MD5 Hash Problems

[bigk]

If I have posted this in the wrong area please forgive me.

We have Zen Cart in Productions mode and Authorize.net in test mode.

We are having problems with the following error:

WARNING: Security hash problem. Please contact store-owner immediately. Your order has *not* been fully authorized.

and

Communications Error - Please notify webmaster. - Your credit card could not be authorized for this reason. Please correct the information and try again or contact us for further assistance.

We have changed the hash in the admin area (Zen) and in authorize.net settings. I don't have a long hash.

We are using Authorize.net (AIM)

I have spoken with Authorize.net but have not gotten anywhere. The following log file come the email.

> Results Received back from Authorizenet: Array
> (
> [0] => Response from gateway
> [1] =>
> [Expected-MD5-Hash] => XXXXXXXXXXXXXXXXXXXXXX (Changed out code for X)
> [HashMatchStatus] => FAIL

I have a clinet that needs to get their site up and any help would be a be helpful and a big thanks.

K

[bigk]

I have also tried the CURL TEST and here are the results.

CURL Test Page
This page is intended for testing CURL behaviour. You should be accessing this page via CURLTEST.PHP running on YOUR server.


You submitted the following fields and data:
Array
(
[field1] => This is a test
[statuskey] => ready
)
Data validation
Good
Other Info
Your server IP address is: xx.XXX.XXX.XXX. (Removed IP)
user-agent: unknown.
Copyright © 2003 - 2007 Zen Ventures, LLC - Powered by Zen Cart™
Array
(
[url] => "http://www.zen-cart.com/testcurl.php"
[content_type] => text/html
[http_code] => 200
[header_size] => 168
[request_size] => 245
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.203
[namelookup_time] => 0.102
[connect_time] => 0.103
[pretransfer_time] => 0.103
[size_upload] => 0
[size_download] => 2142
[speed_download] => 10551.7241379
[speed_upload] => 0
[download_content_length] => 0
[upload_content_length] => 0
[starttransfer_time] => 0.203
[redirect_time] => 0

Sure could use some good help. Thanks in advance for any help you might have.

K

[DrByte]

I have also tried the CURL TEST and here are the results.

Try it again with ?authnet=1 added to the URL, and post the results or the URL.

Who is your hosting company?

[DrByte]

We have changed the hash in the admin area (Zen) and in authorize.net settings. I don't have a long hash.

What kind of hash have you chosen? It needs to be no more than 20 characters in length, and must be entered IDENTICAL in BOTH places. So, if you entered "billybob123" in Auth.net settings, you enter "billybob123" in Zen Cart settings.


However, if your communications problems aren't resolved yet, then the hash alert is a secondary issue, probably caused by the failed communications.

[bigk]

DrByte,

Thank you for your reply. The hosting company is godaddy.

The hash is 4 letters

I have checked and the authize.net and the shopping cart have the same hash. I have even changed it several time to make sure.

I don't totaly understand the part of Try it again with ?authnet=1 added to the URL, and post the results or the URL.

What other communcation issue should I start chcecking first?

Thanks again for the feedback and look forward to our additional replies.

K

[DrByte]

GoDaddy does odd things with their servers.
One of their specific peculiarities is that you need a CURL Proxy setting enabled in order to tell your server to talk to the authorize.net webserver, since GoDaddy doesn't let that happen normally.

Instructions: http://www.zen-cart.com/forum/showthread.php?t=61528

[bigk]

DRByte,

This is the complete email I am getting from the shopping cart. I XXX my personal and Ip addresses.

Again thanks for your help. I will get you any additioanl information you need.

Kevin

> Dec-31-2007 07:06:00
> =================================
>
> Comm results: 28 connect() timed out!
>
> Response Code: .
> Response Text:
>
> Sending to Authorizenet: Array
> (
> [x_login] => *******
> [x_tran_key] => *******
> [x_relay_response] => FALSE
> [x_delim_data] => TRUE
> [x_delim_char] => |
> [x_encap_char] => *
> [x_version] => 3.1
> [x_type] => AUTH_CAPTURE
> [x_method] => CC
> [x_amount] => 48.46
> [x_currency_code] => USD
> [x_card_num] => XXXXXXXXXXXXXXXXX8888
> [x_exp_date] => 0110
> [x_card_code] => ****
> [x_email_customer] => TRUE
> [x_email_merchant] => TRUE
> [x_cust_id] => 1
> [x_invoice_num] => 2-d1kbI6
> [x_first_name] => Kevin
> [x_last_name] => XXXXX Removed
> [x_company] =>
> [x_address] => XXXXX Removed
> [x_city] => XXXXX Removed
> [x_state] => XXXXX Removed
> [x_zip] => 7XXXXX Removed
> [x_country] => United States
> [x_phone] => XXXXX Removed
> [x_email] => XXXXX Removed
> [x_ship_to_first_name] => Kevin
> [x_ship_to_last_name] => XXXXX Removed
> [x_ship_to_address] => XXXXX Removed
> [x_ship_to_city] => XXXXX Removed
> [x_ship_to_state] => XXXXX Removed
> [x_ship_to_zip] => 78758
> [x_ship_to_country] => United States
> [x_description] => Porpoise (qty: 1)
> [x_recurring_billing] => NO
> [x_customer_ip] => XX.XX.XXX.XX (Removed IP)
> [x_po_num] => Dec-31-2007 07:05:45
> [x_freight] => 14.76
> [x_tax_exempt] => FALSE
> [x_tax] => 3.70
> [x_duty] => 0
> [Date] => December 31, 2007, 7:05 pm
> [IP] => XX.XX.XXX.XX (Removed IP)
> [Session] => 4ca0a952f999c3339785c603b3b32fe0
> [url] => https://secure.authorize.net/gateway/transact.dll
> )
>
>
> Results Received back from Authorizenet: Array
> (
> [0] => Response from gateway
> [1] =>
> [Expected-MD5-Hash] => 2604B2F47AFB9CE99453A4A395C589D0
> [HashMatchStatus] => FAIL
> )
>
>
> CURL communication info: Array
> (
> [url] => https://secure.authorize.net/gateway/transact.dll
> [http_code] => 0
> [header_size] => 0
> [request_size] => 0
> [filetime] => -1
> [ssl_verify_result] => 0
> [redirect_count] => 0
> [total_time] => 0
> [namelookup_time] => 0.01
> [connect_time] => 0
> [pretransfer_time] => 0
> [size_upload] => 0
> [size_download] => 0
> [speed_download] => 0
> [speed_upload] => 0
> [download_content_length] => 0
> [upload_content_length] => 0
> [starttransfer_time] => 0
> [redirect_time] => 0
> )
>
>
> RAW data received:

[DrByte]

If you don't enable the proxy settings as instructed, you'll not get a good response from Authorize.net

[bigk]

DrByte,

Godaddy was no help on setting up the proxyserver setting. Please excuse my limited skills in the shopping cart.

I have loged into aurthize.net dont see a proxy setting.

Thanks again for your help. Right now you are my only hope.


Kevin

[bigk]

DrByte,

Here are the setting I have in the Zen Shopping cart.

I hope this will help.

Kevin

Enable Authorize.net (AIM) Module
Do you want to accept Authorize.net payments via the AIM Method?

XTrue
False

Login ID XXXXX
The API Login ID used for the Authorize.net service


Transaction KeyXXXXXXX
Transaction Key used for encrypting TP data
(See your Authorizenet Account->Security Settings->API Login ID and Transaction Key for details.)


MD5 Hash XXX
Encryption key used for validating received transaction data (MAX 20 CHARACTERS)


Transaction Mode
Transaction mode used for processing orders

Test
X Production

Authorization Type
Do you want submitted credit card transactions to be authorized only, or authorized and captured?

Authorize
XAuthorize+Capture

Enable Database Storage
Do you want to save the gateway communications data to the database?

XTrue
False

Customer Notifications
Should Authorize.Net email a receipt to the customer?

XTrue
False

Merchant Notifications
Should Authorize.Net email a receipt to the merchant?

XTrue
False

Request CVV Number
Do you want to ask the customer for the card's CVV number

X True
False

Sort order of display.
Sort order of display. Lowest is displayed first.


Payment Zone
If a zone is selected, only enable this payment method for that zone.
--none--Texas

Set Completed Order Status
Set the status of orders made with this payment module to this value
XdefaultPending [1]Processing [2]Delivered [3]Update [4]

Set Refunded Order Status
Set the status of refunded orders to this value
XdefaultPending [1]Processing [2]Delivered [3]Update [4]

Debug Mode
Would you like to enable debug mode? A complete detailed log of failed transactions may be emailed to the store owner.

Off
Log File
X Log and Email