Announcement

**Wayne Luke** · Fri 5 Jul '19, 9:07am

vBulletin 4.2.X is no longer in development and was marked end of life with the release of 4.2.5. A third-party developer may be able to make these changes for you.

This has been updated in vBulletin 5.5.2.

**gsk8** · Fri 5 Jul '19, 9:15am

Hi Wayne, I understand that it's no longer in development. I was hoping that someone might still have a fix? Can you send me to the thread for VB5 that pertains to this so I can see if I can hire someone to make the fix?

Thanks!

Edited: Just saw the link

What does this mean specifically?

The code must be updated to SHA256 hashing

Is this something I can do somehow?

**Wayne Luke** · Fri 5 Jul '19, 9:17am

Don't know of a topic in the forums. The issue was reported via Support Ticket. I linked to the bug report above. https://tracker.vbulletin.com/vbulle...sues/VBV-19100

**gsk8** · Wed 14 Aug '19, 10:00am

Hi Wayne!

I'm still paying fees for the service for Authorize.net but can't use. It appears they removed the "Hash"? They directed me to this page. Can anyone assist?
https://developer.authorize.net/support/hash_upgrade/

This means it would affect version 5 as well, I believe....?

**Wayne Luke** · Wed 14 Aug '19, 10:44am

vBulletin 5.5.2 and later support the new SHA256 hash required by Authorize.net.

https://tracker.vbulletin.com/vbulle...sues/VBV-19100

As vBulletin 4.X is end of life, there are no plans to update that software. Converting to vBulletin 5.5.2 or higher is the upgrade path.

**gsk8** · Wed 14 Aug '19, 11:00am

Understood. Is there any quick-fix I can use until I'm ready to upgrade to VB5 that you can suggest? My board is at least 17 years old and huge. I need time to make sure I can find developers for current mods before the upgrade. I really don't want to close my Authorize.net accout.

**Wayne Luke** · Wed 14 Aug '19, 12:17pm

The authorization mechanism with Authorize.net changed along with the format of the hash. A few key changes are:

vBulletin 5 is more reliant on an API and object oriented coding. Due to this the code structure is completely different. For instance, the front-end is more reliant on CSS and Javascript (~9 megabytes of code) than it is on PHP code (~1 megabyte of code).
Changes were made to legacy code to work with this API framework. With each version of vBulletin 5, we refactor code and eliminate more of this legacy code.
vBulletin 5 treats variables differently and more securely.
vBulletin 5 handles database queries differently.
In vBulletin 4.X, we generate the hash needed within our code. In vBulletin 5.5.2+, we use the hash_hmac function within PHP. This function didn't exist with older versions of PHP used with 3.X and 4.x.
We added options to the Payment Provider to handle the Authorize.net userid, api key, and signature.

I don't see a simple change in the code to make this work with older versions of the software.

**gsk8** · Sat 17 Aug '19, 4:58am

What I find interesting is that the transaction still goes through. The only problem is that folks are getting a "hash failed" error at the end. I wish I could fix this but can't.

vBulletin 4 End of Life

Announcement

MD5 Hash End of Life (Authorize.net) - Problem with transactions for Paid Subscribers

[Forum] MD5 Hash End of Life (Authorize.net) - Problem with transactions for Paid Subscribers

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Related Topics