tanmar Posted June 21, 2007 Share Posted June 21, 2007 (edited) I just tested Version 4.1: The iframe doesnt' work for me too - 3DSecure is activated. I'm getting a 500 Internal Error from the ProtX System too when the 3DSecure Screen where you enter your Password should be displayed. Did anybody of you try to use Version 4.x with 3DSecure activated and cookies deactivated? I'm somehow getting an Internal Server Error after the 3DSecure Authorization when I should be redirected to the shop. Either the ProtX Testserver doesn't work with cookies disabled or ProtX dislikes the TermUrl including the osCsid? Marco Edited June 21, 2007 by tanmar Quote Link to comment Share on other sites More sharing options...
Paul_w Posted June 22, 2007 Share Posted June 22, 2007 (edited) Great work with this contribution, well done! Hopefully I can help with a little input of my own...... I too have a problem with 'Error 500 Internal Server Error' as soon as you reach what should be the entry screen for 3D password, though funnily enough it works fine with the Protx Simulator, the problem only occurs when switching over to 'live' I think the reason for the problem is that the script is trying to pass far too much variable information via GET in the src URL for the iframe.... I have changed this to use sessions to store the required information. // Redirect to card issuing bank for 3D-Secure authorisation if ($use_iframe === true) { session_start(); session_register("pw_PAReq"); $pw_PAReq = $responses['PAReq']; session_register("pw_MD"); $pw_MD = $responses['MD']; session_register("pw_acsurl"); $pw_acsurl = $responses['ACSURL']; ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> and for the call to the bank page: elseif ($_GET['action'] == 'iframe') { session_start(); echo'<html> <head> <title>3D-Secure Validation</title> <script LANGUAGE="Javascript"> function OnLoadEvent() { document.form.submit(); } </SCRIPT> </head> <body OnLoad="OnLoadEvent();"> <form name="form" action="'.$_SESSION['pw_acsurl'].'" method="POST" /> <input type="hidden" name="PaReq" value="'.$_SESSION['pw_PAReq'].'" /> <input type="hidden" name="TermUrl" value="'.urldecode($_GET['termurl']).'" /> <input type="hidden" name="MD" value="'.$_SESSION['pw_MD'].'" /> <NOSCRIPT> Obviously you should now remove the MD, PAReq & ACSURL variables from the iframe src link. This works great for me :thumbsup: Edited June 22, 2007 by Paul_w Quote Link to comment Share on other sites More sharing options...
Guest Posted June 22, 2007 Share Posted June 22, 2007 I too felt it was related to too long GET url as I mentioned in a post earlier. The past few days I've been trying to decide whether to use sessions or database for the pareq/md. I'll take your example and go with sessions but will change to the osc session function and see how we go with that! Tom Quote Link to comment Share on other sites More sharing options...
Guest Posted June 23, 2007 Share Posted June 23, 2007 v4.2 uploaded - hopefully this should sort the issues out. Thanks for the patience, support, bug reports and code suggestions. Please do test throughly via the Protx Simulator. Any probs, report them here as before and I'll do my best Tom Quote Link to comment Share on other sites More sharing options...
♥stubbsy Posted June 24, 2007 Share Posted June 24, 2007 Hi there, Just a quick one for you, and nothing to do with this update :) For some while now, I think since upgrading to v3 or 3.1, the credit card info isn't showing up in my orders.php. The last piece of info showing is ENTRY_PAYMENT_METHOD and then it skips straight to the product table. Any ideas why it doesn't show the card info parts in this table? Thanks Dave Quote Link to comment Share on other sites More sharing options...
Guest Posted June 24, 2007 Share Posted June 24, 2007 The module does not store any of the credit card info in the database to comply with various industry regulations - hence why nothing shows up on the order page Tom Quote Link to comment Share on other sites More sharing options...
♥stubbsy Posted June 25, 2007 Share Posted June 25, 2007 ah ok, as long as i know, its just that a few months back it used to store the card type and the last 4 digits and now it doesn't, i just wanted to check I wasn't missing out as having that info was useful Cheers Dave Quote Link to comment Share on other sites More sharing options...
pynchon Posted June 25, 2007 Share Posted June 25, 2007 Hi all I have just been informed by a client that I have just a few days to replace the Pre-Auth method with the new required Authorise/Authenticate method Which version do I need to install/update to ... and can I just update the current Protx Direct v2.4 by amending the current code Does that make sense ? many thanks John Keiller Quote Link to comment Share on other sites More sharing options...
Guest Posted June 25, 2007 Share Posted June 25, 2007 Protx is replacing Pre-Auth with Authorise/Authenticate from 1st August. It is available on their simulator system to test but will not be live until August giving you a bit more time! The authorise/Authenticate mode is only available in the v4+ of the direct module. There have been a few issues with this version which I've tried to iron out and think we're getting there - just waiting feedback to see. If upgrading from v2.4 you will need to upload the files, add some language definitions and update the database table - instructions are included in the download. Please do test thoroughly on a test site using the Protx simulator before going live in August with the new version and let me kow if there are any problems. Tom Quote Link to comment Share on other sites More sharing options...
pynchon Posted June 26, 2007 Share Posted June 26, 2007 Protx is replacing Pre-Auth with Authorise/Authenticate from 1st August. It is available on their simulator system to test but will not be live until August giving you a bit more time! The authorise/Authenticate mode is only available in the v4+ of the direct module. There have been a few issues with this version which I've tried to iron out and think we're getting there - just waiting feedback to see. If upgrading from v2.4 you will need to upload the files, add some language definitions and update the database table - instructions are included in the download. Please do test thoroughly on a test site using the Protx simulator before going live in August with the new version and let me kow if there are any problems. Tom many thanks tom I'm glad I have a bit more time :) I was beginning to panic a bit. I'm going to make a duplicate of the current site within a subdirectory .. and use a duplicate database so I don't need to interfere with the current site which is fully functioning and taking quite a few orders per day. I'll probably do this later in the week and will post the results of use on the simulator system ... if there is anything useful to report. This is a fantastic contribution ... and the support you give is peerless and greatly appreciated ... many thanks again John K Quote Link to comment Share on other sites More sharing options...
hairydog Posted June 26, 2007 Share Posted June 26, 2007 v4.2 uploaded ... Any probs, report them here as before and I'll do my best Transactions above £1,000 are being reported as 1.00 in the orders page. Seems that the comma is breaking the string. I think this was fixed in 3.1 but it seems to be unfixed again. One of our clients wants the void/refund made unavailable to staff. I've amended the code, but it may be that it would be good to restrict access to that part in some way. I'm not convinced that 3D secure works properly, but I can't test it: my only credit card that supports 3D-Secure seems to be impossible to enable 3D-Secure on! There have been some successful 3D-S results so it must be working at least some of the time. Quote Link to comment Share on other sites More sharing options...
hairydog Posted June 26, 2007 Share Posted June 26, 2007 v4.2 uploaded ... Any probs, report them here as before and I'll do my best Transactions above £1,000 are being reported as 1.00 in the orders page. Seems that the comma is breaking the string. I think this was fixed in 3.1 but it seems to be unfixed again. One of our clients wants the void/refund made unavailable to staff. I've amended the code, but it may be that it would be good to restrict access to that part in some way. I'm not convinced that 3D secure works properly, but I can't test it: my only credit card that supports 3D-Secure seems to be impossible to enable 3D-Secure on! There have been some successful 3D-S results so it must be working at least some of the time. Quote Link to comment Share on other sites More sharing options...
hairydog Posted June 26, 2007 Share Posted June 26, 2007 v4.2 uploaded ... Any probs, report them here as before and I'll do my best Transactions above £1,000 are being reported as 1.00 in the orders page. Seems that the comma is breaking the string. I think this was fixed in 3.1 but it seems to be unfixed again. One of our clients wants the void/refund made unavailable to staff. I've amended the code, but it may be that it would be good to restrict access to that part in some way. I'm not convinced that 3D secure works properly, but I can't test it: my only credit card that supports 3D-Secure seems to be impossible to enable 3D-Secure on! There have been some successful 3D-S results so it must be working at least some of the time. Quote Link to comment Share on other sites More sharing options...
♥stubbsy Posted June 27, 2007 Share Posted June 27, 2007 Hi Tom, Just a quick note to let you know that I was unable to do a second refund on a transaction from the edit orders page. I had already issued a partial credit to a customer and then went to refund the remainder of the order and got this error 2007-06-27 10:10:37 REFUND 109.9500 MALFORMED Refund Failed,Related Vendor Transaction Code missing or invalid length I tried again and then got a different error 2007-06-27 10:25:07 REFUND 109.9500 MALFORMED Refund Failed,RelatedTxAuthNo is required This isn't a problem as its very rare that I would do this but I just thought I'd let you know Cheers Dave Quote Link to comment Share on other sites More sharing options...
Guest Posted June 27, 2007 Share Posted June 27, 2007 Thanks for the reports, @hairydog - The issue is certainly fixed for the customer side - I obviously missed it off for the admin orders bit - it shouldn't cause any problems for customers. I'll include a fix in the next update. @stubbsy - I had noticed this and have actually fixed it but I'm holding off uploading it for a short while in case there's any other issues that need sorting then I'll upload them together! Tom Quote Link to comment Share on other sites More sharing options...
pynchon Posted June 27, 2007 Share Posted June 27, 2007 Tom, I told my client about the switch of dates from 30th June to the 1st of August and he is quite happy with it. However, he forwarded me an email from Protx concerning 3D-Secure. I apparently have to get 3D Secure integrated before the weekend for the processing of Maestro payments. Which version of the Protx contribution will I need for this ? many thanks John K Quote Link to comment Share on other sites More sharing options...
pynchon Posted June 27, 2007 Share Posted June 27, 2007 Tom, I told my client about the switch of dates from 30th June to the 1st of August and he is quite happy with it. However, he forwarded me an email from Protx concerning 3D-Secure. I apparently have to get 3D Secure integrated before the weekend for the processing of Maestro payments. Which version of the Protx contribution will I need for this ? many thanks John K sorry ... I should have asked another question How do I identify the version of the Protx Direct contribution that is currently installed thank you John K Quote Link to comment Share on other sites More sharing options...
Guest Posted June 27, 2007 Share Posted June 27, 2007 Yes, 30 June is the deadline for 3D-Secure (for international maestro transactions), 1st August for preauth -> authenticate/authorise. v3.0 up have 3D-Secure integrated If you check the top of your protx_process.php file it should have the version number (i've tried to keep that up-to-date with each release) - if you do not have a protx_process.php file then you are using an version prior to v3. Tom Quote Link to comment Share on other sites More sharing options...
pynchon Posted June 27, 2007 Share Posted June 27, 2007 Yes, 30 June is the deadline for 3D-Secure (for international maestro transactions), 1st August for preauth -> authenticate/authorise. v3.0 up have 3D-Secure integrated Tom Is it quite a straightforward upgrade ? Or should I expect difficulties ? many thanks again John K Quote Link to comment Share on other sites More sharing options...
Guest Posted June 27, 2007 Share Posted June 27, 2007 should be quite straightforward - the instructions are with the download, replace a few files and update the database appropriately - any probs let me know (make sure you uninstall the module in admin first, then upload, then reinstall) Then give it a few test orders in simulator or test mode. Tom Quote Link to comment Share on other sites More sharing options...
sallyvigar Posted June 27, 2007 Share Posted June 27, 2007 Tom. Can you help? I am currently using Protx Direct and want to upgrade to the new 3D-Secure. Thank you for a great and easy module. I believe I am nearly there. I made a mistake at the beginning and I didnt uninstall the module before uploading the new file. Now I cannot uninstall or install the file and I cant find where to put in my protx settings to finish the payment and send the info the protx. My final error message is this; Parse error: syntax error, unexpected T_STRING in /home/butterfl/public_html/includes/header.php on line 12 I look forward to your help....Thanks Sally Quote Link to comment Share on other sites More sharing options...
Guest Posted June 27, 2007 Share Posted June 27, 2007 just for completeness in the thread sally solved the problem herself but encountered a problem with the size of the 3D-Secure (VbV / Mastercard securecode) iframe. This was fixed by changing line 386 of protx_process.php from <iframe src="<?php echo tep_href_link('protx_process.php' ,'action=iframe&termurl='.urlencode(tep_href_link('protx_process.php','action=3Dreturn&iframe=Y&ProtxID='.$protx_id, 'SSL', 'true')), 'SSL', 'true'); ?>" width="80%" height="80%" frameborder=1 scrolling="auto"></iframe> to <iframe src="<?php echo tep_href_link('protx_process.php' ,'action=iframe&termurl='.urlencode(tep_href_link('protx_process.php','action=3Dreturn&iframe=Y&ProtxID='.$protx_id, 'SSL', 'true')), 'SSL', 'true'); ?>" width="400" height="400" frameborder=1 scrolling="auto"></iframe> and changing it to a fixed width frame. Tom Quote Link to comment Share on other sites More sharing options...
♥Vger Posted June 27, 2007 Share Posted June 27, 2007 (edited) Just my two pennies worth about 3D Secure and UK Maestro from 30th June. Initially it was only going to be International Maestro cards which were affected, but now Mastercard say that UK Maestro cards also have to at least attempt authentication (without saying what happens if the attempt fails). To authenticate the card owner has to input a password, which they have to set up for their card. I can see this causing all sorts of trouble. Our advice to our customers at the moment is to turn off Maestro in their Protx Direct modules and wait and see what happens with this roll-out - unless it is essential to their business to keep accepting them. Vger Edited June 27, 2007 by Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted June 27, 2007 Share Posted June 27, 2007 It is correct that from the end of the months 3D-Secure is mandatory for Maestro but there are other advantages to enabling it - namely the shift in liabilty of chargebacks. It is a difficult call to make - balancing the potential loss of sales by introducing an extra step (requiring a password for their payment card) to the checkout process v. the reduction in potential fraud/chargebacks. The storeowner needs to consider these when deciding to use 3D-Secure or not. Tom Quote Link to comment Share on other sites More sharing options...
♥Vger Posted June 27, 2007 Share Posted June 27, 2007 (edited) The shift in liability is a good thing, especially for some higher-risk businesses e.g. high value electronics. However banks are trying to offset that by holding back payments of monies out of your account and even by asking for deposits and charging higher fees for Internet Merchant IDs. Vger Edited June 27, 2007 by Vger Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.