Printable View
I used this one: http://zucando.com/zen-cart-modules/...ayment-gatewayQuote:
Originally Posted by raphael
The creator of the original one kind of bailed on the project so there is no help for it. The one I just posted is very nice looking and the guy who created it is VERY helpful!
Ok I tried the just drop approach and still nothing shows up in the payment modules section in zc. Can some please please please post specific detailed instruction on how to install this. For instance which includes folder do I drop it into there are 2 includes folders. Also do I drop the whole "stripe_zencartv132" folder or just the contents of that folder, and again where do I drop this. I appreciate any of your help...Quote:
Originally Posted by yaritai
Inside the stripe mod zip, you will see a "/includes" folder. This is the catalog side. If this was the admin side you will see the includes inside the folder admin. Payment mods are all installed in the catalog side. EVERYTHING inside the includes folder gets put in your catalog side includes folder.Quote:
Originally Posted by raphael
Advice for you is that I hope you are installing new mods in a test site. If not, make sure you do a complete backup of your files and database. This will ensure that you can revert back if anything goes wrong.
I just installed Version: v1.3.2 of stripe payments module and kept getting errors with the db query in stripepay.php. I had to change
TYPE=MyISAM AUTO_INCREMENT=1 ;
to
) ENGINE=MyISAM AUTO_INCREMENT=1;
I don't recall what the exact error was, but it was preventing this query
"$db->Execute("CREATE TABLE IF NOT EXISTS `stripe_data` ( ... "
in stripepay.php from executing. Changing the TYPE= to ENGINE= at the end of the query fixed it.
From the documentation on the net, I got this:
"
Type has been replaced with engine.
TYPE keyword is depreciated (since 5.0) and not supported in MySQL5.5 (and I think even 5.1). Instead of TYPE keyword use ENGINE keyword."
My database info is:
Server type: MySQL
Server version: 5.6.16 - Source distribution
Protocol version: 10
Received these errors in our log after successfully charging an American Express card through the module:
PHP Code:[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Charge instance: customer
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Charge instance: disputed
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Charge instance: fee
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Charge instance: invoice
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: address_city
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: address_country
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: address_line1
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: address_line1_check
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: address_line2
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: address_zip
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: address_zip_check
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: type
[03-Dec-2014 22:31:41 America/Vancouver] Stripe Notice: Undefined property of Stripe_Object instance: type
I've installed this module on zen cart 1.5.4 with shared SSL and I didn't have any problems that I can remember . My question is what form of Stripe checkout does this module use ? Does cardholder data come onto my server,or is it using Stripe token parameters,so that " You can let us take care of the hardest parts of PCI compliance, like redacting logs and encrypting cardholder details"(Stripe website)?
Does anybody have any information about the security of this module ?
I'm also interested in this question. It seems my other payment module (2checkout) pushes you to their site by passing name, address, cart details, and amount to make payment then redirects back after the payment is successful so any compliance doesn't need to be maintained. I just installed Stripe and it appears since SSL is needed, the transaction is happening on our website which is scary. It doesn't make sense to open myself up to that liability.Quote:
Originally Posted by cefyn
Jonathan
BAD ASSUMPTION!Quote:
Originally Posted by cloud9
The latest PCI rules are challenging that way of thinking, and closing a lot of unsecure loopholes that were caused by that sort of general assumption. Be sure to understand the latest rules!
Just because it's using SSL doesn't mean the transaction is happening on your site.Quote:
Originally Posted by cloud9
I'm not commenting specifically about Stripe here. I'm commenting on the assumption.
You SHOULD be using SSL on your site, regardless what payment module you're using. Customers are giving you their personal identity data, and if you're not using SSL then you're doing ABSOLUTELY NOTHING to protect that data (and their shopping choices too) from being stolen by snoopers online during the form submissions your customers are doing. If you're going to skip using SSL, I strongly recommend you put a big notice up on your site telling your customers that you're not protecting any data they give you. They deserve to be informed, don't they?
SSL is very inexpensive these days ... and in fact it's even possible to get a legitimate dedicated certificate for free nowadays, no strings attached, with initiatives underway by various organizations who firmly believe SSL should be used everywhere.
Quote:
Originally Posted by DrByte
I get the PCI rules are changing but I'm referring to the present. They haven't changed yet, right? When credit card data is being entered in on your website, it makes YOU liable for protecting that data. It is much better to let that happen elsewhere if you can. Credit card information can be more damaging then obtaining someone's address which can be found by Google.
However, you made a good point about using SSL on your website. Which service do you recommend? Which ones are free?
I didn't disagree with that. I was disagreeing that "compliance doesn't need to be maintained" "if it pushes you off to their site".Quote:
Originally Posted by cloud9
The point was that last year they announced that even sites that process payment "offsite" still need to comply with PCI rules; you can't just "wipe your hands cuz it's someone else's responsibility" anymore.
But now we're really digressing far from the topic at hand: using Stripe.