Jump to content

PHP Form, XML response

marianocr

By marianocr
in PHP Coding Help

 Share

Recommended Posts

marianocr Newbie

marianocr

Posted
Posted

Hi there. I'm trying to integrate with a payment gateway API, and as I'm fairly new to PHP, I'm having some trouble to proceed.

 

Basically, I have a form that goes to a specific URL (submitting URL). From the documentation: "Request information is submitted to payment platform with HttpsClient , and submitting mode is POST."

 

There is the customer-registration.php file, which requires the functions.php file that contains the information to md5-encrypt a string composed of several variables from the form. There is also a notify-url.php file which is the redirection page after registering a user.

 

Some variables are passed to the submitting URL on the payment server, but the XML response I get from there displays empty nodes for 3 variables that I should read back in order to complete the process (dateRegister, registerId and activationURL)

 

XML Response from the payment server:

 

<response>
<operation>90</operation>
<resultCode>0</resultCode>
<merNo>10157</merNo>
<email>me@gmail.com</email>
<cardNumber>4111111111111111</cardNumber>
<dateRegister/>
<registerId/>
<activationURL/>
<remark>Invalid MD5Info</remark>
<md5Info>FC0BB07DA01C551296054FBF167824B1</md5Info>
</response>

 

The customer-registration.php file looks like this:

 

<html>
<head>
<title>Customer Registration</title>

<?
require("functions.php");

//START SET VARIABLES
$merNo="10157";
$dateRequest="20120918073500";//AUTOMATE THIS!
$language="ENG";
$notifyURL="http://www.mydomain.com/notify-url.php";
//END SET VARIABLES

//START FORM FORCED VARIABLES
$email="me@gmail.com";
$cardNumber="4111111111111111";
$firstName="John";
$lastName="Smith";
$phone="9535658659";
$zipCode="98656";
$address="123 North Ave.";
$city="Geekytown";
$state="AZ";
$country="US";
//END FORM FORCED VARIABLES

$md5Key="44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0"; //MD5 key
$md5Info=MD5Encrypt($merNo,$email,$cardNumber,$dateRequest,$md5Key);
$crrurl="https://paymentdomain.com/xcp/register.jsp"; //Request submitting URL
?>

</head>

<body>

<form method="post" action="<?php echo $crrurl; ?>">

<input type=hidden name="merNo" value="<?php echo $merNo; ?>">
<input type=hidden name="dateRequest" value="<?php echo $dateRequest; ?>">
<input type=hidden name="language" value="<?php echo $language; ?>">
<input type=hidden name="notifyURL" value="<?php echo $notifyURL; ?>">
<input type=hidden name="md5Info" value="<?php echo $md5Info; ?>">

<!--START HIDDEN FORCED VARIABLES-->
<input type=hidden name="email" value="<?php echo $email; ?>">
<input type=hidden name="cardNumber" value="<?php echo $cardNumber; ?>">
<input type=hidden name="firstName" value="<?php echo $firstName; ?>">
<input type=hidden name="lastName" value="<?php echo $lastName; ?>">
<input type=hidden name="phone" value="<?php echo $phone; ?>">
<input type=hidden name="zipCode" value="<?php echo $zipCode; ?>">
<input type=hidden name="address" value="<?php echo $address; ?>">
<input type=hidden name="city" value="<?php echo $city; ?>">
<input type=hidden name="state" value="<?php echo $state; ?>">
<input type=hidden name="country" value="<?php echo $country; ?>">
<!--END HIDDEN FORCED VARIABLES-->

<INPUT TYPE="submit" value="submit">

</form>

</body>
</html>

 

Right now, I'm passing the pre-declared variables as hidden text inputs (later I'll change that so it's an actual user input form)

 

The functions.php file looks like this:

 

<?php
$merNo = $_POST["merNo"];
$email = $_POST["email"];
$cardNumber = $_POST["cardNumber"];
$dateRequest = $_POST["dateRequest"];
$md5Key="44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0"; //MD5 key

function MD5Encrypt($merNo,$email,$cardNumber,$dateRequest,$md5Key)
{
$str = "$merNo|$email|$cardNumber|$dateRequest|$md5Key";
$encryptedMD5 = md5($str);
return $encryptedMD5;
}

$completeurl = "https://paymentdomain.com/xcp/register.jsp";
$xml = simplexml_load_file($completeurl);

$operation = $xml->operation;
$resultCode = $xml->resultCode;
$merNo = $xml->merNo;
$email = $xml->email;
$cardNumber = $xml->cardNumber;
$dateRegister = $xml->dateRegister;
$registerId = $xml->registerId;
$activationURL = $xml->activationURL;
$remark = $xml->remark;
$md5Info = $xml->md5Info;

function verifyMD5($resultCode,$merNo,$email,$cardNumber,$registerId,$dateRegister,$activationURL,$md5Key, $md5Info)
{
$str = "$resultCode|$merNo|$email|$cardNumber|$registerId|$dateRegister|$activationURL|$md5Key";
  $encryptedMD5 = md5($str);
//echo $str."<BR>";
//echo "Generated CheckSum: ".$encryptedMD5."<BR>";
//echo "Received Checksum: ".$md5Info."<BR>";
  if($encryptedMD5 == $md5Info)
return "true" ;
  else
return "false" ;
}
?>

 

I'm not sure if I'm retrieving the XML response correctly. As per the API docs: "Response information is returned to client?s platform as XML."

 

And lastly, the notify-url.php file looks like this:

 

<html>
<head>
<title>Notify URL</title>
</head>
<body>

<?php
require("functions.php");

$md5Key = "44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0" ; //put in the 32 bit alphanumeric key in the quotes provided here

$retval = verifyMD5 ($resultCode,$merNo,$email,$cardNumber,$registerId,$dateRegister,$activationURL,$md5Key);

if($retval == "true" && $resultCode == "1")
{
echo "Thank you for shopping with us. Your credit card has been charged and your transaction is successful. We will be shipping your order to you soon.";

//Here you need to put in the routines for a successful 
//transaction such as sending an email to customer,
//setting database status, informing logistics etc etc

}
else if($retval == "true" && $resultCode == "0")
{
echo "Thank you for shopping with us. However it seems your credit card transaction failed.";

//Here you need to put in the routines for a failed
//transaction such as sending an email to customer
//setting database status etc etc

}
else if($retval == "true" && $resultCode == "2")
{
echo "Account was registered before, only Card Information has been added";

//Here you need to put in, the routines for a HIGH RISK 
//transaction such as sending an email to customer and explaining him a procedure,
//setting database status etc etc

}
else
{
echo "Security Error. Illegal access detected";

//Here you need to simply ignore this and dont need
//to perform any operation in this condition

}
?>
</body>
</html>

 

So, basically I would like to see if the logic is right at this point and then figure out why does the response from the payment server is not complete. As stated there: "Invalid MD5Info"

 

Thank you very much for any assistance, it would be greatly appreciated!

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.