Gallery is asking for payment AFTER payment has already been entered

Magician742

Joined: 2006-05-30
Posts: 57
Posted: Mon, 2010-04-26 18:33

Hey! :)

Have been using Gallery 2 for quite some time. Satisfied with it. Have run into an interesting problem.
When a customer places an order and enters their credit card number they are asked a second time for payment even tho it already has been made. Customers are finding this very confusing (don't blame them!). :(

Thank you for your help! :)

Gallery version = 2.2.5 core 1.2.0.7
PHP version = 5.2.12 cgi
Webserver = Apache
Database = mysqlt 5.0.83-log, lock.system=flock
Toolkits = ArchiveUpload, Exif, Getid3, ImageMagick, LinkItemToolkit, SquareThumb, Thumbnail, Gd
Acceleration = full/3600, full/3600
Operating system = Linux boscgi1002.eigbox.net 2.6.32.2-nx #1 SMP Mon Jan 4 16:14:35 EST 2010 i686
Default theme = matrix
gettext = enabled
Locale = en_US
Browser = Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; en-us) AppleWebKit/531.22.7 (KHTML, like Gecko) Version/4.0.5 Safari/531.22.7
Rows in GalleryAccessMap table = 17
Rows in GalleryAccessSubscriberMap table = 5642
Rows in GalleryUser table = 28
Rows in GalleryItem table = 5631
Rows in GalleryAlbumItem table = 38
Rows in GalleryCacheMap table = 29734

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Mon, 2010-04-26 22:33

Gallery doesn't take credit cards, it has nothing to sell. If you mean you're having problems with some add-on modules you'll have to be more specific about what you've installed before anyone can help.

Better still, post a url to the gallery.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Tue, 2010-04-27 03:42

Hey! Thanks for replying.

Gallery version = 2.2.5 core 1.2.0.7
PHP version = 5.2.12 cgi
Webserver = Apache
Database = mysqlt 5.0.83-log, lock.system=flock
Toolkits = ArchiveUpload, Exif, Getid3, ImageMagick, LinkItemToolkit, SquareThumb, Thumbnail, Gd
Acceleration = full/3600, full/3600
Operating system = Linux boscgi1004.eigbox.net 2.6.32.2-nx #1 SMP Mon Jan 4 16:14:35 EST 2010 i686
Default theme = matrix
gettext = enabled
Locale = en_US
Browser = Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; en-us) AppleWebKit/531.22.7 (KHTML, like Gecko) Version/4.0.5 Safari/531.22.7
Rows in GalleryAccessMap table = 17
Rows in GalleryAccessSubscriberMap table = 5642
Rows in GalleryUser table = 28
Rows in GalleryItem table = 5631
Rows in GalleryAlbumItem table = 38
Rows in GalleryCacheMap table = 29701

This is the URL: http://www.thefamilytreee.ca/Gallery6/main.php?g2_view=core.SiteAdmin&g2_subView=core.AdminPlugins&g2_navId=xdf5441d6

When I 'said' Credit Cards they are what his Gallery is set too. This is a standard Matrix Installation. Only Checkout, Checkout by Email and Checkout PDF Invoice have been installed. The problem is occuring whenever a customer decides to purchase using the Checkout by Email. After they have already entered their information they are asked a second time to pay for their purchase. 9 times out of 10 they walk away.

Is there a way to change the text in the template for the order's confirmation email? I found the correct spot I think. However I may be wrong as the spot I'd found allows only a single line to be entered.

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Tue, 2010-04-27 08:35
Quote:
Only Checkout, Checkout by Email and Checkout PDF Invoice have been installed. The problem is occuring whenever a customer decides to purchase using the Checkout by Email. After they have already entered their information they are asked a second time to pay for their purchase.

I've looked at your/his website, and I think you (and he) are rather missing the point of the checkoutemail module.

The intended workflow for checkoutemail is (as per its title, exactly) that it emails the customer instructions on how to pay, such as where to send a cheque or instructions for carrying out an EFT.

However in your installation you've decided to ask for credit card details in the "special instructions" which is actually intended for notes from the customer like "please crop the person on the left" or "deliver after 10am" or whatever. Asking customers to put

Quote:
MASTERCARD (print # in SPECIAL INSTRUCTION section - Next page) VISA (print # in SPECIAL INSTRUCTIONS section - Next page)

Is ludicrously insecure, and really cannot be recommended. Being blunt, if a merchant asked me to enter my credit card details in an non-secure webpage like that I'd run (not walk) away too, and probably report him to my credit card company too as he's clearly not complying with PCI DSS requirements and therefore in blatant breach of his merchant agreement.

Additionally it causes entire credit card numbers to be emailed in clear-text along with the holder's address. Which is bordering on the criminally stupid.

Checkoutpaypal and checkoutgoogle both allow credit card payments via secure methods. There's no module to accept and store credit card details directly within G2 because the shared webhosting that most G2 users have at their disposal cannot hope meet PCI DSS requirements for the secure storage of customers' credit card information. (Remember that everything you put in the order page gets stored in the database ... and if your webserver is hacked, all credit card details are revealed to the intruder.) If you're operating your own secured webserver, can certify its security, and you want to operate G2 in this way then you probably also have the resources to write your own checkout module for that purpose.

Quote:
Is there a way to change the text in the template for the order's confirmation email?

All emails are templated, and the templates can be found in the templates/email directory. The usual rules for the modification of templates apply.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Tue, 2010-04-27 18:08

thank you for your clear message. :)

I will ask him to add Checkoutpaypal for his customers to pay with. He already has his own visa terminal through his bank. I will also use Adobe Illustrator to make the changes to his email template.

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Tue, 2010-04-27 18:12

The thing with paypal and google for these purposes are that yes, they are more expensive than your own merchant agreement - but when you start investigating the prices for online gateway processsing (fees on top of your regular merchant fees) and the cost and trouble of doing your own security, they're actually a complete bargain.

Quote:
I will also use Adobe Illustrator to make the changes to his email template.

You mean for the pdf invoice, right? You can use notepad on the email templates.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Tue, 2010-04-27 21:42

I have made the change in the Checkout Email Settings. Removed all references to sending the card # with one email, etc. A very stupid method of receiving payment I agree. :)

It now reads:
MASTERCARD & VISA (available at our Brandon Studio)
Cheque (mail with copy of printed shopping cart invoice)
Cash / Debit (available at our Brandon Studio)

Searching for the template handling the Checkout Email confirmation sent for each order. Thank you for your help.

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Tue, 2010-04-27 21:47

Note the emails are templated in parts. The start and finish of the order confirmation email is common to all payment methods and the templates for that are in the checkout module. The middle bit about payment methods is for checkoutemail only, and in a template in that module.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Tue, 2010-05-11 22:11

Thank you, alec! Wish me luck as I attempt to recreate the PDF invoice for the Gallery. I have to use my PC as I do not have Notepad on my Mac.

 
nivekiam
nivekiam's picture

Joined: 2002-12-10
Posts: 16504
Posted: Tue, 2010-05-11 22:17

Any plain text editor will work.
____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Wed, 2010-05-12 06:13
Quote:
Wish me luck as I attempt to recreate the PDF invoice for the Gallery. I have to use my PC as I do not have Notepad on my Mac.

The PDF invoice (obviously) is not a .tpl template file, it's a pdf file, so you'll want to edit it with something that can edit pdf files easily. I use Adobe Illustrator but I'm sure there are open source alternatives.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Thu, 2010-05-20 13:29

Hi, alec. I have the confirm.tpl open in notepad. I am adding a single word to: 'Thank You!
This is an 'automatic' email to let you know your order has been placed successfully.'

A followup line will be added to the same area. 'Taxes are included in your order.'

To make a line bold I need to use the Smarty html file, correct?

As usual thank you. I have 5 days to make my changes. My course begins very soon and I will no longer have the time.

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Thu, 2010-05-20 13:34
Quote:
To make a line bold I need to use the Smarty html file, correct?

I don't understand what you're asking.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Thu, 2010-05-20 13:55

I did not provide complete details on this one! The line reading 'Your payment options are:' is the one I would like to make bold. Was reading through postings made here and made an assumption this could be done with html which is handled with Smarty isn't it?

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Thu, 2010-05-20 15:23

Yes, you can put html in Smarty templates (.tpl files). Smarty templates are complied to php which is interpreted. Any plain text and html markup gets passed all the way through into the output unchanged.

Note that the email templates have their content written twice - once for plain text, and once for html (the actual email contains both formats) - obviously you can't embolden the plain-text.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Thu, 2010-05-20 16:28

ok just so I understand this. I can add html to the Smarty templates. This sentence has me confused: 'Any plain text and html markup gets passed all the way through into the output unchanged.' I understand this to mean html changes made will not take effect. Am I correct?

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Thu, 2010-05-20 16:47

It might help to understand what Smarty is and does, and how it's used.

Smarty is a templating engine for php. It takes Smarty-format tags between braces {...} and converts them to chunks of php. Stuff that's not between braces gets fed through to the php interpreter without any changes.

Php looks for stuff between <?php and ?> tags and tries to interpret what it finds as code; output from php is inserted into the output stream. Anything not between those tags gets passed through without any changes.

Although it's unusual to use Smarty (and therefore php) to generate stuff other than html to send back to a browser, it can be convenient. In this case a Smarty template is being used to create email content, because the Gallery API has a convient function SendTemplatedEmail (or somesuch).

In fact, the email is built up from a stack of different Smarty templates. Each one is run through the Smarty compiler to change {...} to php, then the php interpreter to generate whatever is created from the php that Smarty generated. So an email containing an html table listing the products bought line-by-line can be generated via some Smarty loop constructions.

Plain text, or html, can be included in the Smarty template. Since it's not within a Smarty {...} construction it's not included in any php code, and then when the compiled template is executed by the php interpreter the html or plain-text is output unchanged, just like it would be in a .php file outside <?php ...?> tags.

In this case the resulting output is sent as an email by some php code rather than being returned to a browser in the form of a web-page but the idea is similar.

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Thu, 2010-05-20 21:13

ok if I have done this correctly this should result in this line being made bold:

<?php
<br><b> Your payment options are: </b><br>
?>

Thank you for your php help. Feel I am finally beginning to understand the php thing. lol

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Thu, 2010-05-20 22:41

noooo... that's html, not php - so you must not put it inside <?php ... ?>

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Fri, 2010-05-21 14:50

my gosh! I thought I had it solved! :)
Searching for a php command list to find the proper codes needed.

 
alecmyers

Joined: 2006-08-01
Posts: 4342
Posted: Fri, 2010-05-21 15:40

You are making this WAY WAY WAY too difficult for yourself. Just put the html in the .tpl file. That's all you have to do!

 
Magician742

Joined: 2006-05-30
Posts: 57
Posted: Fri, 2010-05-21 20:21

I see it, alec! :)

The top half says (if rendering == 'text' )
Towards the bottom it says (if rendering == 'html' )

Have a great long weekend! :)