Forum Home Forum Home > Legacy Products > SalesCart Standard / PRO / SQL
  New Posts New Posts RSS Feed - removing credt card info
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Forum Lockedremoving credt card info
 Post Reply Post Reply
Author
Message
  Topic Search Topic Search  Topic Options Topic Options
lleemon View Drop Down
Groupie
Groupie


Joined: March/16/04
Location: United States
Status: Offline
Points: 41 		Post Options Post Options   Thanks (0) Thanks(0)   Quote lleemon Quote  Post ReplyReply Direct Link To This Post Topic: removing credt card info
    Posted: July/13/04 at 8:31am
Looking at the fix for removing credit card information based on Article #: 5197.

We are keeping the last 4 digits and wondering if the following code below will work properly. 

<%

     'Article #:  5197

     order = Session("orderid")

     

     SQLStmt = "SELECT CardNumber FROM Payment "

     SQLStmt = SQLStmt & "WHERE Orderid=" & order & "; "

     

     Set SimpleAdo = New CSimpleAdo

     SimpleAdo.setConnectionString = Session("ConnectionString")

     Set RS = SimpleAdo.getRecordSet(SQLStmt)

     

     Do While CheckRS(RS)     

                  'editCC  = Left(RS("CardNumber"),4)

                  editCC = RS("CardNumber")

     RS.MoveNext

     Loop

     

     Set SimpleAdo = Nothing

     Set RS = Nothing

     

     'editCC = editCC & "************"

     

     Dim iEditCCLen

     iEditCCLen = Len(editCC)

     editCC = Replace(Space(iEditCCLen-4), " ", "*") & Right(editCC, 4)



     SQLStmt = "UPDATE DISTINCTROW [payment] "

     SQLStmt = SQLStmt & "SET CardNumber='" & editCC & "' "

     SQLStmt = SQLStmt & "WHERE Orderid=" & order & "; "

     

     Set SimpleAdo = New CSimpleAdo

     SimpleAdo.setConnectionString = Session("ConnectionString")

     Success = SimpleAdo.ExecuteInsertUpdate(SQLStmt)

     

     Set SimpleAdo = Nothing

%>


The other question I have for all is in the document it says to, 'Open receipt2.asp and place the following line after <!--#include file="merc-conf.asp"-->' but we didn't have this in our receipt2.asp file. We purchased ours in October 2003 so maybe it was removed. Not sure.
Our includes in original receipt2.asp are: 

<!--#include file="codepage.asp"-->

<!--#include file="ADOVBS.inc"-->

<!--#include file="IASUtil.asp"-->


I guess the other issue with all of this in the receipt2.asp page. We are assuming all our transactions are approved? What do we do if they are declined? Currently all declined transactions will not have the modified card info. Can we add this to the authfail.asp file as well?

Edited by lleemon
Back to Top
lleemon View Drop Down
Groupie
Groupie


Joined: March/16/04
Location: United States
Status: Offline
Points: 41 		Post Options Post Options   Thanks (0) Thanks(0)   Quote lleemon Quote  Post ReplyReply Direct Link To This Post Posted: July/15/04 at 11:46am
We also added the following code to the removeCC.asp file (our full file above) so the Security number isn't displayed in our database. What is displayed is * for every character entered so you at least have an idea of how many they entered. 


     'CheckRS is found in IASUtil.asp

     Dim editSC, iEditSCLen

     Do While CheckRS(RS)     

            editCC = RS("CardNumber")

            editSC = RS("CardSecurity")

     RS.MoveNext

     Loop



'.....skipping code here...



'start of Replace Security Code with asterick values

     iEditSCLen = Len(editSC)

     If iEditSCLen > 0 Then

            editSC = Replace(Space(iEditSCLen), " ", "*")

            

            SQLStmt = "UPDATE DISTINCTROW [payment] "

            SQLStmt = SQLStmt & "SET CardSecurity='" & editSC & "' "

            SQLStmt = SQLStmt & "WHERE Orderid=" & order & "; "

            

            Set SimpleAdo = New CSimpleAdo

            SimpleAdo.setConnectionString = Session("ConnectionString")

            Success = SimpleAdo.ExecuteInsertUpdate(SQLStmt)

            Set SimpleAdo = Nothing

     End if

     'end of Replace Security Code with asterick values


We also put code in this file that will reduce all credit card values over 4 digits to only include the last 4 digits. After a user has placed an order you can comment this out or remove. 

'start of reducing all credit card numbers greater then 4 characters

     Set SimpleAdo = New CSimpleAdo

     SimpleAdo.setConnectionString = Session("ConnectionString")

     Success = SimpleAdo.ExecuteInsertUpdate("UPDATE payment SET cardnumber = right(cardnumber, 4) WHERE len(cardnumber) > 1;")

     Set SimpleAdo = Nothing

'end of reducing all credit card numbers greater then 4 characters
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 11.04
Copyright ©2001-2015 Web Wiz Ltd.

Copyright 2015 by ComCity® LLC and SalesCart™.  All Rights Reserved