Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "payment processing"
-
Never heard of a so terribly designed online game.
For starters: the client-server model is process everything on the client, then save it on the server, and due to the nature of the site design, simply changing a tag will give you another of money.
The PayPal processing system doesn't read any headers or anything of that sort. So if you cancel your payment, this game thinks you've paid anyways.
Also, the trading system is based off of what buttons you can see so if you can see the cancel button it must be yours. So if you copy the cancel button to someones trade offering (FYI this is all done locally), and you click it you have gotten said item(s).
It gets worse, but I don't remember much more than that. The one thing they actually do is make session IDs expire.12 -
Me: The dev agency didn’t follow best practices. They only implemented front end validation on the form. The form submits to a public endpoint, so bots don’t have to go through our site to submit the form. That’s why our database is still filled with $1 donation transactions. I honestly recommend telling this to the dev agency and request that you not be charged for the extra work needed to do this right.
Manager: They charge $95/hr and they’re billing for 8 hours already.
[Aside: The agency’s task was to implement a $10 minimum on the form, do some text changes, and deploy.]
Me: I would expect work to be done according to accepted best practices. It’s really a half done job.
Manager: But they were very helpful when we had that payment processing emergency. They stayed late to help us. We shouldn’t push this in case we need their help again. Can you do the backend validation? [We are in US and agency is in Lithuania.]
Me: 🤬😩😑🤐[To myself: This wouldn’t have happened if the fundraising team hadn’t panicked and would only wait until I came back from my one day of PTO.]1 -
Risk engine for payment processing, with support for custom rules and third party integrations like IDology. Deadline was one week.2
-
SO MAD. Hands are shaking after dealing with this awful API for too long. I just sent this to a contact at JP Morgan Chase.
-------------------
Hello [X],
1. I'm having absolutely no luck logging in to this account to check the Order Abstraction service settings. I was able to log in once earlier this morning, but ever since I've received this frustratingly vague "We are currently unable to complete your request" error message (attached). I even switched IP's via a VPN, and was able to get as far as entering the below Identification Code until I got the same message. Has this account been blocked? Password incorrect? What's the issue?
2. I've been researching the Order Abstraction API for hours as well, attempting to defuddle this gem of an API call response:
error=1&message=Authentication+failure....processing+stopped
NOWHERE in the documentation (last updated 14 months ago) is there any reference to this^^ error or any sort of standardized error-handling description whatsoever - unless you count the detailed error codes outlined for the Hosted Payment responses, which this Order Abstraction service completely ignores. Finally, the HTTP response status code from the Abstraction API is "200 OK", signaling that everything is fine and dandy, which is incorrect. The error message indicates there should be a 400-level status code response, such as 401 Unauthorized, 403 Forbidden or at least 400 Bad Request.
Frankly, I am extremely frustrated and tired of working with poorly documented, poorly designed and poorly maintained developer services which fail to follow basic methodology standardized decades ago. Error messages should be clear and descriptive, including HTTP status codes and a parseable response - preferably JSON or XML.
-----
This whole piece of garbage is junk. If you're big enough to own a bank, you're big enough to provide useful error messages to the developers kind enough to attempt to work with you.2 -
Deadline in 24 work hours, for a in-house product to automate payment processing.
Why in 24 hours you say? , Me and the accounting guy is going on vacation on Friday.
Will it go into production on Friday evening while I'm going through the door?
¯\_(ツ)_/¯5 -
Got one right now, no idea if it’s the “most” unrealistic, because I’ve been doing this for a while now.
Until recently, I was rewriting a very old, very brittle legacy codebase - we’re talking garbage code from two generations of complete dumbfucks, and hands down the most awful codebase I’ve ever seen. The code itself is quite difficult to describe without seeing it for yourself, but it was written over a period of about a decade by a certifiably insane person, and then maintained and arguably made much worse by a try-hard moron whose only success was making things exponentially harder for his successor to comprehend and maintain. No documentation whatsoever either. One small example of just how fucking stupid these guys were - every function is wrapped in a try catch with an empty catch, variables are declared and redeclared ten times, but never used. Hard coded credentials, hard coded widths and sizes, weird shit like the entire application 500ing if you move a button to another part of the page, or change its width by a pixel, unsanitized inputs, you name it, if it’s a textbook fuck up, it’s in there, and then some.
Because the code is so damn old as well (MySQL 8.0, C#4, and ASP.NET 3), and utterly eschews the vaguest tenets of structured, organized programming - I decided after a month of a disproportionate effort:success ratio, to just extract the SQL queries, sanitize them, and create a new back end and front end that would jointly get things where they need to be, and most importantly, make the application secure, stable, and maintainable. I’m the only developer, but one of the senior employees wrote most of the SQL queries, so I asked for his help in extracting them, to save time. He basically refused, and then told me to make my peace with God if I missed that deadline. Very helpful.
I was making really good time on it too, nearly complete after 60 days of working on it, along with supporting and maintaining the dumpster fire that is the legacy application. Suddenly my phone rings, and I’m told that management wants me to implement a payment processing feature on the site, and because I’ve been so effective at fixing problems thus far, they want to see it inside of a week. I am surprised, because I’ve been regularly communicating my progress and immediate focus to management, so I explain that I might be able to ship the feature by end of Q1, because rather than shoehorn the processor onto the decrepit piece of shit legacy app, it would be far better to just include it in the replacement. I add that PCI compliance is another matter that we must account for, and so there’s not a great chance of shipping this in a week. They tell me that I have a month to do it…and then the Marketing person asks to see my progress and ends up bitching about everything, despite the front end being a pixel perfect reproduction. Despite my making everything mobile responsive, iframe free, secure and encrypted, fast, and void of unpredictable behaviors. I tell her that this is what I was asked to do, and that there should have been no surprises at all, especially since I’ve been sending out weekly updates via email. I guess it needed more suck? But either way, fuck me and my two months of hard work. I mean really, no ego, I made a true enterprise grade app for them.
Short version, I stopped working on the rebuild, and I’m nearly done writing the payment processor as a microservice that I’ll just embed as an iframe, since the legacy build is full of those anyway, and I’m being asked to make bricks without straw. I’m probably glossing over a lot of finer points here too, just because it’s been such an epic of disappointment. The deadline is coming up, and I’m definitely going to make it, now that I have accordingly reduced the scope of work, but this whole thing has just totally pissed me off, and left a bad taste about the organization.10 -
today I forgot to check the balance of my prepaid sim card. (it was < 2€)
I just received a notification from google that payment for devrant++ has been rejected.
F*uck!
I recharge my sim with paypal.
but google play it's still in error.
"add a different payment method"
fine.
I choose to add paypal....
*type username*
*type password*
*processing*
"your paypal account can be added because it's blocked; contact paypal."
wtf? I used paypal 10mins ago.
*login using paypal app*
everything works.
ok fuck you google.
as soon i will solve this issue i will restore the ++ subscription.
(if it will be disabled)1 -
Am I in developer hell already? A shitty project is about to come to an end (hopefully), or should I rather say: It needs to come to an end. But I am still quite lost in how to deal with it, hence procrastinating on it - making the deadline come closer and with it the realization that I'll probably have to rewrite almost everything. I'm not sure how, but I do know that the current code is a dumpster fire.
Basically what I need to do is dealing with the APIs of different payment providers/gateways (like PayPal, AmazonPay). For most cases I'll get a payment ID from the shop and need to act on it later, e.g. capture the authorized money in the case of a credit card transaction or do refunds (without user interaction, unless there is an error). Now at first I put something together where I try to abstract the payment information into two tables:
orders{1}<->{0..n}payments
payments{1}<->{1..n}paymentDetails
Unfortunately trying to abstract the different payment methods and to squeeze them (and their different possible stati and functions) in these tables was not very successful, it's a total mess with magic numbers, half-broken behavior and without any consideration for partial payments/captures or unfinished requests (i.e. if there is an exception before the response is dealt with, there is no indication that anything has ever been sent). Also the current amount is calculated through the history of the paymentDetails table, which basically works differently for each payment type.
How to fix this mess in a way that I'll still have a job by next week?
I'm trying to improve the db schema first, as I think my biggest problems are lying there. Through some research I've come across a recommendation for making payment type specific subtables (with a magic number/string in the main table to prevent having to look up all subtables). That way I can record what I send and receive without having to abstract it too much, so I'll have an acceptable transaction log. The paymentDetails table can be removed (necessary fields go to the payments table). The payments table gets multiple fields for the amount (differentiating between open, authorized, captured, processing and refunded values) and always reflects the current status.
Tables:
payments
paymentRequestsPaypal
paymentRequestsAmazonpay
paymentRequestsXyz
I think I'm going in the right direction here. hm. Maybe there's some light at the end of this long, dark tunnel. Or a train. I'll have two days to find out.question kill me already send help thank you for being my rubber duck payment gateways deadline approaching rant/question burnout6 -
It's somewhat nice here. The thing is we have a lot of infrastructure problems and it's hard to implement business here which made it hard to find a job. But if you're working with US clients, it's fine. Internet access and electricity is not reliable, but you can find a workaround.
As a consumer of digital services, it's weird as we're pretty close to the US (2 hours flight) and there's not an embargo against us, but payment processing services won't touch us (legalization is awful for them), so good luck paying with any local issued card. And if anything is country restricted, we're right next to Cuba (Again, legalization). Paypal, Spotify, iTunes, most of Netflix, a few cloud providers.
Yeah, that's it. Right next to the US and no embargo and willingness to learn other languages (Easy to find French, English and Spanish speaker), but with big infrastructure problems (Internet and Electricity) so you can be really qualified and not get a job.
I'm in Haiti.4 -
Hey guys I need an interview tip here.
I applied to this payment processing company as an android dev. I completed almost all of the stages, they gave very positive feedback and tomorrow is the last stage (30min talk with their CTO from USA, who's been in his company for 18 years).
They told me that he wont ask many questions and he will just try to scan me and figure out the vibe. Mind that the main company is in USA and company where I'm applying is in Europe. So I guess this is a final test to see how good I'm in english in terms of speaking? Jokes on them I worked in 3 startups in Europe and I can speak better than most of my peers who never left my country lol.
What kind of questions should I ask HIM? I am able to leave a good impression, but I would also appreciate any tips on how to deal with this better. Apparently I will need to communicate with this guy from time to time in the future, as he is the head of our project.7 -
While the sidenote of explanation regarding the business process being added up front without much useful detail is all nice etc
Expecting some overblown explanation about fixing a mistake from a middle aged man as to motivation is just stupid
What else is stupid is directing a person to the same things when you people are supposedly supposed to spare us that
What else is stupid is people processing literally 10s of 1000s of man hours of the PRECISE same work over and over again letting themselves be psychologically programmed and handicapped
And what is really dumb is when vital data that can make a large difference in a payment getting processed or a claim being accepted or rejected is just allowed to pass through entirely on the premise that it allows a broken ass system to bite some in the ass and give a break to someone else instead of FIXING THE FUCKING SYSTEM1