Page 1 of 1
[SOLVED] Help!
Posted: Sat Mar 13, 2004 3:33 pm
by filch
Hello all,
I am wondering if someone could cast an eye over the following because for the life of my I can’t see what is wrong and it is driving me more than a little batty. The scenario is that I am trying to complete an ecommerce site where the cart is sent to my pay provider in a text string and then then use an export script to post back form values to a script on my site to return values and flags from the transaction. The test script I am using is below and it is preceeded by the contents of the $_POST array and the output from my script. The crazy thing here is that when payment provider send me back to my page with the test script on it, it always shows “NOT AUTHORIZED” but when I look at the logs from the export script on the pay providers site, my script is outputting all the correct data yet my test page will not show it. I know this is probably something stupid but perhaps I can blame it on my headache???
Thanks in advance.
Dave
[output from my test script found in the export script logs on pay providers server]
Array( [MerchantNumber] => XXXX [CustomerName] => Dave Filchak [xxxName] => Dave Filchak [CustomerCompany] => [xxxCompany] => [CustomerAddress] => 15 Streets Ave [xxxAddress] => 15 Streets Ave [CustomerCity] => Toronto [xxxCity] => Toronto [CustomerProvince] => ON [xxxProvince] => ON [CustomerCountry] => CA [xxxCountry] => CA [CustomerPostalCode] => M6S1L7 [xxxPostal] => M6S1L7 [CustomerEmail] =>
dfilchak@isp.ca [xxxEmail] =>
dfilchak@isp.ca [CustomerPhone] => 41659102556 [xxxPhone] => 41659102556 [CardHolder] => Dave Filchak [xxxCard_Name] => Dave Filchak [TimeStamp] => 03/13/2004 16:00:44 [Live] => 3 [Currency] => 1 [receiptnumber] => 1103558428.3785 [SalesOrderNumber] => 0 [ReturnURL] =>
http://roarockit.zuka.net/returntest.php [ip_address] => 55.229.56.36 [Language] => EN [KeySize] => 128 [SecretKeySize] => 1024 [UserAgent] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) [EntryTimeStamp] => 03/13/2004 04:00:31 PM [ApprovalCode] => T00000 [Verbage] => Test Approved [NiceVerbage] => Test Approved [Amount] => 46.28 [xxxCCType] => Test Card Number [CardType] => Test Card Number [DoubleColonProducts] => 46.28::1::579::Grand Total::{US}{TEST} [Products] => Price::Qty::Order ID::Description::Flags|46.28::1::579::Grand Total::{US}{TEST} [UnixTimeStamp] => 1079211644 [RefererURL] =>
http://roarockit.zuka.net/cart.php [xxxTemp] => 1 [xxxVar1] => 579 [cart_order_id] => 579 [paymenttype] => 0 [total] => 46.28 [demo] => {TEST} [y] => 8 [x] => 51 [currentCurrency] => us)
You been authorized!
Your Authorization Code is: T00000
Your Order Id is: 579
The Success Flag is: Test Approved
[my test script page]
Code: Select all
<html>
<body>
<?php
$theorderid = $_POSTї'cart_order_id'];
$theauthcode = $_POSTї'ApprovalCode'];
$thesuccess = $_POSTї'NiceVerbage'];
print_r($_POST);
echo "<br>";
if (!$theauthcode) {
echo "NOT AUTHORIZED";
}
else {
echo "You been authorized! <br>";
echo "Your Authorization Code is: $theauthcode <br>";
echo "Your Order Id is: $theorderid <br>";
echo "The Success Flag is: $thesuccess <br>";
};
?>
</body>
</html>
Re: Help!
Posted: Sat Mar 13, 2004 11:14 pm
by TheBentinel.com
filch wrote:
Code: Select all
<?php
$theorderid = $_POST['cart_order_id'];
$theauthcode = $_POST['ApprovalCode'];
$thesuccess = $_POST['NiceVerbage'];
print_r($_POST);
echo "<br>";
if (!$theauthcode) {
echo "NOT AUTHORIZED";
}
else {
echo "You been authorized! <br>";
echo "Your Authorization Code is: $theauthcode <br>";
echo "Your Order Id is: $theorderid <br>";
echo "The Success Flag is: $thesuccess <br>";
};
I'm never one to trust saying things like:
if (!$MyVar) { echo "No"; } else { echo "Yes"; }
I always feel safer saying something like:
if ($MyVar = 0) { ...
Or something more direct like that. I would guess that PHP is trying to NOT the value of $theauthcode and is winding up with a non-zero value which it is interpreting as "true", so you always appear to be unauthorized.
What are you really trying to test for? A blank auth code? A code of 0? Whatever it is, I suggest you test specifically for that.
And for debugging purposes, echo the values of those variables before you do the test. Then you'll see what data it's making the decision on.
Hope it helps!
More Help
Posted: Sun Mar 14, 2004 10:29 am
by filch
Hi and thanks for your reply. I tried a couple of things as you suggested but there is no change. You see, the thing that really is confusing me is that the log files on the pay providers server for this script, which is actually a log of what my script puts out, shows that all functions are correct and the output data is also correct. However, the page on my server refuses to output any values for these $_POST vars. It is almost like the script on the pay providers server is outputting the data to my script very early in the transaction process and by the time you click on the "Return to site" link on the PP page, the values have been initialized or something. This is really a bit of a pickle for me as I am supposed to launch this site for testing tomorrow and I have to get by this hurdle first ... grrrrrhhhh!!
I anyone can think of anything, I would appreciate hearing from you.
Cheers
Dave
Re: More Help
Posted: Sun Mar 14, 2004 1:26 pm
by TheBentinel.com
filch wrote:by the time you click on the "Return to site" link on the PP page, the values have been initialized or something.
It sounds like your user is connecting to your server and deciding what to buy and how many and all that, then you are passing that information to another server that is doing the actual processing, is that right? And that server is producing a link back to you that your users have to click on to get back to your server.
If that's true, then the link the user clicks on is the key. If it contains the data you need, then you're in good shape. If not, then you're stuck because the values don't exist anymore once they click away. If the link DOES have the data you need in it, it would be in the query string, not a post variable. I think you use $_REQUEST to get at those, instead of $_POST.
If this doesn't set you on the right path, can you give an example of what's happening? Include your code that calls the 3rd party server, the link that server generates to let the user get back to you, and your code for processing what the link sends you.
Hope it helps!
Help
Posted: Sun Mar 14, 2004 4:08 pm
by filch
Well, you are correct in your assumption that the user goes to my site, selects a few products to buy, the tax and shipping etc is calculated and the Grand Total along with an order id is sent off to my pay providors site. There the user chooses the form of payment and the credit card is authorized and the user ends up on a page still on the pay providors site showing the results of his or her transaction, i.e. authorization code, receipt number etc etc. On this page, there IS a link to take the user back to my site. This link is passing absolutely not data back to my return script. It is simply a link. However, at some point during the transaction, and I can only assume that it is at the end after the credit card has been authorized, a whole bunch of data is being sent to my test script via what I think is a cgi script and the data is being sent as a form post. This script also, when it sends the data, reads the output or results of the script on my server and stores it in a log on the pay providers server. The content of this log is absolutely correct. Everything is there. However, when you click on the return link to go back to my site, the page you go back to is the page with my return script on it and the values assign originally to these $_POST vars seems to be lost. Below is the code again:
Code: Select all
<?php
$theorderid = $_POSTї'xxxVar1'];
$theauthcode = $_POSTї'ApprovalCode'];
$thesuccess = $_POSTї'NiceVerbage'];
if (isset($theauthcode) && $thesuccess == "Approved" || $thesuccess == "Test Approved") {
echo "You been authorized! <br>";
echo "Your Authorization Code is: $theauthcode <br>";
echo "Your Order Id is: $theorderid <br>";
echo "The Success Flag is: $thesuccess <br>";
}
else { echo "NOT AUTHORIZED";
};
?>
This is a pretty simple test script I am using just to try to make sure this is working. It seems like the cgi script fires as soon as the the credit card supplier authorizes the current credit card and the cgi script fires off the data to the above script, even though we have not gone to the page yet. Perhaps I should try to use this script simply to grab the values being sent from the pay providor and store them in $vars or would they have to be global vars? Then simply go back to a page and echo out these values??
Here is some info about the export script:
Some InternetSecure merchants request that the results of their payment transactions be returned to their web site for inventory purposes, sales analysis or customer database maintenance. InternetSecure offers a post approval or "export" script which posts results to your system after completing each transaction.
Export Your Payment Transactions In Real-Time
An export script is a procedure that can be run following completion of a transaction (approvals only or approvals and declines - your choice). It returns results of a payment to your web server using a standard web protocol HTTP to "call" a page on your server just as a browser calls any web page. The export script dumps data about the transaction to the web page using a form POST.
And here are the variables being pased to the test script:
- Variable Name Description
xxxName Cardholder's full name (Page 1)
xxxCompany Cardholder's company
xxxAddress Cardholder's street address
xxxCity Cardholder's city
xxxProvince Cardholder's province
xxxCountry Cardholder's country
xxxPostal Cardholder's postal code
xxxEmail Cardholder's email address
xxxPhone Cardholder's phone number
xxxcard_name Cardholder's name on credit card (Page 2)
xxxCCType Cardholder's credit card type (Visa, MasterCard, Amex)
xxxAmount Dollar amount of the transaction
CustomerName Cardholder's full name (Page 1)
CustomerCompany Cardholder's company
CustomerAddress Cardholder's street address
CustomerCity Cardholder's city
CustomerProvince Cardholder's province
CustomerCountry Cardholder's country
CustomerPostalCode Cardholder's postal code
CustomerEmail Cardholder's email address
CustomerPhone Cardholder's phone number
Cardholder Cardholder's name on credit card (Page 2)
MerchantNumber InternetSecure merchant number of this transaction
Currency The currency used to process the transactions
Amount Dollar amount of the transaction
SalesOrderNumber Sales order number of transaction. Unique within your merchant number and increments one for each transaction.
receiptnumber InternetSecure receipt number. Unique to each transaction.
ApprovalCode Bank approval code for this transaction
Verbage Verbiage sent back by the processor
NiceVerbage Plain english version of the verbiage
CVV2Result The Cardholder Verification result passed by the card issuer
AVSResponseCode The result of checkin the Cardholder's address with the card issuer
Products The Products string, as passed by the merchant
DoubleColonProducts The Products string, converted to Double Colon format
Language The language used to display the transaction pages
KeySize Size of the SSL cipher key being used by cardholder
SecretKeySize Secret size of the SSL cipher key being used by cardholder
UserAgent The browser type that the cardholder used
EntryTimeStamp The date and time the cardholder first entered the InternetSecure system. (Unix format - see below)
UnixTimeStamp The date and time the cardholder submitted the transaction for processing. (Unix format - see below)
TimeStamp The date and time the cardholder submitted the transaction for processing. (Format - mm/dd/yyyy hh:mm:dd)
Live Indicated whether the transaction was real (1), test approval (2), or test decline (3)
RefererURL The URL of the page that sent the cardholder to InternetSecure
ip_address The IP address of the cardholder's computer
ReturnURL The ReturnURL variable passed by the merchant
ReturnCGI The ReturnCGI variable passed by the merchant
xxxVar1 Hidden variable specific to your site
xxxVar2 Hidden variable specific to your site
xxxVar3 Hidden variable specific to your site
xxxVar4 Hidden variable specific to your site
xxxVar5 Hidden variable specific to your site
So, it seems to me that somehow the values assigned to these vars are being lost when you go back to the page with the test script so I thing maybe I am going to have to use two scripts: one to grab the values and store them somewhere and then the return page where I can output all of this.
Grrrrrhhhh ...
Thanks again.
Dave
Posted: Tue Apr 06, 2004 12:01 am
by filch
For anyone who is interested in what the solution was here: as I suspected the issue was that the payment provider had two scripts to do the same thing except the first script was fired off as soon as the transaction was cleared and these post variables were sent to the PHP script and the page was never loaded in the browser. However, because it was a script afterall, the values produced by the script were returned to the pay provider for logging but when you clicked to go back to the store, the POST vars were empty. It was damned annoying. What the provider never told me up front was that they had another script that never sent the $_POST vars back to the store return script until you clicked on the "RETURN BUTTON" and voila ... there it was in all it's glory. That was about a week of frustration that was uncalled for.
Anyway, thanks for your replies.
Dave