Page 1 of 1
ePDQ? Any one here set this up?
Posted: Sat Jun 19, 2004 7:06 am
by Sharky01252
Im trying to set up a shopping cart for my dads website.. Ive created a shopping cart in php before using php/mysql.. but never gone through a secure merchant bank.. Ive tried googling for example scripts or just something that can give me a kick in the right direction as the code suplied by barcleys isnt very helpful..
If any one here has had experiance with things like this, or knows websites which give me example code that i can adapt, it would be apreciated!
Posted: Sat Jun 19, 2004 11:24 am
by feyd
are you processing the financial information? handling the credit cards? If yes to either, I'd suggest not doing it. The security set ups along to properly handle and protect the information is astronomical for someone not familiar with high-security. Instead, I'd use a clearing house that's built around handling very sensitive data, such as this. SaberCharge comes to mind. There are plenty of other credit card processing companies around.
Posted: Sat Jun 19, 2004 11:30 am
by Sharky01252
aparently this should handle the security aspects of it for me...
its basically just a way of passing the credit card details through there servers rather than mine.
I have the following code
Code: Select all
<?php
#the following function performs a HTTP Post and returns the whole response
function pullpage( $host, $usepath, $postdata = "" ) {
# open socket to filehandle(epdq encryption cgi)
$fp = fsockopen( $host, 80, &$errno, &$errstr, 60 );
#check that the socket has been opened successfully
if( !$fp ) {
print "$errstr ($errno)<br>\n";
}
else {
#write the data to the encryption cgi
fputs( $fp, "POST $usepath HTTP/1.0\n");
$strlength = strlen( $postdata );
fputs( $fp, "Content-type: application/x-www-form-urlencoded\n" );
fputs( $fp, "Content-length: ".$strlength."\n\n" );
fputs( $fp, $postdata."\n\n" );
#clear the response data
$output = "";
#read the response from the remote cgi
#while content exists, keep retrieving document in 1K chunks
while( !feof( $fp ) ) {
$output .= fgets( $fp, 1024);
}
#close the socket connection
fclose( $fp);
}
#return the response
return $output;
}
#define the remote cgi in readiness to call pullpage function
$server="secure server address";
$url="url";
#the following parameters have been obtained earlier in the merchant's webstore
#clientid, passphrase, oid, currencycode, total
$params="clientid=$clientid";
$params.="&password=$passphrase";
$params.="&oid=$oid";
$params.="&chargetype=Auth";
$params.="¤cycode=$currencycode";
$params.="&total=$total";
#perform the HTTP Post
$response = pullpage( $server,$url,$params );
#split the response into separate lines
$response_lines=explode("\n",$response);
#for each line in the response check for the presence of the string 'epdqdata'
#this line contains the encrypted string
$response_line_count=count($response_lines);
for ($i=0;$i<$response_line_count;$i++){
if (preg_match('/epdqdata/',$response_linesї$i])){
$strEPDQ=$response_linesї$i];
}
}
?>
<FORM action="secure server adddress" method="POST">
<?php print "$strEPDQ"; ?>
<INPUT type="hidden" name="returnurl" value="store">
<INPUT type="hidden" name="merchantdisplayname" value="My Store">
<INPUT TYPE="submit" VALUE="Buy now">
</FORM>
But how do i use this in conjunction with my exisiting shopping cart scripts which pulls the information from a mysql database?