X-Cart forums

[bemond]

This is my first post, so please let me begin by saying that up to this issue, I'm been able to get all my needs resolved from posts in this forum. Thanks so much to all of you who've contributed.

Unfortunately, no one has offered a solution yet for adding Customer Notes to credit card orders. It looks like the people who requested help haven't received a working solution yet.

Please add me to the list of x-cart users who have successfully added the Customer Notes box to the credit card payment form, but haven't been able to get the information transferred to my orders database. I need to know what code to enter in the payment_cc.php to make this work.

Like the others, I've spent hours trying to write the correct code, without success. If anyone has done this, please reply to this post so that all of us can benefit from your success.

Thanks, Bill

[B00MER]

Bill, sorry for the delayed response, but, what version of x-cart are you using? This is a modification I did with Xcart version 3.4.2.

First edit skin1/customer/main/payment_cc.tpl

Code:

{* $Id: payment_cc.tpl,v 1.5 2003/03/31 08:36:51 sdg Exp $ *}
{if $config.disable_ccinfo ne "Y"}
<table border=0 cellspacing=0 cellpadding=2>
{include file="main/register_ccinfo.tpl"}
</table>
{else}
{$lng.disable_ccinfo_msg}

{/if}

<table border=0 cellspacing=0 cellpadding=2>
<tr valign=middle>
<td height=20 colspan=3>Notes<hr size=1 noshade></td>
</tr>
<tr valign=top>
<td>Customer notes:</td>
<td><font class=Star>*</font></td>
<td nowrap>
<textarea cols=45 rows=6 name=Customer_Notes></textarea>
</td>
</tr>
</table>

Paste all of the above into the file.

Now open payment/payment_cc.php

Find the line:

Code:

if ($REQUEST_METHOD=="POST") {

Now, highlight the following lines underneath the above line of code:

Code:

$order_details = "Cardholder's name:$card_name\nCard 

and replace it with this:

Code:

foreach($HTTP_POST_VARS as $key=>$val) 
	if ($key!="payment_method" && $key!=$XCART_SESSION_NAME and $val!="") 		
	if ($key=="Ship_To_name") $order_details.="Ship to: $val\n";
	else $order_details.=str_replace("_"," ",$key)." : $val\n";

	$order_details .= "Cardholder's name:$card_name\nCard type: $card_type\nCard number: $card_number".($card_valid_from?"\nValid from:$card_valid_from":"")."\nExp. date: $card_expire".($card_issue_no?"\nIssue No.:$card_issue_no":"");

Now order notes should be appended to the order details.

hth.

[bemond]

Thanks so much Boomer for replying to my post and sending me the code. IБ─≥m using version 3.2.2.

After I revised my skin1/customer/main/payment_cc.tpl and payment/payment_cc.php files with your code, I still didnБ─≥t get the customer notes inserted into my database orders table. In trying to decipher the php code (IБ─≥m not a php coder ) in payment/payment_cc.php, I noticed the line Б─°if (!$store_cc) $order details = Б─° Б─²;Б─². I recall reading somewhere that the Б─°!Б─² means Б─°notБ─². Hence, I concluded that this statement was inserting blanks instead of the order details data into my database orders table.

I decided to check Б─°Include order details (credit card information) into admin order notification messageБ─² in our storeБ─≥s General Settings, then try again. Unfortunately, the order details data still didnБ─≥t get inserted into my database orders table. That made me question if their was a setting in my config.php file that was incorrect. I discovered that $store_cc was set to Б─°falseБ─² in my config.php, so I set it to Б─°trueБ─², and tried again. WaaLa, the order details now gets inserted into my database orders tables as encrypted data.

Unfortunately, in addition to the customer notes, all the credit card information was also inserted in order details. We donБ─≥t want to capture any credit card information in our database nor have it posted in emails. We only want customers credit card information to go to our payment gateway. The Admin email notification I received included the customer notes plus the credit card information twice. The credit card information was also inserted into my database customers table.

I eliminated the redundant credit card information posted to the Admin email notification by removing the following line in the payment/payment_cc.php code you gave me, as this looked redundant:
$order_details .= "Cardholder's name:$card_name\nCard type: $card_type\nCard number: $card_number".($card_valid_from?"\nValid from:$card_valid_from":"")."\nExp. date: $card_expire".($card_issue_no?"\nIssue No.:$card_issue_no":"");

That worked. Now I only get the credit card information one time with the customer notes in the Admin email notification. But, the credit card information was still being inserted into order details in my order table, and inserted into my customers database table. I blocked insertion of the credit card information to my database customer table, by commenting out the following line in payment/payment_cc.phpБ─²
# if ($store_cc)
# db_query("update $sql_tbl[customers] set card_type='$card_type',
# card_number='".text_crypt($card_number)."', card_expire='$card_expire' where login='$login' and
# usertype='$login_type'");

So IБ─≥m getting close to where we want to be, but not completely. If possible (of course I believe itБ─≥s possible, I just donБ─≥t know how to do it yet ), we would like to have only the customer notes posted to the AdminБ─≥s email notification, not the credit card information. My concern is that if the credit card information isnБ─≥t captured from the following lines you gave me for the payment/payment_cc.php, our payment gateway will not get the information it needs to process the payment:
foreach($HTTP_POST_VARS as $key=>$val)
if ($key!="payment_method" && $key!=$XCART_SESSION_NAME and $val!="")
if ($key=="Ship_To_name") $order_details.="Ship to: $val\n";
else $order_details.=str_replace("_"," ",$key)." : $val\n";

Is this a valid concern, or does our payment gateway (authorize.net) capture the credit card information in a different file (e.g. cc_authorizenet.php)? If our payment gateway needs the credit card information captured in the above code, then I guess our only alternative is to use PGP encryption for the Admin email notification. If our payment gateway gets the credit card information it needs from a different file, however, can you modify the above code so that it only places the customer notes in order details in my database orders table, and include that solution in another reply to this post?

Thanks again for your help Boomer. The X-cart forum is the most helpful forum I participate in thanks to you and all the other contributors.

Best, Bill

[BarryN]

Hmmm I tired it but now I get this error: Parse error: parse error, unexpected ':' in /usr/local/psa/home/vhosts/clamsdirect.com/httpdocs/cart/payment/payment_cc.php on line 48

Code:

   else $order_details.=str_replace("_"," ",$key)." : $val\n"; 

   $order_details .= "Cardholder's name:$card_name\nCard type: $card_type\nCard number: $card_number".($card_valid_from?"\nValid from:$card_valid_from":"")."\nExp. date: $card_expire".($card_issue_no?"\nIssue No.:$card_issue_no":""); type: $card_type\nCard number: $card_number".($card_valid_from?"\nValid from:$card_valid_from":"")."\nExp. date: $card_expire".($card_issue_no?"\nIssue No.:$card_issue_no":"");
	if (empty($config["active_payment_processor"]) && $store_cvv2)
		$order_details.="\nCVV2: ".$card_cvv2;
	$order_details.=$ship_to;
				
#
# Only logged users can submit orders
#
	if ($config["active_payment_processor"]) {

Did I mess something up? We use manual collection.

[BarryN]

oops. I figured out what I did.

Can the same thing be done for Gift Certificate orders and PayPal orders?

[bemond]

Okay, this is an update to my post of June 27. At that time, I was still getting the credit card information along with customer notes in my Admin email notification. And I was concerned that if I didnБ─≥t insert the credit card information into order details in my database orders table, our payment gateway (authorize.net) wouldnБ─≥t get the credit card information it needed to process credit card payments.

I took another look at our payment/cc_authorizenet.php file and noted that it was collecting credit card information from $usersinfo, which means it comes from my database customers table. Hence, the following database query in payment/payment_cc.php that I commented out needed to be restored. So I did that.
if ($store_cc)
db_query("update $sql_tbl[customers] set card_type='$card_type',
card_number='".text_crypt($card_number)."', card_expire='$card_expire' where login='$login' and
usertype='$login_type'");

WeБ─≥ll have to keep credit card information in our database even though we prefer not to. The good news is that the credit card number is encrypted.

Now feeling somewhat comfortable that I didnБ─≥t need to include credit card information in order details, I modified the code that Boomer gave me for payment/payment_cc.php so that it only captures customer notes, no credit card information. Thus, my Admin email notification now only includes customer notes, no credit card information. Exactly what we wanted. HereБ─≥s my mod:
foreach($HTTP_POST_VARS as $key=>$val)
if ($key!="payment_method" && $key!=$XCART_SESSION_NAME and $val!="")
if ($key=="Customer_Notes") $order_details.="$val\n";
else $order_details. = "";

As I said earlier, IБ─≥m not a php coder so IБ─≥m sure there is a more appropriate way to code this. All I can do is make minor revisions to existing code, not write code. But this mod works, at least in test mode. Now IБ─≥ll have to verify that it works with real customer credit card orders.

I hope that my solution for getting customer notes to work with credit card payments will be helpful to some of you who have been trying to do the same thing. If you see any problems with my solution, or have a better solution, please post it.