Jump to content
Sign in to follow this  
freerangemum

HSBC secure-epayment module

Recommended Posts

Hi Tamlyn,

 

The problem you're having is very common with the HSBC CPI system.

 

What is happening is the return (hidden) post from HSBC which executes checkout_process.php is either not getting there (not likely) or it's not able to complete the script correctly.

 

The most common problems are:

 

java/ in your spiders.txt file

Check IP address is set to true backend (configuration|sessions)

An error in your checkout_process.php script.

Your on a 1and1 server, I could never get it to work with them, maybe things have changed.

 

If after going through thoses suggestions you are still having problems then you may want to get some help.

 

Regards

 

Neil Westlake

Share this post


Link to post
Share on other sites

The hidden post is definitely getting through cos i set it to email me debug messages. it stumbles at the first hurdle though and tries to redirect to the login page because the client_id is not defined because the session was not recreated. Unfortunately none of your suggestions seem to apply to me :(

 

Here is my session config:

 

Session Directory	  /tmp 
Force Cookie Use 	True 	 
Check SSL Session ID 	False 
Check User Agent 	False 
Check IP Address 	False
Prevent Spider Sessions 	True 
Recreate Session 	False

 

And java is not in my spiders.txt.

 

What else could cause this?

Share this post


Link to post
Share on other sites
What else could cause this?

 

Force Cookie Use True

 

You have to pass the session id to HSBC - no wonder it's not working.

 

Vger

Share this post


Link to post
Share on other sites
You have to pass the session id to HSBC - no wonder it's not working.

 

Vger

 

Hi Vger...

 

How do you pass the session ID to HSBC? what steps did you do to get this to work?

Share this post


Link to post
Share on other sites

I thought that was obvious from my post - you have to turn off 'Force Cookie Use', because it removes the session id from the url and wraps it in a cookie on the customers computer - where HSBC has no access to it.

 

Vger

Share this post


Link to post
Share on other sites
You have to pass the session id to HSBC - no wonder it's not working.

 

Yeah! I had thought that copying the sid (through the merchantdata field) to HTTP_COOKIE_VARS would have the same effect but obviously not. Thank you!

Share this post


Link to post
Share on other sites
Having seen all the problems encountered by people with this contrib, I opted instead to use the contrib recommened by Ted Doyle in this post:

 

http://forums.oscommerce.com/index.php?s=&...st&p=934997

 

Use the contribution from DownHome Consulting:

 

http://www.downhomeconsulting.com/Downloads/downloads.php

 

It worked first time out of the box! It's not truly open-source as it uses some form of encryption - but hell it works like a dream.

 

Regards

 

Having read, I think, nearly all 50 odd pages of this forum. I actually got the HSBC v3.0 module working. (Thanks everyone - long after you have left your probs behind someone s reading :-)

 

And then the HSBC module stopped working and back to "hacking attempt". And guess what - the hosting company moved the account to another server (before the servee keeled over).

 

But its not working. *I think* its due to the lack of the files in the /usr/bin the host needs to have installed.

 

Anyway. I thought I'd try the DownHome HSBC module as mhash is installed on the (new) server.

 

But when I installed and went to config the module through the Admin. Not all the fields in the admin panel have titles to say what the boxes are for!!!! eg for the Storse ID and the Hash?

 

Is there a support forum for this module? (Have already emailed the author direct)

 

John

Share this post


Link to post
Share on other sites
Having read, I think, nearly all 50 odd pages of this forum. I actually got the HSBC v3.0 module working. (Thanks everyone - long after you have left your probs behind someone s reading :-)

 

And then the HSBC module stopped working and back to "hacking attempt". And guess what - the hosting company moved the account to another server (before the servee keeled over).

 

But its not working. *I think* its due to the lack of the files in the /usr/bin the host needs to have installed.

 

Anyway. I thought I'd try the DownHome HSBC module as mhash is installed on the (new) server.

 

But when I installed and went to config the module through the Admin. Not all the fields in the admin panel have titles to say what the boxes are for!!!! eg for the Storse ID and the Hash?

 

Is there a support forum for this module? (Have already emailed the author direct)

 

John

 

John,

 

Did you get an answer from the author of this module, as I too have the blank field label problem.

 

Thanks,

Andrew


=======================

I do not fear computers. I fear the lack of them.

Isaac Asimov

Share this post


Link to post
Share on other sites
John,

 

Did you get an answer from the author of this module, as I too have the blank field label problem.

 

Thanks,

Andrew

 

I answered my own question with a bit of common sense and a beer. Because both John and I had the original HSBC module installed, the 'new' HSBC module was looking to the database to populate the labels and fields of the 'old' HSBC module. Simply clicking Remove then Install cured the problem.

 

Hope this helps.

Andrew


=======================

I do not fear computers. I fear the lack of them.

Isaac Asimov

Share this post


Link to post
Share on other sites
John,

 

Did you get an answer from the author of this module, as I too have the blank field label problem.

 

Thanks,

Andrew

 

Hi Andrew

 

No reply from the author :-(

 

But I've just managed to solve the problem.

 

I "removed" then "installed" the Downhome module in the OSc payment module admin.

Add the field names magically appeared!

 

I *think* it might be because I copied over the new HSBC files from DownHome over the top of the v3.o contrib files - without going thru the proper unistall and install process.

 

Now getting the HSBC page [HORRAY!!!] but the page is soooooo sloooooow. Its timing out on Firefox thou just got the page on IE7 - but getting the "Fraudshield error" returned. (and the transaction is for less than £1.00)

 

More searching of this forum I think :-"

 

Next time a client asks me to do a job and mentions HSBC I'll run a mile!

 

good luck

John

Share this post


Link to post
Share on other sites
I answered my own question with a bit of common sense and a beer. Because both John and I had the original HSBC module installed, the 'new' HSBC module was looking to the database to populate the labels and fields of the 'old' HSBC module. Simply clicking Remove then Install cured the problem.

 

Hope this helps.

Andrew

 

HA. Our posts just past each other there!

 

Just have to say i've cracked it and have processed an order!

Of course the Fraudshield error was because I wasn't using a real CC number (even in test mode).

 

I am now going to treat myself to a very, very large glass of wine! :lol:

 

John

Share this post


Link to post
Share on other sites

Now having got the hash working. The HSBC screen is loading really slowly. Even the HSBC logo takes 10-20secs to load.

 

Sometimes, the page load just times out.

 

Is this typical in test mode? Are test transactions bottom of the priority for processing on the HSBC server?

 

Production isn't like this is it???? My client is very unimpressed!

 

 

This may not be related but using the Downhome interface I have set this field to AUTH.

 

>>>>

Transaction Type- Transaction type to use for the hsbc service

Auth or Capture

>>>>

 

What is this for? A longshot but anything to do with my problem?

 

 

More wine needed!

John

 

 

HA. Our posts just past each other there!

 

Just have to say i've cracked it and have processed an order!

Of course the Fraudshield error was because I wasn't using a real CC number (even in test mode).

 

I am now going to treat myself to a very, very large glass of wine! :lol:

 

John

Share this post


Link to post
Share on other sites

My client was just spoken to HSBC about the browser timing out.

 

They advised her that the error is due to Cookies and Temp files on her computer. She deleted all the cookies and temp files and then could get through to the card details screen.

 

She said to them she was very concerned about this as she could potentially lose lots of custom from this error. They said it is nothing to do with HSBC or their servers and that it is down to everyone;'e individual computer!!! They said it is common with any secure payment website and not just theirs!

 

Is there any basis to this? I've searched through the postings here but I've not seen anything related to this type of problem.

 

Anyone experienced this??

 

 

John

 

 

 

 

Now having got the hash working. The HSBC screen is loading really slowly. Even the HSBC logo takes 10-20secs to load.

 

Sometimes, the page load just times out.

 

Is this typical in test mode? Are test transactions bottom of the priority for processing on the HSBC server?

 

Production isn't like this is it???? My client is very unimpressed!

This may not be related but using the Downhome interface I have set this field to AUTH.

 

>>>>

Transaction Type- Transaction type to use for the hsbc service

Auth or Capture

>>>>

 

What is this for? A longshot but anything to do with my problem?

More wine needed!

John

Share this post


Link to post
Share on other sites

OK, this is turning into a nightmare!

 

I've implemented loads of ecommerce stores over the past few years and I have NEVER come across anything like this HSBC module. Their development team should be shot. I'm never going to use anyone except securehosting.com again.

 

Having got that off my chest, I'm here ready to PAY MONEY to someone to do this for me. I give up. Yes, if you're a programmer and you have successfully implemented this HSBC module I want to hear from you. I will pay your fee gladly.

 

I have tried the HSBC Ver 3 module and got Hacking Attempt. I've gone through the instructions until I'm cross-eyed and I can't make sense of where I've gone wrong. So then I tried the DownHomeConsulting module. I've installed mhash and mcrypt on my server (phpinfo ()) shows clearly that they're there, yet I'm still getting

Fatal error: Call to undefined function mcrypt_module_open() in /home/httpd/vhosts/f4l.co.uk/httpdocs/includes/modules/payment/hsbc.php on line 502

. I've done everything I can think of, I've spent days pouring over forums to try and work this out, and I've hit a brick wall. If you can help please contact me at asteven AT asteven dot com.

 

Thanks.

Andrew


=======================

I do not fear computers. I fear the lack of them.

Isaac Asimov

Share this post


Link to post
Share on other sites

Hi all,

 

I have just downloaded and installed the HSBC payment module ok, but when I go into the admin area, edit the module details such as Client ID, and click Update, none of the changes I have made are saved!

 

Please can someone tell me what (stupid thing) Im doing wrong? Is it a file permissions problem? I thought I should be able to just go into a file and manually edit these details, but I cant find which file they are saved to!

 

Thanks.

Share this post


Link to post
Share on other sites

Hi there,

 

When listing modules after installing this, the modules list cuts off where hsbc is supposed to be and page loading just ends. Why?

Share this post


Link to post
Share on other sites

Hi

 

I just been given access to the HSBC secure payments. I have installed the module and updated the fields with all data sent from the bank.

 

I checked everything amillion times already and i still get the same problem.

 

When i try to complete checkout and get sent to the payment gateway i get the returned message "Hacking attempt!"

 

I seen a couple other people mention this but there 51 pages here and it will take me ages to go through them all to find the answer. Can some one please tell me what i have done wrong?? Im asking here first becuase the indian call centre is really annoying me :mellow: They all seem to be asking questions from a text book if you ask me :)

Share this post


Link to post
Share on other sites

After adding 5 years to my life in the 2 weeks it took me to sort this I sorta understand your frustration. By no means an expert but having been there...

 

The "hacking attempt" error is the only error message you seem to get and covers may issues.... so quite unhelpful.

 

Having read all 50 pages (several times) I managed to get it going (phew). It would be really good if someone/several people could take all the really useful advice in the 50 pages and produce some installation instructions - it would be really helpful.

 

From memory (Oh I thought I'd put this behind me :'(

 

- You are using a SSL certificate aren't you? Even needed in Test mode. Shared cert is ok - but you must connect with SSL.

 

- The hash is being generated correctly? You do have all the files in the right directories? There are certain files needed in your hosting server too - that work together to create the hash.

 

- The hash key provided by HSBC is correct? Several people here found that the issue was an incorrectly supplied hash key from HSBC (how incompetent and frustrating!!!!)

 

- When you do get to the HSBC screen - ignore the test 41111.. CC number - you need to use a real credit card number

 

- Your test transaction in "test mode" needs to be under £1.00 sterling for it to work

 

I think there is some good threads around page 42 (from memory)

 

 

Good luck

 

Johnnie

 

 

 

Hi

 

I just been given access to the HSBC secure payments. I have installed the module and updated the fields with all data sent from the bank.

 

I checked everything amillion times already and i still get the same problem.

 

When i try to complete checkout and get sent to the payment gateway i get the returned message "Hacking attempt!"

 

I seen a couple other people mention this but there 51 pages here and it will take me ages to go through them all to find the answer. Can some one please tell me what i have done wrong?? Im asking here first becuase the indian call centre is really annoying me :mellow: They all seem to be asking questions from a text book if you ask me :)

Share this post


Link to post
Share on other sites

i have just installed this module and put all my info into the module under admin but am having a problem getting it to work.

I purchase a product, login, this then takes me to the delivery info screen where you can change your delivery address etc, as soon as i press continue which should take you to the payment selection screen i am just getting a white screen but as soon as i turn the hsbc module off it then lets me pick a payment option. please help

Share this post


Link to post
Share on other sites

I have managed to get it to work but am now getting a Hacking Attempt, any ideas

 

i have just installed this module and put all my info into the module under admin but am having a problem getting it to work.

I purchase a product, login, this then takes me to the delivery info screen where you can change your delivery address etc, as soon as i press continue which should take you to the payment selection screen i am just getting a white screen but as soon as i turn the hsbc module off it then lets me pick a payment option. please help

Share this post


Link to post
Share on other sites

If you are getting the "Hacking attempt" message then you haven't got it to work.

 

Vger

Share this post


Link to post
Share on other sites

it says on this forum to upload the files which i have done. as far as i know my server is not running in safe mode. what do i need to do to stop getting the hacking attempt error. i have been through this forum and it is so large with different ways of making it work.

Share this post


Link to post
Share on other sites

it says on this forum to upload the files which i have done. as far as i know my server is not running in safe mode. what do i need to do to stop getting the hacking attempt error. i have been through this forum and it is so large with different ways of making it work.

Share this post


Link to post
Share on other sites

Hey,

 

I have managed to install the contribution and I can go through an order connect to the HSBC site, enter my card details and get returned to my site ok. However the order is not stored in my database and the order number shown to the customer is 0, unless they have placed an order before in which case the order number displayed is their last order's order number. The transaction is recorded correctly by HSBC and can be viewed on the control panel.

 

The session id is being passed back correctly as at first this was causing the user to be taken back to an empty shopping basket, now I am not sure what could be causing this problem. I have searched the 51 previous pages but to no avail.

 

Thanks in advance for any help.

 

Dave (aka Turner2000)

Share this post


Link to post
Share on other sites
Hey,

 

I have managed to install the contribution and I can go through an order connect to the HSBC site, enter my card details and get returned to my site ok. However the order is not stored in my database and the order number shown to the customer is 0, unless they have placed an order before in which case the order number displayed is their last order's order number. The transaction is recorded correctly by HSBC and can be viewed on the control panel.

 

The session id is being passed back correctly as at first this was causing the user to be taken back to an empty shopping basket, now I am not sure what could be causing this problem. I have searched the 51 previous pages but to no avail.

 

Thanks in advance for any help.

 

Dave (aka Turner2000)

 

After re-reading the thread and reaching page 40 something I finally found the little thing I was after.

 

If you are having the same problem as I was it may be a case of removing 'Java/' from your spiders.txt file in your includes folder. Orders now show up in OSCommerce.

 

I feel quite lucky that HSBC CPI has only stolen 2 days of my life. Fingers crossed it carries on working when switched to production!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×