Hi

When someone checks out using WorldPay they get a warning at WorldPay and have to click a button to complete the transaction and then when they are returned to the store it displays "Hash Check Failed" and the purchasse is not authorised although the payment is taken.

I have recently switched the site to force SSL could this be related?

Thanks
Tim

Hi Tim

Can you go into your store admin page for Worldpay and check you have entered the MD5 Hash there - we have a note about it in the help file here https://www.ecommercetemplates.com/phphelp/ecommplus/worldpay.asp

Andy

Please feel free to review / rate our software

Hi Andy

He uses a Custom payment provider setting rather than the Worldpay setup.

Apparently he uses CardSave owned by WorldPay which has slightly different settings. I can email you a screenshot if that helps? I have also asked him about moving from CardSave to WorldPay and he is investigating.

Thanks
Tim

We were told by WorldPay that they were phasing out Cardsave, this is from an email last year

quote:

---

The aim is for any new sites to be solely under Worldpay – however if the customer is adamant on continuing to use Cardsave this can be arranged.

---

I'll follow up with them to see if anything has changed there.

Andy

Please feel free to review / rate our software

Hi Andy

Thank you, anything you can find out from them would be most appreciated.

Tim

I have just sent them an email so will let you know as soon as I hear back.

Andy

Please feel free to review / rate our software

Hi,

Were there any updates on this? I have a client who is still using CardSave - which is causing issues now as thanks.php is throwing an error;

"Access denied for user "@'localhost' (using password: NO)Access denied for user "@'localhost'(using password: NO)

Cannot find details for order id: 1234

KRs
Gavin

Hi Gavin

I heard no more other than Cardsave was being phased out. It may be pertinent here so what version of PHP is running on the server and are you using the mysqli format in db_conn_open.php https://www.ecommercetemplates.com/support/topic.asp?TOPIC_ID=107737

Andy

Please feel free to review / rate our software

Hi Andy,

PHP 5.6 and yes the mysqli format is being used.

Thanks




Gavin Cotton

That should be fine then, if you use email as a payment method do you get the Access Denied message? That should tell us if it is a Cardsave or general payment problem.

Andy

Please feel free to review / rate our software

Hi Andy,

Stranger still.. If I enable email as the only payment method, the cart outputs a message saying no payment method exists..?

Could it be you are testing with the donation or gift certificate feature that doesn't allow Email payments?

Andy

Please feel free to review / rate our software

Hi,

Ah yes you're right Andy. Sorry, it was 4 years ago this was originally set up and hasn't been looked at since! My memory gets worse each year :)

But it's not a test setup. The cart is purely used for taking payments for an offline service.

quote:

---

I have recently switched the site to force SSL could this be related?

---

Hi Tim,
I know for a fact that you do have to change settings in the WorldPay settings when the store has been switched to SSL so I would change any url references to your site of http to https in your Cardsave settings



* Database Migrations and Conversions*
* ASP to PHP Cart Conversions*
*Contact Us*
*Buy The PHP Capture Card Plugin*
*Rate Our Services/View Our Feedback*

Sorry, I might now have been clear but to test the site just enable Email as a payment provider and run through an order - disable Email once the order is complete - it's just to see if that also causes an issue on thanks.php

Andy

Please feel free to review / rate our software

It was clear Andy, no worries. That's exactly what I did. And it was after doing that my cart said there was no payment method available?

That would be the case if the store was only selling gift certificates or donations but did you see Phil's post

quote:

---

Hi Tim,
I know for a fact that you do have to change settings in the WorldPay settings when the store has been switched to SSL so I would change any url references to your site of http to https in your Cardsave settings

---

Andy

Please feel free to review / rate our software

Hi Tim,

Looking at that error on the thanks page it'll be due to the customppreturn.php file that requires updating to use mysqli. It appears the error message 'Hash Check Failed' is a little generic. So perhaps Vince can send you an updated version.

The copy I have here has the following:

// You should not normally need to change the code below
$sSQL="UPDATE cart SET cartCompleted=1 WHERE cartOrderID='" . mysql_escape_string($OrderID) . "'";
mysql_query($sSQL) or print(mysql_error());
$sSQL="UPDATE orders SET ordStatus=3,ordAuthNumber='" . mysql_escape_string($AuthCode) . "' WHERE ordPayProvider=14 AND ordID=" . mysql_escape_string($OrderID);
mysql_query($sSQL) or print(mysql_error());
order_success($OrderID,$emailAddr,$sendEmail);
}else{
// Make sure you leave this condition here. It calls a failure routine if no match is found for any payment system.
order_failed();
}
} else {
echo "<p>Hash Check Failed</p>";
}

?>



* Database Migrations and Conversions*
* ASP to PHP Cart Conversions*
*Contact Us*
*Buy The PHP Capture Card Plugin*
*Rate Our Services/View Our Feedback*

Hi,

I did see Phil's comment, thanks. That doesn't apply in my case as my site had always used SSL. So all urls in the configs are hitting https already.

I have just sent you the latest cardsave files I have.

Andy

Please feel free to review / rate our software