ToddSlaughter Posted September 29, 2005 Share Posted September 29, 2005 I have the default (v1.48) authorize.net module working, and it seems to work fine, but I'm concerned that it may not be secure. I'm a web developer but this is my first foray into osCommerce, PHP, SSL, and credit cards. I'm just a little light on the lingo and need some (mostly) simple answers to simple questions. I've searched these forums and the web for answers, but I frequently find dead ends such as perfect questions with zero replies. You should have seen my question list before I started! Question 1: There's lots of documentation about SIM and AIM mode, but I can't tell which mode the default authorize.net module uses. How can I tell? Question 2: The user types his/her credit card number directly into an osCommerce page. Doesn't that represent a security risk without SSL? Question 3: I don't have an SSL certificate. Do I need an SSL certificate? My hosting provider offers a shared certificate, but they say it won't work with PHP pages. Question 4: Is there a way to do this without an SSL certificate? I understand Authorize.net provides a Payment Form on their server as an option. Is this is the way to avoid an SSL cert? If so, how do I make this happen? Is there a separate module for that? If it's just not practical to do this without SSL, we'll find the money. Question 5: I've seen a lot of talk about the Authorize.net Consolidated contribution, but I have yet to find a feature list. Do I need it? Question 6: If I do need Authorize.net Consolidated, is there a way to tell whether cURL is compiled or not before I install? I've read that this is commonly an issue. Details: Linux 2.4.21-27.0.4.ELsmp Apache 1.3.33 PHP 4.3.11 (configure command includes "--with-curl") osCommerce 2.2-MS2 (installed by Fantastico) cURL enabled: libcurl/7.12.0 OpenSSL/0.9.7a zlib/1.1.4 authorizenet.php v1.48 2003/04/10 Thanks to all! Quote Link to comment Share on other sites More sharing options...
satish Posted September 30, 2005 Share Posted September 30, 2005 I have the default (v1.48) authorize.net module working, and it seems to work fine, but I'm concerned that it may not be secure. I'm a web developer but this is my first foray into osCommerce, PHP, SSL, and credit cards. I'm just a little light on the lingo and need some (mostly) simple answers to simple questions. I've searched these forums and the web for answers, but I frequently find dead ends such as perfect questions with zero replies. You should have seen my question list before I started! Question 1: There's lots of documentation about SIM and AIM mode, but I can't tell which mode the default authorize.net module uses. How can I tell? Question 2: The user types his/her credit card number directly into an osCommerce page. Doesn't that represent a security risk without SSL? Question 3: I don't have an SSL certificate. Do I need an SSL certificate? My hosting provider offers a shared certificate, but they say it won't work with PHP pages. Question 4: Is there a way to do this without an SSL certificate? I understand Authorize.net provides a Payment Form on their server as an option. Is this is the way to avoid an SSL cert? If so, how do I make this happen? Is there a separate module for that? If it's just not practical to do this without SSL, we'll find the money. Question 5: I've seen a lot of talk about the Authorize.net Consolidated contribution, but I have yet to find a feature list. Do I need it? Question 6: If I do need Authorize.net Consolidated, is there a way to tell whether cURL is compiled or not before I install? I've read that this is commonly an issue. Details: Linux 2.4.21-27.0.4.ELsmp Apache 1.3.33 PHP 4.3.11 (configure command includes "--with-curl") osCommerce 2.2-MS2 (installed by Fantastico) cURL enabled: libcurl/7.12.0 OpenSSL/0.9.7a zlib/1.1.4 authorizenet.php v1.48 2003/04/10 Thanks to all! HI, Well if you do not SSL then use SIM(Simple Integration Method) theu which all card and security related transactins are colected By authorize.net at its site. AIM(Advanced integration Method) which allows you to collect all data at your site. Hope this helps you. So for your case just use SIM and its easy to integrate. Satish Quote Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does. Link to comment Share on other sites More sharing options...
ToddSlaughter Posted September 30, 2005 Author Share Posted September 30, 2005 (edited) Well if you do not SSL then use SIM (Simple Integration Method)... Thanks Satish, but how do I implement the SIM method? If I'm interpreting things correctly, the default Authorize.net module won't do it, and the Authorize.net Consolidated module won't do it. Is there another module that will? Do I have to code this from scratch? Surely not, with 418 payment modules available, but I don't see one listed that looks like what I need. Edited September 30, 2005 by ToddSlaughter Quote Link to comment Share on other sites More sharing options...
ToddSlaughter Posted October 1, 2005 Author Share Posted October 1, 2005 I'm amazed by the contributions and the thriving osCommerce community. These forums are a tremendous resource. Thanks to all who provided help. But as a newbie to osCommerce, I have found it exceedingly difficult to find some basic information. There are over 600,000 posts here, and the official forum for Authorize.Net Consolidated was 42 pages long the last time I checked. Not easy to browse, and my searches never quite answered my questions. I found several instances where someone asked exactly one of my questions, but there were zero replies. These aren't difficult questions. And this forum is filled with experts. Yet somehow the basic questions don't get answered, time and time again. This is not a RTFM moment. The manual is lacking some very basic information. The answers to my questions ought to be in the readme file for Authorize.Net Consolidated, and better yet, on its official download page. I have our site up and running now. Come visit us at Hurricane Flight Systems at http://www.FlyHurricane.com. A complete graphic overhaul will follow when I can find the time, as well as some additional contributions and some custom code. When I've finally got the answers to my questions, I'd like to draft some new documentation for newbies, to give back to the community. How can I go about adding additional information to the Authorize.Net Consolidated page? And at this point, here are my best guesses as to the answers. Independent confirmation and additional detail would be fantastic. Numbered per the original post: Both the original and the Consolidated Authorize.Net modules use AIM mode Accepting the CC# on your own site is a security risk without an SSL cert Everything will work without an SSL cert, but you'll be liable for theft/damages/fraud, so don't risk it I still don't know if this can be done using Authorize.Net's payment form Authorize.Net Consolidated has a few nice features, but I still don't know what's hidden under the hood and I still don't know if this is way better than the default one There is a cURL test (test.php) included with A.N_C but it didn't work for me Thanks everyone. Quote Link to comment Share on other sites More sharing options...
Guest Posted October 2, 2005 Share Posted October 2, 2005 (edited) I need to know how do I get Authorize.net Consolidated Payment Module running correctly. I viewed others question on this forum who seem to have the same issues. Only one has seemed to have solved these issues. <b> Todd Slaughter <b>. So please share. Question for anybody. How do you tell If whether your curl is complied or not. Thanks Edited October 2, 2005 by Darryl Wesson Quote Link to comment Share on other sites More sharing options...
ToddSlaughter Posted October 2, 2005 Author Share Posted October 2, 2005 I need to know how do I get Authorize.net Consolidated Payment Module running correctly. I viewed others question on this forum who seem to have the same issues. Only one has seemed to have solved these issues. Todd Slaughter. So please share. Question for anybody. How do you tell If whether your curl is complied or not. Thanks Darryl, I'm still a newbie myself, but I'm learning a lot. I made a lot of assumptions and guesses, and did a lot of trial and error to get as far as I have. The documentation is lacking, even with this huge community supporting it. The difficult questions are discussed to death, but the basics seem to get overlooked time and time again. I offer my experiences, but I'm no expert. First, I think you need an SSL certificate, because the user will be putting his/her credit card number into your website. My hosting provider provides a shared-SSL cert, but it doesn't work with PHP, so I needed a dedicated SSL cert. You also need a dedicated IP to use an dedicated SSL certificate. And you need your hosting provider to install your certificate once you have it. This isn't something you can do on your own. LunarPages is my host and they were great. It wasn't the cheapest certificate, but I bought directly from LunarPages to cut out middlemen, finger-pointing, and other difficulties. You can also buy a certificate elsewhere and have your hosting provider install it. Backup your store! Not just the database, but the whole store. Make a copy of the folder somewhere. Also go into the store admin and backup the database. Download the Authorize.Net Consolidated contribution. Look at the contribution to see what files it includes. These will overwrite yours. If you've edited the original files in your store, you'll have to make the edits again after you install the contribution. If you need to compare the original file with yours to see what edits you've done, check out Beyond Compare. It's a first-rate program, and an invaluable tool in my toolbox. Open readme.html from the Authorize.Net Consolidated contribution and follow the installation instructions. This will get the contribution installed. Essentially you just copy the files to their proper locations, overwriting your old ones. Now re-do any necessary edits (you can delay this step until later if you want). Try a transaction and see if it works. The contribution didn't work 100% for me at first. What happened for me is that during checkout I would get an error that says there's a table missing from my database. There is a file in the contribution called order_invoice_id.sql. It is a script that will add the necessary table to the database. The installation instructions for the contribution don't mention this at all! Maybe it's supposed to happen automatically when the contribution is first run. I don't know. At any rate, I knew I had to run that script. I'll tell you how I ran that script. I'm sure there are other ways, but this is my experience. Read, learn, and adjust as necessary. My hosting provider provides CPanel for administration. Inside CPanel is an icon for MySQL Databases. That page lists my MySQL databases, and I see the one for osCommerce listed there. At the bottom of this page is a link to launch phpMyAdmin. Launch that. On the left side of the phpMyAdmin screen, thre's a drop-down to select the database to work on. Select the one for your store. In my case, it included the letters "osc" so that's how I identified it. Once selected, the page will fill up with the names of the tables. Look for order_invoice_id. In my case, it wasn't there, confirming the error message. At the top-left corner of the window, there are five little square buttons: Home, Logout, SQL Query, Docs, Docs. Click the SQL Query Window button. You'll get a popup window. Click the Import files tab. Browse to the file order_invoice_id.sql from the contribution and click GO. The script will upload and run. Now check to see if the order_invoice_id table is there. If it is, you're done here. Close everything out. Try a transaction and see if it works. As far as cURL is concerned, I never did figure out for sure how to tell whether or not it's compiled. There's a test.php script included with the contribution but it didn't work for me. From your store admin page, select Tools -> Server Info. In the PHP section, find the line labeled Configure Command. Mine includes the term -with-curl. I think this means that my PHP has cURL compiled in. A little further down this page is more cURL information. Best of luck to you. I'll be happy to answer any more questions I can, but I'm no expert. I'm sure you've read that I want to provide some better basic documentation for all to share. If you'd like to document all your frustrations and procedures and successes too, we can collaborate on that. Quote Link to comment Share on other sites More sharing options...
swdconsulting Posted October 8, 2005 Share Posted October 8, 2005 Darryl, I'm still a newbie myself, but I'm learning a lot. I made a lot of assumptions and guesses, and did a lot of trial and error to get as far as I have. The documentation is lacking, even with this huge community supporting it. The difficult questions are discussed to death, but the basics seem to get overlooked time and time again. I offer my experiences, but I'm no expert. First, I think you need an SSL certificate, because the user will be putting his/her credit card number into your website. My hosting provider provides a shared-SSL cert, but it doesn't work with PHP, so I needed a dedicated SSL cert. You also need a dedicated IP to use an dedicated SSL certificate. And you need your hosting provider to install your certificate once you have it. This isn't something you can do on your own. LunarPages is my host and they were great. It wasn't the cheapest certificate, but I bought directly from LunarPages to cut out middlemen, finger-pointing, and other difficulties. You can also buy a certificate elsewhere and have your hosting provider install it. Backup your store! Not just the database, but the whole store. Make a copy of the folder somewhere. Also go into the store admin and backup the database. Download the Authorize.Net Consolidated contribution. Look at the contribution to see what files it includes. These will overwrite yours. If you've edited the original files in your store, you'll have to make the edits again after you install the contribution. If you need to compare the original file with yours to see what edits you've done, check out Beyond Compare. It's a first-rate program, and an invaluable tool in my toolbox. Open readme.html from the Authorize.Net Consolidated contribution and follow the installation instructions. This will get the contribution installed. Essentially you just copy the files to their proper locations, overwriting your old ones. Now re-do any necessary edits (you can delay this step until later if you want). Try a transaction and see if it works. The contribution didn't work 100% for me at first. What happened for me is that during checkout I would get an error that says there's a table missing from my database. There is a file in the contribution called order_invoice_id.sql. It is a script that will add the necessary table to the database. The installation instructions for the contribution don't mention this at all! Maybe it's supposed to happen automatically when the contribution is first run. I don't know. At any rate, I knew I had to run that script. I'll tell you how I ran that script. I'm sure there are other ways, but this is my experience. Read, learn, and adjust as necessary. My hosting provider provides CPanel for administration. Inside CPanel is an icon for MySQL Databases. That page lists my MySQL databases, and I see the one for osCommerce listed there. At the bottom of this page is a link to launch phpMyAdmin. Launch that. On the left side of the phpMyAdmin screen, thre's a drop-down to select the database to work on. Select the one for your store. In my case, it included the letters "osc" so that's how I identified it. Once selected, the page will fill up with the names of the tables. Look for order_invoice_id. In my case, it wasn't there, confirming the error message. At the top-left corner of the window, there are five little square buttons: Home, Logout, SQL Query, Docs, Docs. Click the SQL Query Window button. You'll get a popup window. Click the Import files tab. Browse to the file order_invoice_id.sql from the contribution and click GO. The script will upload and run. Now check to see if the order_invoice_id table is there. If it is, you're done here. Close everything out. Try a transaction and see if it works. As far as cURL is concerned, I never did figure out for sure how to tell whether or not it's compiled. There's a test.php script included with the contribution but it didn't work for me. From your store admin page, select Tools -> Server Info. In the PHP section, find the line labeled Configure Command. Mine includes the term -with-curl. I think this means that my PHP has cURL compiled in. A little further down this page is more cURL information. Best of luck to you. I'll be happy to answer any more questions I can, but I'm no expert. I'm sure you've read that I want to provide some better basic documentation for all to share. If you'd like to document all your frustrations and procedures and successes too, we can collaborate on that. Quote Link to comment Share on other sites More sharing options...
swdconsulting Posted October 8, 2005 Share Posted October 8, 2005 Darryl, rather than quote you the whole thing...this guy was a newbie, and did a wonderful job of detailing some things with authorize.net. But...I have to simple questions, and then I can get the store online. First, when I tried to go 'production' with the store, it told me I needed to put into my authorize.net "settings and profiles" section the 'referral url' - which the gentleman at authorize net told me was the page that the client was 'beamed back to' after he was 'beamed' to authorize.net for the check on the authenticity of his credit card (or hers, I'm a she hehe). I need the name of that page. I ASSUME "checkout_process.php" but we all know what ASSUME can break down to - and mean. I don't want to, in my attempt to test this, drain my account <G>. And...along with that thought, how do I delete the apparent default $5 for shipping that shows up when I use the 'test mode' to see if I can at least get to the confirmation page (which then will tell me my 'test card' won't work, which apparently, is the right thing). I don't mind repeatedly trying out my store and charging a $1 item which I put in there several times, but if I charge $6 several times, it WILL add up - and on a fixed income...::sigh:: Keep up the good work here...what a wonderful community it is! I'll keep trying myself to answer 'baby questions' that I can answer - I've found over my 15 years with computers that THE best way to learn was to answer questions - and if I had to dig up the answer, I rarely forgot it (until chemo brain hit <G>). Gina Not necessarily germaine to this topic, but ladies, GET YOUR mammograms! This is Breast Cancer Awareness Month, and I'm a 4.5 year survivor...I didn't get mine, and...it took more of a toll than needed, I would have found it earlier and probably could have forsaken chemo had I not skipped 2 years. Mammograms can save lives! Can't afford one? Call your local health department! They'll tell you how to get a free one. Quote Link to comment Share on other sites More sharing options...
ToddSlaughter Posted October 9, 2005 Author Share Posted October 9, 2005 Gina, Congratulations on being a survivor. I love women and I love breasts, and I am so glad you're cancer-free. Alright, now to answer your questions. Once again, I'm a newbie. Take my advice with a grain of salt, though it's worked for me. First, I didn't have to set anything at Authorize.net that tells them where customers should be sent back to. I think perhaps that's only for SIM (simple) mode, where the customer sees the Authorize.Net credit-card form, actually at Authorize.Net and not in osCommerce. The Authorize.Net payment module for osCommerce uses the AIM (advanced) mode so I don't think the "referral url" is used. In AIM mode, osCommerce collects all the information and communicates with Authorize.Net behind the scenes. The user never sees any pages from Authorize.Net. When you try a transaction, what exactly happens? Is something telling you that you have to set the referral url? Second, your shipping cost question. On the osCommerce admin page, select Modules and then Shipping. The first item is "flat rate" and it defaults to ON and $5. That's where your $5 is coming from. You can change this amount to zero for your testing. Or you can activate and configure some of the other modules. You might even be able to just turn the flat rate module off, though I've never tried that. I don't know for sure what will happen if there are no shipping modules installed. Good luck! - Todd Quote Link to comment Share on other sites More sharing options...
Sensible Posted October 10, 2005 Share Posted October 10, 2005 (edited) Use the consolidated authorize.net Then by an inexpensiveSSL from comodo and you should be all set Thats how we did it at our fragrance site: url removed Edited October 10, 2005 by Mibble Quote Link to comment Share on other sites More sharing options...
swdconsulting Posted October 10, 2005 Share Posted October 10, 2005 Gina, Congratulations on being a survivor. I love women and I love breasts, and I am so glad you're cancer-free. Alright, now to answer your questions. Once again, I'm a newbie. Take my advice with a grain of salt, though it's worked for me. First, I didn't have to set anything at Authorize.net that tells them where customers should be sent back to. I think perhaps that's only for SIM (simple) mode, where the customer sees the Authorize.Net credit-card form, actually at Authorize.Net and not in osCommerce. The Authorize.Net payment module for osCommerce uses the AIM (advanced) mode so I don't think the "referral url" is used. In AIM mode, osCommerce collects all the information and communicates with Authorize.Net behind the scenes. The user never sees any pages from Authorize.Net. When you try a transaction, what exactly happens? Is something telling you that you have to set the referral url? Second, your shipping cost question. On the osCommerce admin page, select Modules and then Shipping. The first item is "flat rate" and it defaults to ON and $5. That's where your $5 is coming from. You can change this amount to zero for your testing. Or you can activate and configure some of the other modules. You might even be able to just turn the flat rate module off, though I've never tried that. I don't know for sure what will happen if there are no shipping modules installed. Good luck! - Todd Got it for the shipping - that was a doh! question and a very sweet answer for someone who apparently got very dyslexic and missed it! As for the other...should I download the latest authorize.net module...something like authorize net consolidated with curl fix 1.7? I put through a transaction after setting it to production mode. Order the item (stuck a $1 fake item on my list), run through the process, and when I put in my CC#, click continue, and I get this: The following errors have occurred. (14) The referrer, relay response or receipt link URL is invalid. After I called authorize.net to figure out what THAT was, I was told that in the control panel, I had to make a change: Response/Receipt URLs Help The Payment Gateway verifies the URL specified in the post string against the URLs in this list. If the URL provided does not match one of the values on this list, the transaction will be rejected. If no URL is provided, the Default URL value will be used. URL Add URL (Click Edit to define a default URL value.) Default Receipt URL Edit (Click Edit to define a default URL value.) Default Relay Response URL Edit To make long story short, I was told that this was the page that the customer was bounced back TO after his/her credit card was cleared through authorize.net (and I noticed I was bounced to the error message, the url at the top was secure.authorize.net/something. The previous web designer had put down three URL's that matched the pages on another site - pages that the customer were apparently taken to AFTER authorize.net checked the card, told the 'shopping cart' it was valid. Should I use that new consolidated authorize.net contribution? I'm using oscommerce 2.2 milestone 2 right now. Thanks! I REALLY want to get the store up and running by next week if at all possible. Otherwise, I'm going to have to figure out how to reimburse him what he's already paid me and/or scramble to populate a store I really don't like at all through my/his host. Quote Link to comment Share on other sites More sharing options...
Guest Posted October 10, 2005 Share Posted October 10, 2005 a shared ssl does in fact work with php, mysql, osCommerce, it is probably how you implemented it. Quote Link to comment Share on other sites More sharing options...
swdconsulting Posted October 12, 2005 Share Posted October 12, 2005 a shared ssl does in fact work with php, mysql, osCommerce, it is probably how you implemented it. All I need to find out - PLEASE - is the referring URL. According to the gentleman on the phone at authorize.net, this url is the url that the people are sent to AFTER their transaction is 'beamed' to authorize.net to approve their credit card. Once approved, then they are sent back to the store...THAT url that they are sent back to is the one I need. I tried "checkout_success.php". I could try, or put in ALL of the url's to the store, but that would be timeconsuming. Does anyone know what I need to put into the "settings and profiles/response/receipt URL's" section on the authorize.net page? I'm at a standstill, and I'm very, very frustrated! I cannot get the store live until this is settled. Please, please! I promised my client I'd have it going by the 1st of this month - well, it's the 10th and I'm still stymied by one measely answer! Thanks so much! Quote Link to comment Share on other sites More sharing options...
EuroTech Posted October 16, 2005 Share Posted October 16, 2005 All I need to find out - PLEASE - is the referring URL. According to the gentleman on the phone at authorize.net, this url is the url that the people are sent to AFTER their transaction is 'beamed' to authorize.net to approve their credit card. Once approved, then they are sent back to the store...THAT url that they are sent back to is the one I need. I tried "checkout_success.php". I could try, or put in ALL of the url's to the store, but that would be timeconsuming. Does anyone know what I need to put into the "settings and profiles/response/receipt URL's" section on the authorize.net page? I'm at a standstill, and I'm very, very frustrated! I cannot get the store live until this is settled. Please, please! I promised my client I'd have it going by the 1st of this month - well, it's the 10th and I'm still stymied by one measely answer! Thanks so much! Any answer to thing yet? Quote Link to comment Share on other sites More sharing options...
ToddSlaughter Posted October 23, 2005 Author Share Posted October 23, 2005 a shared ssl does in fact work with php, mysql, osCommerce, it is probably how you implemented it. My host is LunarPages, and they offer a shared SSL certificate, but they explicitly state on this page that it will not work with PHP due to security issues. It seems they've deliberately disabled that. So while a shared cert can work with PHP, it isn't necessarily so. It depends on the hosting company. If I'm wrong, please correct me. I'd love to not have to renew a private SSL cert next year. Quote Link to comment Share on other sites More sharing options...
ToddSlaughter Posted October 23, 2005 Author Share Posted October 23, 2005 Should I use that new consolidated authorize.net contribution? I'm using oscommerce 2.2 milestone 2 right now. The Authorize.net Consolidated contribution is what worked for me at Hurricane Flight Systems (FlyHurricane.com). See my earlier posts in this thread for instructions that worked for me. Pay close attention to the SQL issue that isn't in the instructions. Response/Receipt URLs HelpThe Payment Gateway verifies the URL specified in the post string against the URLs in this list. If the URL provided does not match one of the values on this list, the transaction will be rejected. If no URL is provided, the Default URL value will be used. URL Add URL (Click Edit to define a default URL value.) Default Receipt URL Edit (Click Edit to define a default URL value.) Default Relay Response URL Edit To make long story short, I was told that this was the page that the customer was bounced back TO after his/her credit card was cleared through authorize.net ... I never had to specify any of these things. I just logged in to my account at Authorize.net, and all of the URLs in the Transaction Response section are blank. Try that. I think the contribution must specify round-trip values but if you have values set at Authorize.net, they override the contribution. That's just a hunch. Can anybody verify that? Quote Link to comment Share on other sites More sharing options...
swdconsulting Posted October 23, 2005 Share Posted October 23, 2005 I did have to go with the store that comes with the 'commerce site' on my and my client's hosting company just to GET the store up, but...I'll be working on oscommerce when I get everything functional with the site to save him - and future authors, whom I might do sites for - $'s. My client and I are arranging to create 'modules' that we sell to authors - basic site (template), add-ons would be a store, newsletter, bulletin board, etc. We can work on pricing as time goes on. Also monthly charges for keeping the site up - depending upon the complexity of the job. I'll try the two suggestions here - update oscommerce with the consolidated module, AND...keep blank the 'referral url' profile on authorize.net's site itself. Hopefully, I can get to that soon, but right now, I have to tweak the site to get my 'bonus' <G> Take care! Thanks for the community here! Gina Saikin Quote Link to comment Share on other sites More sharing options...
Guest Posted March 6, 2006 Share Posted March 6, 2006 (edited) Edited because the info I posted was wrong. :blush: Edited March 6, 2006 by SommerNyte Quote Link to comment Share on other sites More sharing options...
xao Posted March 8, 2006 Share Posted March 8, 2006 I have a basic question and then maybe one that isn't too basic... Basic question. I have been fighting for the last two days trying to determine if Authorize.net was working. I was convinced it wasn't because from I interpeted on their website, was that I put in a real credit card on my website, but left my configuration mode in "Test" on the Authorize site, it would show up by NOT be charged. Now reading a couple of these e-mails it appears this may be incorrect. It really stinks that I have to do an actual purchase to test to make sure it is working. Anyone know of a way to verify that everything is working correctly. I assume it's working because of my follow-up question, which probably isn't too basic.... When going from the checkout_payment.php page to the checkout_confirmation page, I can see in my log files there is an error sometimes processing the credit card. Example: intranet.one-stop.com - - [08/Mar/2006:00:32:13 -0600] "GET /checkout_payment.php?error_message=There+was+an+error+processing+your+credit+card+%28%29%3A+&osCsid=0v3g3upacncbtqifot5on4m3 HTTP/1.1" 200 5656 "https://www.intotheoven.com/checkout_confirmation.php" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/417.9 (KHTML, like Gecko) Safari/417.8" But there is not an error listed on the Order confirmation (checkout_confirmation.php) page. Is there a way that if there is an error to reject it here or prevent them from moving to this stage? Third question... If you continue to proceed at this point, revewing your order and then click the "Confirm Order" button, it will reject you at this point back to the credit card entry box, but the error message in the URL isn't correct to show up in the Red Error box. The error has "checkout_payment.php?error_message=" redirected to it instead of "checkout_payment.php?payment_error=authorizenet&error=" Anyone know where or what file to edit to change this redirect to send the appropriate URL so at least the customer can be informed why their order wasn't processed? Examples below: Redirected error from confirmation order page back to CC entry that does NOT display the error in the Red Box. https://www.intotheoven.com/checkout_paymen...acncbtqift5n4m3 A properly formated error page that will display the Red Error box. https://www.intotheoven.com/checkout_paymen...cncbtqifot5on43 Thanks for all of your help! Quote Link to comment Share on other sites More sharing options...
New 
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.