removing credt card info
Printed From: SalesCart
Category: Legacy Products
Forum Name: SalesCart Standard / PRO / SQL
Forum Description: All questions pertaining to SalesCart Standard, PRO and SQL should be posted here.
URL: http://forum.salescart.com/forum/forum_posts.asp?TID=142
Printed Date: May/06/24 at 8:00pm
Software Version: Web Wiz Forums 11.04 - http://www.webwizforums.com
Topic: removing credt card info
Posted By: lleemon
Subject: removing credt card info
Date Posted: July/13/04 at 8:31am
Looking at the fix for removing credit card information based on Article #: 5197.
We are keeping the last 4 digits and wondering if the following code below will work properly.
<%
'Article #: 5197
order = Session("orderid")
SQLStmt = "SELECT CardNumber FROM Payment "
SQLStmt = SQLStmt & "WHERE Orderid=" & order & "; "
Set SimpleAdo = New CSimpleAdo
SimpleAdo.setConnectionString = Session("ConnectionString")
Set RS = SimpleAdo.getRecordSet(SQLStmt)
Do While CheckRS(RS)
'editCC = Left(RS("CardNumber"),4)
editCC = RS("CardNumber")
RS.MoveNext
Loop
Set SimpleAdo = Nothing
Set RS = Nothing
'editCC = editCC & "************"
Dim iEditCCLen
iEditCCLen = Len(editCC)
editCC = Replace(Space(iEditCCLen-4), " ", "*") & Right(editCC, 4)
SQLStmt = "UPDATE DISTINCTROW [payment] "
SQLStmt = SQLStmt & "SET CardNumber='" & editCC & "' "
SQLStmt = SQLStmt & "WHERE Orderid=" & order & "; "
Set SimpleAdo = New CSimpleAdo
SimpleAdo.setConnectionString = Session("ConnectionString")
Success = SimpleAdo.ExecuteInsertUpdate(SQLStmt)
Set SimpleAdo = Nothing
%>
|
The other question I have for all is in the document it says to, 'Open receipt2.asp and place the following line after <!--#include file="merc-conf.asp"-->' but we didn't have this in our receipt2.asp file. We purchased ours in October 2003 so maybe it was removed. Not sure.
Our includes in original receipt2.asp are:
<!--#include file="codepage.asp"-->
<!--#include file="ADOVBS.inc"-->
<!--#include file="IASUtil.asp"-->
|
I guess the other issue with all of this in the receipt2.asp page. We are assuming all our transactions are approved? What do we do if they are declined? Currently all declined transactions will not have the modified card info. Can we add this to the authfail.asp file as well?
|
Replies:
Posted By: lleemon
Date Posted: July/15/04 at 11:46am
We also added the following code to the removeCC.asp file (our full file above) so the Security number isn't displayed in our database. What is displayed is * for every character entered so you at least have an idea of how many they entered.
'CheckRS is found in IASUtil.asp
Dim editSC, iEditSCLen
Do While CheckRS(RS)
editCC = RS("CardNumber")
editSC = RS("CardSecurity")
RS.MoveNext
Loop
'.....skipping code here...
'start of Replace Security Code with asterick values
iEditSCLen = Len(editSC)
If iEditSCLen > 0 Then
editSC = Replace(Space(iEditSCLen), " ", "*")
SQLStmt = "UPDATE DISTINCTROW [payment] "
SQLStmt = SQLStmt & "SET CardSecurity='" & editSC & "' "
SQLStmt = SQLStmt & "WHERE Orderid=" & order & "; "
Set SimpleAdo = New CSimpleAdo
SimpleAdo.setConnectionString = Session("ConnectionString")
Success = SimpleAdo.ExecuteInsertUpdate(SQLStmt)
Set SimpleAdo = Nothing
End if
'end of Replace Security Code with asterick values
|
We also put code in this file that will reduce all credit card values over 4 digits to only include the last 4 digits. After a user has placed an order you can comment this out or remove.
'start of reducing all credit card numbers greater then 4 characters
Set SimpleAdo = New CSimpleAdo
SimpleAdo.setConnectionString = Session("ConnectionString")
Success = SimpleAdo.ExecuteInsertUpdate("UPDATE payment SET cardnumber = right(cardnumber, 4) WHERE len(cardnumber) > 1;")
Set SimpleAdo = Nothing
'end of reducing all credit card numbers greater then 4 characters
|
|
|