005 and my orders are all appearing way back down the list as the order numbers are smaller than what they were at the end of 2004!!


    I've a couple of questions, firstly is anyone using the fix that Neil suggested on page 11 of this thread, namely something along these lines:-


    // Generate Random Order ID if not already set



    while (get_order_id() > 0);

    $insert_id = $rndnum;




    $insert_id = $order_id;




    If so, what kind of order number does this produce and is it sequential? As far as I can tell it is going to knock out a completly random order number which is going to make things hard to find on the orders page - which appears to list orders by order number rather than date purchased.


    Another option I am looking at is just putting the year in front of the order, leading to yyjjjhhmmssr - however this makes it an even bigger order number!!


    I see that the order string used by jose leon originally was along these lines. It contains a "-" which would make it more managable from a customers point of view but seems to upset my bigint in the mysql database.


    srand ((float) microtime() * 10000000);

    $r1 = rand(100,999);

    $t1 = date("yz-his");


    //This sequence generation is valid only for Lynda's shop

    $sequence = $t1.$r1;




    Any thoughts/ideas would be very welcome - It is not critical but something that I would like to get ironed out.





  15. Well Guys,


    All back to normal....!?!? I haven't done a thing so I guess it was just a blip by HSBC.


    Can't think of any other explanation. So, I am happy again, well happier at least. Its a bit of a b****r to find out that you cannot contact anyone at HSBC on a weekend, when the internet use is at its highest and everyone is e-shopping!


    'Till the next time...




  16. Thanks for checking Rhea.


    I hear what you are saying about the module but I don't think this has anything to do with OScommerce or the HSBC modules.


    This is definately a HSBC problem - Nothng has changed at my end at all.


    This is the second time in a couple of weeks that they have had problems. Really hacks me off, especially considering how much we gotta pay in commision and they can't even man a telephone!


    I have tried the number you list and just get the recorded message, no transfer to anyone to talk to!


    I have tried calling a number for their general switchboard but it just rings and rings and rings.....


    Have e-mailed them but no reply!


    Maybe they are just very busy trying to fix the problem....Lets hope so anyways.


    Well, I've done all I can think of for now so I'll just get on with some waiting!

  17. Just taken the liberty to try somebody elses Store (Hope he doesn't mind!) and guess what - same thing.


    Suggest everyone tries there site ASAP and if anyone can think of letting HSBC know the problem they shout now!!


    Looks like at least some of us are going to be badly out of pocket by Monday :angry:

  18. Hi Guys,


    Disaster has struck again!!


    All fine all week, now Saturday afternoon and it appears that HSBC have sunk again.....


    After not getting any orders since last night, bery unusual for a Saturday I tried to run an order myself. The site connects through to HSBC fine and the welcome page appears, but when you click on continue you just get


    Communication Failure


    We have been unable to proceed with your transaction due to a communication failure.


    Please Close your browser window and confirm the status of your order with the merchant.


    This is still part of HSBC's site, but aparaently down!!


    Tried phoning the helpline number just to get a recorded message about how they only man the office Monday to Friday.


    Any ideas on how I can fix this or who I can call? I am losing big orders if it stays down over the weekend.



    Anyone else in the same boat?

  19. OK,


    Things seem back to normal, panic over.


    Speaking with HSBC, they tried to blame it on my site despite the fact that they were having server problems.


    They asked for some order details to be e-mailed through, to which I got this reply,



    Thankyou for your email.


    We are experiencing problems with the CPI and POS systems at this time.  It

    has been escalated and will be resolved as soon as possible.


    Not sure what escalated means but it obviously works well as things are all back to normal - :-"


    Cheers for now, Richard.

  20. Hi Raj,


    Thanks for the speedy response,


    Yep, it looks as though it could be the hosts, apparently they have been doing some upgrades, according to the forum.


    I have just contacted them and waiting to hear back.


    Any thoughts on what it might have affected and how to put it right?