Streamlabs online dating christian dating mentally retarded
And this information is not random stuff like order numbers - it's name/address/phone number data that should be excessively familiar to the customer.
That said, I support logging more detail in the watchdog to help the admin figure out what's going on.
They just gave me back an accept or decline, along with a reason for decline like ZIP didn't match.
It's in that context that I say the error shouldn't be passed on to the customer.
Or maybe this only worked because I entered one of the universal test CC numbers. But I do totally see the perspective that we should not tell people the As I said, payment gateways I've worked with already seem to take care of the "plausible details but failed authentication" scenario by returning a generic message, to avoid fraud in exactly the way TR describes; why would they send a human readable response that could help to enable credit card fraud, if a poor implementation of their API may end up showing this to the customer?
The only use cases I can think of where the payment gateway would want to inform an administrator but not the end user is where payments would always fail, such as "payment gateway username incorrect" or similar, but this would show up when the administrator is initially testing the site.
:\ So yeah, some additional clarity in watchdog() at the very least would definitely be helpful, and probably would've shaved at least 20 minutes off that hour.
I naturally assumed that it wasn't doing any address validation, since "12345" is not a valid zip code for Alabama, either.When displaying an error message for a failed transaction to your customer, Pay Pal suggests one of two methods: 1.Map the Pay Pal error code number to your own custom message. Display Pay Pal's long message directly to your customer.The message in webchick's example appears to be a validation failure rather than an authentication failure; asking for a "valid postal code" suggests that the postal code is not valid at all for the given country, rather than failing a specific test for the customer's card.Most payment gateways appear to already work to avoid fraud in the way TR describes, returning generic "not authorised" responses when the bank refuses the card, but detailed, useful messages when part of the supplied details are invalid rather than incorrect.