rajbangar Posted July 22, 2004 Share Posted July 22, 2004 Hi I have one issue, if a user does not return after paying on the HSBC CPI, the order does not show up in my orders. I have done Neils fix and the order numbers are correct. What can I do to resolve this. Regards Raj SimplySpice - Authentic Indian Foods & Spices Quote Raj Bangar SimplySpice the Site for People that are Passionate about Indian Cooking. Craftmango - European distributor of Scrapbook and Papercraft products Link to comment Share on other sites More sharing options...
ribs Posted July 22, 2004 Share Posted July 22, 2004 In some of my earlier findings one workaround I posted causes the above problem. You should not comment out $payment_modules->before_process(); in checkout_process.php. And in hsbc_return.php you should make sure that the checkout_success call is: tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL', false, false).'?osCsid='.$MerchantData.'&orderid='.$GLOBALS["OrderId"]); and not: if ($order_hash!=$hash) die ("Hacking atempt!"); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', false).'?osCsid='.$GLOBALS["MerchantData"]); As I had stated in earlier posts. Please accept my apologies for the confusion but these posts were done when the HSBC module was in it's infancy and I was desperate to get it working. Regards Neil Westlake www.djbox.co.uk Quote Link to comment Share on other sites More sharing options...
iantresman Posted July 23, 2004 Share Posted July 23, 2004 HSBC's generateHash function merely generates a 28-character hash. 1. Can anyone confirm that this is in fact an SHA-1 hash converted to base64. 2. In which case, PHP's sha1 function can surely be used instead? 3. How does the hash operate on an array of strings: are the strings just concatonated to produce one long string? Regards, Ian Tresman Derby, UK Quote Link to comment Share on other sites More sharing options...
Guest Posted July 25, 2004 Share Posted July 25, 2004 Well Hi! I have been plugging away, digesting this thread and poring over the documentation to get this module working. I have some input as well as some questions! Call me stupid but I didn't realise at first that the files on the HSBC CD had to be placed on my server. After reading the thread, I worked out the placements and paths, but here's what I had to figure out... Tip - read your server logs! I know it's basic, but I was stumped by my server not finding TestHash.e for ages. This leads me on to my second tip... Tip - *nix servers are case sensitive! I spent ages playing with the path to TestHash.e in the code, only to realise I was calling TestHash.e and the file in my web root was called testhash.e. Doh! Question : I am running my module on a development box at the moment, running Red Hat 9. After trying to make a card payment, I am either returned to the store with the ocs message "The transaction failed because of invalid input data." or dumped back to the login page. Would this be due to the lack of SSL? If so, can I test the install by installing OpenSSL and self-signing a certificate? I figure that if I do this, I will have all the tools I need to get it working prior to going live. Since I would only require OpenSSL for a local test of this install, is there an easier option to proceed or is SSL connection a requisite of HSBC even at the test stage? TIA! Quote Link to comment Share on other sites More sharing options...
rajbangar Posted July 26, 2004 Share Posted July 26, 2004 Hi Is anyone experiancing problems connecting to CPI today, I am getting CpiResultsCode of 10. Regards Raj Quote Raj Bangar SimplySpice the Site for People that are Passionate about Indian Cooking. Craftmango - European distributor of Scrapbook and Papercraft products Link to comment Share on other sites More sharing options...
rajbangar Posted July 26, 2004 Share Posted July 26, 2004 Please ignor my last message, i had comented out the orderid. Quote Raj Bangar SimplySpice the Site for People that are Passionate about Indian Cooking. Craftmango - European distributor of Scrapbook and Papercraft products Link to comment Share on other sites More sharing options...
rajbangar Posted July 27, 2004 Share Posted July 27, 2004 Hi Guys Firstly can I say this contribution solved a very big issue for me. Excellent contribution. I have one issue remaining. I am not using the autoincrement orderid, I am using the following in file checkout_confirmation.php $r1 = rand(1,9); $t1 = date("zHis"); $insert_id = $t1.$r1; $orderid = $t1.$r1; and in file checkout_process.php if (!$orderid) { //Generation of the order_id $r1 = rand(1,9); $t1 = date("zHis"); $insert_id = $t1.$r1; $orderid = $t1.$r1; } else { $insert_id = $orderid; } The problem I have is that checkout_process.php is unable to see the $orderid that was generated by checkout_confirmation.php, and the $orderid is recalculated giving a diferent number after the credit card is processed. I presume it is something to do with passing to the variable to the form checkout_process.php by checkout_confirmation.php. Can you help, please. Regards Raj Bangar SimplySpice (UK) Buy bargain Indian food ingredients online here Bring the taste of India to your home with SimplySpice - Indian foods & spices delivered directly to your door. Free delivery for orders over ?25 - one of the widest ranges of Indian food online. Quote Raj Bangar SimplySpice the Site for People that are Passionate about Indian Cooking. Craftmango - European distributor of Scrapbook and Papercraft products Link to comment Share on other sites More sharing options...
Guest Posted July 28, 2004 Share Posted July 28, 2004 2. the libCcCpiTools.so and TestHash.e file need to be transfered in binary mode to a folder on your server, but the libCcCpiTools.so file needs to be in /bin/lib if your php servers are set to run in 'safe' mode which does not allow you to use the $ export LB_LIBRARY_PATH=[path where you have placed both files] which is located in the hsbc.php file in /catalog/includes/modules/payment folder I may be being a bit slow here... ...but if my server says 'safe_mode off' does this mean that I can upload libCcCpiTools.so into a folder under public_html on my webserver, without access to /usr/lib? If so, that would save a lot of hassle asking my webhost to upload this file to /usr/lib for me! Quote Link to comment Share on other sites More sharing options...
volumax Posted July 31, 2004 Share Posted July 31, 2004 Hi Darkside If safe mode is off like mine then yes you dont have to put it in /bin/lib/ folder, thats what i was getting at, but then i put it in a folder outside my public viewable (www) folder, as i dont want anything but my scripts to call testhash.e (overly cautious may be but better to be safe that sorry :) ) Andy Quote Literally, Laterally Thinking! If you cannot get through it, go round it. Link to comment Share on other sites More sharing options...
Guest Posted August 3, 2004 Share Posted August 3, 2004 If safe mode is off like mine then yes you dont have to put it in /bin/lib/ folder Cheers! That's perfect... My host let's me create folders alongside /public_html/ and safe mode is off. I think everything is now working - just waiting for the SSL to go live and fingers crossed, the testing can begin! Quote Link to comment Share on other sites More sharing options...
richandzhaoyan Posted August 4, 2004 Share Posted August 4, 2004 Help needed fast Guys, I have been setup with HSBC for a few months now with a couple hundred orders have gone through succesfully - Now, its all gone for a bag of rats! As of last night the HSBC are taking the payment OK but the orders are not showing up in OScommerce Admin - Meaning people are happily paying me for stuff but I don't know what to send them..... I know Tim Elliot had a similar problem a couple of pages back but cant see an explanation of what was wrong or how to fix it! I am guessing that either HSBC or my hosts (United Hosting) must have changed something as I have not done any work at all on the site recently. If anyone out there can confirm that their system is working ok, particularly if they are hosting with UH I would appreciate it. Also, any thoughts on what might be wrong could really help out, Cheers Guys. Quote Only Dead Fish Go With The Flow...... Link to comment Share on other sites More sharing options...
rajbangar Posted August 4, 2004 Share Posted August 4, 2004 Help needed fast Guys, I have been setup with HSBC for a few months now with a couple hundred orders have gone through succesfully - Now, its all gone for a bag of rats! As of last night the HSBC are taking the payment OK but the orders are not showing up in OScommerce Admin - Meaning people are happily paying me for stuff but I don't know what to send them..... I know Tim Elliot had a similar problem a couple of pages back but cant see an explanation of what was wrong or how to fix it! I am guessing that either HSBC or my hosts (United Hosting) must have changed something as I have not done any work at all on the site recently. If anyone out there can confirm that their system is working ok, particularly if they are hosting with UH I would appreciate it. Also, any thoughts on what might be wrong could really help out, Cheers Guys. Hi Richard Just checked my system the HSBC side is working fine, looks like it is probably your Host. Regards Raj Quote Raj Bangar SimplySpice the Site for People that are Passionate about Indian Cooking. Craftmango - European distributor of Scrapbook and Papercraft products Link to comment Share on other sites More sharing options...
richandzhaoyan Posted August 4, 2004 Share Posted August 4, 2004 Hi Raj, Thanks for the speedy response, Yep, it looks as though it could be the hosts, apparently they have been doing some upgrades, according to the forum. I have just contacted them and waiting to hear back. Any thoughts on what it might have affected and how to put it right? Richard Quote Only Dead Fish Go With The Flow...... Link to comment Share on other sites More sharing options...
tlelliott77 Posted August 4, 2004 Share Posted August 4, 2004 Richard Hope you got my email. As I said, if your hosts have changed your server HSBC's DNS server doesn't seem to update very quickly. They are still working on this. The work around is to put the IP of your secure server into the CpiDirectResultUrl in hsbc.php Mine now reads: 'CpiDirectResultUrl'=>'https://67.15.54.137/~kidzdens/catalog/checkout_process.php', instead of: 'CpiDirectResultUrl'=>'https://ssl.europahosting.co.uk/~kidzdens/catalog/checkout_process.php', This has to be a temporary measure and if you confirm this is the problem I will give HSBC some more hassle about it. Hope that helps Tim Quote Link to comment Share on other sites More sharing options...
tlelliott77 Posted August 4, 2004 Share Posted August 4, 2004 Update to Richard's problem - it's a problem I had last night as well. If anyone else is finding orders not going through properly and the last order they received was order_id 2147483647 then read on. 2147483647 is the largest number that can fit into a int field in MySQL. Any order numbers above this are all put in as this number, so subsequent orders fail to get entered - duplicate order id. My order id is generated using JJJHHMMSSR JJJ = 3 digit julian day HH = 2 digit hour MM = 2 digit minute SS = 2 digit second R = Random number between 0 and 9. So at the start of day 215 in the year the order id is higher than 2147483647 and any subsequent order is entered as 2147483647 into the order_id INT(11) field. I solved the problem like this: Changed all orders_id fields in the orders tables (I think there are 6 tables that need changing) from int(11) to bigint(11). This allows higher order numbers. In orders.php and a few other files in the admin side there are references to (int)$oID. This can be changed to $oID for all cases. It seems to work for me now. Another different solution would be to change the generation of the order id so it never goes above 2147483647. Haven't come up with a suitable way yet though. Hope this helps Tim Quote Link to comment Share on other sites More sharing options...
Guest Posted August 4, 2004 Share Posted August 4, 2004 $ export LB_LIBRARY_PATH=[path where you have placed both files] My contribution has the line putenv("LD_LIBRARY_PATH=$path"); where I use $path so I can test on both a local and live server without making any changes. Is this the same line (putenv instead of $ export) in a later version of the contribution? TIA Quote Link to comment Share on other sites More sharing options...
Guest Posted August 4, 2004 Share Posted August 4, 2004 It's OK - I was being a goon and have figured out the path now! Bed time... :blink: Quote Link to comment Share on other sites More sharing options...
tlelliott77 Posted August 5, 2004 Share Posted August 5, 2004 Further update to the large integer order_id problem. I suggest that if anyone else gets this problem then they change the way they generate the order id. Instead of JJJHHMMSSR use JJJHHMMRR which will never go over 2147483647. If you do want to keep it as JJJHHMMSSR then all the (int)$order_id refeences need to be changed to $order_id for the entire site. Not a good solution but possible. I don;t know what efect this will have on operation though so can't recommend it. Tim Quote Link to comment Share on other sites More sharing options...
ribs Posted August 5, 2004 Share Posted August 5, 2004 Ok I'll hold my hands up and admit that the order_id failing was completly my fault. :( so I do appologise to everyone that has been inconvenienced by this, this was caused by the mySQL table only setup to handle values up to: 2147483647 If your looking for a solution here is one I have used: Firstly in checkout_process.php: replace if (!$orderid) { //Generation of the order_id $r1 = rand(1,9); $t1 = date("zHis"); $insert_id = $t1.$r1; } else { $insert_id = $orderid; } with // Generate Random Order ID if not already set if(!$order_id) { while (get_order_id() > 0); $insert_id = $rndnum; } else { $insert_id = $order_id; } in hsbc.php replace $r1 = rand(1,9); $t1 = date("zHis"); $sequence = $t1.$r1; with global $rndnum; while (get_order_id() > 0); $sequence = $rndnum; and finally in general.php add to the bottom. // Get a unique random number for the order id function get_order_id() { global $rndnum; $rndnum = rand(0,100000000); $query = "SELECT * FROM `orders` WHERE orders_id = ".$rndnum; $results = tep_db_query($query); return tep_db_num_rows($results); } Hopefully this will last a little longer, as long as no one reaches 100000000 orders soon that is. Regards Neil Westlake www.djbox.co.uk Quote Link to comment Share on other sites More sharing options...
Guest Posted August 6, 2004 Share Posted August 6, 2004 (edited) Hi, Can anyone tell what exactly does this error code mean? CpiResultsCode 4: The processor did not return a response. I got a response back from the CPI after submitting data to it. My generated Hask Key matches the returned results. Any ideas? Thanks, Kevin Edited August 6, 2004 by treadmill Quote Link to comment Share on other sites More sharing options...
richjboyd Posted August 9, 2004 Share Posted August 9, 2004 Hi all Sorry Kevin cannot help you with that could try the HSBC support because this looks like a CPI/API error code. Anyway I was looking for this contribution to download it under the OSC contributions section and was not able to find it. I did find 1840 "HSBC Payment Module" is this is same one, which yous are working on? If not can some one post a link to the contribution. Thanks Richard Quote Richard Link to comment Share on other sites More sharing options...
Guest Posted August 12, 2004 Share Posted August 12, 2004 OK - it's late and I am sure I am missing something but I have been all through the forum and can't get any success! What I *can* do is get to the HSBC page and all the details of the order are there! What I *can't* do is return from the page and have the order processed. All that happens is that I return to the site as a guest. As soon as I log back in, the goods are still in my basket. I suspect that this is the order ID change discusssed earlier but I followed it to the letter and still get the problems! Any clues? I am tempted to go back to a clean install and start again -can anyone summarise the changes needed above and beyond the installation changes to get an order to process? Cheers! Quote Link to comment Share on other sites More sharing options...
SauCisson Posted August 20, 2004 Share Posted August 20, 2004 (edited) Hello, After reading all the past 23 pages and installing different HSBC contributions, I am still having trouble: First: I managed to do payments using the contribution: 3 May 2004 ? HSBC payment modile: http://www.oscommerce.com/community/contri...y,1/search,hsbc The only problem I had with this one was no order was stored in the admin eShop. Second: Now, I started from scratch again and installed the contribution proposed by Jos?. http://oscommerce.qadram.com/modules.php?n...wdownload&cid=4 My actual problem is whenever clicking on the 'Confirm Order' button in my eShop, my browser will start to load the HSBC gateway (https://www.cpi.hsbc.com/servlet) but instead of connecting to it and displaying the HSBC page it goes back directly to the eShop logging page. Then if I log again, the basket stays full. I cannot find anymore information and start to be seriously confused by all the posts. I tried most of the changes proposed on the previous pages of this forum but nothing really helped! My lack of PHP programming does not help too <_< ?.slowly but surely. Do any change(s) must be made to Jos? contributions??? Thank you for a reply and all the hard works which have been put in this section. Edited August 20, 2004 by SauCisson Quote Link to comment Share on other sites More sharing options...
Guest Posted August 30, 2004 Share Posted August 30, 2004 What I *can't* do is return from the page and have the order processed. All that happens is that I return to the site as a guest. As soon as I log back in, the goods are still in my basket. After re-reading the forum again and again I have narrowed the problem down to the line in hsbc_return.php that redirects the user to the correct page. As it stands at the moment, I have: tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL', false).'?osCsid='.$GLOBALS["MerchantData"]); I still get the problem of being logged out on return to the store. It would seem that the store is losing the session information and therefore not processing the order. I have tried all the suggested variants of the above line but cannot get it to work. Any clues or trouble shooting tips greatly appreciated! Quote Link to comment Share on other sites More sharing options...
volumax Posted August 30, 2004 Share Posted August 30, 2004 (edited) Hi Darkside, I had similar problem, fixed it by adding this to the top of the hsbc_return.php file:- ?if (!empty($_POST['MerchantData'])) ?$_GET['osCsid']=$_POST['MerchantData']; ?include('includes/application_top.php'); Now the top of the file looks like this:- <?php /* ?osCommerce, Open Source E-Commerce Solutions ?http://www.oscommerce.com ?HSBC Payment Module Copyright (c) 2003,2004 qadram software ?http://www.qadram.com ?Module developed for FreeRangeKids ?http://www.freerangekids.co.uk ? ?Released under the GNU General Public License */ ?if (!empty($_POST['MerchantData'])) ?$_GET['osCsid']=$_POST['MerchantData']; ?include('includes/application_top.php'); ? ?// load selected payment module ?require(DIR_WS_CLASSES . 'payment.php'); ?$payment_modules = new payment($payment); ? ? ?reset($_POST); ?$post_2=array(); ? ?while(list($k,$v)=each($_POST)) I also removed the bit '?osCsid='.$GLOBALS["MerchantData"] so my return works with this:- if ($CpiResultsCode=='0') ? ? { ? ? ?tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); ? ? } Full File now look like this:- <?php /* ?osCommerce, Open Source E-Commerce Solutions ?http://www.oscommerce.com ?HSBC Payment Module Copyright (c) 2003,2004 qadram software ?http://www.qadram.com ?Module developed for FreeRangeKids ?http://www.freerangekids.co.uk ? ?Released under the GNU General Public License */ ?if (!empty($_POST['MerchantData'])) ?$_GET['osCsid']=$_POST['MerchantData']; ?include('includes/application_top.php'); ? ?// load selected payment module ?require(DIR_WS_CLASSES . 'payment.php'); ?$payment_modules = new payment($payment); ? ? ?reset($_POST); ?$post_2=array(); ? ?while(list($k,$v)=each($_POST)) ?{ ? if ($k!='OrderHash') ? { ? ?$post_2[$k]=$v; ? } ?} ? ?$order_hash=$_POST['OrderHash']; ?$hsbc=$GLOBALS['hsbc']; ?$hash=$hsbc->getHash($post_2); ? ? ?if ($order_hash!=$hash) die ("Hacking attempt!"); ? ? ? $CpiResultsCode=$_POST['CpiResultsCode']; ? ? if ($CpiResultsCode=='0') ? ? { ? ? ?tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); ? ? } ? ? ? ? ? $error=MODULE_PAYMENT_HSBC_TEXT_ERROR1; ? ? ? ? switch($CpiResultsCode) ? ? { ? ? ?case 1: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR1; break; ? ? ?case 2: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR2; break; ? ? ?case 3: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR3; break; ? ? ?case 4: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR4; break; ? ? ?case 5: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR5; break; ? ? ?case 6: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR6; break; ? ? ?case 7: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR7; break; ? ? ?case 8: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR8; break; ? ? ?case 9: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR9; break; ? ? ?case 10: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR10; break; ? ? ?case 11: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR11; break; ? ? ?case 12: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR12; break; ? ? ?case 13: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR13; break; ? ? ?case 14: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR14; break; ? ? ?case 15: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR15; break; ? ? ?case 16: $error=MODULE_PAYMENT_HSBC_TEXT_ERROR16; break; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? } ? ? ? ? $codes=split(",",MODULE_PAYMENT_HSBC_PENDING_CODES); ? ? ? ? ? ? if (in_array($CpiResultsCode,$codes)) ? ? { ? ? ? ? tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, 'error_message=' . urlencode($error), 'SSL', true, false)); ? ? ? ? ? } ? ? ? ? ? ? ? ?tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode($error), 'SSL', true, false)); ? ? ? ?> It seems that when returning from HSBC's site OsC cannot see the OscId therefore i would assume can link to complete sale properly and then empty basket. give the above a try and see, all I can say is that it works for me. Hope this helps Andy Edited February 15, 2005 by Johnson Quote Literally, Laterally Thinking! If you cannot get through it, go round it. Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.