Community Add-Ons

GREAT Contribution!

I'm not sure why, but I had some difficultly with the encrypt_ccnum.php script which applies encryption to past orders. I had over 8000 records to update and it would crap out after about 500 or so updates (some records would get encrypted but the remaining would be untouched).

I could tell that something wasn't quite right because the browser did not display the last line of output:

Print '<br>Updating completed!';

But there were no other error messages. Maybe its the type of table I'm using (transaction logged?) I dont know. I never got down to the true source of the problem, but the quicker fix was to make the page choose 250 un-encrypted records at a time and encrypt them. Then, it all worked. If you have more than 250 records, just keep refreshing until all records are encrypted. Also added an COMMIT statement after each batch of 250 updates - didnt seem to make a difference and didnt hurt, so I left it there..

Decided not to create a new full package because this problem may not apply to everyone.

This is a small update to the excellent addon Credit Card Number Encryption. It all worked correctly out of the box, except for the admin/encrypt_ccnum.php file for mass credit card encryption post-install but pre-next order (which would be the 1st to be encrypted). This file was the key to encrypting credit numbers from all past orders. After playing with the code a bit, I got it to work and reformatted the output page as well. To trouble shoot, remove the "//" before the "print" lines (then you will be able to see the output of all the variables). If you do this, please remember to comment out those lines when you are done.

Full Package

In addition to this, I would highly recommend another complementary addon that is excellent - replacing all but the last 4 digits of credit numbers with "xxxxxxxxxx" and deletes cvv info from the database - and it is made to work with this encryption addon - it's almost as if they were made for one another: http://addons.oscommerce.com/info/5364

Error on step 9 line position number:

9) Modify catalog/admin/includes/classes/order.php:

a) After line 52, please insert this:

-------------------------------------------
Should be:

9) Modify catalog/admin/includes/classes/order.php:

a) After line 39, please insert this:

Credit Card Number Encryption
-----------------------------------------------------------------------------------------
If you want to secure your customers' credit card numbers, then you need this
contribution. As a online store owner, the increasing issues of securing
customers' online data is at its highest ever. This is my little contribution
to the cause.

During the past few months of reviewing and testing various encryption methods
contributed to the forum at osCommerce web site. I believe this contribution
will and should help a lot of osCommerce Users.

Emmeth Funches 062906
JTH Computer Systems
http://www.jthcomputersys.com

Protions Copyright (c) 2006 by JTH Computer Systems
Released under the GNU General Public License

Protions Copyright (c) 2003 osCommerce
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Released under the GNU General Public License


JTH Computer Systems Special thanks to:
Alexander Valyalkin posted original script on www.php.net on 30-Jun-2004 01:41
Below is MD5-based block cypher (MDC-like), which works in 128bit CFB mode.
It is very useful to encrypt secret data before transfer it over the network.
$iv_len -- initialization vector's length.

-PLEASE READ-IMPORTANT INFO ABOUT FUNCTIONS FOUND IN EN_DE_CRYPT.PHP------------------------

functions:

md5_encrypt($plain_text, $password, $iv_len = 16)

-and-

md5_decrypt($enc_text, $password, $iv_len = 16)

JTH Computer Systems notes and warnings:
If you pass a value to the $iv_len please remember the value or store it somewhere,
else you will not be able to decrypt the information. I suggest just using the default
value of 16.
The same goes for the variable $password, its value should not change after first use.

--------------------------------------------------------------------------------------------
MUST READ!!!!

1) VERY IMPORTANT -- PLEASE -- PLEASE -- MAKE A BACKUP OF CODING AND DATA --

2) The INCLUDES FOLDER contains A ORIGINAL osCommerce layout of the CONFIGURE.PHP with additional
lines required for the encryption process. Be careful not to overwrite you vaild copy of this
file.

3) If you are just installing a new copy of osCommerce 2.2ms2-051113, then you can just copy
the changed files directly to your folder. Note: Do not Copy the CONFIGURE.PHP.
--------------------------------------------------------------------------------------------