randvegeta

I appreciate that Blesta may be more for developers but that really is a restriction to many. Not everyone is going to find it accessible. And given the increased complexity, I think more and better documentation is really needed. Nice to know that you can do things that Blesta DOESN'T allow you to do . Kidding aside, as a 'non' developer, I've found making custom modules for our business needs has been fairly easy/straight forward. We have our own custom server management system and integrated it with our WHMCS with ease. I somewhat dread the idea of doing the same with Blesta and I would personally consider the extra hurdles to jump as a limitation. All things said and done, ACTUAL developers do seem to prefer Blesta so perhaps it is the only real choice for more competent programmers :-).

Fundamentally, I didn't come across anything that would make me thin Blesta is a poorly coded or constructed, or anything like that. But as a non-developer, I'm not exactly qualified to judge either way. With that being said, it took me a good 30 - 40 hours longer than it took me to do the same work for WHMCS. I am sorry to say, based on the information I have, I found Blesta very rigid, with many assumptions about modules/plugins that over complicate things, and with practically no documentation. My experience of the documentation was basically that there was none. I literally found no useful information of any kind in the documentation other than where to get the demo files. This is my biggest problem and criticisms, Now that the module is working, I have some understanding of how it all works so if I were to do it again, it would be easier and much faster than before. But in my non-developer opinion, it was overly complex with too many hoops to jump through. There is no reason I can think of it should be much more difficult, or require more specific programming methodologies for Blesta than it would for WHMCS. Honestly what is the benefit? I know this is probably starting to sound like a rant, but it honestly seemed to me that the module template was constructed in such a way.. just because! Like being OOP for the sake of being OOP. If I were to venture a guess, what happened was, someone was given a hammer, and everything started to look like nails. Again... just my non-developer opinion here. But at the end of the day, armed with the knowledge that Blesta is all nails and I now have a hammer, could probably take on other modules with more comfort and ease than before. Isn't that what community forums are all about? What do other people do?

Oh.. Then I can return null values, or even giberish and it will show the same thank you page and it won't matter. I'm returning empty values now and it looks fine! Looks like my module is done then! Tested and working. Took over a week.. but it's done! Thanks for the help everyone.

Ah. Great. I didn't realize the 'hostname' of the company referred to the Blesta installation. But it worked so thanks!

Where would this be set?

Hi everyone. New to Blesta and I'm having a small problem. In: Blesta -> Packages -> Order Forms -> {label link} This is a link to the order form for the selected group. Unfortunately the URL is incorrect. My Blesta is installed at http://my.domain.com/ and the order form is located at http://my.domain.com/order/main/index/Group However the link in Blesta goes to http://domain.com/order/main/index/Group. I'm not sure if this is a bug or a config issue on my part. Any help would be greatly appreciated!

Is there any functional purpose to the success method?

My method is the default example given in the template. public function success(array $get, array $post) { # # TODO: Return transaction data, if possible # $this->Input->setErrors($this->getCommonError("unsupported")); return array(); } But I have previously tried returning some values in the array but there do not appear to be any values to obtain from $get or $post. Give then following 'validate' method, what should I be putting in the 'success' method? public function validate(array $get, array $post) { $invoices = $this->ifSet($get['invoices']); $amount = $this->ifSet($get['amount']); $currency = $this->ifSet($get['currency']); $hash = $this->ifSet($get['hash']); $hashSeed = $this->ifSet($this->meta['secret']); // Log the successful response $this->log($this->ifSet($_SERVER['REQUEST_URI']), serialize($post), "output", true); $word = $invoices; // Used to create Hash $isSpecial = ""; //Null Default Value //Check if special currency if ($currency == "CRT") { $isSpecial = "#"; } $price = $amount.":".$isSpecial.$currency; //Converts the pirce into carrots $hashval = hash_word($word,$price,$hashSeed); #Checks if transaction is valid $status="error"; if ($hashval == $hash) { $status = "approved"; // set to '1' if valid } return array( 'client_id' => $this->ifSet($get[2]), 'amount' => $amount, 'currency' => $currency, 'status' => $status, // ('approved','declined','void','error','pending','refunded', or 'returned') 'reference_id' => null, 'transaction_id' => $hash, 'parent_transaction_id' => null, 'invoices' => unserialize(base64_decode($invoices)) // An array of arrays, each referencing the ID and Amount of each invoice paid ); } And what happens in case of failed (invalid) verification? How can I output a meaningful message to the client upon success/failure of a transaction?

This is what I see after the payment has gone through successfully. Rather than show any success message it shows this error. As far as I can see there are no variables to print. But I can confirm it is the 'success' function as I can echo random text okay.

Ah.. there is one thing. Even though the payment goes through, there is still an error displayed. http://i.imgur.com/F9jQElN.png

Thanks Tyson! I base64 decoded and unserialized and it seems to be all good now! As far as I can tell, it's all working.

FYI, here is the callback URL and the code within the validate function. public function validate(array $get, array $post) { # # TODO: Verify the get/post data, then return the transaction # # $invoices = $this->ifSet($get['invoices']); $amount = $this->ifSet($get['amount']); $currency = $this->ifSet($get['currency']); $hash = $this->ifSet($get['hash']); $hashSeed = $this->ifSet($this->meta['secret']); // Log the successful response $this->log($this->ifSet($_SERVER['REQUEST_URI']), serialize($post), "output", true); $word = $invoices; // Used to create Hash $isSpecial = ""; //Null Default Value //Check if special currency if ($currency == "CRT") { $isSpecial = "#"; } $price = $amount.":".$isSpecial.$currency; //Converts the pirce into carrots $hashval = hash_word($word,$price,$hashSeed); #Checks if transaction is valid $status="error"; if ($hashval == $hash) { $status = "approved"; // set to '1' if valid } return array( 'client_id' => $this->ifSet($get[2]), 'amount' => $amount, 'currency' => $currency, 'status' => $status, // ('approved','declined','void','error','pending','refunded', or 'returned') 'reference_id' => null, 'transaction_id' => $hash, 'parent_transaction_id' => null, 'invoices' => array(array('id' => $this->ifSet($get['invoices']), 'amount' => $amount)) // An array of arrays, each referencing the ID and Amount of each invoice paid ); } Does that look right?

Does this mean payments to invoices are SUPPOSED to be applied instantly and not need to wait for the cron to execute? I checked and it does appear to be enabled. Any ideas as to why I might be seeing these problems?

Okay so my payment gateway module seems to be working. I just need to do some further testing. I have gone through the entire process of ordering and paying an invoice. The payment goes through, and the system logs the payment correctly. However before the invoice is marked as paid, the transaction doesn't immediately get applied to the invoice. After 5 or so minutes, the payment is then applied and the invoice is marked as paid. Not a big deal but is there any reason for this delay? Why is it not applied immediately? Also, even after the payment is made, the product isn't automatically provisioned as is expected. Within the client area it just shows up as a pending product and I need to manually click 'activate' within the admin area. I double checked to make sure there wasn't anything requiring manual approval or intervention. Any ideas?

Hi Paul, thanks for your feedback. This is good to know. So I need not write any special code to check invoice currency. I can just verify the payment and if the currency is wrong, then it just won't be applied to the invoice then. That's good. It would be possible for someone to change the payment parameters before making the payment. But for whatever transaction that is actually made, so long as it is recorded correctly, hopefully I need not worry. Serge, I'm not sure what you are saying is correct as they contradict with Paul said. Unless of course I am misunderstanding you. I can pass any parameters to CarrotPay, yes. It is highly flexible gateway in this respect. Actually it is done only be adding the paramters to the return URL and it would technically be possible to modify the params by editing the return url itself. However, this should invalidate the hash so it is not a problem. I really don't understand what you are trying to say here. Sorry. But CarrotPay works like this. You MUST pass the following to CarrotPay: price (including currency) and some 'word' that will be hashed. You can then pass any other parameters within the return URL. When CarrotPay receives the payment, it does the following: hash($word, $price, $seed); Where: price = amount + currency seed = secret / password that is stored within the blesta database (CarrotPay knows this secret) word = any string you like. Normally with the paramaters you pass in the return URL. So $word is normally a string that looks like $invoices.$amount.$currency.$clientid etc. If someone attempts to modify the parameters in the return URL AFTER payment. the hash will not match and so the transaction would be invalid. If someone attempts to modify the parameters of the return URL BEFORE payment, then they would also need to change the 'word'. They COULD do that but when the transaction comes through, it will be recognized correctly with the actual details. So if they change the currency or amount, I can check that.