I create a new payment gateway in cscart. After get success result from payment gateway cs cart redirect it to checkout page and show incomplete checkout.Please help me to solve this issue.
Because you did not provide any code, I made an example code for processing the response:
if ($mode == 'return') {
// this means, that the payment processor returned from 3rd party checkout page
$order_info = fn_get_order_info($_REQUEST['order_id'], true);
// you should have a response code (this section depends on your payment gateway)
if ($_REQUEST['response_code'] == "S") {
// the transaction was successful!
$pp_response['order_status'] = 'P';
$pp_response['transaction_id'] = $_REQUEST['transaction_id'];
$pp_response["reason_text"] = $_REQUEST['response_code'] . ": " . $_REQUEST['transaction_id']);
fn_finish_payment($_REQUEST['order_id'], $pp_response, false);
fn_order_placement_routines('route', $_REQUEST['order_id']);
} else {
// the transaction was NOT successful!
$pp_response['order_status'] = 'N';
$pp_response['transaction_id'] = $_REQUEST['transaction_id'];
$pp_response["reason_text"] = $_REQUEST['response_code'] . ": " . $_REQUEST['transaction_id']);
fn_order_placement_routines('route', $_REQUEST['order_id'], false);
}
}
The key "functions" are: fn_finish_payment() and fn_order_placement_routines(). If you did not finish the payment, you will be redirected to the checkout page, because this means, something went wrong.
Related
I have successfully utilized PayPal-PHP-SKD to request a payment sending the user to the PayPal payment gateway sandbox with credentials and sandbox buyer account etc. Everything works and I get a request to the returnURL with $_GET variables success=true, paymentID, token and PayerID. My problem is in the next step which captures the paymentID and PayerID, creates objects for Payment PaymentExecution which seems to work OK but crashes when I execute the line "result = $payment->execute($exClaimPayment, $mPPcredentials);". If I comment out that line, the code works without error but when I include it the code crashes.
"result = $payment->execute($exClaimPayment, $mPPcredentials);"
if (isset($_GET['success'], $_GET['paymentId'], $_GET['PayerID'])) {
if ($_GET['success'] == 'true') {
$mSuccess = TRUE;
$mPaymentID = $_GET['paymentId'];
$mPayerID = $_GET['PayerID'];
$payment = Payment::get($mPaymentID, $mPPcredentials);
$exClaimPayment = New PaymentExecution();
$exClaimPayment->setPayerId($mPayerID);
$mProgress = 'in success after $exClaimPayment->setPayerId($mPayerID)';
try {
$mProgress = 'in try';
//result = $payment->execute($exClaimPayment, $mPPcredentials);
} catch(Exception $ex){
$errorMsg = json_decode($ex->getData());
}
}
} else {
$mSuccess = FALSE;
$mProgress = 'in NOT success';
}
In my envoronment, Win 10, Notepad++, FileZilla, Hostmonnster hosting and Chrome, I cannot see the error. It just crashes (with HTTP 500 ??)
I found my error! It was MY error.
The line:
result = $payment->execute($exClaimPayment, $mPPcredentials);
Should have been:
$result = $payment->execute($exClaimPayment, $mPPcredentials);
I have worked on this code for half a day and did not see my error until 5 minutes after I posted the question on StackOverflow.
My conspicuous errors in PHP often cost me a lot of time. I would benefit from an environment that would point out my syntax errors.
StackOverflow is a very good resource. Thanks!
I am successfully redirecting to ccavenue payment gateway but on clicking the cancel button it is showing the error "Security Error. Illegal access detected" in the redirect url page.
This is my redirecturl page:
<?php include('Aes.php');include('adler32.php')?>
<?php
$workingKey='myWorkingKey'; //Working Key should be provided here.
$encResponse=$_POST["encResponse"]; //This is the response sent by the CCAvenue Server
$rcvdString=decrypt($encResponse,$workingKey);
$AuthDesc="";
$MerchantId="";
$OrderId="";
$Amount=0;
$Checksum=0;
$veriChecksum=false;
$decryptValues=explode('&', $rcvdString);
$dataSize=sizeof($decryptValues);
echo "<center>";
for($i = 0; $i < $dataSize; $i++)
{
$information=explode('=',$decryptValues[$i]);
if($i==0) $MerchantId=$information[1];
if($i==1) $OrderId=$information[1];
if($i==2) $Amount=$information[1];
if($i==3) $AuthDesc=$information[1];
if($i==4) $Checksum=$information[1];
}
$rcvdString=$MerchantId.'|'.$OrderId.'|'.$Amount.'|'.$AuthDesc.'|'.$workingKey;
$veriChecksum=verifyChecksum(genchecksum($rcvdString), $Checksum);
if($veriChecksum==TRUE && $AuthDesc==="Y")
{
echo "<br>Thank you for shopping with us. Your credit card has been charged and your transaction is successful. We will be shipping your order to you soon.";
}
else if($veriChecksum==TRUE && $AuthDesc==="B")
{
echo "<br>Thank you for shopping with us.We will keep you posted regarding the status of your order through e-mail";
}
else if($veriChecksum==TRUE && $AuthDesc==="N")
{
echo "<br>Thank you for shopping with us.However,the transaction has been declined.";
}
else
{
echo "<br>Security Error. Illegal access detected";
}
echo "<br><br>";
echo "<table cellspacing=4 cellpadding=4>";
for($i = 0; $i < $dataSize; $i++)
{
$information=explode('=',$decryptValues[$i]);
echo '<tr><td>'.$information[0].'</td><td>'.$information[1].'</td></tr>';
}
echo "</table><br>";
echo "</center>";
?>
I googled about the issue but was not able to get any solution. How to solve this error..Please give some suggestions regarding the same?
I found from the documentation (might be outdated but i couldn't find an updated one) that you need to pass a paramater called cancel_url which CCAvenue will redirect the customer to this URL if the customer cancels the transaction on the billing page.
So in the page that you create the payment you need to add to your form something like this
<input type="hidden" id="cancel_url" name="cancel_url" value="the_url_where_you_will_proccess_canceled_orders">
You must already have something similar with redirect_url
There is nothing wrong with your code. You need to maintain separate page for cancel order, in which you need not to use CC avenue response code. Since, user didn't complete the payment you wont receive any response parameter from ccavenue. So, their is no need to $verifyCheckSum and $AuthDesc variables. They just cancelled their order willingly. So, just need to show them a msg "Your order has been cancelled", in your website.
I use this code to send credential to users in Paid membership pro plugin:
https://gist.github.com/strangerstudios/5331923
In checkout I use PayPal Express and pay by check;
I modified this code because I would send credentials only to PayPal users when getting the checkout. In my code it seems it doesn't recognize the gateway PayPal.
function my_generate_passwords() {
//Get primary gateway
$setting_gateway = get_option("pmpro_gateway");
if (!empty($_REQUEST['username']) && empty($_REQUEST['password']) && $setting_gateway == "paypalexpress") { //if paypalexpress
$_REQUEST['password'] = pmpro_getDiscountCode() . pmpro_getDiscountCode(); //using two random discount codes if paypalexpress
$_REQUEST['password2'] = $_REQUEST['password'];
}
// If pay by check ... I try to insert else to see if the system do the switch condition
else {
$_REQUEST['password'] = pmpro_getDiscountCode(); //using one random discount codes if paybycheck
$_REQUEST['password2'] = $_REQUEST['password'];
}
}
add_action("init", "my_generate_passwords");
Am I wrong?
I am searching for how to use the PayPal IPN (Instant Payment Notification) from past 2 weeks and couldn't understand how exactly to use it in my code.
I am using the following HTML code to create a PayPal button
button.html
<form name="paypalForm" action="paypal.php" method="post">
<input type="hidden" name="id" value="123">
<input type="hidden" name="CatDescription" value="20Percents (12 Credits)">
<input type="hidden" name="payment" value="10">
<input type="hidden" name="key" value="<? echo md5(date("Y-m-d:").rand()); ?>">
<input TYPE="image" SRC="http://www.coachsbr.com/images/site/paypal_button.gif" name="paypal" value="Payment via Paypal" >
</form>
And, the following code to process the payment and verify it
paypal.php
<?php
require_once('paypal.class.php'); // include the class file
$p = new paypal_class; // initiate an instance of the class
$p->paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr'; // testing paypal url
//$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr'; // paypal url
// setup a variable for this script (ie: 'http://www.micahcarrick.com/paypal.php')
$this_script = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
// if there is not action variable, set the default action of 'process'
if (empty($_GET['action'])) $_GET['action'] = 'process';
switch ($_GET['action']) {
case 'process': // Process and order...
$CatDescription = $_REQUEST['CatDescription'];
$payment = $_REQUEST['payment'];
$id = $_REQUEST['id'];
$key = $_REQUEST['key'];
$p->add_field('business', 'info#aoptrading.com');
$p->add_field('return', $this_script.'?action=success');
$p->add_field('cancel_return', $this_script.'?action=cancel');
$p->add_field('notify_url', $this_script.'?action=ipn');
$p->add_field('item_name', $CatDescription);
$p->add_field('amount', $payment);
$p->add_field('key', $key);
$p->add_field('item_number', $id);
$p->submit_paypal_post(); // submit the fields to paypal
//$p->dump_fields(); // for debugging, output a table of all the fields
break;
case 'success': // Order was successful...
echo "<br/><p><b>Payment Successful.</b><br /></p>";
foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }
break;
case 'cancel': // Order was canceled...
echo "<br/><p><b>The order was canceled!</b></p><br />";
foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }
break;
case 'ipn': // Paypal is calling page for IPN validation...
if ($p->validate_ipn()) {
// For this example, we'll just email ourselves ALL the data.
$dated = date("D, d M Y H:i:s", time());
$subject = 'Instant Payment Notification - Recieved Payment';
$to = 'info#aoptrading.com'; // your email
$body = "An instant payment notification was successfully recieved\n";
$body .= "from ".$p->ipn_data['payer_email']." on ".date('m/d/Y');
$body .= " at ".date('g:i A')."\n\nDetails:\n";
$headers = "";
$headers .= "From: Test Paypal \r\n";
$headers .= "Date: $dated \r\n";
$PaymentStatus = $p->ipn_data['payment_status'];
$Email = $p->ipn_data['payer_email'];
$id = $p->ipn_data['item_number'];
if($PaymentStatus == 'Completed' or $PaymentStatus == 'Pending'){
$PaymentStatus = '2';
}else{
$PaymentStatus = '1';
}
foreach ($p->ipn_data as $key => $value) { $body .= "\n$key: $value"; }
fopen("http://www.virtualphoneline.com/admins/TestHMS.php?to=".urlencode($to)."&subject=".urlencode($subject)."&message=".urlencode($body)."&headers=".urlencode($headers)."","r");
}
break;
}
?>
An extra class file: (can be found here) http://pastebin.com/auCdYhaR
The code is working fine, but I am having big issue now, I am trying to validate whether the payment is successful or not from the following lines and doing the action (adding 10 credits to the database for the user on session).
case 'success': // Order was successful...
echo "<br/><p><b>Payment Successful.</b><br /></p>";
foreach ($_POST as $key => $value)
{
/*echo "$key: $value<br>";*/
// Do the required action, **add 10 credits in the database for the user on session**
}
break;
Finally, the issue is when I click on the button from button.html page it redirects to the Paypal.php page and when I enter my PayPal login details, payment is successful
THERE COMES A SMALL LITTLE TEXT -> RETURN TO THE SENDER'S WEBSITE I NEED TO CLICK ON IT, WHEN I CLICK ON IT, IT WILL BRING ME BACK TO PAYPAL.PHP PAGE AND THEN THE CASE 'SUCCESS' IS FIRED. IF I MAKE THE PAYMENT AND JUST CLOSE THE PAYPAL PAGE WITHOUT CLICKING ON RETURN TO THE SENDER'S WEBSITE AND DIDN'T WAIT TILL THE PAGE PAYPAL.PHP LOADS WEBSITE COULDN'T VERIFY THE PAYMENT AND COULDN'T ADD THE CREDITS.
HOW CAN I AUTOMATE THIS PROCESS AND ADD CREDITS UPON SUCCESSFUL PAYMENT NOT UPON SUCCESSFUL RETURN TO THE PAGE PAYPAL.PHP.
THANKS
It sounds to me like you're confusing PDT and IPN. PDT works by sending data to your return URL, but that is not the recommended way to handle post-payment processing tasks.
That's where IPN comes into play, which is a silent POST of data to your listener URL regardless of whether or not the user makes it back to your return URL. That way that code will always run no matter what (assuming you've got everything configured correctly.)
Sounds to me like you're sort of mixing the two and getting mixed results because of it.
I am planning to integrate a Google Checkout payment system on a social networking website. The idea is that members can buy "tokens" for real money (which are sort of the website currency) and then they can buy access to some extra content on the website etc.
What I want to do is create a Google Checkout button that takes a member to the checkout page where he pays with his credit or debit card. What I want is the Google Checkout to notify notify my server whether the purchase of tokens was successful (if the credit/debit card was charged) so I can update the local database.
The website is coded in PHP/MySQL.
I have downloaded the sample PHP code from here: code.google.com/p/google-checkout-php-sample-code/wiki/Documentation
I know how to create a Google checkout button and I have also placed the responsehandlerdemo.php file on my server. This is the file the Google Checkout is supposed to send response to (of course I set the path to the file in Google merchant account).
Now in the response handler file there is a switch block with several case statements. Which one means that the payment was successful and I can add tokens to the member account in the local database?
switch ($root) {
case "request-received": {
break;
}
case "error": {
break;
}
case "diagnosis": {
break;
}
case "checkout-redirect": {
break;
}
case "merchant-calculation-callback": {
// Create the results and send it
$merchant_calc = new GoogleMerchantCalculations($currency);
// Loop through the list of address ids from the callback
$addresses = get_arr_result($data[$root]['calculate']['addresses']['anonymous-address']);
foreach($addresses as $curr_address) {
$curr_id = $curr_address['id'];
$country = $curr_address['country-code']['VALUE'];
$city = $curr_address['city']['VALUE'];
$region = $curr_address['region']['VALUE'];
$postal_code = $curr_address['postal-code']['VALUE'];
// Loop through each shipping method if merchant-calculated shipping
// support is to be provided
if(isset($data[$root]['calculate']['shipping'])) {
$shipping = get_arr_result($data[$root]['calculate']['shipping']['method']);
foreach($shipping as $curr_ship) {
$name = $curr_ship['name'];
//Compute the price for this shipping method and address id
$price = 12; // Modify this to get the actual price
$shippable = "true"; // Modify this as required
$merchant_result = new GoogleResult($curr_id);
$merchant_result->SetShippingDetails($name, $price, $shippable);
if($data[$root]['calculate']['tax']['VALUE'] == "true") {
//Compute tax for this address id and shipping type
$amount = 15; // Modify this to the actual tax value
$merchant_result->SetTaxDetails($amount);
}
if(isset($data[$root]['calculate']['merchant-code-strings']
['merchant-code-string'])) {
$codes = get_arr_result($data[$root]['calculate']['merchant-code-strings']
['merchant-code-string']);
foreach($codes as $curr_code) {
//Update this data as required to set whether the coupon is valid, the code and the amount
$coupons = new GoogleCoupons("true", $curr_code['code'], 5, "test2");
$merchant_result->AddCoupons($coupons);
}
}
$merchant_calc->AddResult($merchant_result);
}
} else {
$merchant_result = new GoogleResult($curr_id);
if($data[$root]['calculate']['tax']['VALUE'] == "true") {
//Compute tax for this address id and shipping type
$amount = 15; // Modify this to the actual tax value
$merchant_result->SetTaxDetails($amount);
}
$codes = get_arr_result($data[$root]['calculate']['merchant-code-strings']
['merchant-code-string']);
foreach($codes as $curr_code) {
//Update this data as required to set whether the coupon is valid, the code and the amount
$coupons = new GoogleCoupons("true", $curr_code['code'], 5, "test2");
$merchant_result->AddCoupons($coupons);
}
$merchant_calc->AddResult($merchant_result);
}
}
$Gresponse->ProcessMerchantCalculations($merchant_calc);
break;
}
case "new-order-notification": {
$Gresponse->SendAck();
break;
}
case "order-state-change-notification": {
$Gresponse->SendAck();
$new_financial_state = $data[$root]['new-financial-order-state']['VALUE'];
$new_fulfillment_order = $data[$root]['new-fulfillment-order-state']['VALUE'];
switch($new_financial_state) {
case 'REVIEWING': {
break;
}
case 'CHARGEABLE': {
//$Grequest->SendProcessOrder($data[$root]['google-order-number']['VALUE']);
//$Grequest->SendChargeOrder($data[$root]['google-order-number']['VALUE'],'');
break;
}
case 'CHARGING': {
break;
}
case 'CHARGED': {
break;
}
case 'PAYMENT_DECLINED': {
break;
}
case 'CANCELLED': {
break;
}
case 'CANCELLED_BY_GOOGLE': {
//$Grequest->SendBuyerMessage($data[$root]['google-order-number']['VALUE'],
// "Sorry, your order is cancelled by Google", true);
break;
}
default:
break;
}
switch($new_fulfillment_order) {
case 'NEW': {
break;
}
case 'PROCESSING': {
break;
}
case 'DELIVERED': {
break;
}
case 'WILL_NOT_DELIVER': {
break;
}
default:
break;
}
break;
}
case "charge-amount-notification": {
//$Grequest->SendDeliverOrder($data[$root]['google-order-number']['VALUE'],
// <carrier>, <tracking-number>, <send-email>);
//$Grequest->SendArchiveOrder($data[$root]['google-order-number']['VALUE'] );
$Gresponse->SendAck();
break;
}
case "chargeback-amount-notification": {
$Gresponse->SendAck();
break;
}
case "refund-amount-notification": {
$Gresponse->SendAck();
break;
}
case "risk-information-notification": {
$Gresponse->SendAck();
break;
}
default:
$Gresponse->SendBadRequestStatus("Invalid or not supported Message");
break;
}
I guess that case 'CHARGED' is the one, am I right?
Second question, do I need an SSL certificate to receive response from Google Checkout? According to this I do: groups.google.com/group/google-checkout-api-php/browse_thread/thread/10ce55177281c2b0
But I don's see it mentioned anywhere in the official documentation.
Thank you.
I integrated this into my site over 6 months ago. It's very low volume, but works good so far.
The first thing that you should worry about is 'CHARGEABLE'. This means that the credit card has been approved for the transaction, but it will not actually charge the funds until you take action. In order to send the charge request, simply un-comment the two lines under CHARGEABLE. You can change your settings to make it automatically charge the card in 'settings' > 'preferences', but you might as well just un-comment the 2 lines and leave your options open.
Note that you might want to WAIT for the 'risk-information-notification' and determine if the risk check passed before approving the charge ($data[$root]['risk-information']['eligible-for-protection']['VALUE']). Although, seems you are talking about digital goods the possibility of chargebacks might not matter to you.
At some point, I'm sure you should also check that the request has sufficient information for you to link the funds to some account before you charge it, but maybe this is just my paranoia.
The other state that I use is 'charge-amount-notification'. It's completely possible that there is a way to use 'CHARGED', but I don't that 'CHARGED' provides an amount that was actually charged. ($amount_charged = $data[$root]['total-charge-amount']['VALUE'];)
As for the SSL, if you check the location where you enter the callback URL it states the following:
"Specify a URL for Google to notify you of new orders and changes in order state. You must provide the URL of a server running 128-bit SSLv3 or TLS"
Answer to your comment:
I do this under 'new_order_notification', not sure if you can do it elsewhere.
$items = get_arr_result( $data[$root]['shopping-cart']['items']['item'] );
foreach( $items as $item ) {
if( !isset ( $item['merchant-item-id']['VALUE'] ) ) {
//error
return;
}
$request_item_id = $item['merchant-item-id']['VALUE'];
//save your item id with corresponding google order id for further processing
}
Yes, "Chargeable" is the first thing you need to look at in a Google Checkout order. When you click "Chargeable", a window will pop up for you to actually charge the order BUT be sure that the "Eligible for Protection" is True before actually charging the order. This ensure you that the payment is covered by Google payment guarantee. You can actually see it in the "Buyer Credit Verification" section in Google Checkout.