eWay gateway problems after upgrade to 7.8

[slim]

I've never had any problems with the Auto Updater until today. I got  the following:

Error (Help Documentation)
Error: file_put_contents(/home/account/public_html/vendor/whmcs/whmcs/21531e0xxxxxxxxxxxx232d4cc2xxxx9d.zip): failed to open stream: No such file or directory
[ErrorException]
Downloading
- Installing whmcs/whmcs (7.8.0)
Updating dependencies
Loading composer repositories with package information

I took a look in the above folder and watched the size of the download grow - SLOWLY. It looks like the WHMCS servers are serving the upgrade file so slowly that the upgrade process gives up waiting. I will try later, but I think thats the cause.

[slim]

Ended up getting it upgraded.. But the new multiple card UI is weird. It seems to ask for an amount to process, even when customers are updating the card.. After taking a look I ended up rolling back as the UI confused me - I can't imagine the confusion for customers.

Edited August 29, 2019 by slim

[WHMCS John]

Hi @slim,

A field for an amount to process doesn't sound familiar when updating a credit card via the client area or admin area.

Can you share a screenshot of what you're seeing please?

[slim]

@WHMCS JohnNope - Looks NOTHING like this! See screenshots.

As you can see the UI is unusable.

One is taken from the admin area, the other from the client area (update or add new card) 

Rolling back again now after taking these as its unusable.

 

Edited August 30, 2019 by slim

[slim]

Further to the above screenshots - THey appear as pop up windows which is weird. also the credit card graphics are incomplete. I accept Visa, Mastercard, Diners and Amex.. 

Not only this, for what reason would I want to show clients the name of the gateway I'm using? (in this instance eWay)

Why do these look so different from the screenshots you sent me?

There is no way anyone tested this prior to release. 

Edited August 30, 2019 by slim

[WHMCS John]

Hi @slim,

In 7.8 the eWay Rapid gateway has been updated to use the latest Rapid iframe implementation which appears in a remotely-hosted modal. This means that card details never touch your server, thus reducing your PCI requirements.

The way this is implemented by eWay is in a full-sized modal like this, there is unfortunately not the ability to integrate individual fields into our UI (like Stripe).

 

When updating card details a price of 0.00 is displayed, this correctly indicates that the client will not be charged.

The accepted card types is not restricted by the module code. If you don't see the expected card types in the iframe, please contact eWAY support to investigate.

The logo can be updated via the Shared Page settings in the MYeWAY control panel.

 

[slim]

Wow - I wasnt expecting that response. For a professional billing system, you’ve certainly developed a top notch useless update. Congrats.

That UI is non usable and no one will be updating while it’s like that. For a start, there is a PAYNOW button, but the customer isnt paying anything. The login button is confusing. Logon to what?! They are already logged in.

Email and phone number? Huh?! 

 

This is laughable

fix it.

Edited August 30, 2019 by slim

[glenn]

@slim You don't seem to understand that this is a modal from eWay and not from WHMCS.  So you should complain to eWay if you don't like the UI.

[slim]

What I understand is that in the previous version of WHMCS worked, this new version does not.

Further to this, the previous version used client side JavaScript card encryption meaning my servers never got the decrypted card number - it was encrypted client side with a public key and sent to eWAY for decryption, avoiding any PCI compliance on my part, so this new version does nothing more for me other than break everything.

Moreover, if WHMCS can't can't work together to release a functional product with eWay, why should I be expected to?

Why implement a broken implementation and release it knowingly breaking every host that uses it!? It beggars belief.

WHMCS John seems to know all about it and laid blame quickly at eWays feet.. If they knew about it why release?

Edited August 30, 2019 by slim

[WHMCS John]

Hi @slim,

Thanks for providing your feedback on eway's iframe implementation in v7.8.

We didn't receive any comments on this change during the month-long public pre-release test period, so seemed everyone else was OK with it.

I certainly take your comments on board and will see if there's a way to accommodate your request in future if other users feel the same way.

[slim]

Had you done basic testing yourself, you would have found the issue. After all it's not functional at all! 

I'm not paid to beta test your software. If your interested in an arrangement, by all means email me.

[WHMCS John]

Hi @slim,

In testing on the eWAY Sandbox environment, I am able to add cards and place orders via eWay Rapid without an error.

If you're experiencing any errors, please do share them here.

[slim]

Are you joking? Does the above UI look acceptable to you? 

[WHMCS Edward]

The UI you are referring to is something we have absolutely no control over. This is simply how eWay's secure tokenisation platform has been designed by eWay themselves.

-Ed

[slim]

Not only is there zero mention of this massive change in your change logs or release notes, your choice of integration method is also questionable - given eWAY have no less than 5 different integration options. 

I will be speaking to eWAY management Monday morning and advising them the integration is now dead in the water and see what comes of it.

[slim]

Eways tokenisation was working fine in your last release by the way. (Apart from some basic usability issues that could have been fixed with a bit of care and testing).

For example: not being able to add a new card without paying a due invoice! (Not much use if the client doesn’t have a due inv) 

Why you chose to swap tothe iframe method is confusing to say the least.

Edited August 31, 2019 by slim

[brianoz]

One thing that might help relieve the frustration is a little more documentation from WHMCS on the new 7.8.1 way of doing things as far as developers are concerned.  I fully understand there's only so much time in the day, but it would really help out.

I'm assuming the old way of returning the gatewayid from _storeremote() and _capture() still works, but at an educated guess I'd say that there are additional functions and parameters we need to define.

I had to produce a solution for myself when we were forced to switch over by the change of encoding, and the ensuing subsequent complete breaking of saved cards.  I might negotiate with eWay and see if there's a way they might accept to switch them over.

[brianoz]

Also, sadly, auto upgrade fails for me every time.  I wonder if it's because, following recommendations, we've renamed the admin folder to something else, and also have basic auth enabled on admin?  Thanks.

[WHMCS Edward]

1 hour ago, brianoz said:

One thing that might help relieve the frustration is a little more documentation from WHMCS on the new 7.8.1 way of doing things as far as developers are concerned.  I fully understand there's only so much time in the day, but it would really help out.

I'm assuming the old way of returning the gatewayid from _storeremote() and _capture() still works, but at an educated guess I'd say that there are additional functions and parameters we need to define.

I had to produce a solution for myself when we were forced to switch over by the change of encoding, and the ensuing subsequent complete breaking of saved cards.  I might negotiate with eWay and see if there's a way they might accept to switch them over.

Hey Brian,

Updated developer documentation has been made available on the developers site for tokenisation gateway modules, however the previous methods of returning tokens via the storeremote and capture functions should continue to function as before.

https://developers.whmcs.com/payment-gateways/tokenised-remote-storage/

Let us know if something you need is missing from there.

-Ed

[slim]

I have spoken to eWay and they will be contacting WHMCS as the situation is obviously dire for anyone wanting to upgrade. It appears WHMCS have chosen the wrong eWay integration method. Hopefully someone can sort this out and soon.

[brianoz]

Re the eway situation: By the way, for the record, I'd been waiting for the ability to update credit cards in Admin for about 3 years before upgrading.  I can imagine there are others stuck in that position.  We've been waiting for a very long time for the upgrade and frankly, this would be driving business away from eWay to other providers.  It's not like I hadn't mentioned it before to both of you over the years.  (apologies for the rant! coming out of frustration, I do still care!)

In 7.7.1 both customer forms just hang when I logged in as a user (using password in incognito) - pressing submit just sits there forever, with no notification.

Re the payment module doco and what's missing

When dealing with modern payment gateways, one has to have the credit card submit directly to the supplier (in this case, the form submits to something like ewaypayments.com/Process or variants depending on what version of the API you are using).

This used to be accomplished with _remoteinput/_remoteupdate or their WithTemplate variants.  I don't know whether these have disappeared, they're not in the doco any more and the hooks don't seem to work either.  We need to override the following somehow:

1.  Admin credit card entry form - has to submit direct to them (I can do this, but not through WHMCS)
2. User credit card payment form
3. User credit card update (management) form

This is simply because the field names and submit point change, and after that, a call needs to be made to eWay's system to work out what the actual last four digits and expiry were, and pop them into the database ($client->save() etc or update_table()).  Without something in the doco explaining how to do this, it's really very hard to implement a better gateway replacement. (By the way, I'd probably use TR rather than iframe, just one developer's opinion, and both are fairly old now, not recent).

[slim]

Can we get an update from WHMCS on this?

You have changed to the wrong eWAY integration method (iframe) and as a result have broken it meaning anyone who processes through this gateway can’t upgrade. 

Edited September 5, 2019 by slim

[WHMCS John]

Hi @slim,

Clients can place orders and complete payment via cart.php as always.

Additionally they can now add, update and delete their card details associated with eWay tokens via the client area.

Besides your objections to the appearance of this implementation method - which have been noted - can you please itemize the reproduction steps for any issues preventing a transaction from being processed?

[slim]

Given the UI, I can’t see how updating from the client area is possible. Technically, it may be, but not without total customer confusion.  I havnt even tried to complete an order via the cart but if it’s a similar UI then it’s not acceptable either.

[brianoz]

Hi John,

Does the UI still look different for you when you enter cards, and can you do so successfully?

I'm afraid it's less than usable in its current form; though if it appears as you've shown previously, of course that works.

Cheers,

Brian