The answer is Yes, but... you might want to make sure and wait for someone else here to confirm my answer as I am on the fence. Better yet, why don't you email the iPage guys because they can give you help better...
I commented out the lines 137 and 140 in secpay.php :.
// tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, tep_session_name()'='$HTTP_POST_VARS[tep_session_name()]'&payment_error='$this->code, 'SSL', false, false));.
Does this constitue a security risk?..
I am currently having a few probs linking to this template. Got the iPage site working perfectly with the green screen, but I don't want it, obviously. I want to customise the look from oscommerce..
Secpay suggest that you have to include lines like:.
<input type="hidden" name="template" value="http:www.secpay.com/users/myname/mytemplate.htm.
This apparently will reference the template on their server. I have looked through their guide and on the iPage website but it just doesn't make sense..
Where on secpay.php do I inlcude these hidden form fields? I have no idea..
Look in catalog/includes/modules/payment/secpay.php all the hidden fields are listed and are prefixed by tep_draw_hidden_field. When you design your own input form just make sure all the hidden fields are included and primed...
I am having an issue with the SecPay module. I am using the latest version of oscommerce 2.2 MS2 (07/12/2003).
I am using linux Linux 2.4.23-grsec and Database MySQL 4.0.15-standard and.
PHP Version: 4.3.4 (Zend: 1.3.0).
When I submit a credit card payment using SecPay I get the following error 'There has been an error processing your credit card. Please try again.' at the top of the Payment Information screen. However is receive the following email below saying the status is OKAY..
Please look into this.
Original Message Follows.
From: SECPay Test Transaction.
When I initially installed the Secpay module I had the same problem and found that the code down in the module /includes/modules/payment/secpay.php which is performing the before_process is checking REMOTE_HOST for = 'secpay.com'..
The variable REMOTE_HOST doesn't infact contain anything so the code redirects you back to Checkout_Payment.php module which then throws up the error. As far as secpay are concerned the transaction was fine so they send out the email...