Home » Forums » Ubercart » Bug Reports
7 replies [Last post]
Wed, 12/17/2008 - 21:12
postcarbonjason...
postcarbonjason@drupal.org's picture
Offline
Joined: 12/17/2008
Juice: 13

Hi guys,

My Ubercart deployment (v5.x-1.6) is rejecting credit card numbers with spaces in them. Based on my reading of the code in uc_credit:uc_payment_method_credit() and uc_credit:_valid_card_number(), this is how it's supposed to be (though I find that a bit surprising). What is unusual is that drupal is completing the transaction anyway, and then on the thank you / confirmation page, showing an 'Invalid credit card number' warning. I have verified that the payment has actually gone through.

My questions are

1) Is this expected behavior? The internets, #drupal-ubercart, and ubercart.org don't seem to turn up a lot of people complaining about the rejection of cards with spaces in them.

2) Is anyone else experiencing this same behavior? Flagging the card as invalid then processing anyway seems like a bug to me. Is this just me, or is this standard behavior?

I might add I'm also running the uc_donations module here, and have pushed the cart review page straight to the product node, to skip a step on making this donation. Still, the billing and CC info page seems to be in a good state, so I don't think that's causing problems here.

Help? Thoughts? Thanks!

Top
Wed, 12/17/2008 - 22:36
#1 View page
Ryan
Ryan's picture
Offline
Joined: 08/07/2007
Juice: 15422
Re: CC number format validation bug?

Ahh, that must have been you on Twitter. Eye-wink

I'm curious what module you're using to process your Auth.Net payments. If you don't ever submit the review order form, the core module won't attempt to process a payment.

Top
Thu, 12/18/2008 - 00:36
#2 View page
postcarbonjason...
postcarbonjason@drupal.org's picture
Offline
Joined: 12/17/2008
Juice: 13
Ahhhhh

Hi Ryan (and yes, that was me, nice to meet you Laughing out loud) - it just occurred to me that as well as the above, I'm using uc_optional_checkout_review to immediately process the payment, so the workflow looks like this:

Node view (with uc_cart_view_form manually inserted at the bottom of the node). Clicking 'make donation' button submits uc_cart_view_form.

This leads us to uc_cart_checkout_form, where we enter an email address, billing and CC information, and click submit. Through the magic of uc_optional_checkout_review (which I now need to delve deeper into), the payment is submitted and we are redirected to the thank you page (which I have overridden using the UC interface to go to a static page node I've created).

Suggestions? Sounds like the optional cart review might be causing some of this (but I do need to skip the step as this is supposed to mimic a donation form, not a checkout process).

I'll report back as I figure this out. Thanks!

Top
Thu, 12/18/2008 - 00:45
#3 View page
Ryan
Ryan's picture
Offline
Joined: 08/07/2007
Juice: 15422
Re: Ahhhhh

Yeah, that module would be the culprit. It sounds like perhaps it needs to add its submit handler differently, if that is in fact what it's doing. You should look form hook_form_alter() to see how it's altering the checkout form. (I don't actually have any experience w/ the module.)

Top
Thu, 12/18/2008 - 00:49
#4 View page
postcarbonjason...
postcarbonjason@drupal.org's picture
Offline
Joined: 12/17/2008
Juice: 13
Thanks

ok will do - but now that I think about it more, this doesn't address the question of why we only get this error if you put spaces in the CC#. Properly formatted numbers go through without incident, and BOTH are being processed by Auth.net.

Opinion on that phenomena?

Top
Thu, 12/18/2008 - 03:14
#5 View page
postcarbonjason...
postcarbonjason@drupal.org's picture
Offline
Joined: 12/17/2008
Juice: 13
Followup

I had a quick look at the code - all there is in there is a hook_form_alter - basically it makes clicking the submit button on the checkout page call the submit handler from the checkout review page:

-snip-

        unset($form['continue']);
        $form['submit'] = array(
          '#type' => 'submit',
          '#value' => variable_get('uc_checkout_submit_button', t('Submit order')),
        );
        $form['#submit'] += array('uc_cart_checkout_review_form_submit' => array());

-snip-

This makes sense to me from one perspective, but I'm not sure of the consequences, Ubercart-wise -- apparently it causes the error message to get forwarded to the completion page, not the review page. Any quick suggestions on how this *should* work?

As far as the spaces in the CC# field go, it looks like that's proper behavior as far as Ubercart is concerned - http://livetest.ubercart.org/uc1 disallows spaces in the CC#.

Thanks!

Top
Thu, 12/18/2008 - 12:09
#6 View page
Ryan
Ryan's picture
Offline
Joined: 08/07/2007
Juice: 15422
Re: Followup

So, the problem here is that the checkout form uses a combination of a validate handler / a submit handler to stop someone from hitting the review page. I'm not entirely sure why, and than can be reviewed... but this means that if the validate handler says something was invalid on the form, the submit handler will send the user back to the checkout form. This module simply adds a submit handler to the checkout form which will be processed after the normal one, whether it would normally have gone onto the review page or not. The module should be improved by using its own submit handler, checking for errors ($_SESSION['checkout_valid']), and only executing the normal review form submit handler if there weren't any.

Top
Thu, 12/18/2008 - 19:30
#7 View page
postcarbonjason...
postcarbonjason@drupal.org's picture
Offline
Joined: 12/17/2008
Juice: 13
Patch

Ok I've coded this up (I *think* correctly) and posted a patch to the contrib page here. Thanks for the pointers!

Top