urgent: about to go live, problem editing orders and resubmitting credit card payment

Forgive the request for urgency, but I’m converting my store from development to live on Monday, 10/26!

I am using Authorize.net to process my credit card payments, and I have it set up to “authorize only” rather than “authorize and capture”.

It seems to be working fine for the most part. When I place test orders, Authorize.net processes them properly, and I can see the transactions in the reports, etc.

However, I’m encountering a problem when editing an order via the admin area and then trying to re-submit the order for re-authorization.

When I arrive at step 4, the payment details section is already filled-out with the customer’s credit card info (but masked with Xs for privacy, naturally). That tells me the credit card info has yet to be deleted from the database. (Right?)

[COLOR=“DarkRed”]EDIT: Wrong!

The Xs actually show that the credit card info was, in fact, deleted.

So, I re-examined my “Completed” order status definition (which appears to be the status generated upon a successful credit card authorization), found that the “delete CC info” check box was checked, unchecked it, and now everything works. Go figure!

Anyway, I feel a little embarrassed for having posted this issue, but instead of deleting it outright, I’m swallowing my pride and leaving it posted in case other unfortunates might stumble across the same issue![/COLOR]

However, when I click the “save and process payment” button, instead of re-submitting the saved credit card info to Authorize.net, each of the masked fields is marked as invalid because of the Xs they contain!

(e.g., the card number box turns red with the validation text, “The card number is not valid in Card number field or you selected incorrect card type”; the expiration date boxes turn red with the text, “The value of the Month field is invalid. It should be integer. The value of the Year field is invalid. It should be integer.”, etc.)

It seems to me that CS-Cart is treating those masked fields as if they were the actual credit card data, which is failing validation due to the masking Xs, rather than re-submitting the credit card data stored in the database.

If anyone could give me some guidance on this, I’d greatly appreciate it!

Once again, sorry for the urgency!

I tried dealing with this in 1.3.5 sp4 and what I think is that even though the credit card information is stored in the database the shop owner (admin) still can’t just create a new order with that number. I ended up having to have my customer go back into the store and add the additional item and re-checkout with just that item. I was a pain in the neck, but I guess it is becuase of security reasons.

I hope I understood you correctly,