♥Vger Posted August 25, 2006 Share Posted August 25, 2006 You are not going to get this to work unless you have the right files in the right place. Some of this is down to you, some of it is down to your hosting company. 1. You need to place the following files in the cgi-bin and set to 755 permissions: CcOrderHash.e CcResults.e TestHash.e 2. Your web hosting company must have these files in the Shared Library folder: libCcCpiTools.so libstdc++-libc6.2-2.so.3 Vger Quote Link to comment Share on other sites More sharing options...
ribs Posted August 25, 2006 Share Posted August 25, 2006 Hi, If they don't match then that's the problem. The hacking attempt it only displayed if either the hash doesn't match or doesn't get generated (which is basically the same thing as it doesn't match). It's not uncommon for HSBC to issue incorrect HASH keys, check to make sure the hash key you entered is exactly the same as the one provided by HSBC as even a one character difference will cause this problem. Neil Westlake Quote Link to comment Share on other sites More sharing options...
pab Posted September 1, 2006 Share Posted September 1, 2006 Hi, I have got fraudshield problems. Everything appears to work fine up to the point where I am returned from HSBC to my site. Then all transactions are rejected with the message ?The transaction was rejected by Fraudshield.? I have tried the 4111 test card number and various real card numbers and all the addresses have a number in the first line, but I always get the same result. Does anyone know what triggers fraudshield, I am struggling to know where to start! Regards Paul Quote Link to comment Share on other sites More sharing options...
jhdesign Posted September 6, 2006 Share Posted September 6, 2006 Hi, If they don't match then that's the problem. The hacking attempt it only displayed if either the hash doesn't match or doesn't get generated (which is basically the same thing as it doesn't match). It's not uncommon for HSBC to issue incorrect HASH keys, check to make sure the hash key you entered is exactly the same as the one provided by HSBC as even a one character difference will cause this problem. Neil Westlake Neil, I've added the orderHash code and this does not match the Hash Key in my HSBC module setup, does this mean that my Hash Key is incorrect? I get this: Hacking atempt! - orderHash=x/a8oTp8HwS6ERTTqX0Ps/6Qcts= hash=line 1 still trying to find out if host has all the shared libraries needed. jacob Quote Link to comment Share on other sites More sharing options...
Guest Posted September 6, 2006 Share Posted September 6, 2006 Following our server being rebooted we're getting hacking attempt warnings coming up (except that I've edited the text so its less scary for customers). Since it was previously functioning I know that the hash key is ok, so what else could be causing the problem? Quote Link to comment Share on other sites More sharing options...
ribs Posted September 6, 2006 Share Posted September 6, 2006 Lynda, We had a similar problem a while ago when one of servers rebooted the time was an hour out. Check to make sure the time on the server is correct as HSBC only allow a 1 hour difference. Saying that, this normally causes an invalid data error. Neil Westlake Quote Link to comment Share on other sites More sharing options...
♥Vger Posted September 6, 2006 Share Posted September 6, 2006 (edited) Lynda - just Rebooted? or Restored? If Restored then the necessary shared library files may no longer be in place - if they were not a default part of the shared library files originally. Rhea Edited September 6, 2006 by Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted September 6, 2006 Share Posted September 6, 2006 It was restored, but I've checked & been told the files are in place. Time is correct too. Quote Link to comment Share on other sites More sharing options...
jhdesign Posted September 7, 2006 Share Posted September 7, 2006 You are not going to get this to work unless you have the right files in the right place. Some of this is down to you, some of it is down to your hosting company. 1. You need to place the following files in the cgi-bin and set to 755 permissions: CcOrderHash.e CcResults.e TestHash.e 2. Your web hosting company must have these files in the Shared Library folder: libCcCpiTools.so libstdc++-libc6.2-2.so.3 Vger Vger My host installed: /usr/lib/libstdc++-libc6.2-2.so.3 and libCcCpiTools.so in /public_html/cgi-bin <- is this the correct location. I'm still getting hacking attempt. Jacob Quote Link to comment Share on other sites More sharing options...
♥Vger Posted September 7, 2006 Share Posted September 7, 2006 is this the correct location No. They should be in the Shared Library folder. Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted September 11, 2006 Share Posted September 11, 2006 You are not going to get this to work unless you have the right files in the right place. Some of this is down to you, some of it is down to your hosting company. 1. You need to place the following files in the cgi-bin and set to 755 permissions: CcOrderHash.e CcResults.e TestHash.e 2. Your web hosting company must have these files in the Shared Library folder: libCcCpiTools.so libstdc++-libc6.2-2.so.3 Vger Vger, if you pick up on this, am I right to avoid HSBC's suggestions about putting a LD_LIBRARY_PATH in the init, and therefore, at least on a fedora/redhat system will simply placing the gcc files in /usr/lib suffice, or do we need to path that in the mod's php itself? Then what do we do with the putenv for LD_LIRARY_PATH in the module itself? Just nuke it? Gettin' kinda puzzled here. Tks. Quote Link to comment Share on other sites More sharing options...
ribs Posted September 11, 2006 Share Posted September 11, 2006 (edited) Ted, If you don't have control over the server and the PHP setup allows it then you must use the putenv("LD_LIBRARY_PATH=$path"); statment. Regards Neil Westlake By the way, you only need to use libCcCpiTools.so and testhash.e. Edited September 11, 2006 by ribs Quote Link to comment Share on other sites More sharing options...
jhdesign Posted September 12, 2006 Share Posted September 12, 2006 I did everything that was needed but still get hacking attempt. Willing to pay someone for help in order to get this working once and for all. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 13, 2006 Share Posted September 13, 2006 Ted, If you don't have control over the server and the PHP setup allows it then you must use the putenv("LD_LIBRARY_PATH=$path"); statment. Regards Neil Westlake By the way, you only need to use libCcCpiTools.so and testhash.e. Thanks, Neil I've settled for that. Now the sample.html file is producing an order hash, but i keep getting an error 12, (store details). So I assume there is a store ID/supplied hash problem? Tks Quote Link to comment Share on other sites More sharing options...
Guest Posted September 13, 2006 Share Posted September 13, 2006 More on the above. According to HSBC the hash being received by them from the test page does not match the outgoing url. I assume they are using the url as part of the hashing process? I am seriously puzzled by this statement by a person from the sub continent. Can you enlighten me at all? Quote Link to comment Share on other sites More sharing options...
Guest Posted September 13, 2006 Share Posted September 13, 2006 And finally a little light: traps fr young players number 20067776: just because phpinfo reports every hashing engine known to man as being installed and active, doesn't meant the mcrypt library is in the server's lib directory. CHECK CHECK CHECK!!! Further the subcontinental advice turned out to mean that we were not sending a hash at all, but instead sending the path to 'TestHash-e' where we should have been sending a hash. This is still occuring. Any ideas??? Quote Link to comment Share on other sites More sharing options...
Guest Posted September 14, 2006 Share Posted September 14, 2006 Ok, here 'tis. First it seems some of the dependency libraries that load with mcrypt and its kin were needed so even though mcrypt wasn't, by installing it and restarting Apache things got a little better, (the sample html page started outputting a hash). But I still couldn't get past the blasted "hacking attempt" response on the site and couldn't get a hash match. So I downloaded the hsbc contrib from downhome consulting, which does use mcrypt algos and it worked straight out of the box, just like it said on the tin. It may be that the hashing routines in v3.0 and V3.1 don't work properly on servers running virtual sites (can't think why and have no time to mess around with the chicken's entrails that comprise our virtuals). But if anyone can't get a result with the hsbc conrib, try this one. Quote Link to comment Share on other sites More sharing options...
Pappa Posted September 14, 2006 Share Posted September 14, 2006 (edited) You are not going to get this to work unless you have the right files in the right place. Some of this is down to you, some of it is down to your hosting company. 1. You need to place the following files in the cgi-bin and set to 755 permissions: CcOrderHash.e CcResults.e TestHash.e 2. Your web hosting company must have these files in the Shared Library folder: libCcCpiTools.so libstdc++-libc6.2-2.so.3 Vger Where exactly do I get the above files from? Do I need to request them from HSBC, or do I need to write them myself based on the examples in the CPI Integration Guide? Thanks, Pappa Edited September 14, 2006 by Pappa Quote Link to comment Share on other sites More sharing options...
♥Vger Posted September 14, 2006 Share Posted September 14, 2006 They are on the cd rom that hsbc gives you. Vger Quote Link to comment Share on other sites More sharing options...
Guest Posted September 15, 2006 Share Posted September 15, 2006 I'm looking for the HSBC contribution which used mhash and mcrypt but I cant find it on the contributions list. Has any still got a copy? Thanks Stephen Weir try this http://www.oscommerce.com/forums/index.php?s=&...st&p=934997 Quote Link to comment Share on other sites More sharing options...
Thieving_Gypsy Posted September 16, 2006 Share Posted September 16, 2006 I currently have the mhash, mcrypt version of the HSBC CPI payment method installed on one of my clietns sites. The client wishes to use the HSBC API - is there anyone out there that could point me in the right direction or assist in the work. The site is on a dedicated server and it's fairly busy. Thanks ANdy Quote Link to comment Share on other sites More sharing options...
Pappa Posted September 16, 2006 Share Posted September 16, 2006 Hi, I'm sorry if you've answered these questions before, but I'm stuck and can't seem to work ou what I should be doing next. I have installed the following files in /www/cgi-bin and chmoded them to 755 CcOrderHash.e CcResults.e TestHash.e libstdc++-libc6.2-2.so.3 was preinstalled in /usr/lib I have installed libCcCpiTools.so in /usr/local/lib (as I do not have the root access required to install it in /usr/lib). As far as I know, this location should be fine. I have rebooted my vs since these file if I execute ./TestHash.e in the shell, I get the error, ./TestHash.e: error while loading shared libraries: libCcCpiTools.so: cannot open shared object file: No such file or directory. Also, trying to process an order online produces he error, Hacking atempt! - orderHash=kbMDLDMchWOeXnfkNvnZ6Z8uFbQ= hash=error while loading shared libraries Any help would be greatly appreciated. Pappa Quote Link to comment Share on other sites More sharing options...
♥Vger Posted September 16, 2006 Share Posted September 16, 2006 Get your hosts to install libCcCpiTools.so in /usr/lib Vger Quote Link to comment Share on other sites More sharing options...
Pappa Posted September 16, 2006 Share Posted September 16, 2006 After re-reading through parts of this thread again, I copied libCcCpiTools.so to my cgi-bin (as I'll have to wait until Monday for my host to copy it to /usr/lib anyway). Now, everything goes swimingly through the HSBC secure epayments site, but when the payement is finally about to be confirmed the user is returned to my site and is given the error message The transaction was rejected by FraudShield. ??? Thanks, Pappa Quote Link to comment Share on other sites More sharing options...
pab Posted September 17, 2006 Share Posted September 17, 2006 Pappa, If you are doing a test transaction, make sure the total amount of the payment is less then ?1 - anything over that gives that Fraudshield error Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.