Needed! Sagepay Module for the UK

wilson1000 · **Joined:** Wed Feb 03, 2010 12:08 pm **Posts:** 6

Dear CRE Freaks, Newbies and people passing by,

I am currently looking for a payment module to integrate with 6.4.1a and Sagepay's form system. Is there anyone that has experience with this that can help me out?

Also, I am trying to install the osCommerce module to get a head start but it's not showing up in my admin panel under payment modules - any ideas??

THANK YOU SO MUCH!

aitsglobal · **Joined:** Thu Feb 28, 2008 9:09 pm **Posts:** 47

download the official compatible mod from here http://addons.oscommerce.com/info/6983

You need to modify $HTTP_GET_VARS with $_GET and $HTTP_POST_VARS with $_POST do a search and reply to the module file under include/modules/payment

not recommended if you are using discount coupon

have a good day

TheLango · **Joined:** Sun Nov 29, 2009 10:57 am **Posts:** 271

wilson1000 wrote:

Dear CRE Freaks, Newbies and people passing by,

I am currently looking for a payment module to integrate with 6.4.1a and Sagepay's form system. Is there anyone that has experience with this that can help me out?

I have just and I mean just, in the last 2 days had to pay someone to get the sagepay form to work with 6.4.1.
There are a few things you need to change within checkout_confirmation_tpl.php. I can give you his contact details if you want..
It now even works with the coupons and gift vouchers..

wilson1000 wrote:

Also, I am trying to install the osCommerce module to get a head start but it's not showing up in my admin panel under payment modules - any ideas??

Did you add the sage_pay_form.php file into you languages/YOUR_LANGUAGE/modulues/payment folder?
I spent nearly a week going over this code, comparing to the old Protex, everything I could think of.. in the end, it was just cheaper to pay someone.. BUT I really hope you get it sorted,
Sage themselves were about as much use as an ashtray on a moterbike, so dont rely on them...

aitsglobal wrote:

download the official compatible mod from here http://addons.oscommerce.com/info/6983

You need to modify $HTTP_GET_VARS with $_GET and $HTTP_POST_VARS with $_POST do a search and reply to the module file under include/modules/payment

I see you are a CRE Solution Provider, If you can get the addon, you mention to work with 6.4.1, I'm sure there are PLENTY of people who will be in your debt..

It is not just a case of replacing $HTTP_GET_VARS and $HTTP_POST_VARS, there is too much logic change within the checkout of CRELoaded compared to OSC these days..

Yes it will pass the info to SAGE PAY, even the correct Success and Failure URLS, yet no matter what you try, it will return a failure on returning from sage to your store.

Like I said, if you have any info for peeps on how to get this payment module to work, please, post here..

Regards

aitsglobal · **Joined:** Thu Feb 28, 2008 9:09 pm **Posts:** 47

you are freekingout if you have solution post it to help others every one is here to find solution to his problem if one want to pay why spent time on searching and searching. by the way this will work perfectly with just the modification on the top already test, also fixed the coupon discount for my client didnt ADVERTISED it

TheLango · **Joined:** Sun Nov 29, 2009 10:57 am **Posts:** 271

aitsglobal wrote:

:evil: you are freekingout if you have solution post it to help others every one is here to find solution to his problem if one want to pay why spent time on searching and searching

Sorry, I dont understand this bit.. did I say something to offend you?
As I said, I paid someone to get this to work, He said, he had to modify other files within the checkout process.. Mow I dont know what he changed, so how can I contribute half a fix... like I said, I can provide his contact details.

aitsglobal wrote:

by the way this will work perfectly with just the modification on the top already test, also fixed the coupon discount for my client didnt ADVERTISED it

Brilliant.. so you can post the form on here for all to use.. after all, every one is here to find solution to his problem and if you dont need to change any other files, this is great.. and stupidly I have been led down the garden path..

Will you post the language file and error file also, or are these not changed?

Best Regards

aitsglobal · **Joined:** Thu Feb 28, 2008 9:09 pm **Posts:** 47

sorry i might miss understood, could you post the code for your module file, may be it help

here is the module code that work well with form it was test with simulator / test transaction and live now:

Code:

<?php
/*
  $Id: $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2009 osCommerce

  Released under the GNU General Public License
*/

  function sage_pay_form_textarea_field($value = '', $key = '') {
    return tep_draw_textarea_field('configuration[' . $key . ']', 'soft', 60, 5, $value);
  }

  class sage_pay_form {
    var $code, $title, $description, $enabled;

// class constructor
    function sage_pay_form() {
      global $order;

      $this->signature = 'sage_pay|sage_pay_form|1.2|2.2';

      $this->code = 'sage_pay_form';
      $this->title = MODULE_PAYMENT_SAGE_PAY_FORM_TEXT_TITLE;
      $this->public_title = MODULE_PAYMENT_SAGE_PAY_FORM_TEXT_PUBLIC_TITLE;
      $this->description = MODULE_PAYMENT_SAGE_PAY_FORM_TEXT_DESCRIPTION;
      $this->sort_order = MODULE_PAYMENT_SAGE_PAY_FORM_SORT_ORDER;
      $this->enabled = ((MODULE_PAYMENT_SAGE_PAY_FORM_STATUS == 'True') ? true : false);

      if ((int)MODULE_PAYMENT_SAGE_PAY_FORM_ORDER_STATUS_ID > 0) {
        $this->order_status = MODULE_PAYMENT_SAGE_PAY_FORM_ORDER_STATUS_ID;
      }

      if (is_object($order)) $this->update_status();

      switch (MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_SERVER) {
        case 'Live':
          $this->form_action_url = 'https://live.sagepay.com/gateway/service/vspform-register.vsp';
          break;

        case 'Test':
          $this->form_action_url = 'https://test.sagepay.com/gateway/service/vspform-register.vsp';
          break;

        default:
          $this->form_action_url = 'https://test.sagepay.com/Simulator/VSPFormGateway.asp';
          break;
      }
    }

// class methods
    function update_status() {
      global $order;

      if ( ($this->enabled == true) && ((int)MODULE_PAYMENT_SAGE_PAY_FORM_ZONE > 0) ) {
        $check_flag = false;
        $check_query = tep_db_query("select zone_id from " . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . MODULE_PAYMENT_SAGE_PAY_FORM_ZONE . "' and zone_country_id = '" . $order->billing['country']['id'] . "' order by zone_id");
        while ($check = tep_db_fetch_array($check_query)) {
          if ($check['zone_id'] < 1) {
            $check_flag = true;
            break;
          } elseif ($check['zone_id'] == $order->billing['zone_id']) {
            $check_flag = true;
            break;
          }
        }

        if ($check_flag == false) {
          $this->enabled = false;
        }
      }
    }

    function javascript_validation() {
      return false;
    }

    function selection() {
      return array('id' => $this->code,
                   'module' => $this->public_title);
    }

    function pre_confirmation_check() {
      return false;
    }

    function confirmation() {
      return false;
    }

    function process_button() {
      global $customer_id, $order, $ot_coupon, $od_amount, $currency, $cartID;

      $process_button_string = '';

      $params = array('VPSProtocol' => '2.23',
                      'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802',
                      'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_LOGIN_NAME, 0, 15));

      if ( MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_METHOD == 'Payment' ) {
        $params['TxType'] = 'PAYMENT';
      } elseif ( MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_METHOD == 'Deferred' ) {
        $params['TxType'] = 'DEFERRED';
      } else {
        $params['TxType'] = 'AUTHENTICATE';
      }

      $crypt = array('VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40),
                     'Amount' => $this->format_raw($order->info['total'] ),
                     'Currency' => $currency,
                     'Description' => substr(STORE_NAME, 0, 100),
                     'SuccessURL' => tep_href_link(FILENAME_CHECKOUT_PROCESS, tep_session_name() . '=' . tep_session_id(), 'SSL', false),
                     'FailureURL' => tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false),
                     'CustomerName' => substr($order->billing['firstname'] . ' ' . $order->billing['lastname'], 0, 100),
                     'CustomerEMail' => substr($order->customer['email_address'], 0, 255),
                     'BillingSurname' => substr($order->billing['lastname'], 0, 20),
                     'BillingFirstnames' => substr($order->billing['firstname'], 0, 20),
                     'BillingAddress1' => substr($order->billing['street_address'], 0, 100),
                     'BillingCity' => substr($order->billing['city'], 0, 40),
                     'BillingPostCode' => substr($order->billing['postcode'], 0, 10),
                     'BillingCountry' => $order->billing['country']['iso_code_2']);

      if ($crypt['BillingCountry'] == 'US') {
        $crypt['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
      }

      $crypt['BillingPhone'] = substr($order->customer['telephone'], 0, 20);
      $crypt['DeliverySurname'] = substr($order->delivery['lastname'], 0, 20);
      $crypt['DeliveryFirstnames'] = substr($order->delivery['firstname'], 0, 20);
      $crypt['DeliveryAddress1'] = substr($order->delivery['street_address'], 0, 100);
      $crypt['DeliveryCity'] = substr($order->delivery['city'], 0, 40);
      $crypt['DeliveryPostCode'] = substr($order->delivery['postcode'], 0, 10);
      $crypt['DeliveryCountry'] = $order->delivery['country']['iso_code_2'];

      if ($crypt['DeliveryCountry'] == 'US') {
        $crypt['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
      }

      if (tep_not_null(MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_EMAIL)) {
        $crypt['VendorEMail'] = substr(MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_EMAIL, 0, 255);
      }

      switch (MODULE_PAYMENT_SAGE_PAY_FORM_SEND_EMAIL) {
        case 'No One':
          $crypt['SendEMail'] = 0;
          break;

        case 'Customer and Vendor':
          $crypt['SendEMail'] = 1;
          break;

        case 'Vendor Only':
          $crypt['SendEMail'] = 2;
          break;
      }

      if (tep_not_null(MODULE_PAYMENT_SAGE_PAY_FORM_CUSTOMER_EMAIL_MESSAGE)) {
        $crypt['eMailMessage'] = substr(MODULE_PAYMENT_SAGE_PAY_FORM_CUSTOMER_EMAIL_MESSAGE, 0, 7500);
      }

      $contents = array();

      foreach ($order->products as $product) {
        $product_name = $product['name'];

        if (isset($product['attributes'])) {
          foreach ($product['attributes'] as $att) {
            $product_name .= '; ' . $att['option'] . '=' . $att['value'];
          }
        }

        $contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100) * $product['final_price']) . ':' . $this->format_raw((($product['tax'] / 100) * $product['final_price']) + $product['final_price']) . ':' . $this->format_raw(((($product['tax'] / 100) * $product['final_price']) + $product['final_price']) * $product['qty']);
      }

      foreach ($this->getOrderTotalsSummary() as $ot) {
        $contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
      }

      $crypt['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
      $crypt['Apply3DSecure'] = '0';

      $crypt_string = '';

      foreach ($crypt as $key => $value) {
        $crypt_string .= $key . '=' . trim($value) . '&';
      }

      $crypt_string = substr($crypt_string, 0, -1);

      $params['Crypt'] = base64_encode($this->simpleXor($crypt_string, MODULE_PAYMENT_SAGE_PAY_FORM_ENCRYPTION_PASSWORD));

      foreach ($params as $key => $value) {
        $process_button_string .= tep_draw_hidden_field($key, $value);
      }

      return $process_button_string;
    }

    function before_process() {
      global $_GET, $_POST, $order;

      if (isset($_GET['crypt']) && tep_not_null($_GET['crypt'])) {
        $transaction_response = $this->simpleXor($this->base64Decode($_GET['crypt']), MODULE_PAYMENT_SAGE_PAY_FORM_ENCRYPTION_PASSWORD);

        $string_array = split('&', $transaction_response);
        $return = array('Status' => null);

        foreach ($string_array as $string) {
          if (strpos($string, '=') != false) {
            $parts = explode('=', $string, 2);
            $return[trim($parts[0])] = trim($parts[1]);
          }
        }

        if ( ($return['Status'] != 'OK') && ($return['Status'] != 'AUTHENTICATED') && ($return['Status'] != 'REGISTERED') ) {
          $error = $this->getErrorMessageNumber($return['StatusDetail']);

          //tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL'));
        }

        if ( isset($return['VPSTxId']) ) {
          $order->info['comments'] = 'Sage Pay Reference ID: ' . $return['VPSTxId'] . (tep_not_null($order->info['comments']) ? "\n\n" . $order->info['comments'] : '');
        }
      } else {
        //tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code, 'SSL'));
      }
    }

    function after_process() {
      return false;
    }

    function get_error() {
      global $_GET;

      $message = MODULE_PAYMENT_SAGE_PAY_FORM_ERROR_GENERAL;

      if ( isset($_GET['error']) && is_numeric($_GET['error']) && $this->errorMessageNumberExists($_GET['error']) ) {
        $message = $this->getErrorMessage($_GET['error']) . ' ' . MODULE_PAYMENT_SAGE_PAY_FORM_ERROR_GENERAL;
      } elseif (isset($_GET['crypt']) && tep_not_null($_GET['crypt'])) {
        $transaction_response = $this->simpleXor($this->base64Decode($_GET['crypt']), MODULE_PAYMENT_SAGE_PAY_FORM_ENCRYPTION_PASSWORD);

        $string_array = split('&', $transaction_response);
        $return = array('Status' => null);

        foreach ($string_array as $string) {
          if (strpos($string, '=') != false) {
            $parts = explode('=', $string, 2);
            $return[trim($parts[0])] = trim($parts[1]);
          }
        }

        $error_number = $this->getErrorMessageNumber($return['StatusDetail']);

        if ( is_numeric($error_number) && $this->errorMessageNumberExists($error_number) ) {
          $message = $this->getErrorMessage($error_number) . ' ' . MODULE_PAYMENT_SAGE_PAY_FORM_ERROR_GENERAL;
        }
      }

      $error = array('title' => MODULE_PAYMENT_SAGE_PAY_FORM_ERROR_TITLE,
                     'error' => $message);

      return $error;
    }

    function check() {
      if (!isset($this->_check)) {
        $check_query = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_SAGE_PAY_FORM_STATUS'");
        $this->_check = tep_db_num_rows($check_query);
      }
      return $this->_check;
    }

    function install() {
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Sage Pay Form Module', 'MODULE_PAYMENT_SAGE_PAY_FORM_STATUS', 'False', 'Do you want to accept Sage Pay Form payments?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Vendor Login Name', 'MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_LOGIN_NAME', '', 'The vendor login name to connect to the gateway with.', '6', '0', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Encryption Password', 'MODULE_PAYMENT_SAGE_PAY_FORM_ENCRYPTION_PASSWORD', '', 'The encrpytion password to secure transactions with.', '6', '0', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Transaction Method', 'MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_METHOD', 'Authenticate', 'The processing method to use for each transaction.', '6', '0', 'tep_cfg_select_option(array(\'Authenticate\', \'Deferred\', \'Payment\'), ', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Transaction Server', 'MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_SERVER', 'Simulator', 'Perform transactions on the production server or on the testing server.', '6', '0', 'tep_cfg_select_option(array(\'Live\', \'Test\', \'Simulator\'), ', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Vendor E-Mail', 'MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_EMAIL', '', 'An e-mail address on which you can be contacted when a transaction completes. NOTE: If you wish to use multiple email addresses, you should add them using the : (colon) character as a separator. e.g. me@mail1.com:me@mail2.com', '6', '0', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Send E-Mail', 'MODULE_PAYMENT_SAGE_PAY_FORM_SEND_EMAIL', 'Customer and Vendor', 'Who to send e-mails to.', '6', '0', 'tep_cfg_select_option(array(\'No One\', \'Customer and Vendor\', \'Vendor Only\'), ', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Customer E-Mail Message', 'MODULE_PAYMENT_SAGE_PAY_FORM_CUSTOMER_EMAIL_MESSAGE', '', 'A message to the customer which is inserted into the successful transaction e-mails only.', '6', '0', 'sage_pay_form_textarea_field(', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_SAGE_PAY_FORM_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, use_function, set_function, date_added) values ('Payment Zone', 'MODULE_PAYMENT_SAGE_PAY_FORM_ZONE', '0', 'If a zone is selected, only enable this payment method for that zone.', '6', '2', 'tep_get_zone_class_title', 'tep_cfg_pull_down_zone_classes(', now())");
      tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Order Status', 'MODULE_PAYMENT_SAGE_PAY_FORM_ORDER_STATUS_ID', '0', 'Set the status of orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())");
    }

    function remove() {
      tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')");
    }

    function keys() {
      return array('MODULE_PAYMENT_SAGE_PAY_FORM_STATUS', 'MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_LOGIN_NAME', 'MODULE_PAYMENT_SAGE_PAY_FORM_ENCRYPTION_PASSWORD', 'MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_METHOD', 'MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_SERVER', 'MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_EMAIL', 'MODULE_PAYMENT_SAGE_PAY_FORM_SEND_EMAIL', 'MODULE_PAYMENT_SAGE_PAY_FORM_CUSTOMER_EMAIL_MESSAGE', 'MODULE_PAYMENT_SAGE_PAY_FORM_ZONE', 'MODULE_PAYMENT_SAGE_PAY_FORM_ORDER_STATUS_ID', 'MODULE_PAYMENT_SAGE_PAY_FORM_SORT_ORDER');
    }

// format prices without currency formatting
    function format_raw($number, $currency_code = '', $currency_value = '') {
      global $currencies, $currency;

      if (empty($currency_code) || !$currencies->is_set($currency_code)) {
        $currency_code = $currency;
      }

      if (empty($currency_value) || !is_numeric($currency_value)) {
        $currency_value = $currencies->currencies[$currency_code]['value'];
      }

      return number_format(tep_round($number * $currency_value, $currencies->currencies[$currency_code]['decimal_places']), $currencies->currencies[$currency_code]['decimal_places'], '.', '');
    }

    function getOrderTotalsSummary() {
      global $order_total_modules;

      $order_total_array = array();

      if (is_array($order_total_modules->modules)) {
        foreach ($order_total_modules->modules as $value) {
          $class = substr($value, 0, strrpos($value, '.'));
          if ($GLOBALS[$class]->enabled) {
            for ($i=0, $n=sizeof($GLOBALS[$class]->output); $i<$n; $i++) {
              if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text'])) {
                $order_total_array[] = array('code' => $GLOBALS[$class]->code,
                                             'title' => $GLOBALS[$class]->output[$i]['title'],
                                             'text' => $GLOBALS[$class]->output[$i]['text'],
                                             'value' => $GLOBALS[$class]->output[$i]['value'],
                                             'sort_order' => $GLOBALS[$class]->sort_order);
              }
            }
          }
        }
      }

      return $order_total_array;
    }

    function loadErrorMessages() {
      $errors = array();

      if (file_exists(dirname(__FILE__) . '/../../../ext/modules/payment/sage_pay/errors.php')) {
        include(dirname(__FILE__) . '/../../../ext/modules/payment/sage_pay/errors.php');
      }

      $this->_error_messages = $errors;
    }

    function getErrorMessageNumber($string) {
      if (!isset($this->_error_messages)) {
        $this->loadErrorMessages();
      }

      $error = explode(' ', $string, 2);

      if (is_numeric($error[0]) && $this->errorMessageNumberExists($error[0])) {
        return $error[0];
      }

      return false;
    }

    function getErrorMessage($number) {
      if (!isset($this->_error_messages)) {
        $this->loadErrorMessages();
      }

      if (is_numeric($number) && $this->errorMessageNumberExists($number)) {
        return $this->_error_messages[$number];
      }

      return false;
    }

    function errorMessageNumberExists($number) {
      if (!isset($this->_error_messages)) {
        $this->loadErrorMessages();
      }

      return (is_numeric($number) && isset($this->_error_messages[$number]));
    }

/*  From the Sage Pay Form PHP Kit:
**  The SimpleXor encryption algorithm                                                                                **
**  NOTE: This is a placeholder really.  Future releases of VSP Form will use AES or TwoFish.  Proper encryption      **
**  This simple function and the Base64 will deter script kiddies and prevent the "View Source" type tampering        **
**  It won't stop a half decent hacker though, but the most they could do is change the amount field to something     **
**  else, so provided the vendor checks the reports and compares amounts, there is no harm done.  It's still          **
**  more secure than the other PSPs who don't both encrypting their forms at all                                      */

    function simpleXor($InString, $Key) {
// Initialise key array
      $KeyList = array();
// Initialise out variable
      $output = "";

// Convert $Key into array of ASCII values
      for ($i=0; $i<strlen($Key); $i++) {
        $KeyList[$i] = ord(substr($Key, $i, 1));
      }

// Step through string a character at a time
      for ($i=0; $i<strlen($InString); $i++) {
// Get ASCII code from string, get ASCII code from key (loop through with MOD), XOR the two, get the character from the result
// % is MOD (modulus), ^ is XOR
        $output .= chr(ord(substr($InString, $i, 1)) ^ ($KeyList[$i % strlen($Key)]));
      }

// Return the result
      return $output;
    }

/*  From the Sage Pay Form PHP Kit:
** Base 64 decoding function **
** PHP does it natively but just for consistency and ease of maintenance, let's declare our own function **/

    function base64Decode($scrambled) {
// Initialise output variable
      $output = '';

// Fix plus to space conversion issue
      $scrambled = str_replace(' ', '+', $scrambled);

// Do encoding
      $output = base64_decode($scrambled);

// Return the result
      return $output;
    }
  }
?>

soundzgood2 · **Posted:** Fri Mar 12, 2010 5:38 am

A hidden gotcha with the sagepay form above (esp if you haven't been using the State field in your customer addresses or country zones at all up to now) could be the two lines that look like this:

Code:

if ($crypt['DeliveryCountry'] == 'US') {
        $crypt['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
      }

This is a change from the old Protx module - any US addresses will require a State as well (no you can't just comment out the lines in the module ... the sagepay looks for State ids with US addresses server side.)

Fine if you don't have any customers using US billing/delivery addresses - bit of a surprise if you do (could involve adding zones, redoing your address book forms and adding a state dropdown. As we did

Simon

wilson1000 · **Joined:** Wed Feb 03, 2010 12:08 pm **Posts:** 6

Thank you all so very much for your wonderful input and guidance.

I have been able to launch the module with the code offered by aitsglobal - thank you so much. I haven't had chance to test this fully yet as there is an issue with selecting a different delivery address (it displays ", 0" at checkout (without quotes)) so the simulator is displaying an error because of the lack of address. File attached if you can offer any further insight.

Quote:

Did you add the sage_pay_form.php file into you languages/YOUR_LANGUAGE/modulues/payment folder?

Because of the upgrade I performed to 6.4 from 6.2, I was working out of a sub folder but adding files to the legacy version which caused this error. Thank you bringing it to light!

Out of interest, what did you pay for the work carried out on your cart and can you provide a link to the developer?

Thank again :wink:

Attachment:

Simulator - Form Gateway.pdf

aitsglobal · **Joined:** Thu Feb 28, 2008 9:09 pm **Posts:** 47

wilson1000 wrote:

This is a change from the old Protx module - any US addresses will require a State as well (no you can't just comment out the lines in the module ... the sagepay looks for State ids with US addresses server side.)

Yes the site I developed for is for Europe only, that why I didn't have the problem, thanks to bring it forward

wilson1000 wrote:

I have been able to launch the module with the code offered by aitsglobal - thank you so much. I haven't had chance to test this fully yet as there is an issue with selecting a different delivery address (it displays ", 0" at checkout (without quotes)) so the simulator is displaying an error because of the lack of address. File attached if you can offer any further insight.

Will look at it and let you know if I get any success

TheLango · **Joined:** Sun Nov 29, 2009 10:57 am **Posts:** 271

wilson1000 wrote:

Thank you all so very much for your wonderful input and guidance.

I have been able to launch the module with the code offered by aitsglobal - thank you so much. I haven't had chance to test this fully yet as there is an issue with selecting a different delivery address (it displays ", 0" at checkout (without quotes)) so the simulator is displaying an error because of the lack of address. File attached if you can offer any further insight.

Have you installed a delivery/shipping module and set it up?

Thsi usually occurs when one isnt installed.

aitsglobal · **Joined:** Thu Feb 28, 2008 9:09 pm **Posts:** 47

For all those who need coupon code working with Sage Pay form there are small modification

in /includes/module/payment/sage_pay_form.php around line 113 find

Code:

 
   $crypt = array('VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40),
                 'Amount' => $this->format_raw($order->info['total'],

and replace with below:

Code:

 
   $crypt = array('VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40),
                 'Amount' => $this->format_raw($order->info['total'] - $_SESSION['discountamount'] ),

we added a session variable to deduct the discount

and in /includes/modules/order_total/ot_coupon.php around line 76

Code:

  if ($od_amount > 0) {
    $order->info['total'] = $order->info['total'] - $od_amount;
    $this->output[] = array('title' => $this->title . ':' . $this->coupon_code .':','text' => '<b>-' . $currencies->format($od_amount) . '</b>', 'value' => $od_amount); //Fred added hyphen
  }

replace with:

Code:

  if ($od_amount > 0) {
    $order->info['total'] = $order->info['total'] - $od_amount;
    $this->output[] = array('title' => $this->title . ':' . $this->coupon_code .':','text' => '<b>-' . $currencies->format($od_amount) . '</b>', 'value' => $od_amount); //Fred added hyphen
   $_SESSION['discountamount'] = $od_amount;
  }

in the same file around line 40 find

Code:

function process() {
global $PHP_SELF, $order, $currencies;

and replace with

Code:

function process() {
global $PHP_SELF, $order, $currencies;
$_SESSION['discountamount'] =0;

thats all your coupon discount will work with sage pay

CRE Loaded Community

Needed! Sagepay Module for the UK

Who is online

Main Menu

Login

Top Listing

Members Online

Follow Us on Twitter

CRE Loaded Community Chat hosted by CRE Loaded.