Ok. I just talked to Authorize again.

One difference we found between my two stores was that the non-working one is set to return pipe-delimited data (settings>transaction response settings>direct response) where as the other was set to "no". I've tried it both ways, and there's no difference in what I see coming back.

The stuff we're dumping to screen right now is just a reflection of what we're sending. We know that's good, as Authorize *is* accepting the charge - they just can't talk back to the ZenCart to tell it.

With a little juggling around of the code (leave it on 'echo' but comment out line 371 so it posts to the live gateway instead of the parameter dump refector) I now get back:

1|1|1|This transaction has been approved.|008333|Y|1303863459|9|test product (qty: 1)|0.01|CC|auth_capture|3|

etc....

which appers to be the raw data stream they send back. It certainly matches what I've seen when dealing with them previously, hand-coding gateways in another language.

So it *appears* by the third entry there being a "1" and the fourth clearly stating that it's been approved that Auth.net is doing what they should. Correct me if I'm wrong.

I'm going to hack around on this some more and see if I can make it work, just wanted to let y'all know what I've found so far.