Jump to content
rlangton

Sage Pay Server

Recommended Posts

Hi,

 

Have installed the new Sage Pay Server contribution (http://www.oscommerce.com/community/contributions,6984) which seems to be working well, but have had a couple of issues with it:-

 

1. All works fine in test, but when changing the Transaction Server to 'Production' in admin you get redirected to checkout_payment.php with an error message rather than the Sage Pay card input screen.

Problem seems to lie with the value of MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_SERVER - The values in the configuration table are Production, Test or Simulator, however line 249 in includes/modules/payment/sage_pay_server.php is looking for a case of 'Live' as the value, not Production.

2. With low profile pages, after inputting 3D secure details in both test and live the Sage Pay pages leave the iframe - not a problem if the transaction is successful, but if it fails you get redirected back to the low profile version of the card input screen full page (rather than in the iframe)

Assume this is an issue with Sage Pay's custom templates, if I switch the custom payment pages off within My Sage Pay this problem doesn't occur. (which seems odd as i've not made any changes to the low profile pages in the custom template) - think i need to check i've got the latest version of the custom templates from Sage Pay.

3. Values from order total modules don't seem to be being passed to sage pay, customers are being charged the full amount without any reward point/coupon discounts being taken off.

Editing checkout_process.php and moving the following lines to before the $payment_modules->before_process(); line seems to solve the problem:-

 

require(DIR_WS_CLASSES . 'order_total.php');

$order_total_modules = new order_total;

 

$order_totals = $order_total_modules->process();

 

Not sure if this is necessarily recommended, but seems to work for me.

4. Would be good if the transaction values (VPSTxId, AddressResult, CV2Result etc) we're stored in the database somewhere.

Made a quick and dirty fix for this, which isn't fully tested, but can pass details on if anybody would find it useful.

 

With those few problems fixed, all seems to be working fine. Great contribution and just what we've been after.

 

Cheers,

Ross

Share this post


Link to post
Share on other sites

Found another issue (which I think is probably down to Sage Pay)

 

Customers are unable to use UK Maestro cards, the following error is shown in My Sage Pay (both test and live)

 

"Transaction completed but Vendor systems returned INVALID or ERROR in response to notification POST. Transaction CANCELLED by the Vendor. "

 

Looks like the VPSSignature value returned by Sage Pay in the final part of the transaction doesn't match up with the md5 hash of $sig which is causing an INVALID status being returned to Sage Pay and the transaction being cancelled (even though the transaction seems to have been authorised OK by Sage Pay)

 

This only seems to be happening on UK Maestro cards, all others seem to be OK.

Share this post


Link to post
Share on other sites

Hi Ross..

 

Thanks for your feedback!

 

1. This is a confirmed bug and an updated version of the Sage Pay modules will be pushed out shortly.

 

2. This could very well be due to an outdated template you are using. It would be great if you could confirm this.

 

3. This bug was fixed in 2.2 RC1 with the exact solution you have posted :-) We will make a note of this in the documentation.

 

4. The modules will definitely provide more advanced features in v3.0. It won't be possible for v2.2 as core source code changes are required. This could be taken care of with an add-on though.

 

5. The problem with the signature is being looked into.

 

Kind regards,


:heart:, osCommerce

Share this post


Link to post
Share on other sites

Hi Ross..

 

The Sage Pay Form, Sage Pay Server, and Sage Pay Direct payment modules have been updated with bugfixes you described above.

 

http://addons.oscommerce.com/service/sage_pay

 

The update to Sage Pay Server also fixes the signature issue you were experiencing with Maestro cards. The verification of the CardType value did not include SWITCH which the gateway was returning as this was not mentioned in the API integration documentation. Sage Pay have made a note of this and will make an update to their documentation.

 

Thanks again for your feedback!

Edited by Harald Ponce de Leon

:heart:, osCommerce

Share this post


Link to post
Share on other sites

Hi Harald,

 

Version 1.1 seem to be working fine. Thanks for releasing the update so quickly.

 

I've downloaded the custom templates from the Sage Pay website and have sent unmodified versions back to Sage Pay to upload to our test account. I'll let you know if that solves the iframe issue once they've uploaded them.

 

Thanks again.

 

Cheers,

Ross

Share this post


Link to post
Share on other sites

Hi Ross,

 

Could you message me your vendorname and I will get your custom template added as priority to test this.

 

Many thanks,

 

John.

Share this post


Link to post
Share on other sites

The new custom templates have solved the problem mentioned in point 2.

 

Thanks John and Harald for getting these issues sorted out so quickly. Everything seems to be working fine now.

 

Cheers,

Ross

Share this post


Link to post
Share on other sites

Hi I have installed the server module and I get this error when in low mode after clicking cancel

The Vendor failed to provide a RedirectionURL
How would I fix this? Edited by jonathanbastin

Share this post


Link to post
Share on other sites

Testing Profile Payment Page: "Normal" and getting the following response from SagePay when cancelling the transcaction:

 

HTTP Status Code: 500

HTTP Status Message: The request was unsuccessful due to an unexpected condition encountered by the server.

Error Code : 5006

Error Description : Unable to redirect to Vendor's web site. The Vendor failed to provide a RedirectionURL.

 

Does anybody else see this, can you let me know what the fix is please?

 

Thanks.

Share this post


Link to post
Share on other sites

im having the same problem, i have phoned sage pay, searched on google and combed this forum and sagepay forum, but i still cant find out what to do, i cant even see where on the module you can put in a url.

 

am at a loss....

 

Im not even canceling the transaction, i get to the 3D page and it wont process any further

Share this post


Link to post
Share on other sites

The redirection url is defined in catalog/includes/modules/payment/sage_pay_server.php as either:-

 

tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);

 

or

 

tep_href_link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);

 

or

 

tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&key=' . md5($sage_pay_server_securitykey) . '&VPSTxId=' . $HTTP_POST_VARS['VPSTxId'] . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);

 

Might be worth checking in catalog/includes/filenames.php to make sure that FILENAME_CHECKOUT_PAYMENT and FILENAME_CHECKOUT_PROCESS are defined (although can't see why they wouldn't be unless you've got a non-standard checkout module installed)

 

All the redirection URL's are SSL, so it might be worth checking your SSL settings in catalog/include/configure.php

Share this post


Link to post
Share on other sites

Did you try testing on the sage simulator? The sage error codes are explained on this page and it says

 

ERROR: Unable to redirect to Vendor's web site. The Vendor failed to provide a RedirectionURL. The NotificationURL code on your site site should respond with a Status field, and a RedirectURL (a final page to which you'd like your customer sent once payment is complete). If your Notification page is crashing, you will receive this error. Check your code to ensure you are handling all possible POSTs from VSP Server (use the Simulator to test them all if you are unsure).

I'm feeling lucky today......maybe someone will answer my post!

I do try and answer a simple post when I can just to give something back.

------------------------------------------------

PM me? - I'm not for hire

Share this post


Link to post
Share on other sites

Assuming you're trying to get this working on a test site, are there any access controls set up (password protected, firewall rules etc) that would prevent the sagepay server accessing your site?

 

Our test site is password protected and I get a similar error until I disable the password protection.

Share this post


Link to post
Share on other sites

No passwords or anything and I spent 30 mins on the phone to Sagepay checking the URLs I was sending and all checked out fine so they have escalated it to the next level.

Share this post


Link to post
Share on other sites

I think I am making headway on this. I believe it is ether to do with the module creating the wrong redirect URL or that the checkout_process.php is the correct please to redirect to but the checkout_process.php isn't processing it correctly.

Share this post


Link to post
Share on other sites

I have resolved this issue on my website please read you may have the same problem.

 

I purchased a SSL certificate while I had this problem with my sagepay form hoping the server module would resolve the redirection URL error unfortunately it did not.

I resolved the 5999 error by reinstalling the server module however even by using the iframe module i still get the 5006 module.

 

AH! I finally resolved the problem! SEO URL's is incompatible with this module. I checked the URL before I checked out and I saw that the redirected URL was different to the outgoing URL. SEO URLs must modify the URL all the time, this is why most of my customers were redirected to another page! If anyone is presented with the 5006 error and they have SEO URLs Installed, you may want to uninstall the module and test again.

 

This means bad for my SEO as some of my pages have google page rank 1, so I will have to try and see if the new update of SEO URLs is compatible with this module, thanks anyway for the help!

Share this post


Link to post
Share on other sites

 

Having the session id sent back is normal behaviour of the module. I assume your shop is located in /catalog and not route? Interesting post from Rebellion1986 that seo urls is incompatable - you could try postng on the support thread for that module to see if there is a solution. I am a little puzzled why checkout_process would be seo url'd as it's hardly a page that would be indexed by google.


I'm feeling lucky today......maybe someone will answer my post!

I do try and answer a simple post when I can just to give something back.

------------------------------------------------

PM me? - I'm not for hire

Share this post


Link to post
Share on other sites

I have resolved this issue on my website please read you may have the same problem.

 

 

 

AH! I finally resolved the problem! SEO URL's is incompatible with this module. I checked the URL before I checked out and I saw that the redirected URL was different to the outgoing URL. SEO URLs must modify the URL all the time, this is why most of my customers were redirected to another page! If anyone is presented with the 5006 error and they have SEO URLs Installed, you may want to uninstall the module and test again.

 

This means bad for my SEO as some of my pages have google page rank 1, so I will have to try and see if the new update of SEO URLs is compatible with this module, thanks anyway for the help!

 

In any version of Seo Urls the W3C option will cause issues with redirects .. in USU5 this is handled by modifying the tep_redirect() function BUT if a script .. like a payment module uses it's own header redirect or return url then the W3c option should be reversed.

 

To use one of the original posters examples ..

 

tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&key=' . md5($sage_pay_server_securitykey) . '&VPSTxId=' . $HTTP_POST_VARS['VPSTxId'] . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);

 

Would be changed to ..

 

str_replace( '&', '&', tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&key=' . md5($sage_pay_server_securitykey) . '&VPSTxId=' . $HTTP_POST_VARS['VPSTxId'] . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false) );

 

Note: I am not saying that this is the one to change just showing how to change it.

 

A simpler example is ..

 

str_replace( '&', '&', tep_href_link( FILENAME_WHATEVER, 'something=xxx&else=yyy' ) );

 

Alternatively just turn off the W3C option.

Edited by FWR Media

Share this post


Link to post
Share on other sites

In any version of Seo Urls the W3C option will cause issues with redirects .. in USU5 this is handled by modifying the tep_redirect() function BUT if a script .. like a payment module uses it's own header redirect or return url then the W3c option should be reversed.

 

To use one of the original posters examples ..

 

tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&key=' . md5($sage_pay_server_securitykey) . '&VPSTxId=' . $HTTP_POST_VARS['VPSTxId'] . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);

 

Would be changed to ..

 

str_replace( '&', '&', tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&key=' . md5($sage_pay_server_securitykey) . '&VPSTxId=' . $HTTP_POST_VARS['VPSTxId'] . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false) );

 

Note: I am not saying that this is the one to change just showing how to change it.

 

A simpler example is ..

 

str_replace( '&', '&', tep_href_link( FILENAME_WHATEVER, 'something=xxx&else=yyy' ) );

 

Alternatively just turn off the W3C option.

 

Thank you FWR Media.

 

what else would need modifying? this would be very helpful to those who would use these type of payment checkouts. I have enabled the SEO URLS module and set [Output W3C valid URLs (parameter string)? False] Is this correct? Also is there anyway in leaving the cart intact while the rest of the website has SEO URLS enabled?

 

Regards,

 

Rebellion.

Share this post


Link to post
Share on other sites

Thank you FWR Media.

 

what else would need modifying? this would be very helpful to those who would use these type of payment checkouts. I have enabled the SEO URLS module and set [Output W3C valid URLs (parameter string)? False] Is this correct? Also is there anyway in leaving the cart intact while the rest of the website has SEO URLS enabled?

 

Regards,

 

Rebellion.

 

By (has SEO URLS enabled) I assume you meant W3C enabled. I have already shown you how to do that with str_replace( '&', '&'

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×