PDA

View Full Version : Credit Card Choices and Security Codes



wrinkle
10-14-2003, 01:09 PM
Here's some questions I'm DYING to hear the answers to...

1) Why doesn't osCommerce allow the user to choose a credit card type? What if I can't accept AMEX but they use an AMEX card? How do I limit them?

2) Why doens't osCommerce have a place to enter the 3 or 4 digit security code most merchant accounts require these days? Is there a mod to add this field?

Please help.

Thanks!

Anonymous
10-15-2003, 06:20 AM
Ditto.

Anonymous
11-14-2003, 06:25 AM
I too also need this. And an good document on how to modify the payment module would help nicely :)

Thanks

Anonymous
11-14-2003, 06:47 PM
To limit the cards used you will need to edit catalog/includes/classes/cc_validation.php
the part that follows is just a part of the file. This is mine, I only accept Visa and MasterCard.



class cc_validation {
var $cc_type, $cc_number, $cc_expiry_month, $cc_expiry_year;

function validate($number, $expiry_m, $expiry_y) {
$this->cc_number = ereg_replace('[^0-9]', '', $number);

if (ereg('^4[0-9]{12}([0-9]{3})?$', $this->cc_number)) {
$this->cc_type = 'Visa';
} elseif (ereg('^5[1-5][0-9]{14}$', $this->cc_number)) {
$this->cc_type = 'Master Card';
} else {
return -1;
}


There is a contibution you can add on that adds the cvv code field, ill look it up and post it.

Chris Guth,
http://www.SeniorsLivingHealthy.com
Home Of Tru Blue Pain Relief Cream

Anonymous
11-14-2003, 06:49 PM
cvv contibution:
http://www.oscommerce.com/community/contributions,1481

Chris Guth,
http://www.SeniorsLivingHealthy.com
Home Of Tru Blue Pain Relief Cream

red_fraggle
03-17-2004, 05:38 PM
Actually if you use linkpoint cardservices, since i helped write the mod for it, and full help for your customers and included files is in this contribution, you can check it out. You may contact me for help setting up a merchant account with link point if you need card services, as i am an authorized agent for them

http://www.oscommerce.com/community/contributions,596

gheffron
03-17-2004, 11:26 PM
And what option do you choose if you simply want the credit card #s to be logged? (manual credit card processing) It seems like the options available are for automatic processing.

Correction: there's that funky emailing system where the middle numbers are emailed. But I seem to only be able to receive the middle numbers. No other notice of the sale is showing up (with the other CC #s). How do you set that?

And also, how do you set the SSL directory for the forms to be filled out in?

gheffron
03-19-2004, 12:26 PM
I'm going to start a new thread on my question, as I think it might be helpful to others.

Anonymous
05-13-2004, 01:09 PM
gheffron

first things first:

SSL:
If you are on a C-Panel box your http and https sides are already symlinked and you must call your hosting provider to "enable SSL" on your account. You will know this is not turned on if going to https://yourdomainname gives you a 404 error or page not found. If you get your regular index.html or index.php you will know it is enabled.

If you are on a PLESK box, you will need SSL enabled, on plesk your secure documents are located in /yourname/httpsdocs/

To prevent you having to have 2 duplicate copies of your installation and use twice the hard drive space, call your hosting provider and have them do a symlink between /httpdocs and /httpsdocs

If you have SSH access and can do it via command line yourself use these commands.

step 1. login to your box via SSH.
step 2. navigate to /home/httpd/vhosts/domainname.
step 3. ***make sure your httpsdocs folder is empty***
step 4. type rm -r -f httpsdocs (this will delete that folder) hit enter
step 5. type (this first char is a lower case L) ln -s httpsdocs httpdocs (this makes the link) hit enter
step 6. type (both of these chars are lower case L) ls -l hit enter (this will list the ownership of all files and directories, you will see "username.psaserv httpdocs>httpsdocs"

If that yourusername.psaserv is your username good if not
step 7. type chown yourusername.psaserv httpsdocs

You are now done, and when your store attempts to switch from http to https, you will not lose sessions, nor have files you cant find.


Next Issue
FUNKY EMAIL
This is the way it is designed for security purposes! the middle 4 numbers are emailed to the store owner and the outside 8 are stored in the database. A store owner can get the full number by looking into the database table_orders and adding the middle 4 he/she got emailed to it in the center.


ISSUE 3
Credit Card Security Code

Actually The linkpoint module does require this. It also comes with pop-up help for your customers titled "what is a cvv code". I even included a new linkpointms1.php file which takes out the option for your customers to have a check box saying that they cant read their code. This is too big a security risk and i would rather lose the sale than sell it to someone without them knowing their cvv code. Most times the only one not to have this is the guy who stole the number from somewhere!



Clifton Murphy
I support this module free of charge at 1-(910)-298-8260