Jinpachi Posted January 24, 2014 Share Posted January 24, 2014 I installed the latest version of cube cart lite to try out and see if it will be a good fit for a project I am working on. I get a Mcrypt error on the Manual Card Capture settings. I was pretty sure I enabled this when compiling PHP in WHM but doubled checked regardless, and it also shows as enabled in PHPinfo. Has anybody else expierenced this? I won't be able to use/recommend this cart to the customer if Manual Card Capture isn't working. Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 25, 2014 Share Posted January 25, 2014 That's odd. We actually had a support ticket about this yesterday and the customer moved host as the existing host didn't support mcrypt. This resolved it and we successfully tested a successful card capture. Have you made sure that the PHP changes affect all server directories? There are 101 ways to change the PHP config but if you do it at compile level which it sounds you have all *should* be ok. Please do drop us a support ticket with admin and FTP access if you want us to take a deep look for you. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted January 25, 2014 Share Posted January 25, 2014 Hi The server configuration of mcrypt looks perfectly OK and matches the setup on all of our servers as well. I can confirm that this appears broken in 5.2.7 as I am seeing the same as you and yet on a 5.2.5 installation on the same server it works fine. Suggest you log an urgent ticket with CubeCart and if possible ask them (or do it yourself please) to post the patch file in this thread Thanks Ian Quote Link to comment Share on other sites More sharing options...
Jinpachi Posted January 26, 2014 Author Share Posted January 26, 2014 havenswift, thanks for confirming the issue. I am just trying to test the cart before purchasing, so I do not have member area access or support credits. Certainly not going to buy a license just to be able to open a ticket. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted January 26, 2014 Share Posted January 26, 2014 The suggestion to log a ticket was also made by Al at exactly the same time that I made my posting and if you havent purchased a licence yet then you are able to log a "sales" ticket. However now that we have reproduced it and more importantly, Al is aware of the problem having seen this thread, I am sure that it will be investigated on Monday Thanks Ian Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 26, 2014 Share Posted January 26, 2014 Hi Guys, I don't believe this is a 5.2.6 or 5.2.7 issue as checking version control nothing has changed in this module since we moved to Git from Subversion. If you have submit a support ticket we will have a deeper look for you. Have you tried making a test order capturing test credit card details? If mcrypt is working on the server I am sure it will be fine. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted January 26, 2014 Share Posted January 26, 2014 I don't believe this is a 5.2.6 or 5.2.7 issue as checking version control nothing has changed in this module since we moved to Git from Subversion. If you have submit a support ticket we will have a deeper look for you. Have you tried making a test order capturing test credit card details? If mcrypt is working on the server I am sure it will be fine. Al As I mentioned, we have a 5.2.5 installation and a 5.2.7 installation on the same server and the error occurs on the 5.2.7 version and not on the 5.2.5 version and the environments will be exactly the same as we dont allow local php.ini files for security reasons. These are both test installations and this isnt affecting any of our clients (due to PCI regulations anyone taking and storing credit card details for however long should really be on a dedicated server anyway and none of our dedi server clients take payment this way) but happy to log a ticket and work through this with you on Monday directly. Thanks Ian Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 26, 2014 Share Posted January 26, 2014 There was a change Ian! https://github.com/cubecart/CubeCart/commit/de67e6b62949265a0f08e647b9e873591ca66689#diff-89deee24899af9e3f048051f7533ca73So it looks like that code just fixes an issue of showing an error of mcrypt is not working. :-/ Maybe it is showing a "false negative"!! Does the store actually save the card data? Please note that it will only display this in the admin side under SSL. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted January 26, 2014 Share Posted January 26, 2014 There was a change Ian! So it looks like that code just fixes an issue of showing an error of mcrypt is not working. :-/ OK so explains why 5.2.6+ is now showing an error - versions prior to this would accept card details even if mcrypt wasnt installed lol ! Maybe it is showing a "false negative"!! Does the store actually save the card data? Please note that it will only display this in the admin side under SSL. I think the following added line is wrong and returning a false negative as mcrypt is definitely compiled and loaded into php on all our servers (as it appears to be with the OP server as well) if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} It is possible to place an order and the card data is saved. Thanks Ian Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 26, 2014 Share Posted January 26, 2014 There was a change Ian! So it looks like that code just fixes an issue of showing an error of mcrypt is not working. :-/ OK so explains why 5.2.6+ is now showing an error - versions prior to this would accept card details even if mcrypt wasnt installed lol ! It would indeed accept them but fail storing them. The code in plain English says... If mcrypt is installed carry on. If not show the error. So I don't get why the error shows. I can only assume the code to detect mcrypt isn't working even though its pretty standard. Maybe line 89 should be changed to: if (extension_loaded('mcrypt') || function_exists('mcrypt_module_open')) { Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted January 26, 2014 Share Posted January 26, 2014 Hi Al Looks like bad logic if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Should be if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} else $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Or better still (testing for something and on positive doing nothing is bad programming !) if !(extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Works for me although begs the question why moving to a different host as per your original answer "fixed" this ?? Thanks Ian Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 26, 2014 Share Posted January 26, 2014 if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Well this isn't what the logic is. Should beif (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {}else$GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); This is how the logic is. Works for me although begs the question why moving to a different host as per your original answer "fixed" this ? Because originally it looked like mcrypt was not installed. I still don't know why the error shows if mcrypt is installed as the coding logic looks fine. I can only assume that in this case PHP is not able to see that the mcrypt extension is loaded and the mcrypt_module_open function exists. They should both return true preventing the code falling to the else! The code change in version control makes the error show on screen rather than just be logged in the error log. No logic has changed in this module since well before 5.2.2 in June 2013. Maybe I am blind and should be in the pub rather than working on a Sunday night. Quote Link to comment Share on other sites More sharing options...
Jinpachi Posted January 26, 2014 Author Share Posted January 26, 2014 Al/Ian Thanks for the feedback. I went ahead with the configuration and able to place a test order and capture the CC Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 26, 2014 Share Posted January 26, 2014 Great! Did you need to make any php config changes or was the mcrypt error message wrong? Quote Link to comment Share on other sites More sharing options...
convict Posted January 26, 2014 Share Posted January 26, 2014 Looks like bad logic if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Should be if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} else $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Exactly so! 'else' disapeared somewhere LOL Wel done. Fixed in Git... Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted January 26, 2014 Share Posted January 26, 2014 Maybe I am blind and should be in the pub rather than working on a Sunday night. White stick on its way LOL Although what are any of us doing at this time on a Sunday night !Great! Did you need to make any php config changes or was the mcrypt error message wrong? What he was saying that even with the admin config giving the "error" message, the gateway itself still worked fine Exactly so! 'else' disapeared somewhere LOL Wel done. Fixed in Git... Thanks Milos although I still prefer never using empty statements like {} - why not change to if !(extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Ian Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 26, 2014 Share Posted January 26, 2014 I'm confused. What file is being discussed? The CC527 file /modules/gateway/Card_Capture/gateway.class.php, lines 89-97, look perfectly fine in my installation. There is no else statement gone missing. if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) { $this->_encryption = Encryption::getInstance(); $this->_encryption->setup(false, $order_summary['cart_order_id']); $record['offline_capture'] = $this->_encryption->encrypt(serialize($cardData)); $GLOBALS['db']->update('CubeCart_order_summary', $record, array('customer_id' => $order_summary['customer_id'], 'cart_order_id' => $order_summary['cart_order_id'])); } else { $error = 'Card Capture Error: mcrypt library missing from server required to encrypt credit card data.'; trigger_error($error); } On compund logic evaluations, I routinely break them apart for easier debugging: $is_mcrypt_available['el'] = extension_loaded('mcrypt'); $is_mcrypt_available['fe'] = function_exists('mcrypt_module_open'); //var_dump($res); if ($is_mcrypt_available['el'] && $is_mcrypt_available['fe']) { Quote Link to comment Share on other sites More sharing options...
Jinpachi Posted January 26, 2014 Author Share Posted January 26, 2014 Great! Did you need to make any php config changes or was the mcrypt error message wrong? No code or php config changes, the detection is not working correctly. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted January 26, 2014 Share Posted January 26, 2014 It is a simple logic error in modules/gateway/Card_Capture/admin/index.inc.php Change if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); To if (extension_loaded('mcrypt') && function_exists('mcrypt_module_open')) {} else $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); Thanks Ian Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted January 27, 2014 Share Posted January 27, 2014 I thought {} was a typo in Ians post!! Hence my confusion. I'm not keen on the empty else either so will adjust accordingly. Really nice we are (I am!!) all on the same page now! I changed it to: if (!extension_loaded('mcrypt') || !function_exists('mcrypt_module_open')) { $GLOBALS['main']->setACPWarning('Mcrypt library missing from server required to encrypt credit card data!'); } Please let me know if anyone disagrees. GitHub: https://github.com/cubecart/CubeCart/commit/7f8c449a09408601e721df9c6a8403556eb6aad4 Quote Link to comment Share on other sites More sharing options...
peterp Posted February 2, 2014 Share Posted February 2, 2014 Hi Al, I am having a few problems with the new version 5.2.7 and this is just one of them, I have changed the code as you have suggested and the same message is displaying the PHP I am using allows for mycrpt. Do you have any suggestions as this is on a live site and it may be causing my other problems of not getting a payment gateway screen after the last checkout has been selected. Best Regards, Peterp Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted February 2, 2014 Share Posted February 2, 2014 I have changed the code as you have suggested and the same message is displaying the PHP I am using allows for mycrpt. Do you have any suggestions as this is on a live site and it may be causing my other problems of not getting a payment gateway screen after the last checkout has been selected. The code changes do fix the warning message which was incorrectly being shown - it had no effect on operation of the gateway or any other parts of the site. Sounds like you have bigger problems but without details, impossible to say Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.