This project is not covered by Drupal’s security advisory policy.

D6 version with Recurring Payment support has been released (now 1.5)!

This project is for the Ubercart Payflow Pro module which implements the Payflow Pro gateway. If you have a account with PayFlow Pro access (not regular PayPal or Website Payments Pro), this is the module you should use.

PCI Complaince

As this software does not come with any warranty (see GPL license included in the tarball downloads), and PCI certification for software is immensely expensive, we cannot promise that your system will be PCI compliant. Even assuming Drupal and all its modules are PCI compliant, your customizations and server may not be.

However, as long as you do not turn on test mode then this module (and at least most other ubercart gateways) will only store the CC expiration date and the last 4 digits of the CC number. Because full CC info is not stored on your server, PCI restrictions are much easier to meet.

You should consult an expert on PCI compliance to ensure your own site meets all credit card processing requirements. This is true of all gateways that pass credit card information through your servers in any way.


In addition to the typical Ubercart HTTPS pages, Payflow Pro sites that use recurring fees and allow customers to see orders should also force HTTPS on /user/*/pfp_cpanel/*/cc_update because it contains a credit card update form.

Maintainer Status

Unfortunately I do not have much time for major Drupal development now, nor likely any time soon (preparing for a baby). If you would like to take over the maintainer role of this module then that would be great. Until then, consider this module "minimally maintained."

Recurring and Branches

The 1.x branch uses a custom recurring structure. A 2.x branch with uc_recurring support is in progress (ETA unknown), which should provide more powerful features and overall robustness.

If you are currently using the 1.x branch's recurring features, there will be significant upgrade process required to move to the 2.x branch because uc_recurring works much differently.

Other than the recurring features, the 1.x and 2.x branches should be equivalent.

Drupal 7

The Drupal 7 branch conversion will likely begin after uc_recurring has a D7 release with a stable API.

Drupal 5

The D5 version of this module only supports basic credit card processing and is not regularly updated.

If you were using a D5 devel version from before Beta 1, you will need to configure the PEM file according to the README and then make sure your password is set correctly.


Original D5 work by David Strauss and Marshal Newrock (base), and Souvent22 (maintainer and recurring code). D6 port created and maintained by kwinters, with special thanks to mlutfy and bountyx. Additional maintenance help provided by AntoineSolutions.

Development sponsored in part by Coalmarch Productions. Additional sponsorship provided by MorningStar Ministries.

Project information

  • caution Seeking co-maintainer(s)
    Maintainers are looking for help reviewing issues.
  • caution Maintenance fixes only
    Considered feature-complete by its maintainers.
  • chart icon45 sites report using this module
  • shield alertThis project is not covered by the security advisory policy.
    Use at your own risk! It may have publicly disclosed vulnerabilities.