if($_POST['payment']=='creditcard' AND $payment->isApproved

[adman4054]

I'm always looking for assistance and PHP Freaks has been my "GoTo" place for many years, but I don't seem to have a way of giving back. I don't know PHP or any other coding language, so I just don't know what else to do but say thank you to all the people who have contributed to my PHP education

 

Today I have a form that uses Authorize.net for processing credit card transactions. The Authorize information is in an include file that is called in to a page I will call edit.php. The form functions fine. It communicates with authorize and will provide me with approval, decline, bad card, etc. The problem I'm having is with the message to the customer. When the customer hits submit and is paying by credit card and the transaction is approved I want to display the  message below. I added the AND $payment->isApproved, I'm sure its not the right syntax and I'm not sure what to use. The $_POST ['payment'] called for in the beginning of the IF statement is not Authorize, its where credit card and check is defined.

If I uncomment the "print_r" at the bottom of the include file it prints on the edit.php page, but I'm also not sure how to get it to the proper place where the message goes. 

 

 

if(isset($_POST['saveListing'])){ 

  if($_POST['payment']=='creditcard' AND $payment->isApproved
){
    echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved and your credit card has been charged   ".'$' .$mybillingamount."</font></div>\n";
 }
  elseif($_POST['payment']=='check'){
    echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved, payment by check   ".'$' .$mybillingamount."</font></div>\n";
}
else{echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved, but must be approved by the administrator</font></div>\n";}

 

 

 

$payment->process();

    if ($payment->isApproved())  {
// if success, return array
$return_array['amount'] = $total;
$return_array['Email'] = $email;

if ( isset( $_POST['anonymous'] ) && $_POST['anonymous']==1) {
$return_array['anonymous'] = true;
} else {
$return_array['first_name'] = $firstname;
$return_array['last_name'] = $lastname;
}
$return_array['transaction_nonce'] = $_POST['n'];
$return_array['success'] = true;

    } else if ($payment->isDeclined()) {
        // Get reason for the decline from the bank. This always says,
        // "This credit card has been declined". Not very useful.
        $reason = $payment->getResponseText(); 
        $return_array['error_msg'] = __( 'This credit card has been declined.  Please use another form of payment.', 'pfund' );
    } else if ($payment->isError()) { 
        // Capture a detailed error message. No need to refer to the manual
        // with this one as it tells you everything the manual does.
        $return_array['error_msg'] =  $payment->getResponseMessage();

        // We can tell what kind of error it is and handle it appropriately.
        if ($payment->isConfigError()) {
            // We misconfigured something on our end.
            //$return_array['error_msg'] .= " Please notify the webmaster of this error.";
        } else if ($payment->isTempError()) {
            // Some kind of temporary error on Authorize.Net's end. 
            // It should work properly "soon".
            $return_array['error_msg'] .= __( '  Please try your donation again.', 'pfund' );
        } else {
            // All other errors.
        }

    }
} catch (AuthnetAIMException $e) {
    $return_array['error_msg'] ="There was an error processing the transaction. Please report this CATCH error to administration.<br><br>Error: " . $e->__toString();
}
//print_r( $return_array);
//die('ookk');

Thanks Again!

 

[requinix]

Syntactically it's correct. But you've only posted a couple chunks of code with no context. Where is the first code located? When is it executing? Where is the second and when does it execute? It's impossible to tell whether the code is correct without that kind of information.

 

How about posting the entirety of edit.php?

[adman4054]

Hi requinix and thank you for taking a look. I cant post the entire page, wish I could. I doubt I'm providing what you would need to help me, but its worth a try. The first code box is where the message appears, the second code box is calling the include file right underneath the submit button. Like I said, appreciate you taking a look

<div id="content">

            <div id="main">


<?php 
 

//display errors or display success message 
if(isset($_POST['saveListing'])){ 

  if($_POST['payment']=='creditcard' AND $payment->isApproved
){
    echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved and your credit card has been charged   ".'$' .$mybillingamount."</font></div>\n";










  }
  elseif($_POST['payment']=='check'){
    echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved, payment by check   ".'$' .$mybillingamount."</font></div>\n";
}
else{echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved, but must be approved by the administrator</font></div>\n";}
}



?>
   


   

        
    <br><br>    
    
    <form id="myform" action="editListing.php" method="post" enctype="multipart/form-data">
    <?php

                <?php 
            $datetime1 = new DateTime($globalExpireDate);
            $datetime2 = new DateTime();
            //$interval = $datetime1->diff($datetime2);
            //$yearDifference = (int)$interval->format('%y');
            
            $yearDifference = round(($datetime2->format('U') - $datetime1->format('U')) / (60*60*24*365));
            
            if($yearDifference < 1) {
                        ?>
                        <!--<input type="submit" name="renewExpiration" value="Renew">-->
                        <?php 
                                }
                        ?>
                        
                    </td>
            </tr>
    </table>
</form>
    <br /><br />
    </div>
  
  
  
  
    
<?php if(isset($_POST['saveListing'])){
  if($_POST['payment']=='creditcard'){
     $sql11="SELECT * FROM `rubber115`.`credit` WHERE `cid`='$companyID'";
    echo $chk=mysql_num_rows($sql11);
    if($chk == 1){
      echo 444444444444444;
    }
    $cname=$_POST["CCname"];
    $ctype=$_POST["CCtype"];
    $cnum=$_POST["CCnum"];
    $cexpm=$_POST["CCexpireMonth"];
    $cexpy=$_POST["CCexpireYear"];
    $cthree=$_POST["CC3digit"];
    $bfirst=$_POST["billingfirstname"];
    $blast=$_POST["billinglastname"];
    $bemail=$_POST["billingemail"];
    $bphone=$_POST["billingphone"];
    $badd=$_POST["billingadd"];
    $badd2=$_POST["billingadd2"];
    $bcity=$_POST["billingcity"];
    $bstate=$_POST["billingstate"];
    $bzip=$_POST["billingzip"];
    $bcountry=$_POST["billingcountry"];
    $bamount=$_POST["billingamount"];
  //  echo "oopssssss";
    include 'payment.php';
    die;
    
    
    
    $sql9="INSERT INTO `rubber115`.`credit` (`cid`, `cname`, `ctype`, `cnum`, `cexmonth`, `cexyear`, `cdigit`, `bfirstname`, `blastname`, `bemail`, `bphone`, `badd`, `badd2`, `bcity`, `bstate`, `bzip`, `bcountry`,`bamount`) VALUES ('$companyID', '$cname', '$ctype', '$cnum', '$cexpm', 
    '$cexpy', '$cthree', '$bfirst', '$blast', '$bemail', '$bphone', '$badd', '$badd2', '$bcity', '$bstate', '$bzip', '$bcountry','$bamount')";
    
      mysql_select_db(rubber115);
            mysql_query( $sql9, $conn );
  
  }
  if($_POST['payment']=='check'){
    $cfname=$_POST["checkfirstname"];
    $clname=$_POST["checklastname"];
    $cemail=$_POST["checkemail"];
    $cphone=$_POST["checkphone"];
    $checkadd=$_POST["checkadd"];
    $checkadd2=$_POST["checkadd2"];
    $checkcity=$_POST["checkcity"];
    $checkstate=$_POST["checkstate"];
    $checkzip=$_POST["checkzip"];
    $checkcountry=$_POST["checkcountry"];
    $sql5="INSERT INTO `rubber115`.`check` (`cid`, `cfname`, `clname`, `cemail`, `cphone`, `checkadd`, `checkadd2`, `checkcity`, `checkstate`, `checkzip`, `checkcountry`) VALUES ('$companyID', '$cfname', '$clname', '$cemail', '$cphone', '$checkadd', '$checkadd2', '$checkcity', '$checkstate', '$checkzip', '$checkcountry')";
     mysql_select_db(rubber115);
       mysql_query( $sql5, $conn );
    
  }
  
}?>

[requinix]

Still doesn't help.

 

1. Where does the transaction processing happen? Does it happen earlier and set $payment? It has to or else you can't use $payment.

2. According to the earlier code, isApproved is a function that you need to call. Not a simple property.

3. Are you actually storing credit card information in your database like that? Do you know what kinds of laws you're breaking? I hope this payment stuff means you don't have to do that anymore, and that once it's deployed you'll purge all data in those two database tables.

 

And lastly,

 

4. Have you tried executing any of this? (If so, any specific problems or errors you're trying to address?) Or are you still working on writing the code?

[adman4054]

Thanks,I will attempt to look at it in my AM. I just wanted to assure you that I'm not storing any cc information. Been pci compliant for many years with many installs. Thank you for taking the time.

[adman4054]

Hi --

 

I was able to make the "isApproved" on the first line of code work, but I don't want to save the changes if the listing is not approved, is there a way to do it here?

if(isset($_POST['saveListing'])){ 

  if($_POST['payment']=='creditcard' AND $payment->isApproved){
    echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved and your credit card has been charged   ".'$' .$mybillingamount."</font></div>\n";
}
  elseif($_POST['payment']=='check'){
    echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved, payment by check   ".'$' .$mybillingamount."</font></div>\n";
}
else{echo "<br /><br /><div align='center'><font color='#ff0000'>Changes saved, but must be approved by the administrator</font></div>\n";}
}
?>

Thanks