Forums

Form troubles...

emets31 08 Feb, 2011
Hello, let me start by saying first, thanks for the great Joomla Component, and second, please excuse my general lack of knowledge in web development. With that being said, I am in desperate need of some help.

Basically, I "helped" my Cousin with his website using my small amount of Joomla knowledge back in 2009. I came across the ChronoForms ChronoContact component and I was very impressed, so we installed it. After some trial and error using the Tutorials, Forum and FAQs on here, we managed to get the form up and running beautifully. And, it had been working beautifully since, until just recently when Users were suddenly running into an error when trying to submit an online payment. What we used the form for was basically so the User entered their Account number, and clicked submit. We had some hidden code behind the scenes that validated the User when they were redirected to the payment URL. It seems that lately, though, one part of the validation isn't working, specifically the CVV2 code. Here is a copy of the code that was in place (edited for anonymity):

Account Number
<input type="text" name="ssl_account_number">
<input type="hidden" name="ssl_merchant_id" value="******">
<input type="hidden" name="ssl_user_id" value="******">
<input type="hidden" name="ssl_pin" value="******">
<input type="hidden" name="ssl_show_form" value="true">
<input type="hidden" name="ssl_test_mode" value="false">
<input type="hidden" name="ssl_transaction_type" value="ccsale">
<input type="submit" value="Submit">


Now, that has worked since 2009. So when this error started popping up, I began to try and create new forms using the Wizard, which after tweaking a lot, looked like this:


<input value="******" id="hidden_1" name="ssl_merchant_id" type="hidden" />
<input value="******" id="hidden_2" name="ssl_user_id" type="hidden" />
<input value="******" id="hidden_3" name="ssl_pin" type="hidden" />
<input value="true" id="hidden_4" name="ssl_show_form" type="hidden" />
<input value="false" id="hidden_5" name="ssl_test_mode" type="hidden" />
<input value="ccsale" id="hidden_6" name="ssl_transaction_type" type="hidden" />
<input value="true" id="hidden_7" name="ssl_cvv2cvc2_indicator" type="hidden" />
<input value="true" id="hidden_8" name="ssl_cvv2cvc2" type="hidden" />


That all looks correct, but when the User presses Submit, they get an error stating that the Merchant ID was not submitted. So, I've been trying for the better half of 4 hours trying to get something like this to work:

Account Number
<input type="text" name="ssl_account_number">
<input type="hidden" name="ssl_merchant_id" value="******">
<input type="hidden" name="ssl_user_id" value="******">
<input type="hidden" name="ssl_pin" value="******">
<input type="hidden" name="ssl_show_form" value="true">
<input type="hidden" name="ssl_test_mode" value="false">
<input type="hidden" name="ssl_transaction_type" value="ccsale">
<input type="hidden" name="ssl_cvv2cvc2_indicator" type="true">
<input type="hidden" name="ssl_cvv2cvc2" type="true">


But, for the life of me, I can't get it to work. I've tried editing the original form to match this, but when I save, I get a huge red block containing a large amount of error text. I've tried just creating a new form using this info, but to no avail. So, if any one could help, I would greatly appreciate it!

Again, forgive my general lack of knowledge, so if I am making an obvious mistake, take it easy on me😶
GreyHead 08 Feb, 2011
Hi emets31,

I'm afraid that there's nothing here to give me any clues. Nothing has changed with ChronoForms so presumably the change is in the Payment Gateway requirements. Do they now have some other requirement of the submission of CVV values?

NB The order of the attributes inside the tag makes no difference to the way the data is submitted.

Bob

PS As a matter of security - it's not a good idea to include merchants pin & id values in a hidden field where they are visibel to an inquisitive user.
emets31 08 Feb, 2011
Hello, Greyhead, and thanks for the quick, informative reply!

I will ask them if they have some other requirement for the submission of the CVV2 code as soon as I can get a hold of them via telephone. They did admit to an update a week or so ago when I had them on the phone last night, so I wonder if that had an effect (even though the Tech Support guy assured me it wouldn't have). Although I am not sure what "NB" means, I think I get the jest of what you mean about the order of the tags. What seemed to be missing, though, and what they told me needed to be there were the last 2 lines in the 3rd set of code:

<input type="hidden" name="ssl_cvv2cvc2_indicator" type="true">
<input type="hidden" name="ssl_cvv2cvc2" type="true">

That is what I couldn't figure out how to do, edit the forms I already created to include that bit of code. Every time I went to edit the forms, I would get the errors. Is there a way to do such a thing?

Also, thanks for the tip about security. I hadn't realized that the hidden fields would show up so easily in the page's source code, but I guess that is why I'm not a good Web Developer😛 Is there a way to hide that code from prying eyes?
GreyHead 09 Feb, 2011
Hi emets31,

You don't say how you've got the payment part of the form working. Are you using an OnSubmit URL or one of the plug-ins?

Either way I'd add the 'fixed' parts of the data like the Merchant ID after the form is submitted.

This code doesn't make sense and you should check with the GateWay
<input type="hidden" name="ssl_cvv2cvc2_indicator" type="true">
<input type="hidden" name="ssl_cvv2cvc2" type="true">
Having two 'type' attributes is not valid code. I suspect they should be value="true"

Bob
emets31 11 Feb, 2011

Hi emets31,

You don't say how you've got the payment part of the form working. Are you using an OnSubmit URL or one of the plug-ins?



Sorry to seem dense, but I am not sure what you're talking about😶 . What happens when a Customer enters their account number and they click "Submit", they are redirected to the myvirtualmerchant.com website where they have to enter personal info and credit card info to be submitted for payment. Is that what you mean by an OnSubmit URL?

Either way I'd add the 'fixed' parts of the data like the Merchant ID after the form is submitted.



Sadly, I am once again not sure what you mean by this. So there is a way for the fixed info, such as the Merchant ID and pin #, to be submitted after the initial form instead of with the initial form?

This code doesn't make sense and you should check with the GateWay

<input type="hidden" name="ssl_cvv2cvc2_indicator" type="true">
<input type="hidden" name="ssl_cvv2cvc2" type="true">
Having two 'type' attributes is not valid code. I suspect they should be value="true"

Bob



And, surprisingly, I once again am not sure what you mean by this. I see what you mean by "type" being duplicated, but I am not sure what you mean by the GateWay.

I apologize for my total lack of knowledge. I really am appreciative, though, so please keep that in mind😶
GreyHead 11 Feb, 2011
Hi emets31,

OK - let me try and explain a bit. A 'Gateway' or 'Payment Gateway' is the way you pass information to the payment processor - PayPal, 2CO, WorldPay, or, in this case, myvirtualmerchant.com

There are various ways that you can pass information to the gateway. The main variants are whether you pass data using 'post' - like submitting a form; or using 'get' - by adding data to a URL. Some Gateways require one or the other, some accept both; some require a two-way hand-shake transaction to confirm your site identity.

To send data using 'post' you can use the OnSubmit URL in ChronoForms (found on the Form General tab). If you use this the form is submitted directly to the gateway, ChronoForms never sees it can can't do any post submission processing.

If you want ChronoForms to process data then you have some other choices:

[list=a]
  • The simplest one is to use 'get', build a ReDirect URL and get ChronoForms to redirect the user to the Gateway using the new URL after the form processing is complete. The ChronoForms ReDirect plug-in can help with this. This is the most common way in which PayPal is used.
  • If you don't need to send the user to the Gateway then you can use the cURL to send the data to the Gateway. The user stays on your site and you handle all of the front-end processing. The ChronoForms cURL plug-in can help with this. The Authorize.net and PayPal API transactions use this kind of set up.
  • The most tricky is where you need to send the user to a site that requires 'post' processing - fortunately this is fairy rare. You can't redirect a user along with post data, so you have to build a kind of 'dummy' form with all the data in hidden inputs that is either autosubmitted, or has a single 'Pay Now' button so that the user submits it.
  • [/list:o]

    From whay you say you are using the OnSubmit URL route so all the data has to be in the form ready to be submitted. Not the most secure route, or the best use of ChronoForms but should work OK. If it isn't working then it is that some key piece of data is missing or is wrongly named or validated.

    Bob
    emets31 16 Feb, 2011
    My apologies for the lack of replies. I am recovering from the flu, but I plan on reading your reply in-depth and will continue trying to get this figured out. Thanks again, GreyHead!
    This topic is locked and no more replies can be posted.