According to the docs, I can submit a form like this (example);
<form method="post" action="https://test.ipg-online.com/connect/gateway/processing">
<input type="hidden" name="txntype" value="sale">
<input type="hidden" name="timezone" value="CET"/>
<input type="hidden" name="txndatetime" value="2015:12:11-09:12:47"/>
<input type="hidden" name="hash" value="7a17dcc15df2819649ca80b7921"/>
<input type="hidden" name="storename" value="12345678"/>
<input type="hidden" name="mode" value="fullpay"/>
<input type="text" name="chargetotal" value="13.00"/>
<input type="hidden" name="currency" value="826"/>
<input type="hidden" name="responseSuccessURL" value="http://example.co.uk/thanks" />
<input type="hidden" name="responseFailURL" value="http://example.co.uk/failure" />
<input type="submit" value="Submit">
</form>
And that will work using something like Postman (but I've not supplied the correct storename here). By "work" I mean, you get through to the their gateway and can enter your card details and shipping address etc.
In order to get the correct hash and txndatetime I can use the FirstData_Connect Omnipay library.
I thought I could just use the public function getData but actually, that requires details about the users card, cvv code, expiry etc. I don't want to have an interface like that on my site, I just want the user to be able to click through to https://test.ipg-online.com/connect/gateway/processing - like in the form example above.
So how do I structure the PHP side to make use of the Omnipay Library? So far I have;
$gateway = Omnipay::create('FirstData_Connect');
$gateway->setStoreId($storeId);
$gateway->setSharedSecret($sharedSecret);
$response = $gateway->purchase(array(
'returnUrl' => $returnUrl . '?' . http_build_query($arguments),
'cancelUrl' => $cancelUrl,
'amount' => $payment->getAmount(),
'transactionId' => $paymentId,
))->send();
$result = $response->getData();
return $result;
But, as I've said above, I am required to submit the users card details as well. So I get the error;
"message":"The card parameter is required",
"class":"Omnipay\\Common\\Exception\\InvalidRequestException
OK so it sounds like that you need a gateway that works differently to the current FirstData_Connect and FirstData_Global gateways. Both of those are direct credit card gateways, of the type where you submit a full purchase request including the card data. What you appear to be talking to is a redirect gateway (much like the PayPal gateways).
When you say According to the docs, I can submit a form like this -- what docs are you talking about? I'm not that familiar with FirstData and their various options.
What it sounds like is that you need to develop, or have developed, a new gateway for FirstData which will return a RedirectResponse object containing the URL where you send the customer to to enter their card data and return to your application using one of the response[Success|Failure] URLs that you pass in the initial call. That's basically how PayPal and other redirect gateways work so you may want to start looking there rather than in the existing FirstData gateways.
Related
I implemented a paypal checkout about 3 years ago and it is currently working well. I now want to create a new checkout page for a new set of items. I copied the code from the page that I previously used and updated it for the new items. I set up the new page to use my sandbox for initial testing. The code below is cut from the actual page for display here.
<!DOCTYPE HTML >
<html>
<head>
</head>
<body>
<div>
<form id='paypal_form' action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="add" value="1" />
<input type="hidden" name="business" value="buyer#test.com" />
<input type="hidden" name="item_name" value="non-member RTV Renewal" />
<input type="hidden" name="amount" value="75.00" />
<input type="hidden" name="custom" value="Id=Joe;fixedName=Joe Smith;pw=1234;email=buyer#google.com;expdate=2024-02-14" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="lc" value="US" />
<input type="hidden" name="cancel_return" value="https://www.roundalab.org/Figures_Subscriptions_All/test_renew.htm">
<input type="hidden" name="return" value="https://www.roundalab.org/Figures_Subscriptions_All/success_test.php">
<input type="hidden" name="rm" value="2">
<center>
<div id="add-cart" style="padding:30px;">
<button onClick="document.getElementById('paypal_form').submit();">Click Here To Submit Order To Paypal</button>
</div>
</center>
</form>
</div>
</div>
</body>
</html>
The code works and creates an order in the paypal sandbox. It is then supposed to go the the url in the "return' item, which it does. The problem is that paypal is supposed to return a bunch of data in $_POST. When the return page is displayed, $_POST is empty. I also display $_GET and it contains 1 field which is the payer_id. A couple of questions...
Anyone know why no data in $_POST?
Is there a way that I can get any kind of error message that shows info on why no POST data was sent when going to the url in the return item?
I assume that this method of using paypal is deprecated. Is there a place that I can still get to the docs for using this interface?
The receiving sandbox Business account needs to enable Payment Data Transfer for any data to be returned.
With this sort of HTML-only (no API) PayPal integration that redirects away from your site, a return after a completed transaction is never guaranteed to occur. PayPal may be obligated to show the payer a receipt, or they may never click to return, or their browser may be closed or crash. Therefore, you should not depend on this returned data for absolutely anything of any importance. It is for extra informational purposes only.
If you are trying to do anything important with data returned via _GET/_POST , your integration is flawed.
With such an HTML-only <form> post integration, the only reliable way to receive data is by implementing the IPN service, which is also very old. All of these are poor choices if you need to do anything important with the data being returned.
Instead, use a current PayPal Checkout integration. Follow the Set up standard payments guide and make 2 routes on your server, one for 'Create Order' and one for 'Capture Order', documented here. Both routes should return only JSON data (no HTML or text). Inside the 2nd route, when the capture API is successful you should store its resulting payment details in your database (particularly purchase_units[0].payments.captures[0].id, which is the PayPal transaction ID) and perform any necessary business logic (such as sending confirmation emails or reserving product) immediately before forwarding your return JSON to the frontend caller.
Pair those 2 routes with the frontend approval flow: https://developer.paypal.com/demo/checkout/#/pattern/server
On my order page, I'm using this form:
<input type="hidden" name="item_number" value="<?php echo $refNumber; ?>">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<?php echo $paypal_email; ?>" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="return" value="<?=$_SESSION["web_site_url"]?>/payment_success.php?OrderID=<?=$refNumber;?>" />
input type="hidden" name="amount" id="amount" value="<?=$product_vals["discount_prize"]?>" />
<input type="hidden" name="item_name" id="item_name" value="<?=$product_vals["name"]?>" />
now I want a sample code for my payment_success page from that i came to know whether paypal authenticate the client payment or the client's payment is success of not.. so that i can proceed to next step of gathering information from client.
I have read the Paypal docs but unable to learn useful from them. help me out to solve this problem.Moreover i also want to get the paypal email of client and transaction id / payment_success variable (that is true/false) so that i will help me to identify the payment is succesful or not..
Thanks in advance.
You can use paypal class by Micah Carrick. This is pretty clear class which support notify URL, return URL and success URL. You dont need to use any form or something but just use this class and let this class to do your job.
sample code is:
$p = new paypal_class;
$p->add_field('business', $paypal_email);
$p->add_field('return', $add_fund_url.'/success.php');
$p->add_field('cancel_return', $add_fund_url.'/cancel.php');
$p->add_field('notify_url', $notify_url );
$p->add_field('item_name', $item_name);
$p->add_field('item_number', $item_number);
$p->add_field('custom',$custom_field);
$p->add_field('amount', $amount);
$p->add_field('no_shipping', '1');
$p->submit_paypal_post(); // submit the fields to paypal
If you're gather more data after they pay then you should really using Express Checkout APIs instead of PayPal Standard like you're using now. Even with Auto-Return enabled in your PayPal profile the user still may not make it back to your site (for example, they could simply close their browser before the redirect happens.)
With Express Checkout the user will always end up back on your site even before the final call to finalize the payment, so you could actually gather the additional details from the user even before finalizing the payment if you wanted to.
Check out this guide on Implementing the Simplest Express Checkout Integration. That will get you familiar with how Express Checkout should be setup (ie. the API calls you'll be making).
Then, grab this PayPal PHP SDK and use it to make the API calls. It has everything setup for you so that it would be very quick and easy for you to integrate into your checkout.
I want to pass the value for select payment mode and card type.
My code is :
<form method="post" action="http://www.ccavenue.com/shopzone/cc_details.jsp" name="frmTransaction">
<input type="hidden" name="Merchant_Id" value="<?php echo $Merchant_Id;?>">
<input type="hidden" name="Amount" value="<?php echo $Amount;?>">
<input type="hidden" name="Order_Id" value="<?php echo $Order_Id;?>">
<input type="hidden" name="Redirect_Url" value="<?php echo $Redirect_Url;?>">
<input type="hidden" name="Checksum" value="<?php echo $Checksum; ?>">
<input type="hidden" name="Merchant_Param" value="<?php echo $Order_Id; ?>">
<input type="hidden" name="pay_type" value="Debit Card" /> //credit card, netbanking
<input type="hidden" name="nb_bid" value="<?php echo $bank_name;?>" /> //VISA, mastercard
Here, How to pass pay_type and bank type and preselect the value in CCAvenue gateway. I cannot get any resource for this. Thanks in advace.
You want to use cURL. Also, it seems that CC Avenue provides its members with sample PHP code to interact with their web services. I found a manual here that shows where to get sample code from their website on page 12. Using cURL you'll be able to handle the payment before sending it out (adding database records, etc.) and you can obfuscate sensitive data such as your merchant ID.
You'll also probably need to write a second script to handle the response if you're redirecting the user outside of your own site to make the payment (which you might be since you're passing Redirect_Url). All this second script will do is check incoming GET/POST fields that they send you (such as an error code or a confirmation number for the user) and use that to add more info to your database.
I followed the below steps to integrate ccavenue in PHP
Login to ccavenue dashboard.
On the top menu bar navigate to Settings > Api keys. There you can find
merchant_id ,access_code,Working key
Navigate to Resources > Web Integration Kit
Under this screen there is an option to select Testing and Production Environment where you can find the testing and production URL.
Testing URL is not enabled by default you need to ask the support to enable it.
On the same screen there is Download Integration Kits . Click on this and find the Download PHP kit and download the code.
Use the downloaded kit according to your requirments.Also you can find the required parameters on Integration Methods menu as i used the iframe method.
Hope this will help in integrating the payment gateway
I am trying to (using a sandbox account) sell items using google checkout. I am displaying a form to the user which results in a buy now button
<form method="POST" action="https://sandbox.google.com/checkout/api/checkout/v2/checkoutForm/Merchant/..." accept-charset="utf-8">
<input type="hidden" name="item_name_1" value="Test"/>
<input type="hidden" name="item_description_1" value="An item "/>
<input type="hidden" name="item_quantity_1" value="1"/>
<input type="hidden" name="item_price_1" value="1.50"/>
<input type="hidden" name="item_currency_1" value="GBP"/>
<input type="hidden" name="_charset_"/>
<input type="hidden" name="checkout-flow-support.merchant-checkout-flow-support.continue-shopping-url" value="redirect to this url"/>
<input type="image" name="Google Checkout" alt="Fast checkout through Google" src="http://sandbox.google.com/checkout/buttons/checkout.gif?merchant_id=....&w=180&h=46&style=white&variant=text&loc=en_US" height="46" width="180"/>
</form>
On the google seller account i am setting the url to be called back too. In this instance i am using the php file from the google docs example
// Include Google Checkout PHP Client Library
include ("GlobalAPIFunctions.php");
// Include Response Message Processor
include ("ResponseHandlerAPIFunctions.php");
// Retrieve the XML sent in the HTTP POST request to the ResponseHandler
$xml_response = $HTTP_RAW_POST_DATA;
// Get rid of PHP's magical escaping of quotes
if (get_magic_quotes_gpc()) {
$xml_response = stripslashes($xml_response);
}
// Log the XML received in the HTTP POST request
LogMessage($GLOBALS["logfile"], $xml_response);
/*
* Call the ProcessXmlData function, which is defined in
* ResponseHandlerAPIFunctions.php. The ProcessXmlData will route
* the XML data to the function that handles the particular type
* of XML message contained in the POST request.
*/
ProcessXmlData($xml_response);
The issue is, as soon as i buy an item i get no call back whatsoever. No error message, no nothing so how can i see what is going on? Hopefully someone could help me out
Thanks
Check your Sandbox Integration Console for errors (if any) - just making sure that you are referring to your sandbox account (sandbox and production accounts are distinct)
On the google seller account i am setting the url to be called back too
"too" - just making sure. There is only one place where you set the API Callback URL - and that is in your Account Integration Settings (so there is no "too").
<input type="hidden" name="checkout-flow-support.merchant-checkout-flow-support.continue-shopping-url" value="redirect to this url"/>
Again, just clarifying that you are not referring to the above as the callback api url. The above is the link presented to a buyer after purchase (it's just a link back to your web site). It is not the callback api url.
I have my own shopping cart.
When the client click on Submit Order, I Redirect the user to paypal page where the client will be able to pay the order.
Here is my form
<form name="paypalform" action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="invoice" value="<? echo $idInvoice; ?>">
<input type="hidden" name="business" value="aa_aaa_biz#hotmail.com">
<input type="hidden" name="notify_url" value="http://domaine.com/catalog/IPNReceip">
<?
$cpt = 1;
foreach($ordering as $k => $v)
{
?>
<input type="hidden" name="item_number_<? echo $cpt?>" value="<? echo$v->Product->id; ?>">
<input type="hidden" name="item_name_<? echo $cpt?>" value="<? echo$v->Product->ProductNumber; ?>">
<input type="hidden" name="quantity_<? echo $cpt?>" value="<? echo $v->Qty; ?>">
<input type="hidden" name="amount_<? echo $cpt?>" value="<? echo $v->Price ?>">
<?
$cpt++;
}
?>
<input type="hidden" name="currency_code" value="CAD">
<input type="hidden" name="tax_cart" value="<? echo $taxes;?>">
<input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but01.gif" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
I would like to do the samething but within the code behind.
Somebody have an idea.
I don't want to use form anymore to redirect to paypal.
Thanks
The first thing you'll want to decide is decide which products suits you best.
What you describe, would be easiest to accomplish with Express Checkout.
Express Checkout consists of three API calls: SetExpressCheckout, GetExpressCheckoutDetails and DoExpressCheckoutPayment.
SetExpressCheckout prepares the transaction and returns a token. You must take this token from the API response and append it to a url to which you'll redirect the buyer.
Once the buyer has agreed to the purchase on the PayPal page, he/she is redirected back to the URL you specified in the RETURNURL parameter of the SetExpressCheckout API call.
On this return page, you need to call GetExpressCheckoutDetails or (optionally) look at 'PayerID' in the $_GET array for the return URL.
Once you have the token and the PayerID; either through GetExpressCheckoutDetails or as part of the GET data, call DoExpressCheckoutPayment to finalize the payment. This can be accomplished on the same return page, or can be actioned after the buyer clicks a 'Buy now' button on your return page.
See also the general Express Checkout page on X.com, Getting Started with Express Checkout and the Express Checkout Integration Guide (PDF).
Some sample code for SetExpressCheckout, GetExpressCheckoutDetails and DoExpressCheckoutPayment is available on https://www.x.com/developers/PayPal/documentation-tools/code-sample/78 as well.
Hope this helps! Let me know if anything is unclear.
Robert's answer is a great option - Express Checkout cannot be altered because its server to server and users need your API credentials - but if you want to stick with Website Payments Standard (WPS) see below:
Your concern is that your button can be tampered with. Yes this is possible if the buttons on your website are unhosted/unencrypted buttons. There are tools (like tamper data) that edit HTTP POST's before they are sent to the receiving address, or users can download the HTML form and alter it, then click the button (the referring URL would be different, but could be spoofed); unencrypted buttons are vunerable.
I would advise either using one of the options below to prevent this from occurring in the future:
The button manager API to create dynamic hosted buttons for payments
Create and use hosted buttons
Create and use encrypted website payment buttons