Jump to content
Sign in to follow this  
blueskiwi

SecPay module: non-functional?

Recommended Posts

Hi,

 

I am trying to use the SecPay module but it seems to be non-functional.

 

1. I set everything up on the admin screen with valid merchant id, transaction mode: production etc

 

Every time I placed an order it would bounce back to the checkout_payment.php unprocessed, but with no error message.

 

2. I had a look at the form being submitted to SecPay and found the following:

<input type="hidden" name="callback" value="http://www.metalmilitia.co.uk/catalog/checkout_process.php;http://www.metalmilitia.co.uk/catalog/checkout_payment.php?payment_error=secpay">

 

However in the SecPay docs I couldn't find any mention of supplying two urls separated by a semi-colon. Their example code only used one url. And SecPay seemed to be sending me to the second url every time.

 

3. I changed the line above to just point to checkout_process.php

 

Now, every order gets processed regardless. No errors from SecPay are taken into account.

 

4. I found a thread talking about the misuse of GET vars vs POST vars in secpay.php which suggested changing the code to $_REQUEST to catch both.

 

This didn't seem to make any difference.

 

 

Can someone please tell me straight - does this module work??

Share this post


Link to post
Share on other sites

This was my mistake... my client had not yet completed the setup of his internet merchant account with the bank.

 

However I still have reason to believe the module is non-functional. Now that his account is up and running SecPay are billing people's credit cards but the module is returning an error and no orders are showing up in OsCommerce.

 

I am not the only person with this problem:

http://forums.oscommerce.com/index.php?sho...72457&hl=secpay

http://forums.oscommerce.com/index.php?sho...72385&hl=secpay

 

I realise I'm probably talking to myself here... but if anyone out there has been able to get the SecPay module working please let me know!

Share this post


Link to post
Share on other sites

If you are using the secpay module from the contributions section then make sure that your digest key matches what it set on secpay.. if they are different the payment will be rejected by oscommerce.

 

TBH the code in the contribution doesnt fill me with confidence so I wouldnt use it... it could be easier to take the existing module in oscommerce and add the md5 feature yourself.

Share this post


Link to post
Share on other sites
TBH the code in the contribution doesnt fill me with confidence so I wouldnt use it... it could be easier to take the existing module in oscommerce and add the md5 feature yourself.

 

Both versions of the module have the same problem... the credit cards are billed but no orders are taken. Pretty serious. As far as I can tell this module should not be released for use...?

Share this post


Link to post
Share on other sites
Both versions of the module have the same problem... the credit cards are billed but no orders are taken. Pretty serious. As far as I can tell this module should not be released for use...?

 

I have used the standard module on over 20 sites without any problem.

 

My guess is that your host has disabled reverse lookups. In the module there is a check to make sure that the callback comes from secpay.com this makes sure that callbacks cannot be spoofed.

Share this post


Link to post
Share on other sites

Thanks for the tip!!

 

The old module definitely wasn't working. Neither was the new one. I have now used the new 'MD5 hash' version of the SecPay module... but with the hash check commented out. Now it works, phew!

 

I'd like to get the security check back working. The code I commented out used the 'REQUEST_URI' property to make a hash... but that doesn't include the domain part of the path so I don't see the problem being to do with reverse look ups.

 

Haven't looked too hard at it but seems like the way the hash is generated in the secpay module probably doesn't match what is specified in the SecPay docs...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×