Guest Posted June 19, 2006 Share Posted June 19, 2006 Hello all I am brand new to os commerce, and bank with HSBC so decided to use their epayment ... I have zero idea where to start, if there anyone willing to either pm me with some advice / willing to assist me setting it up on my site? ( will happily pay ( not much as I am broke :()) - thanks! Mark Quote Link to comment Share on other sites More sharing options...
kev@num Posted June 22, 2006 Share Posted June 22, 2006 hello, i've managed to get the ordernumber that hsbc uses back to oscommerce, i've still gota get it to update the database, but that shouldn't be a problem, anyway, in hsbc return, after this: $CpiResultsCode=$_POST['CpiResultsCode']; i added this: global $kevorderid; $kevorderid=$_POST['OrderId']; and changed this: tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); to this: tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '&orderid=' . urlencode($kevorderid), 'SSL')); the above passes the orderID through the URL, so now, you can pick it up in checkout_success and save it in the db :D Quote Link to comment Share on other sites More sharing options...
Dean Posted June 23, 2006 Share Posted June 23, 2006 (edited) Been trying to get this working for a while now, and wondered if there is anyone who could implement this for me? I will pay of course. Please PM or email me with your costs and timescales. Thanks, Dean Edited June 23, 2006 by Dean Quote Link to comment Share on other sites More sharing options...
Guest Posted July 8, 2006 Share Posted July 8, 2006 Been trying to get this working for a while now, and wondered if there is anyone who could implement this for me? I will pay of course. Please PM or email me with your costs and timescales. Thanks, Dean Try Vger, she is very good. Quote Link to comment Share on other sites More sharing options...
joemu45 Posted July 12, 2006 Share Posted July 12, 2006 the above passes the orderID through the URL, so now, you can pick it up in checkout_success and save it in the db :D That's it! I was using the random orderid code but trying to work out a way to generate it so that it would be the same either side of the hsbc bit. Didn't realise that the orderid came back in the post variables from hsbc. Thanks Kev, problem solved. Quote Link to comment Share on other sites More sharing options...
MartinEvans Posted July 12, 2006 Share Posted July 12, 2006 That's it! I was using the random orderid code but trying to work out a way to generate it so that it would be the same either side of the hsbc bit. Didn't realise that the orderid came back in the post variables from hsbc. Thanks Kev, problem solved. This looks good, could it be posted back to the source as an enhancement? Quote Link to comment Share on other sites More sharing options...
MartinEvans Posted July 12, 2006 Share Posted July 12, 2006 This looks good, could it be posted back to the source as an enhancement? V3.2 :-)) could this be done in one step? tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '&orderid=' . urlencode($_POST['OrderId']), 'SSL')); Quote Link to comment Share on other sites More sharing options...
forzamc Posted July 27, 2006 Share Posted July 27, 2006 Hi, Ive installed the hsbc module into my store and when i try to process a transaction i get back hacking attempt any ideas? Quote Link to comment Share on other sites More sharing options...
ribs Posted July 27, 2006 Share Posted July 27, 2006 (edited) Mark, Welcome to the long winding road that is HSBC secure e-payments. The reason you are getting hacking attempt is either because you haven't successfully generated a valid hash key or the hash key hasn't been generated at all. Regards Neil Westlake Edited July 27, 2006 by ribs Quote Link to comment Share on other sites More sharing options...
kev@num Posted July 27, 2006 Share Posted July 27, 2006 V3.2 :-)) could this be done in one step? tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '&orderid=' . urlencode($_POST['OrderId']), 'SSL')); hehe, oh yes, maybe add it and make a new version! i think i needed the other bits also on my shop as i've got it running without safe mode/register globals... Hi, Ive installed the hsbc module into my store and when i try to process a transaction i get back hacking attempt any ideas? i think it does that when the hash codes don't match up correctly.. so have alook and find the info here in this thread that lets you display the hash numbers on that error page.. then you'll see if they don't match.. mine did this and i had to get a new hash code from hsbc as mine was corrupt when they tested it, although it looked like a real one even to them when i read it out.. Quote Link to comment Share on other sites More sharing options...
Guest Posted July 27, 2006 Share Posted July 27, 2006 Hi All I have a customer who has been using the HSBC module for a couple of years ok. They have now moved banks and want to set up the store with barclays payment gateway. Anyone made the switch and got any suggestions or caveats ? Any assistance appreciated, as it took long enough to get then HSBC one working!! Cheers Paul. Quote Link to comment Share on other sites More sharing options...
♥Vger Posted July 27, 2006 Share Posted July 27, 2006 Barclays ePDQ uses the same backend software as HSBC - but that's where the similarity ends. ePDQ is a totally crap system. Get your customer to get an Internet Merchant ID from Barclays and then use Protx Direct - better than HSBC or Barclays -and the customer stays on your website. Vger Quote Link to comment Share on other sites More sharing options...
The Mort Posted August 1, 2006 Share Posted August 1, 2006 Mark, Welcome to the long winding road that is HSBC secure e-payments. The reason you are getting hacking attempt is either because you haven't successfully generated a valid hash key or the hash key hasn't been generated at all. Regards Neil Westlake Quote Link to comment Share on other sites More sharing options...
The Mort Posted August 1, 2006 Share Posted August 1, 2006 Mark, Welcome to the long winding road that is HSBC secure e-payments. The reason you are getting hacking attempt is either because you haven't successfully generated a valid hash key or the hash key hasn't been generated at all. Regards Neil Westlake Hi Neil I have been struggling for days with this HSBC module but I have not even got past 'hacking attempt' yet. I have been through everything on this thread and also on the United Hosting one but don't seem to actually get anywhere. I know I could get someone to do this for me (for a fee) and I'm not being tight but I want to learn how to do it myself so that if I get asked again I know how to do it. I have put in the code so that when you get hacking attempt it shows you the problem and what I am getting is - order Hash= hash=line 1 This seems to me as if it is not getting the order hash numbers at all - can you point me in the right direction please as you seem to be one of the knowledgable ones on this HSBC thing. Many thanks Janette Quote Link to comment Share on other sites More sharing options...
♥Vger Posted August 1, 2006 Share Posted August 1, 2006 Make sure that you have put the following files into the cgi bin (permissions=755): CcOrderHash.e CcResults.e TestHash.e and make sure that with United Hosting that they have the following files loaded into the shared library files for your website: libCcCpiTools.so libstdc++-libc6.2-2.so.3 Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted August 1, 2006 Share Posted August 1, 2006 If you have access to the server logs then look at the apache error log and see if it tells you anything usefull. If you don't ask your host to monitor the log and see what error they get when you click the button. I suspect (as Vger pointed out) that there will be a .... file not found libstdc++-libc6.2-2.so.3 (or something like that). I have had a case where an earlier version of this library was installed and I had to symlink it to the above file. If this means nothing to you, then you definately need to speak to your hosting provider!!! Quote Link to comment Share on other sites More sharing options...
The Mort Posted August 1, 2006 Share Posted August 1, 2006 Make sure that you have put the following files into the cgi bin (permissions=755): CcOrderHash.e CcResults.e TestHash.e and make sure that with United Hosting that they have the following files loaded into the shared library files for your website: libCcCpiTools.so libstdc++-libc6.2-2.so.3 Vger I originally put the three .e files into /var/www/cgi-bin and in includes/modules/payments/hsbc put this as the path to it. When things wouldn't work, I wondered if this was in fact secure so decided to create a cgi-bin in the catalog folder, and put the path as https://www.*****.co.uk/catalog/cgi-bin Was either of these right? Contacted United Hosting Support and they put the lib files in the appropriate place (whereever that may be) Am I supposed to change a path somewhere to point to these lib files? Thanks Janette Quote Link to comment Share on other sites More sharing options...
♥Vger Posted August 1, 2006 Share Posted August 1, 2006 The path for the cgi-bin should be /var/www/cgi-bin or /var/www/cgi-bin/ - in my experience both seem to work fine. But you do have to make sure that permissions on them are set to 755. Make sure that you do not have 'Force Cookie Use' set to true in osC admin --> Configuration --> Sessions - because you must pass a session id to HSBC. Vger Quote Link to comment Share on other sites More sharing options...
The Mort Posted August 1, 2006 Share Posted August 1, 2006 The only one set to true in the sessions is 'prevent spider sessions' I have been back and put the three .e files into the /var/www/cgi-bin again and changes the permissions (I think I was getting the write and the execute the wrong way round - the person who told me what 755 was must have got it wrong!) anyway now I get OrderHash= hash=P6KwweH1OZYI6sngNLeBuEusflM= which I guess must be progress 'cos it is different. This is not the hash key that the bank gave us I also checked the error logs - nothing there about the lib files not being found J Quote Link to comment Share on other sites More sharing options...
Guest Posted August 3, 2006 Share Posted August 3, 2006 Hi, We are tying to go over to HSBC payments but when installing the mod i get his error Cannot redeclare class hsbc in /public_html/includes/modules/payment/hsbc.php on line 15 Any ideas anyone. many thanks in advanced! Peter Quote Link to comment Share on other sites More sharing options...
♥Vger Posted August 3, 2006 Share Posted August 3, 2006 If you are using the 3.1 version of the contribution then try using version 3.0. Don't forget that you will have to uninstall the old one from your osC admin panale and then install 3.0 after you have loaded up the files. If that doesn't work then get HSBC to issue a new hash key - they have been known to issue incorrect or corrupted hash keys. Vger The only one set to true in the sessions is 'prevent spider sessions' I have been back and put the three .e files into the /var/www/cgi-bin again and changes the permissions (I think I was getting the write and the execute the wrong way round - the person who told me what 755 was must have got it wrong!) anyway now I get OrderHash= hash=P6KwweH1OZYI6sngNLeBuEusflM= which I guess must be progress 'cos it is different. This is not the hash key that the bank gave us I also checked the error logs - nothing there about the lib files not being found J Quote Link to comment Share on other sites More sharing options...
The Mort Posted August 4, 2006 Share Posted August 4, 2006 Hi again I have uninstalled the hsbc in admin and installed version 3.0 I am now getting >>>>>>z417SQ7SNoAaD0sGsR5WbSO+qVs=<<<<<<Hacking attempt! - orderHash= hash=z417SQ7SNoAaD0sGsR5WbSO+qVs= the two numbers are identical so does this mean that my hash key is ok? Also, the client id number the bank gave us is just numerical, reading through the forums am I supposed to put UK at the beginning and GBP at the end of the number? Not that it makes a difference I have tried it all ways! My error log is showing [Fri Aug 04 09:21:34 2006] [error] [client 85.184.11.36] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:) [Fri Aug 04 15:46:57 2006] [error] [client 66.249.66.110] File does not exist: /home/virtual/site2/fst/var/www/html/robots.txt Janette If you are using the 3.1 version of the contribution then try using version 3.0. Don't forget that you will have to uninstall the old one from your osC admin panale and then install 3.0 after you have loaded up the files. If that doesn't work then get HSBC to issue a new hash key - they have been known to issue incorrect or corrupted hash keys. Vger Quote Link to comment Share on other sites More sharing options...
♥Vger Posted August 4, 2006 Share Posted August 4, 2006 Maybe you are getting confused between the 4 number User Id for accessing your HSBC terminal and the Client ID - which does start with UK and end with GBP. Vger Quote Link to comment Share on other sites More sharing options...
The Mort Posted August 5, 2006 Share Posted August 5, 2006 The Client ID was definitly only numbers, I checked with HSBC and they said it was right but that maybe oscommerce needed the letters in and I needed to contact them 'cos they could not help me. Any idea why I am still getting the hacking attempt even though the order hash numbers match? Thanks for your help J Quote Link to comment Share on other sites More sharing options...
Guest Posted August 5, 2006 Share Posted August 5, 2006 I knew I shouldn't have taken the job on to integrate HSBC e-payment into a clients oscommerce store, but stupidly I did, what a nightmare! :( Anyway, I'm getting this back after firing through a payment Hacking atempt! orderHash=F4FjM5CdsajwUPa9FxJ1YK2lMeQ= hash=QQQLvyJdIIJ/bt/2fTkgldmUH5o= cpi results code=10 Looks like the hash's aren't matching up, or something else is wrong? Can anybody suggest the next best stage of troubleshooting? If you wan't to have a look the site is https://www.chillows.co.uk - its a naked install at the moment, didn't want to install contribs and then maybe have to start again after messing with the HSBC module. I'm also wondering if there is something wrong with the certificate I have set up on the site, its running on a Virual Private Server using Plesk control panel, from there I've been able to create a self cert certificate. Hope somebody can help before I develop a hardcore gin drinking habit!!!!!! :blink: Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.