Justin Posted September 10, 2002 Share Posted September 10, 2002 I'm setting up a store on CVS 2.2 (current build) and am trying to get the IONgate contribution working: http://www.oscommerce.com/forums/viewtopic.php?t=11987 Everything works fine up until the "Confirm Order" button gets pushed. At that point, the following error appears: There has been an error processing your credit card, please try again. System Reported: State field is null or contains invalid characters. Even though I entered "PA" as the state in my test order, the checkout_confirmation.php page lists the delivery address as "Pennsylvania." I suspect that IONgate is expecting a two-letter code but is getting the full state name passed to it instead. While there are a couple of other minor issues with this contribution (e.g., the checkout_payment.php form uses "MODULE_PAYMENT_IONGATE_TEXT_CARDHOLDER_NAME" as an input field label instead of "Cardholder Name"), the inability to process credit cards orders is a real showstopper. I would contact the author (Cheng Yu) and ask for suggestions, but I can't seem to locate an email address for him. It seems as if he does not frequent the forums much these days. It seems as if there a few others that are having similar troubles trying to use IONgate with osCommerce. Is there anybody out there who might be able to give me a hand with this so we can get this contribution working again? I've looked at the code, but I don't understand enough about PHP or the inner workings of osCommerce to determine where to begin. Sincere thanks in advance for any assistance, Justin :) Quote Link to comment Share on other sites More sharing options...
Justin Posted September 10, 2002 Author Share Posted September 10, 2002 Well, for the moment it seems that the source of the main problem has been located. The author misspelled the word "Pennsylvania" in the state_codes database table included in the contribution. You don't want to know how much time I wasted poring over the code and searching for clues... and then it turns out the problem was in the DB table! :cry: So while credit cards now appear to be processed successfuly via IONgate's dummy account, there are a number of other aesthetic issues with this contribution that I would like to fix. Once I've figured out how to do that, I'll include the bug-fix mentioned above and re-package the contribution. Thanks go out to Cheng for writing this in the first place. Thanks Cheng, wherever you are! :D Quote Link to comment Share on other sites More sharing options...
whosyurdaddy Posted October 4, 2002 Share Posted October 4, 2002 Also, Missouri (MO) was left out completely. Thanks Justin for doing the dirty work here!!! would have taken me hours. Quote Link to comment Share on other sites More sharing options...
gnehc Posted October 4, 2002 Share Posted October 4, 2002 I was actively checking the forums prior to the first two weeks of September (when I first started to update/redo my CVS). Glad you figured it out. ;-) Had no idea there was some data entry. Guess that's what happens with entering data manually. Human errors! Makes me a 98% accurracy typist. :D BTW: It also doesn't have state/province codes for Canada. Well, for the moment it seems that the source of the main problem has been located. The author misspelled the word "Pennsylvania" in the state_codes database table included in the contribution. You don't want to know how much time I wasted poring over the code and searching for clues... and then it turns out the problem was in the DB table! :cry: So while credit cards now appear to be processed successfuly via IONgate's dummy account, there are a number of other aesthetic issues with this contribution that I would like to fix. Once I've figured out how to do that, I'll include the bug-fix mentioned above and re-package the contribution. Thanks go out to Cheng for writing this in the first place. Thanks Cheng, wherever you are! :D Quote Link to comment Share on other sites More sharing options...
whosyurdaddy Posted October 4, 2002 Share Posted October 4, 2002 Found another error. The form on the checkout page is built with the expiration_year value being the 2 digit form of the year (02, 03, etc...), but /catalog/modules/payment/iongate.php is expecting a 4 digit year and trying to perform a substring to extract the last 2 digits. This is causing only the month to be passed to iongate.asp, and therefore it obviously fails. My quick workaround was to simply to change the substr() call to get the first (and only) 2 characters from the year, instead of the last 2. Specifically, on line 173 I changed substr($HTTP_POST_VARS['iongate_cc_expires_year'], 2,2)) . TO --> substr($HTTP_POST_VARS['iongate_cc_expires_year'], 0,2)) . ----------------- This solved the issue, but it is not the permanent fix. James- Quote Link to comment Share on other sites More sharing options...
Justin Posted December 13, 2002 Author Share Posted December 13, 2002 The IONgate payment module must be updated for use with the new checkout code released last month, and I do not have the technical skills needed to update it myself. I was wondering if there are people out there who would be interested in pooling some funds together so we can pay an experienced developer to get the IONgate payment module working. If we get even a handful of people together, the cost per person should be very reasonable. Please send me an instant message if you are interested in participating. Thanks! Quote Link to comment Share on other sites More sharing options...
byarger Posted December 17, 2002 Share Posted December 17, 2002 I just posted a new iongate module based on the current cvs version of authorizenet.php (CVS version 1.40). I am new to osCommerce, but I'm assuming the new checkout code is what I'm using. My iongate account isn't active, so this hasn't been tested with a live server, but it should work. I used Chengs contribution a little bit, but mostly worked from the authorizenet example in CVS. Let me know if anyone has any problems with the module, and I'll be happy to fix them. Quote Link to comment Share on other sites More sharing options...
Justin Posted December 17, 2002 Author Share Posted December 17, 2002 Terrific news! Thanks so much for letting us know about your contribution, Brian. I'll give it a whirl and let you know how it goes. Quote Link to comment Share on other sites More sharing options...
byarger Posted December 17, 2002 Share Posted December 17, 2002 I already noticed some testing stuff that I left in (the authresponse is in the error message), so I'm going to remove that. Also, I'm going to add an admin config option to turn off each of the card types individually. I only want to accept Visa/Mastercard, so I think this is the best way to do this. The admin screen may get a little long, but its the most flexible solution that I can think of. Does anyone think its useful to return the auth response to the user? I figure to cut down on fraud you don't give them the info on why it was declined, but if its useful, I could add it as a configuarable option as well if someone wants it. I'll probably be posting another version late tonight or tomorrow. Quote Link to comment Share on other sites More sharing options...
byarger Posted December 17, 2002 Share Posted December 17, 2002 Ok, those changes are in. When you get a chance to check it out, let me know how it goes. Brian Quote Link to comment Share on other sites More sharing options...
Justin Posted December 18, 2002 Author Share Posted December 18, 2002 I gave the module a run-through on a test server, and it appears to work without any problems. Nicely done, Brian! In reference to some of the implementation choices noted in the README, following are a few suggestions that I think will make this contribution even more useful: * When mis-entering a credit card number, the returned response isn't clearly visible since it is the same black text as everything else. I think some customers may not see the text and will wonder why they were returned to a now-blank version of the same payment entry screen. I believe the original contribution by Cheng would create a red-backgrounded line across the top with the text of the error, which might be more easily noticeable by customers. * Personally, I would go ahead and display any authorization/decline information passed by Iongate. You'll notice that this information is visible in the URL anyway, so suppressing this information on the page shouldn't have any effect as far as reducing fraud. Legitimate customers will also benefit from the additional information returned by Iongate. * I use Iongate's "invoice number" field as a place to reference the order number, which can be very helpful when looking up certain information later. I think it would be great if this field were re-enabled in the Iongate payment module contribution. I hope this helps. I look forward to using this contribution on our production server soon! Justin Quote Link to comment Share on other sites More sharing options...
byarger Posted December 18, 2002 Share Posted December 18, 2002 Thanks for testing it out. As for the first comment on the misentering the credit card number, that get_error method now returns an array with a title and an error message. The checkout_payment.php script only outputs the title right now, and its in a <td> with a class of main. It seems to me a bad idea to send a title as a bunch of formatted html (<table><tr><td>TITLE...) and that the appropriate formatting should be done in the checkout_payment.php. I have added back the AUTHRESPONSE to the error message if the transaction is declined. Like you pointed out, its in the URL anyway, so might as well display it. Its not too pretty, since they send back all caps strings, but its there. I tried to add the order number as the invoiceno parameter, but I was never getting a value for it. In Cheng's he used $insert_id, but I wasn't getting a value for that either. I will do some research on this and see if we can get the order_id and put it in there. Thanks for the comments. I'll post here when I post an update. Quote Link to comment Share on other sites More sharing options...
byarger Posted December 18, 2002 Share Posted December 18, 2002 As far as I can tell the order number is not available under after the process_button code runs, which is where we would need to fill the value for invoiceno. In other modules if they have a similar field they use the date as a number to fill it. I don't really see the value in that. I was hoping to get the order number in there as well, but it appears that its not created until the order is processed. If anyone sees anything different, or a way that I can get the order number in the process_button method, let me know and I will gladly implement it. I added the AUTHRESPONSE code back to the error message, and I will re-package later tonight and re-post the contribution. Brian Quote Link to comment Share on other sites More sharing options...
byarger Posted December 19, 2002 Share Posted December 19, 2002 I have a new version ready with a couple fixes. First off the credit card validation error wasn't being displayed, which is what lead to our earlier discussion of putting formatting in the error. I fixed the bug, and now the error displays as the title (Credit Card Error) along with the error text in a red table (infoBoxNoticeContents css class). I also return the errors from iongate in this same format. It looks nice to use the same format all the time. I haven't gotten an answer on the order number, so for now the invoiceno is set to the current date down to the second. This will at least give us something to refer to that should be mappable back to the order. Quote Link to comment Share on other sites More sharing options...
Justin Posted December 20, 2002 Author Share Posted December 20, 2002 That sounds fantastic, Brian. I haven't had a chance to put the contribution into production yet, but assuming you're able to upload the new version soon, I've got some time tomorrow to get everything set up. I'll be sure to let you all know how it goes. :) Justin Quote Link to comment Share on other sites More sharing options...
byarger Posted December 20, 2002 Share Posted December 20, 2002 The latest version is there. Brian Quote Link to comment Share on other sites More sharing options...
Justin Posted December 23, 2002 Author Share Posted December 23, 2002 I installed the latest version of the Iongate module and currently have it running on a production server. Again, great work, Brian! After testing it both locally and on the production server, I have a few comments: * I'm not seeing the red text box when credit card errors are displayed. When I purposely enter an incorrect credit card number, I get a bold line at the top that says "Credit Card Error!" that is followed by two indented lines that say "The credit card number entered is invalid" and "Please check the number and try again," respectively. It would be great if we could get this error information to stand out more by displaying it in red somehow. * There doesn't seem to be any error checking to make sure the credit card type matches the credit card number. If I choose "Visa" as the credit card type but enter a Mastercard number (i.e., beginning with a "5" instead of a "4"), the order goes to the final confirmation screen anyway without any errors displayed. IONGATE will return an error eventually when clicking on the final checkout confirmation button, but the error doesn't say what the problem is -- the customer may not realize that they simply forgot to select the proper card type. It would be helpful if the payment module would perform this check ahead of time, which would save time for the customer (no need to click on the confirmation screen button only to be returned to the payment page) and also provide better error information. The check might be part of the form validation, so if the number starts with a "6" but isn't a Discover card, the error returned might be: "Incorrect credit card type. Please select the proper credit card type from the pop-up menu below." * The most essential change I can suggest would be the addition of a CVV2 field to the payment entry form. This should appear just beneath the expiration date entry field and only allow a three-digit number to be entered. This number should get passed to IONGATE as a security measure, protecting both cardholders and merchants in the process. Once a credit card is approved by IONGATE during the final checkout process, I assume IONGATE returns result values for the AVS (billing address verification) and CVV2 checks. Security would be greatly enhanced if these returned values could be stored in the database somewhere, perhaps appended to the "comments" field in the order table or as new "AVS" and CVV2" fields. That way, merchants need only take a quick look at the order via the OSC admin interface to determine how "trustworthy" recent orders are and whether the cardholders should be contacted prior to shipping. This already great payment module would be even better with these changes. Brian, if you need any further information, clarification, or other help, please don't hesitate to let me know! Justin :D Quote Link to comment Share on other sites More sharing options...
byarger Posted December 28, 2002 Share Posted December 28, 2002 I fixed a bug where the cc type wasn't being checked. There is also a new message definable for that error. As for the red box not showing up, the only thing I can think of is that we're using different versions of checkout_payment.php. I'm using the current latest version from CVS. Or if you've changed the style sheet around. The code from checkout_payment that displays the error message is: <tr class="infoBoxNoticeContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" width="100%" valign="top"><?php echo $error['error']; ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> Its the infoBoxNoticeContents that sets the background of that <tr>to #FFE6E6. If you aren't seeing that red background, then I'd check to make sure that the html produced is correct, or check the style sheet. As for the CVV2 stuff I will look into that when I get a chance. I would like to add it, and maybe adding the results to the end of the comments column wouldn't be too bad. Quote Link to comment Share on other sites More sharing options...
valeriestw Posted February 18, 2003 Share Posted February 18, 2003 Hi! I've installed your Iongate module (thank you, thank you, thank you!), and it seems to be working except that I am getting an error when I try to test using the test card number (4111111111111111). It says "Invalid Term ID." I don't know what this means, so I don't know how to fix it. It's entirely possible I've just set something up incorrectly (can you say, "novice?"), so please just let me know if that's the case. Any help would be appreciated! And THANKS SO MUCH for having put this module together in the first place. Is there someplace I can send a donation? Quote www.knownworldweb.com Link to comment Share on other sites More sharing options...
byarger Posted February 18, 2003 Share Posted February 18, 2003 The invalid term id, is a response from Io. I have found that using the testgate account lately, that is all I get back from them. I have the module running with a real iongate account, and can verify that it does work. I wish iongate would allow proper testing using the testgate account, and maybe if you called them they could give you a different test account to use, or fix the testgate account. If you are getting that error back, then the module sounds like its installed properly. The best way to test after you have an inogate account is to use your real account, and a valid cc # (like the one you are using), and then just void the transaction before it gets posted from your iongate batch. That can be done via the iongate website. I do accept donations, and thanks for asking. You can donate via PayPal here: https://www.paypal.com/xclick/business=byar...r&no_shipping=1 That link is also available in the README file that comes with the module. Let me know if you have any other problems with the module. Brian Quote Link to comment Share on other sites More sharing options...
valeriestw Posted February 18, 2003 Share Posted February 18, 2003 Okay, great. That makes sense. I will do a test with a real card number, but I'm sure you're right! One question - is there a way to change the label as it appears on the customer's payment page to say "credit card" instead of "iongate?" I think the customers will be confused by that and not know what it means. I can't tell you how much money and aggravation this is saving me! Previously, I was unable to use osc because it didn't have Iongate, and consequently went and bought a several hundred dollar shopping cart program, which has been nothing but bugs and hassles, plus I had to use a Windows server. Now I can switch to osc, get more features, get my money back on the other program and switch to my favorite host on a Unix server! Again - thank you, thank you, thank you! :) Quote www.knownworldweb.com Link to comment Share on other sites More sharing options...
byarger Posted February 18, 2003 Share Posted February 18, 2003 You should be able to change the module name and description via the includes/languages/english/modules/payment/iongate.php file. That file has most of the responses that will be generated for different errors. Quote Link to comment Share on other sites More sharing options...
valeriestw Posted February 18, 2003 Share Posted February 18, 2003 Hmm, I'm still getting the Invalid Term ID error no matter what card I use. I've tried using my own actual card with my working Iongate account, as well as both the test cards with testgate account. Do I need to go talk to Iongate? Or do you think this is something we can fix? Quote www.knownworldweb.com Link to comment Share on other sites More sharing options...
valeriestw Posted February 18, 2003 Share Posted February 18, 2003 Okay, it's definitely not Iongate - I was able to process an order normally thru another store I already have set up. So it's gotta be something in my setup. Could there be some variable I have setup incorrectly? Quote www.knownworldweb.com Link to comment Share on other sites More sharing options...
byarger Posted February 18, 2003 Share Posted February 18, 2003 I can't think of anything in setup that would give you this error. The Invalid Term ID actually comes from iongate. The best debugging I've been able to do is to look at the html source of your confirmation page (the page before you get the invalid term id error). In this source, you will see all the values that are going to be sent to the iongate server. You can look to make sure your real iongate account is being used and make sure the other values look good in the query string. If you want I will run a fake trans through your server and check it out for you and see if I see anything. Just email me with your address if its available. The testgate account always gives this error, so that is the biggest thing. If its not that, I will probably have to look at it to tell you where to look. Brian Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.