Jump to content
Sign in to follow this  
freerangemum

HSBC secure-epayment module

Recommended Posts

I emailed support a few days ago, and they just replied saying i do have access to a shared secure server. Is this ok??

Share this post


Link to post
Share on other sites

In which case forget about the CSR, CRT and Key, as they have absolutely nothing to do with a shared ssl - only for a full ssl cert (which you have to buy!). Ask your hosting company what the shared ssl path is - and when you have that info you need to input it into your configure.php files (both of them).

 

Vger

Share this post


Link to post
Share on other sites

I have put the location into both configure files, but now when you go onto the secure side of the site, no pictures appear.

Edited by al090187

Share this post


Link to post
Share on other sites

I have now come a little bit further towards solving the HSBC fiasco.

 

I changed server when I realised that an essential library was missing on mine.

I now managed to generate a hash code but it does not match the one returned from hsbc.

 

What can this depend on?

 

I just get thrown straight back to the hsbcreturn page. The error code is 4.="the processor did not return a response" , great help!!!

 

Any ideas? I havent yet installed an SSL cert on this server in case it doesnt work out. Would this cause the lack of response?

Share this post


Link to post
Share on other sites

In your HSBC module try setting 'Pending error codes' to 0 (if you haven't already done so). Also, if necessary, get HSBC to issue a ew hash code - as they have been known on occasion (on many occasions) to issue a duff code.

 

I havent yet installed an SSL cert on this server

 

Read the HSBC CD Rom integration guidelines. I think you have to have an ssl connection, shared should do for a start, to connect with their system.

 

Vger

Share this post


Link to post
Share on other sites

OK, so I have SSL up and running on the new server but still no difference.

 

I just get returned to the return page with a Hacking Attempt error.

I have the 2 hashes displayed and they are not the same.

Share this post


Link to post
Share on other sites

Agh!! I have the feeling that you have one of the first two HSBC modules installed - which are available from osCommerce 'Contributions'. The third module, written by the same person who provided the first two, is available for download from here

 

http://oscommerce.qadram.com/modules.php?n...wdownload&cid=4

 

You'll find it close to the bottom of that page and listed as Version 1.0. Unlike the first two it works without loads of debugging/rewriting.

 

Hope this helps - Vger

Share this post


Link to post
Share on other sites

Big thread wow, I have installed the hsbc module and get return page as hacking attemot I have verified my cpi, hash key and id no problems but still get this error set order to default which is 0 and still nothing any help appreciated ready to go live but no cc solution working for me.

 

Regards

Share this post


Link to post
Share on other sites

If the module you installed was No1 or No2 in the series then install Module No3 (as posted above). Put simply, No 1 and No2 no longer work because of changes that HSBC made to their system. Also make sure that you are running a full or shared ssl, as HSBC won't llow you to connect unless you are running ssl.

 

If you have installed the third module, and you have ssl, and you still get that error - then which mode are you running in? If you are trying to run in Production Mode have you instructed HSBC to switch Production Mode on?

 

Vger

Big thread wow, I have installed the hsbc module and get return page as hacking attemot I have verified my cpi, hash key and id no problems but still get this error set order to default which is 0 and still nothing any help appreciated ready to go live but no cc solution working for me.

 

Regards

Share this post


Link to post
Share on other sites

Same problem here, but I have installed module 3 and all setting are test setup, weird. :'(

Edited by j0ker

Always seeking & Desperate to find a solution!

Share this post


Link to post
Share on other sites

Thx Vger, I can confirm that I have installed the third version you posted and also I am still in test mode, I have verified once more all my settings in admin to be correct as per hsbc guide.

 

Any further thoughts appreciated.

Share this post


Link to post
Share on other sites

Have you placed the files provided by HSBC in your cgi-bin, and are they set to chmod 755?

 

Vger

Share this post


Link to post
Share on other sites

mmmm Vger, this sounds like something I should have had all I got from hsbc was a fax with my hash na dinstructions no mention of files to put in cgi, I would confirm maybe this is the problem could you enlighten me on what files I need to put in the cgi.bin plz.

 

Thx, I am sorry to be a pain.

Share this post


Link to post
Share on other sites

HSBC would have sent you a cd rom of their e-secure integration guide. On that you will find the text to make into plain text files, which go into our cgi-bin. You have the option of cgi files or javascript files (use the cgi).

 

They are

 

CcOrderHash.e

CcResults.e

libCcCpiTools.so

TestHash.e

 

Locate the text for these files on your cd rom integration guide, and copy and paste the relevant text into a blank text document. Select Save, leave the file type as .txt, but enter this for the file name "CcOrderHash.e" (with the double inverted commas). This will save the file as a plain text file with the name and file extension CcOrderHash.e

 

Vger

Share this post


Link to post
Share on other sites

right I have these already made on the cd now i got it, c,com,java versions I use c ones in this folder is linux in here are the files you mentioned.

 

Do I just paste these into the cgi-bin with no editing?

 

Also the hsbc module for osc I installed earlier does this also need any modification?

 

Thx again for help.

Share this post


Link to post
Share on other sites

The HSBC module, provided you installed it as per instruction, does not need further editing. Can't remember now if any of the four files need editing - just take a look in them and see, and follow the advice on the integration guide. Sorry, don't have any more time today - have a whole website to build in under 24hrs flat!

 

Vger

Share this post


Link to post
Share on other sites

Thx vger, I have verified the install of the module and it is sound, I have no idea what is wrong here. Mighty pain in the neck obviously something I need to be doing, or doing wrong.

 

Thx anyrd.

Share this post


Link to post
Share on other sites

I'm at THAT stage now Ladies and Gents !!!

 

I've had a guts-full of trying to get this mod to work, I have very little patience trying to get something so simple to work it's frustrating me no end !!

 

This is the deal !! - PM or email me

 

HOW MUCH WILL IT COST ME & WHEN WILL IT BE DONE BY ?

 

Please please please - I'm about to jump !!

 

 

cheers

Martin

Share this post


Link to post
Share on other sites

The creator of this module said he will install it for you, email him for a quote, he posted on the first page of this thread.

 

I'm at THAT stage now Ladies and Gents !!!

 

I've had a guts-full of trying to get this mod to work, I have very little patience trying to get something so simple to work it's frustrating me no end !!

 

This is the deal !! - PM or email me

 

HOW MUCH WILL IT COST ME & WHEN WILL IT BE DONE BY ?

 

Please please please - I'm about to jump !!

cheers

Martin

Share this post


Link to post
Share on other sites

I have managed to get most of this module to work now, but I am falling over on a cpiresultscode = 12 what is the most common reason for this? If I enter this into the pending error codes for the module then the test transaction seems to go through though and my test customer recieves an email from my os commerce site giving order number and details. I never see a HSBC page but my shopping cart does empty. Is this correct? If I dont add the code 12 to the pending error codes part of the module config then when I try to checkout an order I get dumped back at the user login screen on my site then when I log in again the item is still in the shopping cart. Any help would be most greatfully recieved. BTW this has taken 5 weeks now to get this far until this afternoon I kept getting dumped back with a hacking attempt message :'( I cant begin to say how happy I was when I figured what was causing that one!

Edited by davesbeetles

Share this post


Link to post
Share on other sites
Thx vger, I have verified the install of the module and it is sound, I have no idea what is wrong here. Mighty pain in the neck obviously something I need to be doing, or doing wrong.

 

Thx anyrd.

 

Anyrd I cant help wondering if you have done the same thing that I did when installing the module. In my emails from the HSBC they called every ID they sent me the client ID, so for the last 5 weeks of hacking about in the module I was using my client alias instead of my client ID. If you log into the HSBC (www.secure-epayments.hsbc.com) and go to the Store configuration page it will tell you there what your real client id is. Once you have this I would clear all the OSCommerce stuff from your server and re-install the whole thing with clean versions of the module (but just do the mods outlined in the readme file within the zip file to the checkout_process.php and hsbc.php payment module). By doing this you should be at least up to where I am with an error from cpiresults of code 12 or if you are luckier than me everything working

Share this post


Link to post
Share on other sites

Just to follow up, it turned out I had been given an incomplete Client ID via email. I was missing just one character. I now have the module fully working under test mode and have just had it switched to full production byt HSBC and then the fun started again the HSBC is now rejecting every card payment via fraudshield saying the address is incorrect. I have checked the address over and over (as its my own card and address I am testing with) both post code and address are correct. I have even trapped my post to the HSBC just to check everything I send and all is correct there. Methinks the HSBC is more trouble than its worth, its only taken 4 months to get here! It took 3 months to get the merchant account set up and the CPi approval :'(

Edited by davesbeetles

Share this post


Link to post
Share on other sites
Just to follow up, it turned out I had been given an incomplete Client ID via email. I was missing just one character. I now have the module fully working under test mode and have just had it switched to full production byt HSBC and then the fun started again the HSBC is now rejecting every card payment via fraudshield saying the address is incorrect. I have checked the address over and over (as its my own card and address I am testing with) both post code and address are correct. I have even trapped my post to the HSBC just to check everything I send and all is correct there. Methinks the HSBC is more trouble than its worth, its only taken 4 months to get here! It took 3 months to get the merchant account set up and the CPi approval :'(

 

Keep going, once you get it working it just keeps working. I had big problems when I first setup, 6 months ago, since then hardly any problems.

 

One thing I did change in hsbc_return.php was make the $CpiResultsCode=='9' the same as $CpiResultsCode=='0'. This is for when the transaction is marked for reveiw, os the card hoilder sees it as authorized.

 

Regards

Raj Bangar

SimplySpice & Craftmango

Share this post


Link to post
Share on other sites
Keep going, once you get it working it just keeps working. I had big problems when I first setup, 6 months ago, since then hardly any problems.

 

One thing I did change in hsbc_return.php was make the $CpiResultsCode=='9' the same as $CpiResultsCode=='0'. This is for when the transaction is marked for reveiw, os the card hoilder sees it as authorized.

 

I agree - its working like a charm - chuffed!

I will say any problems you have - get in touch with support@qadram.com the module's author for help. He is very friendly and will always try to help you.

 

Cheers

Simon

 

www.ShoeBoxComputers.com

Share this post


Link to post
Share on other sites

Hi Guys,

 

Just after a bit of advice regarding order id numbers.

 

All is working well with my set up but I am still using the original contribution. This means that my order numbers are created using the format jjjhhmmssr, where j is the three digit juliet number for the day of the year, hh is hour, mm is minute, ss is second and r is random.

 

This all worked fine until a couple of months ago when the day of the year got up too high and caused MySql to overload!! This was sorted by changing the Integer to a BigInt which apparently allowed the database to count a bit higher. :D

 

Now however, we are into 2005 and my orders are all appearing way back down the list as the order numbers are smaller than what they were at the end of 2004!!

 

I've a couple of questions, firstly is anyone using the fix that Neil suggested on page 11 of this thread, namely something along these lines:-

 

// Generate Random Order ID if not already set

if(!$order_id)

{

while (get_order_id() > 0);

$insert_id = $rndnum;

}

else

{

$insert_id = $order_id;

}

 

 

If so, what kind of order number does this produce and is it sequential? As far as I can tell it is going to knock out a completly random order number which is going to make things hard to find on the orders page - which appears to list orders by order number rather than date purchased.

 

Another option I am looking at is just putting the year in front of the order, leading to yyjjjhhmmssr - however this makes it an even bigger order number!!

 

I see that the order string used by jose leon originally was along these lines. It contains a "-" which would make it more managable from a customers point of view but seems to upset my bigint in the mysql database.

 

srand ((float) microtime() * 10000000);

$r1 = rand(100,999);

$t1 = date("yz-his");

 

//This sequence generation is valid only for Lynda's shop

$sequence = $t1.$r1;

 

 

 

Any thoughts/ideas would be very welcome - It is not critical but something that I would like to get ironed out.

 

Cheers,

 

Rich


Only Dead Fish Go With The Flow......

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×