[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

Re: [mv] Using external online payment systems with minivend?

To: minivend-users@minivend.com
Subject: Re: [mv] Using external online payment systems with minivend?
From: Hans-Joachim Leidinger <hans-joachim.leidinger@home.gelsen-net.de>
Date: Tue, 21 Sep 1999 22:38:18 +0200
References: <3.0.6.32.19990921131145.0091adf0@pop.evitech.fi> <3.0.6.32.19990921184846.0091cc20@pop.evitech.fi>

I have a muddle-headed and i am not sure! 
Did you solve your problem?

Short and quick (i want to see the TV in ca. 15 min.:-)  ):
MD5: What is this?
Internal server error:
In most common case, you get this from a webserver by any error in any
script (CGI e.g.).
Have you looked into the minivend error.log?

[SNIP]
> Heres an example what i get from the bank
> http://jarnomn-linux/cgi-bin/triosoft/ord/checkout?PTA8XtsJ&KNRO=00000000000
> 0&VALUUTTA=FIM&VIITE=13&SUMMA=10,00&VERSIO=2&STATUS=2&TARKISTE=CCF3D89D463EA
> ADCFC58782B6253429F

It this "...checkout..." right? I have believed, you use a special entry
page!

> The structure you can see from above elements, and the fields are
> KNRO (customer number)

Is this always "000000000000" ?

> VALUUTTA (currency)
> VIITE (bank reference)
> VERSIO (system version)
> STATUS

What ist this? Has this a value or information about the success/not
success process or not?

> TARKISTE (checksum formed with MD5 algorithm from the above)
> 
> The problem however is that the minivend gives an internal server error
> when the bank
> tries to send the user back with this URL.

Has your checkout page the codes to get the informations from the bank?
Sorry! I see nothing!

> The odd thing however is that when I change the '&' signs to '?',
> the URL works perfectly. My knowledge about HTTP encoding is a bit rusty,
> do you have any idea what might cause this behavior.

Once more! I don´t know about your checkout page. I have believed, your
bank call another page e.g. back-to-the-root.html, ok-or-not.html or
whatelse.html, but not the checkout page.
Can you post a part of the codes, which get the information from the
bank?

BTW: 
I am not sure! All chars after "?" can be ingnored by any script or the
script works well with empty values and has failure with non empty
values.

[SNIP]
> >[perl arg="cgi scratch"]
> >         $Safe{'scratch'}->{"uid"}  = $Safe{'cgi'}->{"uid"};
> >         $Safe{'scratch'}->{"time"}  = $Safe{'cgi'}->{"time"};
> >         $Safe{'scratch'}->{"date"}  = $Safe{'cgi'}->{"date"};
> >         $Safe{'scratch'}->{"status"}  = $Safe{'cgi'}->{"status"};
> >"";
> >[/perl]
> >
> Hey, thats easy :)
>
> So what I do is to is to read the values in a perl block,
> calculate the MD5 checksum and set the status to OK/FAIL
> by whether the the checksum is correct or not.

Hmmm....what is your result or problem now? It works well and you get no
internal server error?
Did you used codes like above? If yes, can you post this to the list
with a short descriptions (e.g. from which page is this codes comming
from....)?
Sorry! It seems me, i am in a questions-and-answer-game! 

> [if scratch status eq ok]
> [tag op=header interpolate=1]
> Status: 302 moved
> Location: [area href="your-ok-page-or-checkout-page.html"]
> [/tag]
> [/if]
> 
> [if scratch status eq fail]
> [tag op=header interpolate=1]
> Status: 302 moved
> Location: [area href="checksumfailed.html"]
> [/tag]
> [/if]
> 
> Now the only problem that remains is how to make sure that the order is
> processed only
> once...

This can be done later! Or not? 
First, the script has to work well and can work with all values from
your bank!
After this, we make a brainstorming to find a right solution to solve
the next problem.
 
> Because otherwise some clever user might reload the checkout page several
> times after
> it has processed the order, to make several orders, but paying just once.
> I think that the value mv_order_number could be used in this (I use it in
> VIITE field)
> 
> [if scracth viite !eq mv_order_number)
> [tag op=header interpolate=1]
> Status: 302 moved
> Location: [area href="nicetry.html"]
> [/tag]
> [/if]

This is not good! The mv_order_number is increased after the order
process! Hmmm...search the mailarchiv and look for "mv_order_number".
You will find more information!

BTW: What will be happen with this number, if two or more visitors make
an order process in the same time?

I believe, all order process is finish one time only and a visitor can´t
repeate the whole process without the bank process (if visitor get a
checkout page after successfull bank process only). But to secure a page
to prevent any abuse is another story. Because there are several
solutions. 
(I am an old man and can do anything step by step only! :-) )

Once more, give us more detail information and a little bit of your
codes! 
In my case, i have no crystal-ball. :-)
(E.g. i have do this in this page and that in that page and i get this
failure from that page and i have tried this and that in that page and
get no success.. this is a part codes from this page and this a part
codes from that page)

Also...ooopss!?...i am late to see the TV..

Ciao and best regards

Joac
    h
     i 
     m
-- 
-------------Hans-Joachim Leidinger---------------------

Follow-Ups:
- Re: [mv] Using external online payment systems with minivend?
  - From: Jarno Niemela <jargon@iki.fi>

References:
- Re: [mv] Using external online payment systems with minivend?
  - From: Jarno Niemela <jargon@iki.fi>
- Re: [mv] Using external online payment systems with minivend?
  - From: Jarno Niemela <jargon@iki.fi>

Prev by Date: version 4 approx. release date ?
Next by Date: Re: [mv] Variables
Prev by thread: Re: [mv] Using external online payment systems with minivend?
Next by thread: Re: [mv] Using external online payment systems with minivend?
Index(es):
- Date
- Thread