Atten Please: Help Test

[SteveColes]

Please, we go live with the raffle on Monday. I need testing help ASAP. Under the admin tab there is a link to purchase tickets. Please use it right away. I have our processor in Test Mode, so nothing will be charged or held. All this testing will do is test our code and its interface with authorize.net. I know I asked for testing earlier after I had done the initial conversion. But since then I have made some major changes to the DB structure for tracking purposes. So It really needs to be tested again.

The only difference that you will see is a a bit of a delay after submitting your CC number. That is becuase I am running 3 Table updates as a single transaction.

Oh, please use both real cards and bad ones.

Thanks

 

[McRabbet]

Bought 3 tickets and used a real CC but not the correct 3-digit number from the back -- still got a confirmation e-mail which showed correct info.

Rob

 

[ehpoole]

Are we supposed to get an "invalid card number" error?

I'm not sure if that is a consequence of the account being in test mode (it was a valid card # -- I'm 99% certain there were no typos as I double-checked), an issue in processing OR if it was caused by a possible double-load due to approving the "Show all Content" popup in IE9 due to there being a mix of SSL and Non-SSL content on the same page (which can result in double submissions). I have not received any emails to say that the transaction did/did not happen.

It would be best if we avoided the mixed content warning altogether as it can create a host of headaches when dealing with SSL transactions.

Also, it would be nice if the CC# field was wide enough to accept the full 16-digit CC# without scrolling, presently it is accepting only 15 digits in-view before it begins scrolling. A minor issue, but can be an annoyance for those who routinely print the screen for their record keeping.

 

[ehpoole]

My next try with IE9 did go through successfully, but in triple-checking everthing I entered I turned up another glitch with the CC# field. When the first digit scrolls out of view upon entering the 16th digit, you cannot scroll back to reveal the first digit (to double-check) UNLESS you first enter a bogus 17th digit -- after which you may then scroll back to review the first digit, then scroll back to the last digit so you can delete that bogus 17th digit you entered. Without the bogus 17th digit the card number renders on screen as if the very first digit were never entered -- this could be what fouled up my first submission attempt.

I'm still concerned about the Mixed Content warnings in IE -- because of the way IE often reloads a page to rerender it upon clicking the "Show all Content" popup, I can really see this potentially panicking some of our users.

The URLS that seem to be triggering the mixed content warning are as follows:

• Possibly the BBURL JavaScript variable -- difficult to say for certain whether it is being invoked.
• http://www.ncwoodworker.net/forums/clientscript/vbulletin-core.js
• http://pagead2.googlesyndication.com/pagead/show_ads.js (referenced 3 times - Not sure what do do with this one unless we can turn off advertising for this screen)
• http://www.ncwoodworker.net/forums/cron.php

If we can convert the above into either absolute (minus http://www.ncwoodworker.com) or relative URLs then the Mixed Content warnings should no longer be an issue for users.

 

[SteveColes]

Are we supposed to get an "invalid card number" error?

I'm not sure if that is a consequence of the account being in test mode (it was a valid card # -- I'm 99% certain there were no typos as I double-checked), an issue in processing OR if it was caused by a possible double-load due to approving the "Show all Content" popup in IE9 due to there being a mix of SSL and Non-SSL content on the same page (which can result in double submissions). I have not received any emails to say that the transaction did/did not happen.

It would be best if we avoided the mixed content warning altogether as it can create a host of headaches when dealing with SSL transactions.

Also, it would be nice if the CC# field was wide enough to accept the full 16-digit CC# without scrolling, presently it is accepting only 15 digits in-view before it begins scrolling. A minor issue, but can be an annoyance for those who routinely print the screen for their record keeping.

Yes, you should get the invalid number. The other checks don't work in testmode.

Turn off the mixed mode warning in IE. Right now I don't have an answer for it

 

[toolman]

Just tried it

Sorry, an error occurred while processing your request: (TESTMODE) The credit card number is invalid.

If possible, please try to correct the error, and purchase your tickets again.

If the problem persists, please open a ticket with the Help Desk.

Please do NOT post your credit card information in the ticket. The NCWW staff will NEVER ask for your credit card information

 

[SteveColes]

did you use a good number or a bad one?

Just tried it

Sorry, an error occurred while processing your request: (TESTMODE) The credit card number is invalid.

If possible, please try to correct the error, and purchase your tickets again.

If the problem persists, please open a ticket with the Help Desk.

Please do NOT post your credit card information in the ticket. The NCWW staff will NEVER ask for your credit card information

 

[toolman]

a bad one..

 

[toolman]

Tried it with a good card and got..

Thank you for your purchase

Your transaction ID is OL-NO-ID1334798997

Your raffle ticket numbers have been sent to your registered e-mail address of ncwood@ctadllc.com. If you do not receive your tickets within the next 15 minutes, please check your spam folder.

E-mail look like this..

-- DO NOT REPLY TO THIS E-MAIL, IT WAS SENT BY A MACHINE -- If you have questions, please contact the staff via Contact Us - North Carolina Woodworker

Reference: OL-NO-ID1334798997
Date: 04/18/12 21:29:57
User name: toolman
E-mail address: ncwood@ctadllc.com
Credit card type: Visa
Last 4 digits of card: XXXX8022
Number of tickets: 1
Total amount: $5.00
Ticket number(s):
200008

Thank you for supporting NCWW via the raffle, and good luck!

 

[ehpoole]

When I ran my two tests, one failed as above, and the other went through -- including an approval email. Both times I used the same Card. (hopefully the transaction didn't *really* go through ... lol!)

I should now have the mixed-content warnings (the "Show All Content" warning in IE; takes other forms in other browsers) fixed so that we aren't getting those annoying and -- especially in the case of Chrome -- rather frightening warnings that might scare away our users. It was not a trivial thing to pull off, though, as vBulletin and vbSEO want's to fight you every step of the way!

I know Steve took the time to widen the CC# field so that it now displays all 16 digits (in view) on IE9 browsers -- a big thanks due there! (I also verified as much, worked like a charm.)

 

[SteveColes]

After, your phone call, I re- looked at the change and I was mixing up maxlength and size parameters in my head. I was changing the wrong one and did not get desired effect.

When I ran my two tests, one failed as above, and the other went through -- including an approval email. Both times I used the same Card. (hopefully the transaction didn't *really* go through ... lol!)

I should now have the mixed-content warnings (the "Show All Content" warning in IE; takes other forms in other browsers) fixed so that we aren't getting those annoying and -- especially in the case of Chrome -- rather frightening warnings that might scare away our users. It was not a trivial thing to pull off, though, as vBulletin and vbSEO want's to fight you every step of the way!

I know Steve took the time to widen the CC# field so that it now displays all 16 digits (in view) on IE9 browsers -- a big thanks due there! (I also verified as much, worked like a charm.)

 

[SteveColes]

Even if your transaction appears to go through, it didn't while our account at authorize.net is in test mode, WHICH IT IS. Everything looks like it worked, because that is what it should do. I have to test the system end to end. Look at your transaction id it has the prefix OL-NO-ID that is the indicator that the transaction is not real.

 

[ehpoole]

Thanks for the clarification.

 

[ehpoole]

I've run another dozen or so tests using both bad and good card #'s. The one spurious result, which is presumably a consequence of test mode was that a "bad card" with a good CC#, but bad date (though still future), bad CVC code, bad owner name, bad house number, and bad zipcode still went through as a valid card. All other tests performed as expected.

I really like that you added the "TEST-#####" to the reference number -- it provides a lot more assurance that everything is in test mode. Before the system revealed it was in test mode if the transaction failed, but only revealed as much via what was (to me) a cryptic reference number before. This new reference numbers is much clearer to us.

One very minor "complaint" and that is that I really preferred the way we listed the "ticket numbers" before, where it was (IIRC) listed 5 per line rather than the new layout of one per line. It is not a big deal for those who only buy one or two tickets, but for those who purchase 10 or 20+ tickets they wind up with quite a long list, whereas the original way resulted in just 2-4 lines of numbers -- though it would be nice if there were an extra space between each number when listed in groups of 5 to better break them up. The 5/line format also worked better on smartphones with small displays since all your ticket numbers could be viewed on a single screen rather than needing to scroll (if purchasing larger lots). This may well be a win some/lose some argument, so this is expressed only as a matter of personal opinion on my part -- I'm not going to complain either way come time for the raffle so do with it what you may.

One other element that might be convenient would be pre-filling the "Country" field with "USA" since the overwhelming number of our members will be entering such. The few that are in other countries could simply change it. But that is a very minor point.

This is the only real feedback I have to offer at this time. I have tested under both IE9 and Chrome 18 (and FF11 to a more limited extent) and the experience went very smoothly -- especially now that the Mixed Content warnings are largely under control! There was nothing "frightening" looking about any of my transactions and they all completed smoothly this go round. Before, the Mixed Content warnings were making for a very clumsy transaction in both IE9 and Chrome -- I ran into none of that this go round.

Steve, thank you very much for all the time and hard work you have invested into seeing that this raffle goes off without a hitch! :icon_thum

 

[ehpoole]

One other enhancement comes to mind from a "user-friendly" perspective, but which is by no means essential and that is adding some JavaScript to validate that all the fields have been completed and contain (to the extent possible) valid data. This would catch the most common -- and obvious -- errors before the user risks losing their form data by prematurely submitting the form.

FYI, I have tested the Expiration field with dates in the form of "06/12", "06/2012", "6/12", "6/2012", "5/31/12", "05/31/12", "5/31/2012" and "05/31/2012" and all have evaluated properly, so I would only verify that the field consists of at least: [0-9]{1,2}(/[0-9]{2,4}){1,2} as a regex (you may need to escape the forward slash) should you choose to validate since most any reasonable format seems to work just fine. Zipcodes typically consist of [a-zA-Z0-9 ]{5,9} (there is a space in there) if you wish to accommodate both foreign and domestic zipcode and zipcode-equivalents.

Although it is something I would likely do if time permitted, I would only worry with it *if* you find yourself with time to burn since it is only an added convenience for our users. Don't stress over it if you don't feel like it -- I wouldn't at this point in time!

I think I'm pretty much out of critiques at this time. Let me know if you need any further testing.