Jump to content
Sign in to follow this  
scottymcloo

Worldpay Support

Recommended Posts

I think all it needs is for checkout_process to make a provisional entry in the database before payment and then to update or delete that provisional entry after payment.

 

On the face of it, it would just need small changes to checkout process. ie. add or change a flag in the existing order update sql and to move the payment module call down to below the order entry but above the email notification and to add a small sql to update or change the flag initially set....

 

Anyone want to try it!


Ian-san

Flawlessnet

Share this post


Link to post
Share on other sites

There a two reasons for discontinuities between WorldPay payments & OSC orders:

 

1) The callback handler on OSC called by WorldPay fails. When this happens you receive an email from WorldPay telling you that the callback may have failed. You can then try and go about the process of finding the customers original order (either by phone or using the order contribution). This is sometimes occurs for 'techincal reasons' and happens quite rarely.

 

2) The callback handler page fails to redirect for any one of a number of reasons after the WorldPay payment process. When this happens you don't get a notification. You can only discover this problem by manually cross-check orders & payments. This typically occurs for 'human reasons' and happens quite often (1 in 15 in my experience!).

 

So the idea is that the business logic which is currently contained in checkout_process and is called as a seperate process after the callback handler, should really be incorporated as part of the callback handler. This is the way that WordPay is designed to operate.

 

I am not sure where the idea that the callback handler is processed by WorldPay and not OSC came from, which would preclude this option, but from what I understand clearly this is not the case.

Share this post


Link to post
Share on other sites
So the idea is that the business logic which is currently contained in checkout_process and is called as a seperate process after the callback handler, should really be incorporated as part of the callback handler. This is the way that WordPay is designed to operate.

 

In theory you might think that you could just copy and paste in the checkout process code (excluding the call to the payment module) into wpcallback (success option) and not redirect at all.

 

But I do not think that it will work as this code is trapped in a WP frame as if it is running on the WP server - not your own - and so it cannot perform the database updates, check OSCIDs etc.


Ian-san

Flawlessnet

Share this post


Link to post
Share on other sites

I am almost certain that WordPay doesn't wouldn't process somebody else's PHP script (which is what you seem to be suggesting) for several reasons:

- Not least the secuirty implications of running potentially 'rogue' scripts

- Having the right version of PHP with the right extensions etc etc.

- And finally the most fundemental of facts - if you have set up PHP properly on your machine *nobody* should be able to download any file with a .php ending unprocessed.

 

What I believe is happening is that WorldPay's server is calling your PHP page from their own server and then using the response from that to deliver the webpage. Hence the PHP is processed on your server just like any other PHP, but WorldPay are giving the appearance that their machine is really doing the work.

Share this post


Link to post
Share on other sites
What I believe is happening is that WorldPay's server is calling your PHP page from their own server and then using the response from that to deliver the webpage. Hence the PHP is processed on your server just like any other PHP, but WorldPay are giving the appearance that their machine is really doing the work.

 

Agreed - in a test, I was able to update the database during a callback. The only problem is that WP seems to create a 'clean' copy of your script - like a search engine - so it doesnt have all the global variables. To make the wpcallback script perform the checkout, you would have to pass all the global variables / parameters through WP but in theory at least it must be possible. If that was done, you wouldnt need to have the redirect at all.


Ian-san

Flawlessnet

Share this post


Link to post
Share on other sites

Bear in mind that the way that it currently works the callback page already passes across all of the variables that the checkout_process page needs (otherwise it wouldn't work with the existing code).

 

From having a brief look it seems as if only the cart id gets passed, and the session id gets dropped. I am looking into integrating the code now, to do away with the troublesome redirects, but I'm not too familiar with the code so it may take a while to figure how its working and what I need to change.

Share this post


Link to post
Share on other sites

Okay here is the code which should help overcome the redirect problems in WorldPay since the order processing now occurs as part of the callback (where it is supposed to occur). I haven't had time to beautify the code yet, so it ain't pretty. Constructive critism and/or comments for improvement are welcomed. In fact any feedback is appreciated! There are only two files to modify:

 

Modifications to wpcallback.php:

================================

 

At the very top of the file after the comments add the following:

$HTTP_POST_VARS['osCsid'] = substr($cartId, (strpos($cartId, '=') + 1), (strlen($cartId) - strpos($cartId, '=') - 1));

include('checkout_process.php');

 

Then comment out this near the top of the file:

require('includes/application_top.php');

 

Change the first redirect variable definition to the following (tip: search for the first occurence of '$url'):

$url = tep_href_link(FILENAME_CHECKOUT_SUCCESS, $cartId, 'NONSSL', false);

 

Modifications to checkout_process.php:

======================================

 

Near the top of the file change the 'tep_redirect' statements to 'include' statements as follows (tip: search for the first four occurences of 'tep_redirect'):

include(FILENAME_LOGIN);

exit();

 

include(FILENAME_CHECKOUT_PAYMENT);

exit();

 

include(FILENAME_CHECKOUT_PAYMENT);

exit();

 

include(FILENAME_CHECKOUT_SHIPPING);

exit();

 

Near the very bottom of the file comment out these lines:

tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));

require(DIR_WS_INCLUDES . 'application_bottom.php');

 

Hope this helps. Enjoy!

Share this post


Link to post
Share on other sites

Opps missed a line in wpcallback.php

 

Change (use search to find the right line!):

<tr align="right"><td><?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', false) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?><td></tr>

to:

<tr align="right"><td><?php echo '<a href="' . $url . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?><td></tr>

 

Sorry about that...

Share this post


Link to post
Share on other sites

Oh dear it's getting late. I've found the first major (and obvious) bug:

 

Change the code at the 3 lines after the comments at the top of wpcallback.php to the following if...else statement (otherwise orders go through regardless of whether the payment transaction suceeds - BAD!!!):

 

if(isset($transStatus) && $transStatus == "Y") {

$HTTP_POST_VARS['osCsid'] = substr($cartId, (strpos($cartId, '=') + 1), (strlen($cartId) - strpos($cartId, '=') - 1));

include('checkout_process.php');

} else {

require('includes/application_top.php');

}

 

In can appreciate that these modifications are become (increasingly) difficult to follow. Perhapes somebody may consider rolling these back into the main contribution and/or summarising these changes more elegantly than I can. I'll leave any other bugs out there to you guys - I'm off to bed...

Share this post


Link to post
Share on other sites

How can we capture and record into the database the worldpay transId?

Has anyone done this and if so what were the code changes necessary to effect this.

 

Any help is appreciated.. Thank you

Share this post


Link to post
Share on other sites

Ben

 

Many thanks for this - it looks good. One issue might be that not everyone is using just WorldPay so any changes to checkout_process needs to allow for this. I think it only affect the change to tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));

require(DIR_WS_INCLUDES . 'application_bottom.php'); .

 

You seem to have made a big step forward here - well done.

 

Hostman

 

It is quite easy to do - it will just need a new field in the database. Maybe someone could try to incorporate this change in the next release?


Ian-san

Flawlessnet

Share this post


Link to post
Share on other sites

Thanks. You were quite right to mention that the small changes to checkout_process.php will stop other payment modules from working properly.

 

The easiest way to deal with this problem is to make a copy of the file checkout_process.php and the to make the small modifications to that file and then to call that file instead from wpcallback.php. This way it will happily coexist with other payment modules.

 

It's also not really necessary to change the 'redirects' at the top of checkout_process.php to 'includes' because these represent safeguards that will only ever get called when the file is processed outsight of the proper framework and not through WorldPay.

Share this post


Link to post
Share on other sites

The best way to deal with this problem would be to pop another variable into the session (or rather the HTTP_POST_VARS) in wpcallback.php which would be checked in a simple if... then statement in checkout_process.php. This way you wouldn't have to copy any files or create any new database entries.

 

I will see if I have a chance to make this change, and to tidy the code in a couple of other areas too, next week.

Share this post


Link to post
Share on other sites

Thanks Ben - some of us have become very cautious about making changes to WP given that it has had unpredictable results in the past.

 

I think we are getting close to a stable version here.

 

Remember that checkout_process knows which payment module is being used as it is a registered global - you would only need to add an if statement to test for MODULE_PAYMENT_INSTALLED == worldpay I think?


Ian-san

Flawlessnet

Share this post


Link to post
Share on other sites

Hi - I haven't picked up all the detail in this thread, but the problem with the SID for Worldpay callback is easily handled by this code in worldpay.php........

 

    $worldpay_callbackURL = ereg_replace("^(.{4,5}://)","",(getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER));

   $worldpay_sid = tep_session_name() . '=' . tep_session_id();

   $process_button_string = 

tep_draw_hidden_field('MC_callback',$worldpay_callbackURL.DIR_WS_CATALOG.'wpcallback.php?'.$worldpay_sid) .

 

You just need to ensure that your callback settings within WorldPay admin are for MC_callback, not a fixed URL - this allows for payment from multiple locations then !

 

Also you can have both Auth and PreAuth accounts active - you will need to pass the accId1 as well as the instId to WorldPay.

An interesting point with WP is that you can also pass any currency you like to it - if you have an account set up for that, it will use it, if not the transaction will get converted for you !

I did some work along with Graeme Simms some while back on WorldPay, if anybody is interested I can post out my code, which is working OK :wink:

 

Thanks.

Share this post


Link to post
Share on other sites
How can we capture and record into the database the worldpay transId?

Has anyone done this and if so what were the code changes necessary to effect this.

 

Any help is appreciated.. Thank you

 

I just took a quick look, and all of that can be accomodoated within worldpay.php under function after_process() {}

It would require an amendment to the orders table to hold the value and order reports would need to be changed to show it too.

Case of do we do it - is it worth it :?:

Share this post


Link to post
Share on other sites

Just a note of caution regarding these changes. I receive about 3/4 mails per week from users having difficulty installing the WP module. Almost every one is an easy fix, however, I caution about making the installation too difficult (ie chanigng tables, etc)

 

Graeme

Share this post


Link to post
Share on other sites
....etc

 

Ritchie, I am not sure if you have seen the latest version of the WP mod - MS1 - this uses a dynamic callback and allows for self-defined currencies.

 

All

 

We seem to have at least 3 themes running through this thread and my brain hurts! :bomb:

 

So we dont lose this useful information and get totally confused, can I suggest that you make recommendations for code changes against the latest version and that scottymcloo acts as arbiter for the official version (if he is willing that is!)?


Ian-san

Flawlessnet

Share this post


Link to post
Share on other sites
Also you can have both Auth and PreAuth accounts active - you will need to pass the accId1 as well as the instId to WorldPay.

I think this is automatically done from the instId.

Share this post


Link to post
Share on other sites

Ok,,

 

Just been reading thoruhg the last five pages, heres my problem:

 

I have a shop that uses both worldpay and paypal and check payment. Was having the majour problem with teh worldpay moduale that it was going to the worldpay server ok, but was not entering the orders into the Database.

 

Can someone just confirm to me all of the changes that have been made thorugh this post and what they do?, ive tried changing my worlpay files, can i still accpet paypal and via check?

 

Running the latest version or the worlpay module with the changes suggested in this thread.

 

Cheers, :)

 

Andrew Slater

 

http://www.wickedshop.net/catalog/

Share this post


Link to post
Share on other sites

The changes that I suggested should be used with caution. This is because changes are made to a file that is used by all of the payment modules, namely checkout_process.php, and at the moment these changes will break other payment modules. It's not too difficult to fix this problem, it's just that I haven't got around to doing it yet (my site only uses WorldPay).

 

This code was posted as a means of demonstrating that the WorldPay module can be improved in such a way as to no longer require the redirects. You should really wait until these changes are released as part of the main contribution before using them. If you do want to use the changes suggested my by me in the mean time then you should probably copy the checkout_process.php file and make the changes to that file instead (as suggested in an earlier post). You will also need to reference this newly copied file instead from wpcallback.php.

 

Prior to this fix I was also having major problems with disappearing orders. For me, at least, these problems were almost always due to problems with the redirects and not callback failures (when callback failures occur WorldPay should send you an email to tell you). Hence my suggested modifications should *hopefully* solve this problem for you and other users too.

Share this post


Link to post
Share on other sites

Would there be any simple code just to input the order nito the DB and send the admin e-mail before they get to the worldpay server,, when i can check with worldpay admin to see if they have paid or not?

 

Also when will the next version of this worldpay moduale be released?

 

Cheers,

Slater

Share this post


Link to post
Share on other sites

If you fill in the "send extra order e-mails To" box in store configuration to your own e-mail address, you will get a copy of the order sent to you as well as your customer.

 

I use this, and have never missed an order, and it solves all the other problems presented here.

 

Why do you ask when the next module will be released?? The current one is stable and works well, taking into account all the different requirements, I have no plans to change it - While some users have different requirements and needs, a stable working module is a basis for addons that they can add to their own module. So therefore I suspect the next release will be with MS2!

 

Graeme

Share this post


Link to post
Share on other sites

Well Graeme, I think you are in the minority. I have the extra email setting in use too but it doesn't get sent if there is a problem as there is in 10% of cases.

Share this post


Link to post
Share on other sites

I did some work on Graeme's WorldPay module to hide the actual WorldPay payment page. Everything is now handled within osc. On success the callback module will handle further pages, on failure I call the checkout page again. After reading through the forum I recognized that there might be a problem with WP transactions and the osc database. I will look into this and maybe integrate that into my wp handler.

Is there any interest in having such a 'hidden' worldpay module at all?

I better forward the code to Graeme and he might use it for future release.

 

Gunther

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×