Microsoft KB Archive/327475

= PRB: Retail 2002 Solution Site Does Not Validate Credit Card Numbers =

Article ID: 327475

Article Last Modified on 9/11/2002

-

APPLIES TO


 * Microsoft Commerce Server 2002 Standard Edition

-



This article was previously published under Q327475



SYMPTOMS
When you insert a custom pipeline component, or a third-party pipeline component in Checkout.pcf that validates credit cards, all validations fail.



CAUSE
A value that is not valid, similar to Visa ####-####-###1-1111 11/2002, is passed to Checkout.pcf through _cc_number on the order form. This value is intended to make developers more aware of the possible security risks when you use clear-text credit card numbers in a Commerce Site. Although, this helps to increase awareness among developers, it has also added confusion for developers when they try to develop commerce sites.



WORKAROUND
To work around the problem, follow these steps:  Open Checkout.aspx.vb in a text editor or in Visual Studio .NET.  Change line 368 as follows, and then recompile the site. Default code on line 368: shoppingCart.SetPropertyOnOrderForms(TxOrderFormProperties.SavedCreditCardNumber,   paymentSelectPage.CreditCardNumber) Workaround code for line 368: shoppingCart.SetPropertyOnOrderForms(TxOrderFormProperties.SavedCreditCardNumber,  CType(creditCardProfile (Microsoft.CommerceServer.Site.Constants.Strings.DefaultCreditCardNumber).Value, String)) 

NOTE: Instead of recompiling the site, you can delete the temporary files that are associated with the site. These files are located in C:\WINNT\Microsoft.NET\Framework\v1.0.3705.



MORE INFORMATION
For more information, see &quot;Enabling Credit Card Number Encryption&quot; in the Commerce Server 2002 documentation.

Additional query words: plutonium

Keywords: kbfix kbnofix kbprb kbpending KB327475

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.