|
Last Four of Credit Card in Invoice Emails
I want to add something saying, basically, "Your order was billed to the credit card ending XXXX" into my order confirmation emails. I've been working with this file:
/mail/order_invoice.tpl and I know how to add in the right place, but I don't know how to extract this info from the system. I had X-Cart do it in my 3.7 customizations, but now I'm trying this round myself. Has anyone done this? Any ideas? |
Re: Last Four of Credit Card in Invoice Emails
You can't do that unless you store the CC info, which you can't do if you want to be PCI Compliant.
|
Re: Last Four of Credit Card in Invoice Emails
You could store the last 4 of the card. - - Modify the code that is already there that stores the card # to only store last 4 then use that on the invoice.
How do you give a credit if you don't have the card number later? |
Re: Last Four of Credit Card in Invoice Emails
Using your payment gateway
|
Re: Last Four of Credit Card in Invoice Emails
So far, anyway, I am storing the CC numbers. I understand that this isn't recommended, and my next project is to work on my back end to make this unnecessary.
But since I am, is there a way to extract the number and mask it? |
Re: Last Four of Credit Card in Invoice Emails
Sorry Joe, not something I am willing to assist with for security reasons.
|
Re: Last Four of Credit Card in Invoice Emails
I totally understand. I didn't get that it's related to a sensitive area - I'll just skip it in this upgrade. Probably customers would be happier these days with less info, in many ways.
|
Re: Last Four of Credit Card in Invoice Emails
So it looks like I can't even get the type of credit in here, is that right? Is it part of the encrypted area?
That's a problem for me because I have my in-house database parse the orders by credit card type so that I can match my batches to my Visa/MC settlements versus my Amex and Discover ones. Is it possible that the credit card type is also stored elsewhere? |
Re: Last Four of Credit Card in Invoice Emails
Is it PCI compliant if we only store the last 4 digits of the credit card number?
|
Re: Last Four of Credit Card in Invoice Emails
Rogue,
Could you point me in right direction so I can modify the code that stores the credit card number - I'd like to store only the last for digits of the cc in the database as well. Thanks, |
Re: Last Four of Credit Card in Invoice Emails
Quote:
|
Re: Last Four of Credit Card in Invoice Emails
ok, thanks Ralph. Can you tell me which php file I can modify the cc number is before its being written to the db?
|
Re: Last Four of Credit Card in Invoice Emails
Near the top of payment/payment_ccend.php is the code that stores the cc number.
|
Re: Last Four of Credit Card in Invoice Emails
Quote:
|
Re: Last Four of Credit Card in Invoice Emails
Thanks again, Ralph. I had modified that file already but didn't seem to write the "new card number":
$blank_card_number="1234"; if ($store_cc) { $query_data = array( "card_name" => $card_name, "card_type" => $card_type, #rs - blank out credit number in database "card_number" => addslashes(text_crypt($blank_card_number)), #"card_number" => addslashes(text_crypt($card_number)), #/rs Will this only rewrite using a gateway, i.e. authorize.net or will it also write the card number here when using credit credit manual payment method? Also you mentioned payment/payment_ccend.php stores the cc number in the customer table as well; in order to be fully compliant, should I modify the cc code in this file as well? - I had also modified this file (same code as above) as well to no avail.... but haven't tried to process an order within our authorize.net gateway. |
Re: Last Four of Credit Card in Invoice Emails
I double-checked using our authorize.net payment gateway and its still writing the complete credit card number. Could X-Cart possibly be writing the cc number to mysql somewhere else??
|
Re: Last Four of Credit Card in Invoice Emails
Yeah, I forgot about the goofy way the credit card number storage is done in 4.1. The spot you modified in payment_cc.php is for storing the cc number into the customer table for manual credit card processing. There is similar code in payment_ccend.php for storing the cc number into the customer table for gateway transactions. You should modify both.
The saving of the cc info into the orders table is the goofy part. This code in payment_cc.php is what does that: PHP Code:
|
Re: Last Four of Credit Card in Invoice Emails
Quote:
Thanks Ralph. Working in CC Manual mode right now. I now see that I can modify and write the last 4 digits to the customers table, but I'm having troubles with the code to modify card_number in the orders table. This is what I have ... Code:
#thanks. |
Re: Last Four of Credit Card in Invoice Emails
Your if is testing the wrong variable/value. But just make life easier and move the code above the foreach loop and get rid of the if.
|
Re: Last Four of Credit Card in Invoice Emails
Thanks Ralph! That was it. I tested for both manual and gateway processing and it works fine.
Thanks again for your help! |
Re: Last Four of Credit Card in Invoice Emails
I am trying to do a similar thing with the credit card number. Can you send over your finalized code that works?
Thanks, Greg |
Re: Last Four of Credit Card in Invoice Emails
In payment_cc.php
Replace code between # # Make order details # and # # Only logged users can submit orders # with this: Code:
Then after # # If successful - Store CC number in database # add Code:
#rsFind Code:
"card_number" => addslashes(text_crypt($card_number)),Replace with: Code:
In payment_ccend.php: add Code:
#rsafter Code:
add Code:
#rs after Code:
Good luck! |
| All times are GMT -8. The time now is 01:24 PM. |
Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.