Protx Direct v2.22

[tanmar]

I just tested Version 4.1:

 

The iframe doesnt' work for me too - 3DSecure is activated. I'm getting a 500 Internal Error from the ProtX System too when the 3DSecure Screen where you enter your Password should be displayed.

 

Did anybody of you try to use Version 4.x with 3DSecure activated and cookies deactivated? I'm somehow getting an Internal Server Error after the 3DSecure Authorization when I should be redirected to the shop. Either the ProtX Testserver doesn't work with cookies disabled or ProtX dislikes the TermUrl including the osCsid?

Marco

Edited June 21, 2007 by tanmar

[Paul_w]

Great work with this contribution, well done!

 

Hopefully I can help with a little input of my own......

 

I too have a problem with 'Error 500 Internal Server Error' as soon as you reach what should be the entry screen for 3D password, though funnily enough it works fine with the Protx Simulator, the problem only occurs when switching over to 'live'

 

I think the reason for the problem is that the script is trying to pass far too much variable information via GET in the src URL for the iframe....

 

I have changed this to use sessions to store the required information.

 

   // Redirect to card issuing bank for 3D-Secure authorisation
  if ($use_iframe === true)
 {
	session_start();
	session_register("pw_PAReq");
	$pw_PAReq = $responses['PAReq'];
	session_register("pw_MD");
	$pw_MD = $responses['MD'];
	session_register("pw_acsurl");
	$pw_acsurl = $responses['ACSURL'];
	  ?>

   <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">

 

and for the call to the bank page:

 

 elseif ($_GET['action'] == 'iframe')
{  session_start();
echo'<html>
<head>
<title>3D-Secure Validation</title>
<script LANGUAGE="Javascript">
 function OnLoadEvent() { document.form.submit(); }
</SCRIPT>
</head>
<body OnLoad="OnLoadEvent();">
<form name="form" action="'.$_SESSION['pw_acsurl'].'" method="POST" />
<input type="hidden" name="PaReq" value="'.$_SESSION['pw_PAReq'].'" />
<input type="hidden" name="TermUrl" value="'.urldecode($_GET['termurl']).'" />
<input type="hidden" name="MD" value="'.$_SESSION['pw_MD'].'" />
<NOSCRIPT>

 

Obviously you should now remove the MD, PAReq & ACSURL variables from the iframe src link.

 

This works great for me :thumbsup:

Edited June 22, 2007 by Paul_w

[Guest]

I too felt it was related to too long GET url as I mentioned in a post earlier. The past few days I've been trying to decide whether to use sessions or database for the pareq/md. I'll take your example and go with sessions but will change to the osc session function and see how we go with that!

 

Tom

[Guest]

v4.2 uploaded - hopefully this should sort the issues out. Thanks for the patience, support, bug reports and code suggestions.

 

Please do test throughly via the Protx Simulator.

 

Any probs, report them here as before and I'll do my best

 

Tom

[♥stubbsy]

Hi there,

 

Just a quick one for you, and nothing to do with this update :)

 

For some while now, I think since upgrading to v3 or 3.1, the credit card info isn't showing up in my orders.php. The last piece of info showing is ENTRY_PAYMENT_METHOD and then it skips straight to the product table.

 

Any ideas why it doesn't show the card info parts in this table?

 

Thanks

 

Dave

[Guest]

The module does not store any of the credit card info in the database to comply with various industry regulations - hence why nothing shows up on the order page

 

Tom

[♥stubbsy]

ah ok, as long as i know, its just that a few months back it used to store the card type and the last 4 digits and now it doesn't, i just wanted to check I wasn't missing out as having that info was useful

 

Cheers

 

Dave

[pynchon]

Hi all

 

I have just been informed by a client that I have just a few days to replace the Pre-Auth method with the new required Authorise/Authenticate method

 

Which version do I need to install/update to ... and can I just update the current Protx Direct v2.4 by amending the current code

 

Does that make sense ?

 

many thanks

 

John Keiller

[Guest]

Protx is replacing Pre-Auth with Authorise/Authenticate from 1st August. It is available on their simulator system to test but will not be live until August giving you a bit more time!

 

The authorise/Authenticate mode is only available in the v4+ of the direct module. There have been a few issues with this version which I've tried to iron out and think we're getting there - just waiting feedback to see.

 

If upgrading from v2.4 you will need to upload the files, add some language definitions and update the database table - instructions are included in the download. Please do test thoroughly on a test site using the Protx simulator before going live in August with the new version and let me kow if there are any problems.

 

Tom

[pynchon]

Protx is replacing Pre-Auth with Authorise/Authenticate from 1st August. It is available on their simulator system to test but will not be live until August giving you a bit more time!

 

The authorise/Authenticate mode is only available in the v4+ of the direct module. There have been a few issues with this version which I've tried to iron out and think we're getting there - just waiting feedback to see.

 

If upgrading from v2.4 you will need to upload the files, add some language definitions and update the database table - instructions are included in the download. Please do test thoroughly on a test site using the Protx simulator before going live in August with the new version and let me kow if there are any problems.

 

Tom

 

 

many thanks tom

I'm glad I have a bit more time :) I was beginning to panic a bit.

I'm going to make a duplicate of the current site within a subdirectory .. and use a duplicate database so I don't need to interfere with the current site which is fully functioning and taking quite a few orders per day. I'll probably do this later in the week and will post the results of use on the simulator system ... if there is anything useful to report.

This is a fantastic contribution ... and the support you give is peerless and greatly appreciated ... many thanks again

 

John K

[hairydog]

v4.2 uploaded ... Any probs, report them here as before and I'll do my best

 

Transactions above £1,000 are being reported as 1.00 in the orders page. Seems that the comma is breaking the string. I think this was fixed in 3.1 but it seems to be unfixed again.

 

One of our clients wants the void/refund made unavailable to staff. I've amended the code, but it may be that it would be good to restrict access to that part in some way.

 

I'm not convinced that 3D secure works properly, but I can't test it: my only credit card that supports 3D-Secure seems to be impossible to enable 3D-Secure on!

 

There have been some successful 3D-S results so it must be working at least some of the time.

[hairydog]

v4.2 uploaded ... Any probs, report them here as before and I'll do my best

 

Transactions above £1,000 are being reported as 1.00 in the orders page. Seems that the comma is breaking the string. I think this was fixed in 3.1 but it seems to be unfixed again.

 

One of our clients wants the void/refund made unavailable to staff. I've amended the code, but it may be that it would be good to restrict access to that part in some way.

 

I'm not convinced that 3D secure works properly, but I can't test it: my only credit card that supports 3D-Secure seems to be impossible to enable 3D-Secure on!

 

There have been some successful 3D-S results so it must be working at least some of the time.

[hairydog]

v4.2 uploaded ... Any probs, report them here as before and I'll do my best

 

Transactions above £1,000 are being reported as 1.00 in the orders page. Seems that the comma is breaking the string. I think this was fixed in 3.1 but it seems to be unfixed again.

 

One of our clients wants the void/refund made unavailable to staff. I've amended the code, but it may be that it would be good to restrict access to that part in some way.

 

I'm not convinced that 3D secure works properly, but I can't test it: my only credit card that supports 3D-Secure seems to be impossible to enable 3D-Secure on!

 

There have been some successful 3D-S results so it must be working at least some of the time.

[♥stubbsy]

Hi Tom,

 

Just a quick note to let you know that I was unable to do a second refund on a transaction from the edit orders page. I had already issued a partial credit to a customer and then went to refund the remainder of the order and got this error

 

2007-06-27 10:10:37 REFUND  109.9500  MALFORMED  Refund Failed,Related Vendor Transaction Code missing or invalid length

 

I tried again and then got a different error

 

 2007-06-27 10:25:07 REFUND  109.9500  MALFORMED  Refund Failed,RelatedTxAuthNo is required

 

This isn't a problem as its very rare that I would do this but I just thought I'd let you know

 

Cheers

 

Dave

[Guest]

Thanks for the reports,

 

@hairydog - The issue is certainly fixed for the customer side - I obviously missed it off for the admin orders bit - it shouldn't cause any problems for customers. I'll include a fix in the next update.

 

@stubbsy - I had noticed this and have actually fixed it but I'm holding off uploading it for a short while in case there's any other issues that need sorting then I'll upload them together!

 

Tom

[pynchon]

Tom,

 

I told my client about the switch of dates from 30th June to the 1st of August and he is quite happy with it.

 

However, he forwarded me an email from Protx concerning 3D-Secure. I apparently have to get 3D Secure integrated before the weekend for the processing of Maestro payments.

 

Which version of the Protx contribution will I need for this ?

 

many thanks

 

John K

[pynchon]

Tom,

 

I told my client about the switch of dates from 30th June to the 1st of August and he is quite happy with it.

 

However, he forwarded me an email from Protx concerning 3D-Secure. I apparently have to get 3D Secure integrated before the weekend for the processing of Maestro payments.

 

Which version of the Protx contribution will I need for this ?

 

many thanks

 

John K

 

 

sorry ... I should have asked another question

 

How do I identify the version of the Protx Direct contribution that is currently installed

 

thank you

 

John K

[Guest]

Yes, 30 June is the deadline for 3D-Secure (for international maestro transactions), 1st August for preauth -> authenticate/authorise.

 

v3.0 up have 3D-Secure integrated

 

If you check the top of your protx_process.php file it should have the version number (i've tried to keep that up-to-date with each release) - if you do not have a protx_process.php file then you are using an version prior to v3.

 

Tom

[pynchon]

Yes, 30 June is the deadline for 3D-Secure (for international maestro transactions), 1st August for preauth -> authenticate/authorise.

 

v3.0 up have 3D-Secure integrated

 

 

Tom

 

 

Is it quite a straightforward upgrade ?

Or should I expect difficulties ?

 

 

many thanks again

 

John K

[Guest]

should be quite straightforward - the instructions are with the download, replace a few files and update the database appropriately - any probs let me know (make sure you uninstall the module in admin first, then upload, then reinstall)

 

Then give it a few test orders in simulator or test mode.

 

Tom

[sallyvigar]

Tom.

 

Can you help? I am currently using Protx Direct and want to upgrade to the new 3D-Secure.

 

Thank you for a great and easy module. I believe I am nearly there.

 

I made a mistake at the beginning and I didnt uninstall the module before uploading the new file. Now I cannot uninstall or install the file and I cant find where to put in my protx settings to finish the payment and send the info the protx.

 

My final error message is this;

 

Parse error: syntax error, unexpected T_STRING in /home/butterfl/public_html/includes/header.php on line 12

 

 

I look forward to your help....Thanks Sally

[Guest]

just for completeness in the thread sally solved the problem herself but encountered a problem with the size of the 3D-Secure (VbV / Mastercard securecode) iframe. This was fixed by changing line 386 of protx_process.php from

<iframe src="<?php echo tep_href_link('protx_process.php' ,'action=iframe&termurl='.urlencode(tep_href_link('protx_process.php','action=3Dreturn&iframe=Y&ProtxID='.$protx_id, 'SSL', 'true')), 'SSL', 'true'); ?>" width="80%" height="80%" frameborder=1 scrolling="auto"></iframe>

to

<iframe src="<?php echo tep_href_link('protx_process.php' ,'action=iframe&termurl='.urlencode(tep_href_link('protx_process.php','action=3Dreturn&iframe=Y&ProtxID='.$protx_id, 'SSL', 'true')), 'SSL', 'true'); ?>" width="400" height="400" frameborder=1 scrolling="auto"></iframe>

and changing it to a fixed width frame.

 

Tom

[♥Vger]

Just my two pennies worth about 3D Secure and UK Maestro from 30th June.

 

Initially it was only going to be International Maestro cards which were affected, but now Mastercard say that UK Maestro cards also have to at least attempt authentication (without saying what happens if the attempt fails). To authenticate the card owner has to input a password, which they have to set up for their card. I can see this causing all sorts of trouble.

 

Our advice to our customers at the moment is to turn off Maestro in their Protx Direct modules and wait and see what happens with this roll-out - unless it is essential to their business to keep accepting them.

 

Vger

Edited June 27, 2007 by Vger

[Guest]

It is correct that from the end of the months 3D-Secure is mandatory for Maestro but there are other advantages to enabling it - namely the shift in liabilty of chargebacks.

 

It is a difficult call to make - balancing the potential loss of sales by introducing an extra step (requiring a password for their payment card) to the checkout process v. the reduction in potential fraud/chargebacks. The storeowner needs to consider these when deciding to use 3D-Secure or not.

 

Tom

[♥Vger]

The shift in liability is a good thing, especially for some higher-risk businesses e.g. high value electronics.

 

However banks are trying to offset that by holding back payments of monies out of your account and even by asking for deposits and charging higher fees for Internet Merchant IDs.

 

Vger

Edited June 27, 2007 by Vger