Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

[Contribution] CC_CVV_start date plus credit card blacklist


Guest

Recommended Posts

Toon, have you got this line in your admin/includes/database_tables.php ; define('TABLE_BLACKLIST', 'card_blacklist');

?

Edited by pmortlock
Link to comment
Share on other sites

  • 2 weeks later...
  • Replies 311
  • Created
  • Last Reply

Top Posters In This Topic

I have a problem with credit card number collection display, the credit card number is not appearing in the admin for some reason. The code looks good to me.

 

from admin/orders.php

 

// BMC CC Mod Start

if ($order->info['cc_number'] != '0000000000000000') {

if ( strtolower(CC_ENC) == 'true' ) {

$key = changeme;

$cipher_data = $order->info['cc_number'];

$order->info['cc_number'] = changedataout($cipher_data,$key);

}

}

// BMC CC Mod End

 

from checkout_process.php

 

// BMC CC Mod Start

if ( strtolower(CC_ENC) == 'true' ) {

$key = changeme;

$plain_data = $order->info['cc_number'];

$order->info['cc_number'] = changedatain($cipher_data,$key);

}

// BMC CC Mod End

 

What can be wrong?

Link to comment
Share on other sites

fixed the non-display now it displays the encrypted number in admin.

this is admin/orders.php code I am using now ...

 

<?php

// BMC CC Mod Start

if ($order->info['cc_number'] != '0000000000000000') {

if ( strtolower(CC_ENC) == 'true' ) {

$key = changeme;

$cipher_data = $order->info['cc_number'];

// mod to pass unencrypted card numbers without scrambling them

if(strlen($order->info['cc_number']) > 20) {

$order->info['cc_number'] = changedataout($cipher_data,$key);

}

}

}

// BMC CC Mod End

?>

 

<tr>

<td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>

<td class="main"><?php echo $order->info['cc_number']; ?></td>

</tr>

Link to comment
Share on other sites

so my credit card numbers display encrypted in admin.

i just noticed the $key = changeme; which i had not changed. this is now set as $key = zxcvbn; but the same problem exists. What can this be?

Link to comment
Share on other sites

What is required if all I want is the Credit Card Blacklist from this contribution? Is it an easy thing to separate from this package or is it too involved?

 

I tried extracting the relevant portions but the readme wasn't too helpful and but upon entering the blacklisted CC number and pressing Save, all I get is:

 

Fatal error: Call to undefined function: tep_array_merge() in /home/virtual/site5/fst/var/www/html/store/admin/blacklist.php on line 27

 

I am running osCommerce 2.2-MS2 with PHP Version 4.3.3.

 

I also looked at Credit Card Blacklist by Mark Keith Evans but it doesn't have a proper install or an admin function.

 

 

Any help would be appreciated.

 

Thanks

Mick

Link to comment
Share on other sites

What is required if all I want is the Credit Card Blacklist from this contribution?  Is it an easy thing to separate from this package or is it too involved?

 

I tried extracting the relevant portions but the readme wasn't too helpful and but upon entering the blacklisted CC number and pressing Save, all I get is:

 

Fatal error: Call to undefined function: tep_array_merge() in /home/virtual/site5/fst/var/www/html/store/admin/blacklist.php on line 27

 

I am running osCommerce 2.2-MS2 with PHP Version 4.3.3.

 

I also looked at Credit Card Blacklist by Mark Keith Evans but it doesn't have a proper install or an admin function.

Any help would be appreciated.

 

Thanks

Mick

 

 

Never mind. Worked it out myself so now I have a CC Blacklist option in my toolbox that works :D

 

Mick

Link to comment
Share on other sites

I had a client today who tried to use a co-operative bank (UK Bank) visa card however the cc_validation is always saying that this is not a valid card ("The credit card number entered is invalid").

 

I tried adding the 6 digit validation "$NumberLeft6 == 454495" for the credit card number to cc-validation.php in includes/classes but it still not accepting.

 

Any ideas???

 

Thanks

 

Nick

Link to comment
Share on other sites

I had a client today who tried to use a co-operative bank (UK Bank) visa card however the cc_validation is always saying that this is not a valid card ("The credit card number entered is invalid"). 

 

I tried adding the 6 digit validation "$NumberLeft6 == 454495" for the credit card number to cc-validation.php in includes/classes but it still not accepting.

 

Any ideas???

 

Thanks

 

Nick

 

Normal cvv is 3-4 this has 6 is this correct? if so you would probably need to adjust the contrib to allow more than 4 cvv digits, this would be also a sql update to allow db to accept 6 digits also. Not much help but helps a little I hope. :thumbsup:

Link to comment
Share on other sites

if you just want to make it work you can comment the lines for the fuction

 

function is_valid() {

 

I tryed too with some valid cards and because of this function it wont accept it

I know it s an easy way out, but its better that loosing customers

hope it helps

 

 

 

j

Link to comment
Share on other sites

Normal cvv is 3-4 this has 6 is this correct? if so you would probably need to adjust the contrib to allow more than 4 cvv digits, this would be also a sql update to allow db to accept 6 digits also. Not much help but helps a little I hope. :thumbsup:

 

This 454495 is not the cvv but the first 6 digits of the credit card number

 

Thanks

 

Nick

Link to comment
Share on other sites

I am getting the following error/warning at the top of orders.php when viewing any particular order:

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/dobosdel/www/store/admin/includes/functions/database.php on line 99

 

Line 99 contains the function:

  function tep_db_fetch_array($db_query) {

    return mysql_fetch_array($db_query, MYSQL_ASSOC);

  }

 

I searched for calls to that function in orders.php and it is called 4 times.

None of these is contained within any modified code, but I have added the cc_cvv+encryption v1.7 mod which has a number of edits to the file. I have double checked the edited code and don't see anything that doesn't follow the directions. Also... the whole thing appears to function correctly except for the warning message.

 

Note: the error only appears when looking at a particular order, not looking at the main list of orders.

 

Can anyone tell me how to eliminate this? Or track down where it is coming from? Keep in mind that I am fairly new to php/programming.

 

Thanks!

Link to comment
Share on other sites

Hi all, here is something I came across today, not a problem more a mod/request to this contribution, I managed to filter an order which was scheduled for delivery but I held on, simply because I noticed that the site account holder did not match the cc holder number.

 

Wow I have never once noticed this issue before, this is a serious problem to guarantee no clawbacks by cc companies this is a problem for us.

 

My question is this is it possible to have the cc details pattern check the account holders name to match or something like this so there is a cross ref with account holder and cc holder.

 

Any input on this is appreciated.

Link to comment
Share on other sites

Hi all, here is something I came across today, not a problem more a mod/request to this contribution, I managed to filter an order which was scheduled for delivery but I held on, simply because I noticed that the site account holder did not match the cc holder number.

 

Wow I have never once noticed this issue before, this is a serious problem to guarantee no clawbacks by cc companies this is a problem for us.

 

My question is this is it possible to have the cc details pattern check the account holders name to match or something like this so there is a cross ref with account holder and cc holder.

 

Any input on this is appreciated.

 

 

Problem is, there are those who sign up with bogus names and temporary email addresses because they don't trust online businesses NOT to on-sell their details. Whilst the CC details and shipping addresses are normally correct, I have run across many in my shop who use this method of deception so I don't know how to get around this. In hindsight, you have no real method of determining that they are who they say they are anyway (eg. I could steal a CC and sign up using the name on the credit card and you wouldn't know anyway).

Link to comment
Share on other sites

URGENT! Live shop and I have just come across a problem with this contrib only started yesterday after months of running fine, I run in ssl and get payment details in admin to process cards via terminal in office k.

 

I have just started to get these instead of the cc numbers in admin orders cc details ????????, if I change encrypt cc to enable it shows the cc number, weird goings on this is not encryption, I dont know what this is any help appreciated plz.

 

Latest osc and latest of this contrib

Link to comment
Share on other sites

Hi people, a quick request really, I am trying to figure a way of checking the cc checkbox on cc card details being inputted.

 

Simply when a customer starts to insert cc details the cc checkbox is done auto for them just incase they forget.

 

Any thoughts or hel or tips where to go, get , or hack this out much appreciated.

Link to comment
Share on other sites

I have been pointed in the general direction of the checkout_payment.php file to allow a certain module selected by default could anyone elaborate, I have no idea how to enable a payment mofule as the default module.

 

I want cc to be selected as and when someone starts to enter cc details

Link to comment
Share on other sites

I'm having exactly the same problem...does anyone have any ideas on this?

 

Hi guys.

 

I've followed everything in the readme, and your advice here. The module works fine in that the orders will now go through with the additional information. But when I try to look at the order in the admin section I receive the following error:

 

1054 - Unknown column 'products_serial_number' in 'field list'

select orders_products_id, products_id, products_name, products_model, products_price, products_tax, products_quantity, final_price, products_serial_number from orders_products where orders_id = '17'

[TEP STOP]

 

Any ideas?  :unsure:

Link to comment
Share on other sites

I REALLY need help with this! I am starting to get orders and have to guess what the customer wanted because the order.php page only shows the subtotal price with no details as to products/counts/etc! Right now it's easy because I only have 7 items to start out... but this is going to be a real problem in a hurry.

 

I am getting the following error/warning at the top of orders.php when viewing any individual order:

Line 99 contains the function:

I searched for calls to that function in orders.php and it is called 4 times.

None of these is contained within any modified code, but I have added the cc_cvv+encryption v1.7 mod which has a number of edits to the file. I have double checked the edited code and don't see anything that doesn't follow the directions. The error message seems to be generated due to the codes inability to query for the items ordered.

 

Can anyone tell me how to eliminate this? Or track down where it is coming from? Keep in mind that I am fairly new to php/programming.

 

Thanks!

 

FREE PASTRIES TO ANYONE WHO CAN GET THIS PROBLEM SOLVED! :D

Link to comment
Share on other sites

Solved it - I'd done something silly and copied across more files then required - as a result I ended up with some other module's code in there that shouldn't have been. Went back through my original php files, just adding in the required modifications, and it's solved. I have another problem now though! When I view the order in the admin section, I am seeing what looks like an encrypted credit card number. Anyone got any thoughts on this?

 

I'm having exactly the same problem...does anyone have any ideas on this?

Link to comment
Share on other sites

I have another problem now though! When I view the order in the admin section, I am seeing what looks like an encrypted credit card number. Anyone got any thoughts on this?

 

I can only think of the obvious... make sure you got this line at the bottom of general.php:

 

  include('includes/functions/decrypt.php');

Link to comment
Share on other sites

I am getting the following error/warning at the top of orders.php when viewing any particular order:

Line 99 contains the function:

...

 

Fixed my problem... somehow managed to delete a query line near the bottom of the admin...orders.php file. :-"

Link to comment
Share on other sites

  • 1 month later...

I read the whole forum in regards to the issue with American Express 4 digit CVV not being accepted correctly. I tried changing the length of the CVV but then it wouldn't accept 3 digit CVV for Visa, Mastercard, etc. I changed this in catalog\includes\modules\payment\cc.php

 

Find in the function javascript_validation:

  '  if (cc_cvv == "" || cc_cvv.length != ' . CC_CVV_MIN_LENGTH . ') {' . "\n" .

  '    error_message = error_message + "' . MODULE_PAYMENT_CC_TEXT_JS_CC_CVV . '";' . "\n" .

  '    error = 1;' . "\n" .

 

And replace with:

  '  if (cc_cvv == "" || cc_cvv.length < ' . CC_CVV_MIN_LENGTH . ' || cc_cvv.length > 4) {' . "\n" .

  '    error_message = error_message + "' . MODULE_PAYMENT_CC_TEXT_JS_CC_CVV . '";' . "\n" .

  '    error = 1;' . "\n" .

 

This makes it so that if the CC_CVV_MIN_LENGTH is 3, the CC_CVV has to be between 3 and 4 and not null (blank) to be accepted. I'm not sure if this is best way to fix the problem, but it is working for me now.

 

-Matt

Link to comment
Share on other sites

Hope this helps someone:

 

I installed this module and all was well except that it wasn't recording the start date, CVV or issue number. I was pulling my hair out then realised that I am running a version of MS2.2 with the register_globals off mod.

 

To fix this simple find the following in your modded catalog/includes/classes/order.php:

 

// >>> BEGIN REGISTER_GLOBALS
      link_post_variable('cc_type'); 
      link_post_variable('cc_owner'); 
      link_post_variable('cc_number'); 
      link_post_variable('cc_expires'); 
      link_post_variable('comments'); 
// <<< END REGISTER_GLOBALS

 

and simply add:

 

       link_post_variable('cc_start'); 
      link_post_variable('cc_issue'); 
      link_post_variable('cc_cvv');

 

All fixed!

 

What a relief!

 

-Christian

Link to comment
Share on other sites

  • 4 weeks later...

Hi guys,

1st off many thanks for this cnntribution, after some script checking I have been able to remove all the instances of the serial number contribution that is in the 1.7 d/l.

 

My question is to do with the Start & expiry dates.

I have read & found that if the dates are not changed then these dates are not updated. I have been testing this & found this to be true causing the error that the credit card is not accepted. I have tested with a card that has the an expiry date Jan 07 I change the year but kept Jan... Error, however if I changed Jan to Feb fine.

 

Did anybody find a solution to this?

 

I am not a coder, but could it be possible to have the 1st option in the dropdown lists as 'Please Select' & then when you click this you would select the required dates & therefore fill in an entry into the fields

 

If someone thinks this might work, if you can point me in the right direction I will be willing to have a go (and probably break it a few times LOL)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...