Forums / Addon Payment Modules / CyberSource Invalid Field

CyberSource Invalid Field

Locked
Results 1 to 14 of 14
This thread is locked. New replies are disabled.
29 May 2006, 21:04
#1
holgate avatar

holgate

New Zenner

Join Date:
Aug 2005
Posts:
52
Plugin Contributions:
0

CyberSource Invalid Field

Last fall I had Cybersource playing nice with Zen...but that was a couple versions ago for the core and module.

This time (Zen 1.3.0.1 and CyberSource v1.04), I'm getting a field data error when I checkout. I'm using 'production' status in Zen's Cybersource setup. All field names are returning with a 'VALID' setting except the orderPage_signaturePublic ...which is coming back 'INVALID'.

I don't even know what that field is :-( ...I've traced it back in the HOP.php as a public key or something, and each time I run a new checkout test the Field Value changes - some random generated script key I suppose. This all occurs in the 'Check Order Data' results page url: https://orderpage.ic3.com/hop/ProcessOrder.do

Anyone have any suggestions? I bet it's a no-brainer...but I can't figure it...yet...
30 May 2006, 21:46
#2
holgate avatar

holgate

New Zenner

Join Date:
Aug 2005
Posts:
52
Plugin Contributions:
0

Re: CyberSource Invalid Field

Ok. Cybersource resolved this issue for me. It's a one-line code fix in your HOP.php that is generated from the Cybersource website:

On (or around) line 32, AFTER
function cybs_sha1($in)  {
enter this
return pack ("H*", sha1($in));
I was told that the original HOP.php is appropriate for Windows servers, but this is a bug that can be fixed for Linux servers. Processing orders perfectly now. :thumbsup:



Also - I've mentioned in another thread, but for newbs like myself - if you want Cybersource to automatically capture the sale edit the cs.php file:

On (or around) line 310, find
zen_draw_hidden_field('orderPage_transactionType','authorize') . "\n" .
and change it to
zen_draw_hidden_field('orderPage_transactionType','sale') . "\n" .


If you leave it as the word 'authorize' instead of 'sale' you'll have to make sure you log-in to Cybersource everytime you make a sale to 'capture' the charge.

Thnx Zen!
14 Jun 2006, 19:00
#3
iwebgeek avatar

iwebgeek

New Zenner

Join Date:
May 2006
Posts:
43
Plugin Contributions:
0

Re: CyberSource Invalid Field

I've been looking for a fix to that problem. Thanks!

One thing though, I'm testing without a secure server but when I checkout an order, it asks me to validate a SSL that's not from my site, but another one. What's up with this?

The site it's coming from is gallerynetwork.com

Any ideas??
15 Jun 2006, 13:27
#4
holgate avatar

holgate

New Zenner

Join Date:
Aug 2005
Posts:
52
Plugin Contributions:
0

Re: CyberSource Invalid Field

I think I read about another instance of mixed up certificates in this forum... maybe another client using the same host/server, or something like that?

I'm testing without SSL now too, but plan to edumacate myself by experience very soon with a certificate & dedicated IP - that seems to be the benchmark for professional store status.
15 Jun 2006, 18:08
#5
iwebgeek avatar

iwebgeek

New Zenner

Join Date:
May 2006
Posts:
43
Plugin Contributions:
0

Re: CyberSource Invalid Field

I guess I'll have to try to setup my own SSL..

another question, I downloaded a security key from cybersource's business center but I have no idea what to do with it???

I am a newb to all of this, trying to set up an online store for my company.
15 Jun 2006, 18:57
#6
holgate avatar

holgate

New Zenner

Join Date:
Aug 2005
Posts:
52
Plugin Contributions:
0

Re: CyberSource Invalid Field

The Cybersource 'Security Key' is used "to submit orders with the Simple Order API". I believe this is another seperate/different way of processing orders with a cart setup. I think the service I've used previously (UltraCart) uses the API system - something about including the key in it's server clusters blah blah blah. I'm live with UltraCart now, and able to test the HOP script with Zen at the same time... so I know it's an alternative way to achieve order processing.

What is API? Does Zen have a way to setup API with Cybersource?.. I have no idea... I'm guessing not, or there would be no need for the HOP script. So I don't think the Security Key youve downloaded is applicable in the Zen setup.

Anyone?..
16 Jun 2006, 15:49
#7
iwebgeek avatar

iwebgeek

New Zenner

Join Date:
May 2006
Posts:
43
Plugin Contributions:
0

Re: CyberSource Invalid Field

OKay thanks!

Would you mind writing a short tutorial on how to implement the SSL with Zen Cart? I've already got the cybersource module installed, so I just need instructions on how to add the SSL once I've purchased it.
16 Jun 2006, 18:12
#8
holgate avatar

holgate

New Zenner

Join Date:
Aug 2005
Posts:
52
Plugin Contributions:
0

Re: CyberSource Invalid Field

I don't know about a tutorial :blink: but I'd be glad to report my experience after installing the SSL. Basically, I'm going to ask my host provider to take care of it for me - then I'll scour the forum for other SSL threads if I have any Zen problems.

I'm really trying to hold out though, until Absolute completes work on his Multiple Stores With One Checkout. But if that's not done by early July I'll have to move forward without it.
19 Jun 2006, 15:10
#9
iwebgeek avatar

iwebgeek

New Zenner

Join Date:
May 2006
Posts:
43
Plugin Contributions:
0

Re: CyberSource Invalid Field

Alright, not a problem. I probably should check into my host helping me with the SSL, but they will probably charge a fee for it. :unsure:
19 Jun 2006, 18:42
#10
holgate avatar

holgate

New Zenner

Join Date:
Aug 2005
Posts:
52
Plugin Contributions:
0

Re: CyberSource Invalid Field

Don't get me wrong - I'd write one if I was qualified... I'm just hacking my way through on the road to Zen. :lookaroun
20 Jun 2006, 02:38
#11
romanus avatar

romanus

Zen Follower

Join Date:
Feb 2004
Posts:
101
Plugin Contributions:
3

Re: CyberSource Invalid Field

You need to install an ssl cetificate if SSL is installed on your server. You may need to check with your hosting company to ensure that they allow this in your hosting environment. They will need to generate a CSR ( Certificate Signing Request) and tell you what type of system generated the CSR (Linux-Mod Apache) .

You can then go to http://www.instantssl.com or any one of half a dozen SSL certificate providers.

After you purchase you can wither bring it to your hosting company or if you have cpane; you may try installing it yourself.

Further than that would take a long time to type out.

Best wishes
15 Jul 2006, 18:49
#12
carlosferrandis avatar

carlosferrandis

New Zenner

Join Date:
Feb 2006
Posts:
15
Plugin Contributions:
0

Re: CyberSource Invalid Field

Hello.

I tryed to make the modification you mention but I always have an error.

Would mind to post your HOP.php or be copy and paste the line that you create after the line 32?

thanks



Holgate:

Ok. Cybersource resolved this issue for me. It's a one-line code fix in your HOP.php that is generated from the Cybersource website:

On (or around) line 32, AFTER
function cybs_sha1($in)  {
enter this
return pack ("H*", sha1($in));
I was told that the original HOP.php is appropriate for Windows servers, but this is a bug that can be fixed for Linux servers. Processing orders perfectly now. :thumbsup:



Also - I've mentioned in another thread, but for newbs like myself - if you want Cybersource to automatically capture the sale edit the cs.php file:

On (or around) line 310, find
zen_draw_hidden_field('orderPage_transactionType','authorize') . "\n" .
and change it to
zen_draw_hidden_field('orderPage_transactionType','sale') . "\n" .


If you leave it as the word 'authorize' instead of 'sale' you'll have to make sure you log-in to Cybersource everytime you make a sale to 'capture' the charge.

Thnx Zen!
15 Jul 2006, 19:21
#13
holgate avatar

holgate

New Zenner

Join Date:
Aug 2005
Posts:
52
Plugin Contributions:
0

Re: CyberSource Invalid Field

HOP.php... cut & pasted from approximately lines 24 through 34 (bold text is the new insert fix):
# calculates SHA-1 digest of the input string
# cleaned up from John Allen's "SHA in 8 lines of perl5"
# at http://www.cypherspace.org/~adam/rsa/sha.html
#
# returns the hash in a (binary) string

function cybs_sha1($in) {
  return pack ("H*", sha1($in));
  $indx = 0;
  $chunk = "";


As for the SSL experience; I have a reseller account and the hosting company setup the SSL for me... sorry I can't offer any info on that subject. The only thing I might need to do is modify the settings to make sure the http://www.mywebsite.com address forwards to the http://mywebsite.com address (no 'www'). Otherwise the security popup still appears because the SSL only covers a single/exact url - so I'm told. I'd be glad to recommend the hosting company I use by PM.
02 Feb 2007, 02:45
#14
ichi avatar

ichi

New Zenner

Join Date:
Feb 2007
Posts:
1
Plugin Contributions:
0

Re: CyberSource Invalid Field

Thanks for the fix! That invalid field problem has been driving me nuts!