American Express payments (direct) using osCommerce

[Guest]

Hello All -

 

I'm curious if there's an existing solution to allow collection of American Express payments by connecting directly to their external payment gateway (e.g. amxvpos.com) instead of through third parties like Beanstream and IcePay. I've basically already written an amex module for my other properties that do this, but am hesitant to just jump in and add my own to osCommerce without seeing what has been done in the past. What I'm hoping is something already exists instead of having to manually insert the new payment type, verification, payment_checkout, etc etc.

 

I apologize if I'm not explaining this very well, but current cc payments are handled with beanstream, but our Amex account is separate from them, and connects to a different gateway, authentication, etc. What it's looking like to do this is I'd either have to

a ) hand 'hard code' info into payment_checkout, ccverify, etc. etc. or

b ) basically make a payment module in /includes/modules/payment from scratch.

 

Is this accurate or am I misunderstanding how osCommerce puts this stuff together?

Edited November 21, 2012 by WestTech

[Guest]

@@WestTech

 

You would need 2 files created and 1 altered.

 

1) You would need a new payment module created and uploaded to the /includes/modules/payment/ directory

2) You would need the language definition file uploaded to /includes/languages/english/modules/payment/

3) You would need to include the new module in the checkout_process.php and possibly the validation.php

 

 

In addition to the above information, if you are collecting credit card information directly on your website, you WILL NEED to be PCI DSS compliant.

 

 

 

Chris

[Guest]

Dunweb -

 

Thanks for your response. I think I understand what you're saying, I've taken a look at some of the other files in /modules/payment and english/modules/payment and to create a 'stub' handler looks pretty straightforward based on the COD examples (cod.php in both). The language files are simple enough, and the module file is mostly housekeeping in regards to button state, zone checking, and the _install function. So if I insert my code into the before_process function that looks like where most of the 'work' will get done, enable my new module, and then massage checkout_process and cc_validation into shape for the 15 digit numbers and 4 digit CVV. Transactions will work much the same as they already do (already not storing card info/PII) so that should be it in terms of PCI.

 

I was worried I was going to have to do it all from scratch (order creation, transaction tracking, cURL, etc.) but it looks like things are modular enough that I can keep my actual auth code separate in its various /modules/payment section.

[Bob Terveuren]

Hi

Set your credit fields in function selection(),

add javascript validation into the javascript function for your CVV etc,

display something in function confirmation() [you can pop the credit card fields there as an option too - see the authorizenetAIM module ],

Curl the details in before process()

 

Bob

[Guest]

Thanks for your help guys, I'll put this link to help anyone else looking to do this since this forum has pretty impressive organic SEO presence:

http://amxdocs.amxvpos.com/JAPA/

 

Example code for Amex charging in php, .net, asp classic, perl, and jsp. Handles second party, third party, and direct processing. Has examples for the PaymentClient gateway (PC) and the Virtual Payment Client (VPC). Most osCommerce operations are going to use the latter, and Second Party Charge and Authorization in a single pass. Supports all the optional fields like AirMiles.

 

It's actually just good example code in general for anyone wanting to write an Authorize/Capture styled system; I stole some structure ideas to put in non-php code.

 

EDIT-Watch out for security though; don't just throw this code in place and expect it to do everything.

Edited November 28, 2012 by WestTech