Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Credit Card with CVV2 Version v2.2RC2a


jamielk

Recommended Posts

Hi

I have installed the Credit Card with CVV2 Version v2.2RC2a exactly by the directions and there was no input fields at all so I went back to my backup and started over again twice and I am still having the same problem. Not sure why any of the credit card info fields are not showing up. I am hoping someone can give me a clue.

 

I also have this Fatal Error in the admin area

 

Fatal error: Cannot redeclare class cc in /home/bsr02/public_html/bsrstore/includes/modules/payment/cc.php on line 13

 

not good at reading code below is the entire code

 

Thanks

Jamie

 

<?php

/*

$Id: cc.php 1739 2007-12-20 00:52:16Z hpdl $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2007 osCommerce

 

Released under the GNU General Public License

*/

 

class cc {

var $code, $title, $description, $enabled;

 

// class constructor

function cc() {

global $order;

 

$this->code = 'cc';

$this->title = MODULE_PAYMENT_CC_TEXT_TITLE;

$this->public_title = MODULE_PAYMENT_CC_TEXT_PUBLIC_TITLE;

$this->description = MODULE_PAYMENT_CC_TEXT_DESCRIPTION;

$this->sort_order = MODULE_PAYMENT_CC_SORT_ORDER;

$this->enabled = ((MODULE_PAYMENT_CC_STATUS == 'True') ? true : false);

 

if ((int)MODULE_PAYMENT_CC_ORDER_STATUS_ID > 0) {

$this->order_status = MODULE_PAYMENT_CC_ORDER_STATUS_ID;

}

 

if (is_object($order)) $this->update_status();

}

 

// class methods

function update_status() {

global $order;

 

if ( ($this->enabled == true) && ((int)MODULE_PAYMENT_CC_ZONE > 0) ) {

$check_flag = false;

$check_query = tep_db_query("select zone_id from " . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . MODULE_PAYMENT_CC_ZONE . "' and zone_country_id = '" . $order->billing['country']['id'] . "' order by zone_id");

while ($check = tep_db_fetch_array($check_query)) {

if ($check['zone_id'] < 1) {

$check_flag = true;

break;

} elseif ($check['zone_id'] == $order->billing['zone_id']) {

$check_flag = true;

break;

}

}

 

if ($check_flag == false) {

$this->enabled = false;

}

}

}

 

function javascript_validation() {

if (MODULE_PAYMENT_CC_CVV2 == 'True') {

$js = ' if (payment_value == "' . $this->code . '") {' . "\n" .

' var cc_owner = document.checkout_payment.cc_owner.value;' . "\n" .

' var cc_number = document.checkout_payment.cc_number.value;' . "\n" .

' if (cc_owner == "" || cc_owner.length < ' . CC_OWNER_MIN_LENGTH . ') {' . "\n" .

' error_message = error_message + "' . MODULE_PAYMENT_CC_TEXT_JS_CC_OWNER . '";' . "\n" .

' error = 1;' . "\n" .

' }' . "\n" .

' if (cc_number == "" || cc_number.length < ' . CC_NUMBER_MIN_LENGTH . ') {' . "\n" .

' error_message = error_message + "' . MODULE_PAYMENT_CC_TEXT_JS_CC_NUMBER . '";' . "\n" .

' error = 1;' . "\n" .

' }' . "\n" .

' }' . "\n";

}else{

$js = ' if (payment_value == "' . $this->code . '") {' . "\n" .

' var cc_owner = document.checkout_payment.cc_owner.value;' . "\n" .

' var cc_number = document.checkout_payment.cc_number.value;' . "\n" .

' if (cc_owner == "" || cc_owner.length < ' . CC_OWNER_MIN_LENGTH . ') {' . "\n" .

' error_message = error_message + "' . MODULE_PAYMENT_CC_TEXT_JS_CC_OWNER . '";' . "\n" .

' error = 1;' . "\n" .

' }' . "\n" .

' if (cc_number == "" || cc_number.length < ' . CC_NUMBER_MIN_LENGTH . ') {' . "\n" .

' error_message = error_message + "' . MODULE_PAYMENT_CC_TEXT_JS_CC_NUMBER . '";' . "\n" .

' error = 1;' . "\n" .

' }' . "\n" .

' }' . "\n";

}

return $js;

}

 

function selection() {

return array('id' => $this->code,

'module' => $this->public_title);

}

 

function pre_confirmation_check() {

return false;

}

 

function confirmation() {

global $order;

 

for ($i=1; $i<13; $i++) {

$expires_month[] = array('id' => sprintf('%02d', $i), 'text' => strftime('%B',mktime(0,0,0,$i,1,2000)));

}

 

$today = getdate();

for ($i=$today['year']; $i < $today['year']+10; $i++) {

$expires_year[] = array('id' => strftime('%y',mktime(0,0,0,1,1,$i)), 'text' => strftime('%Y',mktime(0,0,0,1,1,$i)));

}

if (MODULE_PAYMENT_CC_CVV2 == 'True') {

$confirmation = array('fields' => array(array('title' => MODULE_PAYMENT_CC_TEXT_CREDIT_CARD_OWNER,

'field' => tep_draw_input_field('cc_owner', $order->billing['firstname'] . ' ' . $order->billing['lastname'])),

array('title' => MODULE_PAYMENT_CC_TEXT_CREDIT_CARD_NUMBER,

'field' => tep_draw_input_field('cc_number_nh-dns')),

array('title' => MODULE_PAYMENT_CC_TEXT_CREDIT_CARD_CVV2,

'field' => tep_draw_input_field('cc_cvv2')),

array('title' => MODULE_PAYMENT_CC_TEXT_CREDIT_CARD_EXPIRES,

'field' => tep_draw_pull_down_menu('cc_expires_month', $expires_month) . ' ' . tep_draw_pull_down_menu('cc_expires_year', $expires_year))));

}

return $confirmation;

}

 

function process_button() {

return false;

}

 

function before_process() {

global $HTTP_POST_VARS, $order;

 

include(DIR_WS_CLASSES . 'cc_validation.php');

 

$cc_validation = new cc_validation();

$result = $cc_validation->validate($HTTP_POST_VARS['cc_number_nh-dns'], $HTTP_POST_VARS['cc_expires_month'], $HTTP_POST_VARS['cc_expires_year'], $HTTP_POST_VARS['cc_cvv2']);

 

$error = '';

switch ($result) {

case -1:

$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));

break;

case -2:

case -3:

case -4:

$error = TEXT_CCVAL_ERROR_INVALID_DATE;

break;

case -5:

$error = 'CVV code is 3 or 4 digits';

break;

case false:

$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;

break;

}

 

if ( ($result == false) || ($result < 1) ) {

$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($HTTP_POST_VARS['cc_owner']) . '&cc_expires_month=' . $HTTP_POST_VARS['cc_expires_month'] . '&cc_expires_year=' . $HTTP_POST_VARS['cc_expires_year'];

 

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));

}

 

$order->info['cc_owner'] = $HTTP_POST_VARS['cc_owner'];

$order->info['cc_type'] = $cc_validation->cc_type;

$order->info['cc_number'] = $HTTP_POST_VARS['cc_number_nh-dns'];

$order->info['cc_expires'] = $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'];

$order->info['cc_cvv2'] = $HTTP_POST_VARS['cc_cvv2'];

 

if ( (defined('MODULE_PAYMENT_CC_EMAIL')) && (tep_validate_email(MODULE_PAYMENT_CC_EMAIL)) ) {

$len = strlen($HTTP_POST_VARS['cc_number_nh-dns']);

 

$this->cc_middle = substr($HTTP_POST_VARS['cc_number_nh-dns'], 4, ($len-8));

$order->info['cc_number'] = substr($HTTP_POST_VARS['cc_number_nh-dns'], 0, 4) . str_repeat('X', (strlen($HTTP_POST_VARS['cc_number_nh-dns']) - 8)) . substr($HTTP_POST_VARS['cc_number_nh-dns'], -4);

}

}

 

function after_process() {

global $insert_id;

 

if ( (defined('MODULE_PAYMENT_CC_EMAIL')) && (tep_validate_email(MODULE_PAYMENT_CC_EMAIL)) ) {

$message = 'Order #' . $insert_id . "\n\n" . 'Middle: ' . $this->cc_middle . "\n\n";

 

tep_mail('', MODULE_PAYMENT_CC_EMAIL, 'Extra Order Info: #' . $insert_id, $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

}

}

 

function get_error() {

global $HTTP_GET_VARS;

 

$error = array('title' => MODULE_PAYMENT_CC_TEXT_ERROR,

'error' => stripslashes(urldecode($HTTP_GET_VARS['error'])));

 

return $error;

}

 

function check() {

if (!isset($this->_check)) {

$check_query = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'");

$this->_check = tep_db_num_rows($check_query);

}

return $this->_check;

}

 

function install() {

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Credit Card Module', 'MODULE_PAYMENT_CC_STATUS', 'True', 'Do you want to accept credit card payments?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Split Credit Card E-Mail Address', 'MODULE_PAYMENT_CC_EMAIL', '', 'If an e-mail address is entered, the middle digits of the credit card number will be sent to the e-mail address (the outside digits are stored in the database with the middle digits censored)', '6', '0', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_CC_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0' , now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, use_function, set_function, date_added) values ('Payment Zone', 'MODULE_PAYMENT_CC_ZONE', '0', 'If a zone is selected, only enable this payment method for that zone.', '6', '2', 'tep_get_zone_class_title', 'tep_cfg_pull_down_zone_classes(', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Order Status', 'MODULE_PAYMENT_CC_ORDER_STATUS_ID', '0', 'Set the status of orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Require CCV2', 'MODULE_PAYMENT_CC_CVV2', 'True', 'Require cvv2 numbers', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");

}

 

function remove() {

tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')");

}

 

function keys() {

return array('MODULE_PAYMENT_CC_STATUS', 'MODULE_PAYMENT_CC_EMAIL', 'MODULE_PAYMENT_CC_ZONE', 'MODULE_PAYMENT_CC_ORDER_STATUS_ID', 'MODULE_PAYMENT_CC_SORT_ORDER', 'MODULE_PAYMENT_CC_CVV2' );

}

}

?>

Edited by jamielk
Link to comment
Share on other sites

Anyone who records the cvv be it in the db or in the email is asking for trouble.

 

This is strictly probited and you will loose your merchant account and face stiff fines (100.000 USD ++++) if found out.

Link to comment
Share on other sites

Anyone who records the cvv be it in the db or in the email is asking for trouble.

 

This is strictly probited and you will loose your merchant account and face stiff fines (100.000 USD ++++) if found out.

 

 

Thanks for the info but I already know this and I do not store the ccv number once the transaction has taken place I remove it from the db.

 

The question is why someone has not told us what we are doing wrong so we may fix the problem.

Link to comment
Share on other sites

Thanks for the info but I already know this and I do not store the ccv number once the transaction has taken place I remove it from the db.

 

The question is why someone has not told us what we are doing wrong so we may fix the problem.

 

 

Even if you delete it after you have used it, you have still stored it in your db for the time between it being inputed till the time its deleted.

 

The websites which use CVV/CVV2 authorization correctly do not store the info at all, They use an online payment gateway which validates the CVV/CVV2 info in realtime and then store the returned cc payment code autorization number and not the CVV/CVV2 number.

 

Storing the CVV number in any form is not alowed. You can not store it in the db and you can not circumvent that by sending it by email eighter.

 

 

To repeat you can not store CVV number in an online shop for later offline processing at all.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...