PHPShop-0.6.1 hack for implementation of sausurepay cc/tc processing. * No warranty, no guarantees, use at your own risk * (c) - Sauen.Com & J T Stokkeland aka Stoke stoke@sauen.com What License is this? Well, PHPshop has their own license, and this is somewhat a hack and customization of it, so therefore I include: "This product includes software developed by Edikon Corporation for use in phpShop. (http://www.phpShop.org/)." which is part of their license. The "Sauen PHP Surepay Lib" is licensed under GPL2 (http://sausurepay.sauen.com), but this hack does not change any of its content, just using its class. To me it is just a free open do-what-you-want code piece, but if you apply it to PHPshop, it's under their license! Revision: 2002 March 25 (surepay.sau v0.4) Revision history: 2002 March 25 Changed a mistake in adding product descriptions. It now uses product.product_name instead of product.product_s_desc in the description attribute of pp.lineitem. Fixed a couple of small comment snags. 2002 March 21 Fixed so that phonenumbers are stripped for anything but digits, since any 555-555-5555 would be longer than 11 and miss info on the surepay merchant panel. 2002 March 20 Fixed so that items with empty description (product.product_s_description) will not give an error, adds '--no descripton--' as description in pp.lineitem. (SKU is required tho!) Added some license info and more details. 2002 March 19 First attempt.. sort of a beta :) TeleCheck remains not fully tested, due to a TeleCheck server problem at the moment.. ------------ INSTALLATION ------------ 1. Take a backup of all files and data in your current install Make sure you have PHPshop 0.6.1 (some files may be marked 0.6.2) Download SauSurePay-0.1.1 as well from SauSurepay.Sauen.Com 2. Copy all these files to these locations ps_checkout.inc * modules/checkout/lib/ps_checkout.inc surepay.sau modules/checkout/lib/surepay.sau confirm.ihtml * modules/checkout/html/confirm.ihtml index.ihtml * modules/checkout/html/index.ihtml shipping.ihtml * modules/checkout/html/shipping.ihtml thankyou.ihtml * modules/checkout/html/thankyou.ihtml order_print.ihtml * modules/order/html/order_print.ihtml payment_information_form.sau modules/checkout/html/payment_information_form.sau payment_cc.sau modules/checkout/html/payment_cc.sau payment_tc.sau modules/checkout/html/payment_tc.sau payment_mo.sau modules/checkout/html/payment_mo.sau payment_pc.sau modules/checkout/html/payment_pc.sau payment_pb.sau modules/checkout/html/payment_pb.sau payment_po.sau modules/checkout/html/payment_po.sau The files marked * will overwire orginal ones. If you have made any changes in any of them, you will have to apply them again. You can also keep the original file and apply the changes from these files. All edits are enclosed within a html or php comment like **** START **** Edits by year month day and **** END **** Edits So you may search for those to find edited areas of a file. Be aware of that there might be several edited areas in a file. Generally all files edited was stripped for Bill Gates line endings. You must also copy the sausurepay lib somewhere, I recommend putting all those files under modules/checkout/lib/sausurepay-0.1.1/ so you won't need to change the path setting for it (step 5). 3. Make sure you got the payment options you want in PHPshop admin area, the payment codes for these must be of the following: VISA,MC,AMEX,DISC credicard (surepay) TC telecheck (surepay) MO money order PC paper-personal-check PB paper-business-check PO Purchase Order number If you have codes not listed here it will generate errors. Do NOT delete the files or these codes in any php code/files, if you whish change the list, do it in the php admin tool (Or in the db). 4. Edit the payment form template files. Do NOT delete or alter form field names or hidden fields or any php code. (well, unless you understand what it does and are fiksing things to the better). These files are used as templates payment_cc.sau code: VISA,MC,AMEX,DISC credicard payment_tc.sau code: TC telecheck payment_mo.sau code: MO money order (mail in) payment_pc.sau code: PC paper-personal-check (mail in) payment_pb.sau code: PB paper-business-check (mail in) payment_po.sau code: PO Purchase Order number (Account/Credit) You may want to add information about that "please click only once, it can take up to 2 minutes to process your order". 5. Look in modules/checkout/lib/surepay.sau to see if you want to adjust any settings. You should not set $live = true until you tested things, then you will also set your actual merchant ID and password. 6. Good luck :) It should now be ready for use. To do some tests you should add a product that costs $1.00, create a user wich lives in state that is not taxed by the taxrules (by Default only GA is taxed). Add 11 items to your shopping cart, check out and use cc number 4012000033330026 and any future expiration date. $11 = AUTH, $21 = REF, $31 = DCL. These test numbers/amount may change, surepay is very unprofessional about that, they haven't documented any of the changes for over 6 months... For a telecheck I believe it can be any amount, use Check no 1001 and MICR 1234567804390850001001 -------------------------------------- NOTES / Be aware of / Suggested / FAQ: -------------------------------------- Since the surepay gateway only accepts 10 digit numeric ordenumbers I could not use PHPshop MD5 sums. It creates a random one for every order, you can find this order number in the Payment Log of PHPshops order listing. Looking something like this: "Order 1213304494: AUTH : AUTHCODE: OK1719 TRANS_ID: CC_FU298F0C7B68 CVV2RESULT: X AVS: YYY" The real md5-ordernumber, as well as username and user_id can be found in surepays "trackingnumbers" information. You should make sure that all users address data is using 2-letter abreviation for all US address (International can use whatever). The surepay gateway may not handle stuff like "New York" instead of NY. Surepay only accept USD currency, so your shop can't use anything else either... If you place orders with the default/admin users and your default group_id is not 5 anymore you may get odd results. (These users have no group xref) When cc info has been successfully transmitted to surepay, only the last 5 digits will be visible and stored encrypted in the DB. The reason for this is security, it is way too easy to get the key,dbname,dbuser and dbpass for anyone else on the same server and read all your data. The default invoice/receipt assumes cc, so you may want to add some code in thankyou.ihtml to show different name cor account number when a check order is placed or so on. If you want you can use the payment code with if ($GLOBALS['sau_co_payment'] == 'PB') { /* don't print expiration etc.. */ } The test server is very slow, sometimes it just won't work, often it takes over 30 seconds, sometimes over 60. The live server is said to be much quicker. At the moment of releas of this code the TeleCheck servers seemed to have soem problems, if you get a return saying: General failure: com.purepayments.biz.telecheck.TeleCheckFailureException: TeleCheckProcessingError: TeleCheck returned Check Failure (807) It is not your or the scripts fault, Surepay told me it is a problem on the TeleCheck servers.. Well, been like this for at least a couple of days now, seems like someone is really serious and concerned about the money transaction systems :p ------------- Hack Details: ------------- Edited modules/checkout/html/confirm.ihtml * Replaced payment info content with an include for new file payment_information_form.sau which in turn includes acording previously chosen paymenmt method of either (All new files): payment_cc.sau code: VISA,MC,AMEX,DISC credicard payment_tc.sau code: TC telecheck payment_mo.sau code: MO money order (mail in) payment_pc.sau code: PC paper-personal-check (mail in) payment_pb.sau code: PB paper-business-check (mail in) payment_po.sau code: PO Purchase Order number (Account/Credit) Edited modules/checkout/html/index.ihtml * Added a 'or 1' to an if regarding what checkout documents that comes after index. It forces the shipping.ihtml to be used no matter what. Edited modules/checkout/html/shipping.ihtml * Changed title. * Inclusion of shipping_radio.ihtml made conditional (based on config/weight) * Payment type selection is added to this document. Edited modules/checkout/html/thankyou.ihtml * Fixed the bug which creates a blank thank you page. ($order_id assigned earlier) Edited modules/checkout/lib/ps_checkout.inc * Added call to new file modules/checkout/lib/surepay.sau which will do the surepay authorization stuff. Added modules/checkout/lib/surepay.sau This file does all surepay stuff interacting with the sausurepay libs. There are some settings to do inside this file. MAKE SURE THIS FILE IS NOT IN WEB AREA!(Just as all phpshop files exept index is supposed to be). Edited modules/order/html/order_print.ihtml Nothing to do with the hack, just a very ugly bug in phpshop regarding decoding the encrypted stored data.