cancel
Showing results for 
Search instead for 
Did you mean: 

my website lost connection to authorize.net since May 27. cartweaver shopping cart coldfusion 3.xx

my website www.kaadu.com use cartweaver shopping cart coldfusion 3.xx since 2005. since one the web never lost connection to authorize.net. 

 

I hate to change that is why i still keep it running. I bought the new version CF 4.xx but i never implement it.

 

I do not do any change on programming.  I am going to post the error and my shopping cart programming . please help... the cartweaver reply to me they do not support 3.xx any more but i just want the cart like before.

 

1. a.when customer check click check out. get a exception error response page instead of thank you confirmation page.

 

     b. the error send back to my admin email is bellow

 

"

 

 

2. this is my shopping cart page ( it works fine before may 27, i did not change any...)

 

<cfsilent>
<!--- 
================================================================
Application Info: Cartweaver 2002 - 2007, All Rights Reserved.
Developer Info: Application Dynamics Inc.
                1560 NE 10th
                East Wenatchee, WA 98802
    
Cartweaver Version: 3.0.0  -  Date: 4/21/2007
 
================================================================
Name: Authorize.net Custom Tag
Description: Authorize.net payment processing.
 
NOTE: Setting up accounts and integrating with third party gateways is not 
a supported feature of Cartweaver. For information and support concerning 
payment gateways contact the appropriate gateway tech support web site or 
personnel. Cartweaver includes this integration code as a courtesy with no 
guarantee or warranty expressed or implied. Gateway providers may make changes 
to their protocols or practices that may affect the code provided here. 
If so, updates and modifications are the sole responsibility of the user.
================================================================
--->
<!--- 
Set these two values to your Authorize.net Username and password (or
Trasaction Key, depending on how you've defined your options in the Auth.net
admin).
--->
 
<!--- USER SETTING  [ START ] ==================================================== --->
<cfset variables.AuthNetLogin = "XXXXXXXX"><!--- Fill in your login --->
<cfset variables.TransactionKey = ""><!--- Fill in your transaction key OR password --->
<cfset variables.AuthNetPassword = "XXXXXX">
<cfset variables.TestMode = "False">
<!--- USER SETTING  [ END ] ====================================================== --->
 
<cfhttpparam type="FormField" name="x_Login" value="#variables.AuthNetLogin#">
    <cfif variables.AuthNetPassword NEQ "">
<cfhttpparam type="FormField" name="x_Password" value="#variables.AuthNetPassword#">
<cfelse>
    <cfhttpparam type="FormField" name="x_tran_key" value="#variables.TransactionKey#">
</cfif>
<cfhttpparam type="FormField" name="x_version" value="True">
<cfhttpparam type="FormField" name="x_type" value="AUTH_CAPTURE">
 
<cfhttpparam type="FormField" name="x_Amount" value="#NumberFormat(Client.OrderTotal,'999999999.99')#">
<cfhttpparam type="FormField" name="x_Card_Num" value="#request.CCNumber#">
<cfhttpparam type="FormField" name="x_Exp_Date" value="#NumberFormat(request.CCExprDate,"0999")#">
<cfhttpparam type="FormField" name="x_card_code" value="#request.CCV#">
 
<cfhttpparam type="FormField" name="x_Last_Name" value="#rsGetCustBilling.cst_LastName#">
<cfhttpparam type="FormField" name="x_First_Name" value="#rsGetCustBilling.cst_FirstName#">
<cfhttpparam type="FormField" name="x_company" value="NA">
<cfhttpparam type="FormField" name="x_Address" value="#rsGetCustBilling.cst_Address1#">
<cfhttpparam type="FormField" name="x_City" value="#rsGetCustBilling.cst_City#">
<cfhttpparam type="FormField" name="x_State" value="#rsGetCustBilling.stprv_Name#">
<cfhttpparam type="FormField" name="x_Zip" value="#rsGetCustBilling.cst_Zip#">
<cfhttpparam type="FormField" name="x_Country" value="#rsGetCustBilling.country_Code#">
<cfhttpparam type="FormField" name="x_Phone" value="#rsGetCustBilling.cst_Phone#">
<cfhttpparam type="FormField" name="x_email" value="#rsGetCustBilling.cst_Email#">
<cfhttpparam type="FormField" name="x_customer_ip" value="#cgi.remote_addr#">
 
<cfhttpparam type="FormField" name="x_Method" value="CC">
<cfhttpparam type="FormField" name="x_ADC_Delim_Character" value=",">
<cfhttpparam type="FormField" name="x_ADC_Delim_Data" value="TRUE">
<cfhttpparam type="FormField" name="x_ADC_Encapsulate_Character" value="">
<cfhttpparam type="FormField" name="x_ADC_URL" value="FALSE">
<cfhttpparam type="FormField" name="x_Test_Request" value="#variables.TestMode#">
</cfhttp>
 
<cfset request.TransactionResult = Val(ListFirst(cfhttp.fileContent))>
<cfset Request.TransactionID = ListGetAt(cfhttp.fileContent, '7')>
<cfset request.TransactionMessage = ListGetAt(cfhttp.fileContent, '4')>
 
<!--- 1=Pending, 2=Verified, 3=Shipped --->
<cfif request.TransactionResult EQ 1>
<cfset request.TransactionResult = "Approved">
<cfset request.OrderStatusID = 2>
</cfif>
 
</cfsilent>
 

 

where goes wrong? please help........

stevelu
Member
3 REPLIES 3

Hello @stevelu

 

Authorize.Net upgraded certificates on May 27th which required some sites to upgrade their infrastruction.  Your ColdFusion verion 3.xx is quite old.  Some users have reported success in upgrading the necessary components for CF7 or higher.

 

You may read more about the changes here: https://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Production-Certificate...

 

We always recommend keeping your software, platforms and infrastructure up to date to ensure you remain in compliance.

 

Richard

RichardH
Administrator Administrator
Administrator

my host last night confirm my host server has been updated as per the link provided. but it still not talk to authorize.net. but before may 27, there is no problem. but now what is wrong in the code? can someone point it out? thanks.

Most ColdFusion installations use Java, I understand, as its underpinning, so you need to update the Java certificate store, not the server certificate store. I think this page from Oracle's Java documentation should help resolve the issue for now.

But please note that ColdFusion 3 is no longer supported by Adobe--in fact the only supported versions currently on Adobe's site are ColdFusion 9, 10, and 11.

 

Unsupported software is not allowed per PCI DSS Requirement 6.2, which requires you to install new security patches from your software vendor on a monthly basis. Since no new patches are available for ColdFusion 3, this would be considered a PCI DSS violation.

Also, we will be disabling TLS 1.0 sometime before July 2016, possibly sooner--and the earliest supported version of ColdFusion that supports TLS 1.1/1.2 is ColdFusion 10.

Please consider upgrading your solution so that all of its components are actively supported. I realize you don't want to change your store but delaying upgrades only place you more at risk. 

 

--
"Move fast and break things," out. "Move carefully and fix what you break," in.