Jump to content

Session question / function variable

Paul EC1

By Paul EC1
in PHP Coding Help

Recommended Posts

Paul EC1 Newbie

Paul EC1

Posted
Posted

Hi all,

 

I am getting a little lost with a function variable,

 

 

The code below is for a protx order processing and it contains a function variable  $strCrypt, in a order confirmation page I can view the $strCrypt eg echo and all looks good BUT then if i proceed to then processing code I get an error message from the protx site saying

 

The Crypt field was not supplied so no additional fields can be decoded.... blab bla bla

 

But if i then use the back button on IE 7 and then submit again! The error is gone the i can continur with the process

 

 

I was thinking that the session wasd dropping out / losing focus

 

 

Any ideas what the problem is???

 

I have attached the code(it also contains some sloppy clean up from me but this is a temporary fix so no worries..

 

 

 

 

 

    session_start();

 

require_once DIR_CORE.'includes.php';

 

 

$_SESSION["strVSPVendorName"]=$strVSPVendorName;

$_SESSION["strCurrency"]=$strCurrency;

$_SESSION["strCrypt"]=$strCrypt;

 

if ($strConnectTo=="LIVE")

$Status ="warning Your kit is pointing at the Live Protx environment.  .";

else if ($strConnectTo=="TEST")

$Status = "Your kit is pointing at the Protx TEST environment.  <br><br><span class=\"warning\"><strong>If you are already set up on Live and are testing additional functionality, DO NOT leave your kit set to Test or you will not receive any money for your transactions!";

else

$Status = "Your kit is currently pointing at the VSP Simulator. ";

 

 

 

/////////////////////////////// cart in HTML from template

$aData        = throwOrder( $iOrder );

 

        $sBasketList  = listBasket( $iOrder, 'OrderConfirm.tpl' );

        if( !empty( $sBasketList ) ){

          $aData['fSummary'] = tPrice( $aData['fCourierPrice'] + $aList['fSummary'] );

          $aData['sSummary'] = changePriceFormat( $aData['fSummary'] );

          $sBasketList .= $tpl->tbHtml( 'OrderConfirm.tpl', 'COURIER' );

 

 

// Save the cart to the session object

session_start();

$_SESSION["strCart"]=$strCart;

$strCart =  $sBasketList  ;

 

 

////////////////////////////////// cleans up $strCart

 

$i = strip_tags($strCart,'*' );  // removes html

$strCart =  "";

$i = str_replace('/<.[^>/]*?>','*',$i);

 

$i = str_replace('Name','*',$i);

$i = str_replace('Price','*',$i);

$i = str_replace('Quantity','*',$i);

$i = str_replace('Total','*',$i);

$i = str_replace('Cost','*',$i);

 

//////////////////////// cleans *'s

 

$i = str_replace('**********','',$i);

$i = str_replace('*********','',$i);

$i = str_replace('********','',$i);

$i = str_replace('*******','',$i);

$i = str_replace('******','',$i);

$i = str_replace('*****','',$i);

$i = str_replace('    ',':',$i);

 

$i = str_replace('    ',' ',$i);

$i = str_replace('  ',' ',$i);

$i = str_replace('  ',' ',$i);

 

 

$i = preg_replace("/[^a-zA-Z0-9s.: ]/", "", $i);

 

$i = str_replace(':::',':',$i);

$i = str_replace('::',':',$i);

$i = str_replace(': :',':',$i);

 

 

$i = str_replace(' :',':',$i);

$i = str_replace(': ',':',$i);

 

 

 

 

 

 

 

$strCart = $i;

$i = "";

 

 

 

////////////////// Good Code

 

$oldstring = $strCart;

$strCart = "";

// negative limit (since PHP 5.1)

$parts = explode(":Subtotal",$oldstring);

$newstring = $parts[0];

$parts = "";

$oldstring = "";

$strCart = $newstring ;

 

 

 

 

 

$oldstring = $strCart;

$strCart = "";

// negative limit (since PHP 5.1)

$parts = explode("::::",$oldstring);

$newstring = $parts[1];

$parts = "";

$oldstring = "";

$strCart = $newstring ;

$_SESSION["newstring"]=$newstring;

 

 

 

/////////////////////////////////expose input

 

 

 

$strCustomerName = ("$sFirstName $sLastName");

$strBillingAddress = ("$sCompanyName $sStreet  $sCity");

    $strBillingPostCode = $sPostCode;

    $strCustomerEMail = $sEmail;

$strContactNumber = $sTelephone;

 

$strDeliveryAddress = ("$rFirstName $rLastName $rCompanyName $rStreet  $rCity");

$strDeliveryPostCode = $rPostCode;

 

$_SESSION["strCustomerName"]=$strCustomerName;

$_SESSION["strBillingAddress"]=$strBillingAddress;

$_SESSION["strBillingPostCode"]=$strBillingPostCode;

$_SESSION["strDeliveryAddress"]=$strDeliveryAddress;

$_SESSION["strDeliveryPostCode"]=$strDeliveryPostCode;

$_SESSION["strCustomerEMail"]=$strCustomerEMail;

 

 

 

 

 

 

if (strlen($strCart)==0) {

ob_end_flush();

redirect("buildOrder.php");

}

 

// Check we have a billing address in the session.  If not, go back to the customerDetails page to get one

$strCustomerName=$_SESSION["strCustomerName"];

$strBillingAddress=$_SESSION["strBillingAddress"];

$strBillingPostCode=$_SESSION["strBillingPostCode"];

$strDeliveryAddress=$_SESSION["strDeliveryAddress"];

$strDeliveryPostCode=$_SESSION["strDeliveryPostCode"];

$strDDeliverySame=$_SESSION["bolDeliverySame"];

$strContactNumber=$_SESSION["strContactNumber"];

$strContactFax=$_SESSION["strContactFax"];

$strCustomerEMail=$_SESSION["strCustomerEMail"];

if (strlen($strBillingAddress)==0) {

ob_end_flush();

redirect("customerDetails.php");

}

 

 

 

/** Okay, build the crypt field for VSP Form using the information in our session **

*** First we need to generate a unique VendorTxCode for this transaction **

*** We're using VendorName, time stamp and a random element.  You can use different methods if you wish **

*** but the VendorTxCode MUST be unique for each transaction you send to VSP Server **/

 

$intRandNum = rand(0,32000)*rand(0,32000);

$strVendorTxCode=$strVSPVendorName . $intRandNum;

 

/** Now to calculate the transaction total based on basket contents.  For security **

*** we recalculate it here rather than relying on totals stored in the session or hidden fields **

*** We'll also create the basket contents to pass to VSP Form. See the VSP Form Protocol for **

*** the full valid basket format.  The code below converts from our "x of y" style into **

*** the VSP system basket format (using a 17.5% VAT calculation for the tax columns) **/

 

 

 

//////////////////////////////$strCart string

 

 

$sngTotal=0.0;

$strThisEntry= $strCart;

$strBasket="";

$iBasketItems=0;

$theItems = explode(":",$strCart);

$strBasket = '';

$i = 1;

while ($i < count($theItems)) {

$item = $theItems[$i++];

$full_price = $theItems[$i++];

$quantity = $theItems[$i++];

$total = $theItems[$i++];

$strBasket .= ':'. $item.''; //Item

$strBasket .= ':'. $quantity.''; //Quantity

$strBasket .= ':£'. number_format($total/1.175,2).''; //Price (-tax)

$strBasket .= ':£'. number_format($total*7/47,2).''; //Tax

$strBasket .= ':£'. number_format($full_price,2).''; // Full Price

$strBasket .= ':£'. number_format($total,2).''; //Row Total

$iBasketItems++;

}

 

// add delivery to the total and the basket

 

$strBasket= ''.$iBasketItems+1 . '' . $strBasket . ":Delivery:---:---:---:---:£5.00"; //Items in basket:

 

$strCart = $strBasket;

 

 

/////////////////////////////////////////////////

$amount = $aList['fSummary'];

$_SESSION["amount"]=$amount;

 

 

// Now to build the VSP Form crypt field.  For more details see the VSP Form Protocol 2.22

$strPost="VendorTxCode=" . $strVendorTxCode; /** As generated above **/

$strPost=$strPost . "&Amount=" . number_format($amount,2); // Formatted to 2 decimal places with leading digit

$strPost=$strPost . "&Currency=" . $strCurrency;

// Up to 100 chars of free format description

$strPost=$strPost . "&Description=Jools Flowers " . $strVSPVendorName;

 

/* The SuccessURL is the page to which VSP Form returns the customer if the transaction is successful

** You can change this for each transaction, perhaps passing a session ID or state flag if you wish */

$strPost=$strPost . "&SuccessURL=" . $strYourSiteFQDN . $strVirtualDir . "/orderSuccessful.php";

 

/* The FailureURL is the page to which VSP Form returns the customer if the transaction is unsuccessful

** You can change this for each transaction, perhaps passing a session ID or state flag if you wish */

$strPost=$strPost . "&FailureURL=" . $strYourSiteFQDN . $strVirtualDir . "/orderFailed.php";

 

$strPost=$strPost . "&CustomerName=" . $strCustomerName;

$strPost=$strPost . "&CustomerEMail=" . $strCustomerEMail;

if ($strVendorEMail>"[[email protected]]")

$strPost=$strPost . "&VendorEMail=" . $strVendorEMail;

 

/* You can specify any custom message to send to your customers in their confirmation e-mail here

** The field can contain HTML if you wish, and be different for each order.  The field is optional */

$strPost=$strPost . "&eMailMessage=Thank you so very much for your order.";

 

$strPost=$strPost . "&BillingAddress=" . $strBillingAddress;

$strPost=$strPost . "&BillingPostCode=" . $strBillingPostCode;

if ($bolDeliverySame) {

$strPost=$strPost . "&DeliveryAddress=" . $strBillingAddress;

$strPost=$strPost . "&DeliveryPostCode=" . $strBillingPostCode;

}

else {

$strPost=$strPost . "&DeliveryAddress=" . $strDeliveryAddress;

$strPost=$strPost . "&DeliveryPostCode=" . $strDeliveryPostCode;

}

 

// Optionally add the contact numbers, if they are present

if (strlen($strContactNumber)>0)

$strPost=$strPost . "&ContactNumber=" . $strContactNumber;

if (strlen($strContactFax)>0)

$strPost=$strPost . "&ContactFax=" . $strContactFax;

 

$strPost=$strPost . "&Basket=" . $strBasket; // As created above

 

// For charities registered for Gift Aid, set to 1 to display the Gift Aid check box on the payment pages

$strPost=$strPost . "&AllowGiftAid=0";

 

/* Allow fine control over AVS/CV2 checks and rules by changing this value. 0 is Default

** It can be changed dynamically, per transaction, if you wish.  See the VSP Server Protocol document */

if ($strTransactionType!=="AUTHENTICATE")

$strPost=$strPost . "&ApplyAVSCV2=0";

 

/* Allow fine control over 3D-Secure checks and rules by changing this value. 0 is Default

** It can be changed dynamically, per transaction, if you wish.  See the VSP Server Protocol document */

$strPost=$strPost . "&Apply3DSecure=0";

 

 

// Encrypt the plaintext string for inclusion in the hidden field

$strCrypt = base64Encode(SimpleXor($strPost,$strEncryptionPassword));

 

 

 

 

 

if ($strConnectTo!=="LIVE") {

$thestring = $strPost ;

}

 

 

Link to comment
https://forums.phpfreaks.com/topic/114726-session-question-function-variable/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.