Ken Posted December 6, 2013 Report Posted December 6, 2013 We just had a client over pay and of course the initial response to blame us for over charging. Can we please get a check box under /admin/settings/company/billing/invoices/ that allows us to disable the client's ability to enter their own amount? Michael 1 Quote
Cody Posted December 7, 2013 Report Posted December 7, 2013 In other words a client would only be allowed to pay the value listed on the invoice (e.g. not pay more, not pay less)? Obviously, the biggest caveat with this is nonmerchant payments that come in. Blesta has no control over those, so that would still allow payments to pay more or less than the amount due on an invoice and add credits willy-nilly. Quote
Ken Posted December 7, 2013 Author Report Posted December 7, 2013 In other words a client would only be allowed to pay the value listed on the invoice (e.g. not pay more, not pay less)? Obviously, the biggest caveat with this is nonmerchant payments that come in. Blesta has no control over those, so that would still allow payments to pay more or less than the amount due on an invoice and add credits willy-nilly. Really? I didn't know this. For example if you make a PayPal standard payment it appears to let you modify the amount but on the Blesta side. Once you submit the payment it redirects to PayPal to pay the amount. Are you saying the "Edit Payment" functionality is not able to be disabled in Blesta? I don't recall that in any previous billing systems but that's not to say that it wasn't there, it could be escaping my memory. In a worst case scenario I'd like to be able to make it slightly less available like it is on the non-merchant gateway. ie. Edit Payment link vs. Being prompted on the submit payment payment page. Quote
Cody Posted December 7, 2013 Report Posted December 7, 2013 When payments originate from third-party sources Blesta doesn't have control over them. That's just the nature of the process. When Blesta constructs the form data that is sent to PayPal or any other nonmerchant gateway, it's (generally) treated more as a suggestion by the gateway that the user should pay the given amount. It's entirely possible that someone could submit payment to your PayPal account that gets sent to Blesta in an amount Blesta didn't suggest or expect. It's even possible for users to submit payment without ever visiting your Blesta installation. Now, that said, it would be possible to enforce through the interface that user pay the exact amount due on the invoice, but it would be misleading to suggest that Blesta could strictly enforce such a rule if accepting something other than credit card and ACH. I'm actually more interested in what UI improvements we can make to ensure that user's don't mistakenly pay more than they intend to. I'm curious how this happened as Blesta fills in the amount due by default. Quote
Ken Posted December 7, 2013 Author Report Posted December 7, 2013 When payments originate from third-party sources Blesta doesn't have control over them. That's just the nature of the process. When Blesta constructs the form data that is sent to PayPal or any other nonmerchant gateway, it's (generally) treated more as a suggestion by the gateway that the user should pay the given amount. It's entirely possible that someone could submit payment to your PayPal account that gets sent to Blesta in an amount Blesta didn't suggest or expect. It's even possible for users to submit payment without ever visiting your Blesta installation. Now, that said, it would be possible to enforce through the interface that user pay the exact amount due on the invoice, but it would be misleading to suggest that Blesta could strictly enforce such a rule if accepting something other than credit card and ACH. I'm actually more interested in what UI improvements we can make to ensure that user's don't mistakenly pay more than they intend to. I'm curious how this happened as Blesta fills in the amount due by default. When you say third-party I am assuming you mean non-merchant gateways with hosted payment pages such as Paypal. That being the case how would they do this? If I pay an invoice in Blesta via Paypal Standard it takes them to a payment page which a set amount. I don't have the ability to change that amount. The only place I can change the amount is in Blesta itself for which the way I see it can just be removed. Unless you mean other non-merchant gateways that allow you to do this? I'm actually more interested in what UI improvements we can make to ensure that user's don't mistakenly pay more than they intend to. I'm curious how this happened as Blesta fills in the amount due by default. I think this is a good idea too, however at our company it's not an option for clients to pay whatever they feel like paying. They need to pay the amount due or contact our billing department for payment arrangements. Quote
Cody Posted December 9, 2013 Report Posted December 9, 2013 When you say third-party I am assuming you mean non-merchant gateways with hosted payment pages such as Paypal. That being the case how would they do this? If I pay an invoice in Blesta via Paypal Standard it takes them to a payment page which a set amount. I don't have the ability to change that amount. The only place I can change the amount is in Blesta itself for which the way I see it can just be removed. Unless you mean other non-merchant gateways that allow you to do this? Yes non-merchant gateways. Some gateways lock the ability to change the amount, others may not. But regardless, the user can generally change it to whatever they want simply by modifying the form contents as is the case with PayPal. I think this is a good idea too, however at our company it's not an option for clients to pay whatever they feel like paying. They need to pay the amount due or contact our billing department for payment arrangements. That's an interesting concept and one I've never been able to fully understand (money is money, right? Gimme gimme), but I can recognize the need for it, legal or otherwise. The only problem I have with it is that it's simply isn't possible to enforce in the case of non-merchant gateways. Though I suppose if it is properly conveyed to the user then we'll get less "OMG this is broken, clients can may more than the invoice amount using PayPal!!!" false bug reports. Quote
Ken Posted December 9, 2013 Author Report Posted December 9, 2013 But regardless, the user can generally change it to whatever they want simply by modifying the form contents as is the case with PayPal. The only editable form I see is the Blesta payment process. Once the user is redirected to Paypal they cannot change the amount. What form are they going edit exactly? Quote
Tyson Posted December 9, 2013 Report Posted December 9, 2013 They could potentially edit the form attached to the PayPal Pay button to change the amount, or other values. Similarly, someone could construct such a form elsewhere and submit payment to you in any amount to pay for invoices. What Cody is saying is that there is no guarantee that you will only be paid the expected invoice amount when you pay with a non-merchant gateway because such a requirement is unenforceable. Quote
Ken Posted December 9, 2013 Author Report Posted December 9, 2013 I guess it is to be assumed that there is no way to avoid this. If that's the case then we'll consider dropping Paypal Standard payments without regret. We'll still need to remove partial payments for merchant gateways. Quote
kpmedia Posted January 3, 2015 Report Posted January 3, 2015 I find this while conversation somewhat absurd. The average person is going to use the service -- not tinker with it. Sure, maybe you CAN finagle the amount on the 3rd-party site, but most won't have any idea how to do that. And the company/host can easily audit the payments, as nobody using Blesta with non-merchant payment is a large operation. We don't have tons of transactions. I find this an excuse, to be 100% honest -- a reason not to simply make this feature (to remove another feature). Let us, the end users of the billing panel, worry about fraudsters. Thanks for your concern, but don't hand-hold us. Quote
thynan Posted May 12, 2015 Report Posted May 12, 2015 Has a "disable partial payment" option been implemented yet? Or is it planned? We would like to remove that option too, and I don't know if it's a good idea to hack core files to achieve this.. Quote
Max Posted May 20, 2015 Report Posted May 20, 2015 When payments originate from third-party sources Blesta doesn't have control over them. That's just the nature of the process. When Blesta constructs the form data that is sent to PayPal or any other nonmerchant gateway, it's (generally) treated more as a suggestion by the gateway that the user should pay the given amount. Form posts are great if you want to have a "donate by Paypal" button on your static website. But the majority of non-merchant gateways also offer APIs nowadays that work like this: 1) call their webservice first to register the transaction with the amount, currency, description, status callback url, etc. 2) receive a URL like http s://payment-service-provider/b2990dac-ff0a-11e4-bd29-00270e120a22 back to redirect the user to. Nothing that the user can change that way. And the user doesn't have to click on a form submit button first, you can just HTTP redirect them to the payment page. Quote
aklik Posted May 31, 2015 Report Posted May 31, 2015 As thynan said, "disable partial payment" option is in plan to be implemented? We find really awkward that user can set whatever value at the payment time, creates confusion and trouble in the same time among users. So, is there any option to disable partial payment or the edit value? Quote
kpmedia Posted September 26, 2015 Report Posted September 26, 2015 Any update on this? This is important. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.