Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SecPay module: non-functional?


blueskiwi

Recommended Posts

Hi,

 

I am trying to use the SecPay module but it seems to be non-functional.

 

1. I set everything up on the admin screen with valid merchant id, transaction mode: production etc

 

Every time I placed an order it would bounce back to the checkout_payment.php unprocessed, but with no error message.

 

2. I had a look at the form being submitted to SecPay and found the following:

<input type="hidden" name="callback" value="http://www.metalmilitia.co.uk/catalog/checkout_process.php;http://www.metalmilitia.co.uk/catalog/checkout_payment.php?payment_error=secpay">

 

However in the SecPay docs I couldn't find any mention of supplying two urls separated by a semi-colon. Their example code only used one url. And SecPay seemed to be sending me to the second url every time.

 

3. I changed the line above to just point to checkout_process.php

 

Now, every order gets processed regardless. No errors from SecPay are taken into account.

 

4. I found a thread talking about the misuse of GET vars vs POST vars in secpay.php which suggested changing the code to $_REQUEST to catch both.

 

This didn't seem to make any difference.

 

 

Can someone please tell me straight - does this module work??

Link to comment
Share on other sites

  • 1 month later...

This was my mistake... my client had not yet completed the setup of his internet merchant account with the bank.

 

However I still have reason to believe the module is non-functional. Now that his account is up and running SecPay are billing people's credit cards but the module is returning an error and no orders are showing up in OsCommerce.

 

I am not the only person with this problem:

http://www.oscommerce.com/forums/index.php?sho...72457&hl=secpay

http://www.oscommerce.com/forums/index.php?sho...72385&hl=secpay

 

I realise I'm probably talking to myself here... but if anyone out there has been able to get the SecPay module working please let me know!

Link to comment
Share on other sites

If you are using the secpay module from the contributions section then make sure that your digest key matches what it set on secpay.. if they are different the payment will be rejected by oscommerce.

 

TBH the code in the contribution doesnt fill me with confidence so I wouldnt use it... it could be easier to take the existing module in oscommerce and add the md5 feature yourself.

Link to comment
Share on other sites

TBH the code in the contribution doesnt fill me with confidence so I wouldnt use it... it could be easier to take the existing module in oscommerce and add the md5 feature yourself.

 

Both versions of the module have the same problem... the credit cards are billed but no orders are taken. Pretty serious. As far as I can tell this module should not be released for use...?

Link to comment
Share on other sites

Both versions of the module have the same problem... the credit cards are billed but no orders are taken. Pretty serious. As far as I can tell this module should not be released for use...?

 

I have used the standard module on over 20 sites without any problem.

 

My guess is that your host has disabled reverse lookups. In the module there is a check to make sure that the callback comes from secpay.com this makes sure that callbacks cannot be spoofed.

Link to comment
Share on other sites

Thanks for the tip!!

 

The old module definitely wasn't working. Neither was the new one. I have now used the new 'MD5 hash' version of the SecPay module... but with the hash check commented out. Now it works, phew!

 

I'd like to get the security check back working. The code I commented out used the 'REQUEST_URI' property to make a hash... but that doesn't include the domain part of the path so I don't see the problem being to do with reverse look ups.

 

Haven't looked too hard at it but seems like the way the hash is generated in the secpay module probably doesn't match what is specified in the SecPay docs...

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...