Go Back   CodingForums.com > :: Server side development > PHP
Reload this Page PHP Form, XML response

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 09-18-2012, 10:36 PM   PM User | #1
marianocr
New to the CF scene

 
Join Date: Sep 2012
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
marianocr is an unknown quantity at this point
Smile PHP Form, XML response
Hi there. I'm trying to integrate with a payment gateway API, and as I'm fairly new to PHP, I'm having some trouble to proceed.

Basically, I have a form that goes to a specific URL (submitting URL). From the documentation: "Request information is submitted to payment platform with HttpsClient , and submitting mode is POST."

There is the customer-registration.php file, which requires the functions.php file that contains the information to md5-encrypt a string composed of several variables from the form. There is also a notify-url.php file which is the redirection page after registering a user.

Some variables are passed to the submitting URL on the payment server, but the XML response I get from there displays empty nodes for 3 variables that I should read back in order to complete the process (dateRegister, registerId and activationURL)

XML Response from the payment server:

Code:
<response>
	<operation>90</operation>
	<resultCode>0</resultCode>
	<merNo>10157</merNo>
	<email>me@gmail.com</email>
	<cardNumber>4111111111111111</cardNumber>
	<dateRegister/>
	<registerId/>
	<activationURL/>
	<remark>Invalid MD5Info</remark>
	<md5Info>FC0BB07DA01C551296054FBF167824B1</md5Info>
</response>
The customer-registration.php file looks like this:

PHP Code:
<html>
<head>
<title>Customer Registration</title>

<?
require("functions.php");

//START SET VARIABLES
$merNo="10157";
$dateRequest="20120918073500";//AUTOMATE THIS!
$language="ENG";
$notifyURL="http://www.mydomain.com/notify-url.php";
//END SET VARIABLES

//START FORM FORCED VARIABLES
$email="me@gmail.com";
$cardNumber="4111111111111111";
$firstName="John";
$lastName="Smith";
$phone="9535658659";
$zipCode="98656";
$address="123 North Ave.";
$city="Geekytown";
$state="AZ";
$country="US";
//END FORM FORCED VARIABLES

$md5Key="44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0"//MD5 key
$md5Info=MD5Encrypt($merNo,$email,$cardNumber,$dateRequest,$md5Key);
$crrurl="https://paymentdomain.com/xcp/register.jsp"//Request submitting URL
?>

</head>

<body>

<form method="post" action="<?php echo $crrurl?>">

<input type=hidden name="merNo" value="<?php echo $merNo?>">
<input type=hidden name="dateRequest" value="<?php echo $dateRequest?>">
<input type=hidden name="language" value="<?php echo $language?>">
<input type=hidden name="notifyURL" value="<?php echo $notifyURL?>">
<input type=hidden name="md5Info" value="<?php echo $md5Info?>">

<!--START HIDDEN FORCED VARIABLES-->
<input type=hidden name="email" value="<?php echo $email?>">
<input type=hidden name="cardNumber" value="<?php echo $cardNumber?>">
<input type=hidden name="firstName" value="<?php echo $firstName?>">
<input type=hidden name="lastName" value="<?php echo $lastName?>">
<input type=hidden name="phone" value="<?php echo $phone?>">
<input type=hidden name="zipCode" value="<?php echo $zipCode?>">
<input type=hidden name="address" value="<?php echo $address?>">
<input type=hidden name="city" value="<?php echo $city?>">
<input type=hidden name="state" value="<?php echo $state?>">
<input type=hidden name="country" value="<?php echo $country?>">
<!--END HIDDEN FORCED VARIABLES-->

<INPUT TYPE="submit" value="submit">

</form>

</body>
</html>
Right now, I'm passing the pre-declared variables as hidden text inputs (later I'll change that so it's an actual user input form)

The functions.php file looks like this:

PHP Code:
<?php
$merNo $_POST["merNo"];
$email $_POST["email"];
$cardNumber $_POST["cardNumber"];
$dateRequest $_POST["dateRequest"];
$md5Key="44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0"//MD5 key

function MD5Encrypt($merNo,$email,$cardNumber,$dateRequest,$md5Key)
{
$str "$merNo|$email|$cardNumber|$dateRequest|$md5Key";
$encryptedMD5 md5($str);
return $encryptedMD5;
}

$completeurl "https://paymentdomain.com/xcp/register.jsp";
$xml simplexml_load_file($completeurl);

$operation $xml->operation;
$resultCode $xml->resultCode;
$merNo $xml->merNo;
$email $xml->email;
$cardNumber $xml->cardNumber;
$dateRegister $xml->dateRegister;
$registerId $xml->registerId;
$activationURL $xml->activationURL;
$remark $xml->remark;
$md5Info $xml->md5Info;

function verifyMD5($resultCode,$merNo,$email,$cardNumber,$registerId,$dateRegister,$activationURL,$md5Key$md5Info)
{
$str "$resultCode|$merNo|$email|$cardNumber|$registerId|$dateRegister|$activationURL|$md5Key";
  $encryptedMD5 md5($str);
//echo $str."<BR>";
//echo "Generated CheckSum: ".$encryptedMD5."<BR>";
//echo "Received Checksum: ".$md5Info."<BR>";
  if($encryptedMD5 == $md5Info)
return "true" ;
  else
return "false" ;
}
?>
I'm not sure if I'm retrieving the XML response correctly. As per the API docs: "Response information is returned to client’s platform as XML."

And lastly, the notify-url.php file looks like this:

PHP Code:
<html>
<head>
<title>Notify URL</title>
</head>
<body>

<?php
require("functions.php");

$md5Key "44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0" //put in the 32 bit alphanumeric key in the quotes provided here

$retval verifyMD5 ($resultCode,$merNo,$email,$cardNumber,$registerId,$dateRegister,$activationURL,$md5Key);

if($retval == "true" && $resultCode == "1")
{
echo "Thank you for shopping with us. Your credit card has been charged and your transaction is successful. We will be shipping your order to you soon.";

//Here you need to put in the routines for a successful 
//transaction such as sending an email to customer,
//setting database status, informing logistics etc etc

}
else if($retval == "true" && $resultCode == "0")
{
echo "Thank you for shopping with us. However it seems your credit card transaction failed.";

//Here you need to put in the routines for a failed
//transaction such as sending an email to customer
//setting database status etc etc

}
else if($retval == "true" && $resultCode == "2")
{
echo "Account was registered before, only Card Information has been added";

//Here you need to put in, the routines for a HIGH RISK 
//transaction such as sending an email to customer and explaining him a procedure,
//setting database status etc etc

}
else
{
echo "Security Error. Illegal access detected";

//Here you need to simply ignore this and dont need
//to perform any operation in this condition

}
?>
</body>
</html>
So, basically I would like to see if the logic is right at this point and then figure out why does the response from the payment server is not complete. As stated there: "Invalid MD5Info"

Thank you very much for any assistance, it would be greatly appreciated!
marianocr is offline   Reply With Quote
Reply

Bookmarks

Tags
php, xml

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 05:45 PM.
Advertisement
Log in to turn off these ads.