[kludge] 3.0.2 offline Credit Card Processing

kogi · August 22, 2012, 12:00am

[size=8]THIS IS NOW OUTDATED[/size]

http://forum.cs-cart…ng-as-intended/

Information left below for historic purposes only

This is my method for returning CC details for 3.0.2

What this will do is retain CC info for ALL transactions. it also adds a “Clear CC info” button to order details.

BACKUP - BACKUP - BACKUP

If symptoms persist, seek professional advice

/core/fn.cart.php

replace this

$payment_info = fn_cleanup_payment_info(‘’, fn_encrypt_text(serialize($payment_info)), true);

with

$payment_info = fn_encrypt_text(serialize($payment_info));

/skins/basic/admin/views/orders/details.tpl

Find

<br />
<br />
{if $order_info.payment_info}<br />
{foreach from=$order_info.payment_info item=item key=key}<br />
{if $item && ($key != "expiry_year" && $key != "start_year")}<br />
<div class="form-field"><br />
<label>{if $key == "card"}{assign var="cc_exists" value=true}{$lang.credit_card}{elseif $key == "expiry_month"}{$lang.expiry_date}{elseif $key == "start_month"}{$lang.start_date}{else}{$lang.$key}{/if}:</label><br />
{if $key == "order_status"}<br />
{include file="common_templates/status.tpl" status=$item display="view" status_type=""}<br />
{elseif $key == "reason_text"}<br />
{$item|nl2br}<br />
{elseif $key == "expiry_month"}<br />
{$item}/{$order_info.payment_info.expiry_year}<br />
{elseif $key == "start_month"}<br />
{$item}/{$order_info.payment_info.start_year}<br />
{else}<br />
{$item}<br />
{/if}<br />
</div><br />
{/if}<br />
{/foreach}<br />

```<br />
<br />
[b]Insert After[/b]<br />
```php
<br />
<br />
{if $cc_exists}<br />
<p class="center"><br />
<input type="hidden" name="order_ids[]" value="{$order_info.order_id}"><br />
{include file="buttons/button.tpl" but_text="Remove CC info" but_meta="cm-ajax cm-comet" but_name="dispatch[orders.remove_cc_info]"}<br />
</p><br />
{/if}<br />

```<br />
<br />
<br />
<br />
<br />
<br />
<br />
/controllers/admin/orders.php<br />
[b]Find[/b]<br />
```php
<br />
if ($mode == 'packing_slip' && !empty($_REQUEST['order_ids'])) {<br />
<br />
foreach ($_REQUEST['order_ids'] as $k => $v) {<br />
$view_mail->assign('order_info', fn_get_order_info($v, false, true, false, true));<br />
$view_mail->display('orders/print_packing_slip.tpl');<br />
if ($v != end($_REQUEST['order_ids'])) {<br />
echo "<div style="page-break-before: always;"> </div>";<br />
}<br />
}<br />
<br />
exit;<br />
}<br />

```<br />
<br />
[b]Insert After[/b]<br />
```php
<br />
<br />
if ($mode == 'remove_cc_info' && !empty($_REQUEST['order_ids'])) {<br />
<br />
fn_set_progress('total', sizeof($_REQUEST['order_ids']));<br />
<br />
foreach ($_REQUEST['order_ids'] as $v) {<br />
$payment_info = db_get_field("SELECT data FROM ?:order_data WHERE order_id = ?i AND type = 'P'", $v);<br />
fn_cleanup_payment_info($v, $payment_info);<br />
}<br />
<br />
fn_set_notification('N', fn_get_lang_var('notice'), fn_get_lang_var('done'));<br />
<br />
if (count($_REQUEST['order_ids']) == 1) {<br />
$o_id = array_pop($_REQUEST['order_ids']);<br />
$suffix = ".details?order_id=$o_id";<br />
}<br />
}<br />

```<br />
<br />
<br />
V2 . GooRoo Fixed provided by included<br />
<br />
PS clear cache after any all template changes

bjharrington · August 22, 2012, 12:00am

This is, by far, the most useful posting I've seen on this forum. Nice Job, and Thank You!

lccoins · August 23, 2012, 12:00am

Kogi, you rock. This is awesome. Thanks!

digiconcepts · August 24, 2012, 12:00am

Hi,

I followed the instructions and the CC data is now showing in admin but I do not have a clear button available to delete the CC info once we have ran the customers card.

Please help!

Michael

PS… I am using the 3.0 version.

digiconcepts · August 24, 2012, 12:00am

Nevermind… I figured it out and this should have been put in the instructions for newbies. Once you have edited the files and uploaded them, you must then clear your cache. The following URL will clear your cache:

http://www.mydomain.com/admin.php?dispatch=categories.manage&cc

This should help out us newbies.

Michael

gooroo · August 25, 2012, 12:00am

Great post. Really helpful for those of us on 3.0.2 who need to do offline/batch credit card processing.

If you want to add back the “Remove CC Info” task to the Choose Action list popup on the Orders View so you can process several orders at once, make these additional changes in addition to the ones described above:

[list]

[]Enable the my_changes addon

[]Create a new file called list_tools.post.tpl

[*]Enter this text into the file:```php

{$lang.remove_cc_info}

```
[*]Save the file to:
/skins/basic/admin/addons/my_changes/hooks/orders/list_tools.post.tbl
[*]Create a new Language Variable called "remove_cc_info" ==> "Remove CC Info"
[*]Also, there is a small bug in the original code insertion posted for orders.php. To allow the code to process multiple orders and exit gracefully so that the screen refreshes after the credit card info is cleared, remove the extra else/exit clause:```php
if ($mode == 'remove_cc_info' && !empty($_REQUEST['order_ids'])) {

fn_set_progress('total', sizeof($_REQUEST['order_ids']));

foreach ($_REQUEST['order_ids'] as $v) {
$payment_info = db_get_field("SELECT data FROM ?:order_data WHERE order_id = ?i AND type = 'P'", $v);
fn_cleanup_payment_info($v, $payment_info);
}

fn_set_notification('N', fn_get_lang_var('notice'), fn_get_lang_var('done'));

if (count($_REQUEST['order_ids']) == 1) {
$o_id = array_pop($_REQUEST['order_ids']);
$suffix = ".details?order_id=$o_id";
} /* else {
exit;
} */
}
```
[*]Of course, clear the cache ([url="http://yoursite/admin.php?cc"]http://yoursite/admin.php?cc[/url]) after uploading the changed files so that the new code gets executed. (my rule for CS-Cart is: when in doubt, clear the cache).
[/list]

iliasifestos · August 27, 2012, 12:00am

Hello

I followed the instructions exactly as they are but only managed to show only the button to delete the cc

I made a purchase but everything is as before with XXXXXXXX4445 I click the delete button CC but nothing happened

I have the MV 3.0.2

any help?

thank you very much

Ilias

iliasifestos · August 27, 2012, 12:00am

I cleared the cache of course

a photo

kogi · August 27, 2012, 12:00am

[quote]

[color=#282828][font=arial, verdana, tahoma, sans-serif]/core/fn.cart.php[/font][/color]

replace this

[color=#282828][font=arial, verdana, tahoma, sans-serif]$payment_info = fn_cleanup_payment_info('', fn_encrypt_text(serialize($payment_info)), true);[/font][/color]

with

[color=#282828][font=arial, verdana, tahoma, sans-serif]$payment_info = fn_encrypt_text(serialize($payment_info));[/font][/color]

[/quote]

This is the part which keeps the credit card info

Did you do a copy and paste to make sure you didn't type anything wrong?

If that doesn't work then maybe won't work with MV 302, Sorry I do anything about the MV version

iliasifestos · August 27, 2012, 12:00am

[url=“Credit Card details not shown in order details v3.01 - Security - CS-Cart Community Forums”]Credit Card details not shown in order details v3.01 - Security - CS-Cart Community Forums

Post nr 13

thank you for your answer

If you remove the code from the above Post I write information appears on the card, but again I can not delete the information to cc button

I will take a control run again maybe I have something wrong

the first one will drink coffee to calm my mind

and then continue

thank you

Ilias

iliasifestos · August 27, 2012, 12:00am

@param int $order_id
@param array $pp_response Response from payment processor
@return boolean true

*/

function fn_update_order_payment_info($order_id, $pp_response)

{

if (empty($order_id) || empty($pp_response) || !is_array($pp_response)) {

return false;

}

$payment_info = db_get_field(“SELECT data FROM ?:order_data WHERE order_id = ?i AND type = 'P'”, $order_id);

if (!empty($payment_info)) {

$payment_info = unserialize(fn_decrypt_text($payment_info));

} else {

$payment_info = array();

}

foreach ($pp_response as $k => $v) {

$payment_info[$k] = $v;

}

$payment_info = fn_encrypt_text(serialize($payment_info));

$data = array (

'data' => $payment_info,

'order_id' => $order_id,

'type' => 'P'

);

db_query(“REPLACE INTO ?:order_data ?e”, $data);

$child_orders_ids = db_get_fields(“SELECT order_id FROM ?:orders WHERE parent_order_id = ?i”, $order_id);

if (!empty($child_orders_ids)) {

I think I placed the code properly!

Thanks

kogi · August 27, 2012, 12:00am

I am sorry, I do not know what your problem is. I would suggest you restore from backup and try again.

cutritefx · September 14, 2012, 12:00am

Thank you, have made the changes hopefully it works ok. Not sure why they removed this as we process many cards offline.

Thanks again.

mathialoc · September 16, 2012, 12:00am

Anyone know how to do this on 2.2.5?

tuari · September 16, 2012, 12:00am

This is brilliant! Thanks so much for posting this!! It works beautifully.

JoAnne

cs-cart 3.0.3

iliasifestos · September 21, 2012, 12:00am

[quote name='kogi' timestamp='1346063034' post='143726']

I am sorry, I do not know what your problem is. I would suggest you restore from backup and try again.

[/quote]I did it eventually to function

I am happy because I am still waiting a response from the experts

kogi thank you for this solution proposed

pbannette · September 21, 2012, 12:00am

CS-Cart did recently post the fix in bug tracker:

http://forum.cs-cart.com/tracker/issue-3140-offline-cc-payment-not-working-as-intended/

Bob

tbirnseth · September 24, 2012, 12:00am

The little notes at the bottom would imply that functionality was returned in 3.0.3. Can anyone confirm?

Also, there's nothing in PCI compliance about not storing credit card info. It requires that the data be encrypted. The problem is that cs-cart keeps the encryption key in the config.local.php file which can allow easy decryption if the site is compromised.

Cs-cart's main issue is that if they store it, then technically they need to have the app certified at each release as to it's PCI compliance (to be truly compliant). This costs money and is not cheap. But I would guess if they distribute with PCI - “do not store” turned on and have an option to “Non-PCI - store” the merchant can select then their compliance is covered and responsibility then shifts to the merchant.

kogi · September 24, 2012, 12:00am

From the notes, I translate as in the bug is in 3.0.3 and will be fixed in the next version

cutritefx · November 9, 2012, 12:00am

Worked fine for me using 3.0.3

Just remember that int he first section

[color=#282828][font=arial, verdana, tahoma, sans-serif]/core/fn.cart.php[/font][/color]

replace this [color=#ff0000]( I found this twice in /core/fn.cart.php)[/color]

[color=#282828][font=arial, verdana, tahoma, sans-serif]$payment_info = fn_cleanup_payment_info('', fn_encrypt_text(serialize($payment_info)), true);[/font][/color]

with

[color=#282828][font=arial, verdana, tahoma, sans-serif]$payment_info = fn_encrypt_text(serialize($payment_info));[/font][/color]

[color=#282828][font=arial, verdana, tahoma, sans-serif]__________________________________________________[/font][/color]

[color=#282828][font=arial, verdana, tahoma, sans-serif]I replaced the code in 2 places in the fn.cart.php.[/font][/color]

[color=#282828][font=arial, verdana, tahoma, sans-serif]Last time I tried this it did not work. Maybe because I missed that there was 2 of them.[/font][/color]