Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
developer:sample_codes:php_hosted_secure_cards [2019/03/22 15:54]
thiago123
developer:sample_codes:php_hosted_secure_cards [2019/07/25 13:16] (current)
branko
Line 1: Line 1:
 +====== PHP Hosted SecureCards ======
  
 +**Settings file (%gatewaySampleFileName_account.inc):​**
 +
 +<file php %gatewaySampleFileName_account.inc>​
 +
 +<?php
 +
 +# These values are used to identify and validate the account that you are using. They are mandatory.
 +$gateway = '';​ #​ This is the %Gateway payments gateway that you should use, assigned to the site by %Gateway.
 +$terminalId = '';​ #​ This is the Terminal ID assigned to the site by %Gateway.
 +$currency = '';​ #​ This is the 3 digit ISO currency code for the above Terminal ID.
 +$secret = '';​ #​ This shared secret is used when generating the hash validation strings. ​
 + # It must be set exactly as it is in the %Gateway %SelfCare system.
 +$testAccount = true;
 +
 +# These are used only in the case where the response hash is incorrect, which should
 +# never happen in the live environment unless someone is attempting fraud.
 +$adminEmail = '';​
 +$adminPhone = '';​
 +
 +?>
 +
 +</​file>​
 +----
 +\\
 +**SecureCard redirect (%gatewaySampleFileName_securecard.php):​**
 +
 +<file php %gatewaySampleFileName_securecard.php>​
 +
 +<?php
 +
 +# This is the file that contains the account settings for Gateway.
 +require('​%gatewaySampleFileName_account.inc'​);​
 +
 +# This is a helper file for integrating to the Gateway HPP in PHP.
 +require('​%gatewaySampleFileName_securecard_functions.inc'​);​
 +
 +$secureCardAction = '';​ #​ "​register"​ or "​update"​.
 +$secureCardMerchantRef = '';​ #​ Unique Merchant Reference for this card. Length is limited to 48 chars.
 +$dateTime = requestDateTime();​
 +
 +# Verification string
 +$requestHash = secureCardRequestHash($secureCardMerchantRef,​ $dateTime, $secureCardAction);​
 +
 +# Request URL for the gateway
 +$requestURL = $gateway."/​merchant/​securecardpage";​
 +
 +# Write the HTML of the submission form
 +echo "<​html><​body><​form id='​gatewaysecurecardform'​ action='"​ . $requestURL . "'​ method='​post'>​\n";​
 +writeHiddenField("​ACTION",​ $secureCardAction);​
 +writeHiddenField("​TERMINALID",​ $terminalId);​
 +writeHiddenField("​MERCHANTREF",​ $secureCardMerchantRef);​
 +writeHiddenField("​DATETIME",​ $dateTime);
 +writeHiddenField("​HASH",​ $requestHash);​
 +
 +# Write the JavaScript that will submit the form to Gateway.
 +echo '</​form>​Submitting SecureCard request to Gateway...<​script language="​JavaScript">​document.getElementById("​gatewaysecurecardform"​).submit();</​script></​body></​html>';​
 +
 +?>
 +</​file>​
 +
 +
 +----
 +\\
 +Secure Card URL (**%gatewaySampleFileName_securecard_response.php**) (URL for this page is setup as “**Secure Card URL**” through Terminal Setup in the %SelfCare ):
 +
 +<file php %gatewaySampleFileName_securecard_response.php>​
 +
 +<?php
 +
 +# This is the file that contains the account settings for Gateway.
 +require('​%gatewaySampleFileName_account.inc'​);​
 +
 +# This is a helper file for integrating to the Gateway HPP in PHP.
 +require('​%gatewaySampleFileName_securecard_functions.inc'​);​
 +
 +if($_REQUEST["​RESPONSECODE"​] != "​A"​) echo 'AN ERROR OCCURED! Your SecureCard request failed. Error message: ' . $_REQUEST["​RESPONSETEXT"​];​
 +
 +if(secureCardResponseHashIsValid($_REQUEST["​RESPONSECODE"​],​ $_REQUEST["​RESPONSETEXT"​],​ $_REQUEST["​MERCHANTREF"​],​ $_REQUEST["​CARDREFERENCE"​],​ $_REQUEST["​DATETIME"​],​ $_REQUEST["​HASH"​])) {
 + switch($_REQUEST["​RESPONSECODE"​]) {
 + case "​A"​ : # SecureCard registration suceeded. You should store the following details against the user account:
 + $secureCardMerchantRef = $_REQUEST["​MERCHANTREF"​];​
 + $secureCardCardRef = $_REQUEST["​CARDREFERENCE"​];​
 + $secureCardCardType = $_REQUEST["​CARDTYPE"​];​
 + $secureCardMaskedCardNumber = $_REQUEST["​MASKEDCARDNUMBER"​];​
 + $secureCardCardCardExpiry = $_REQUEST["​CARDEXPIRY"​];​
 + echo "​Success! Card Type: " . $secureCardCardType . ", Masked Card number: " . $secureCardMaskedCardNumber . ", expires (MMYY): " . $secureCardCardCardExpiry;​
 + break;
 + default ​ : # SecureCard registration failed.
 + echo '​SECURECARD REGISTRATION FAILED! Error Code: ' . $_REQUEST["​RESPONSECODE"​] . ', Response text: ' . $_REQUEST["​RESPONSETEXT"​] . '​.';​
 + }
 +} else {
 + echo '​SECURECARD REGISTRATION FAILED: INVALID RESPONSE HASH. Please contact ' . $adminEmail . ' or call ' . $adminPhone . ' to inform them of this error.';​
 + if(isset($_REQUEST["​ORDERID"​])) echo '​Please quote Gateway Terminal ID: ' . $terminalId . ', and SecureCard Merchant Reference: ' . $_REQUEST["​MERCHANTREF"​] . ' when mailling or calling.';​
 +}
 +
 +?>
 +
 +
 +</​file>​
 +
 +----
 +\\
 +**Helper file (%gatewaySampleFileName_securecard_functions.inc):​**
 +
 +<file php %gatewaySampleFileName_securecard_functions.inc>​
 +
 +<?php
 +
 +# This simply reduces the PHP code required to build the form.
 +function writeHiddenField($fieldName,​ $fieldValue) {
 + echo "<​input type='​hidden'​ name='"​ . $fieldName . "'​ value='"​ . $fieldValue . "'​ />";​
 +}
 +
 +# This generates a DATETIME value in the correct format expected in the request.
 +function requestDateTime() {
 + return date('​d-m-Y:​H:​i:​s:​000'​);​
 +}
 +
 +# This is used to generate the Authorisation Request Hash.
 +function secureCardRequestHash($secureCardMerchantRef,​ $dateTime, $secureCardAction) {
 + global $terminalId,​ $secret;
 + return md5($terminalId . $secureCardMerchantRef . $dateTime . $secureCardAction . $secret);
 +}
 +
 +# This function is used to validate that the MPI Response Hash from the server is correct.
 +#     If secureCardResponseHashIsValid(...) != $_REQUEST["​HASH"​] then an error should be shown and the SecureCard registration should fail.
 +function secureCardResponseHashIsValid($responseCode,​ $responseText,​ $secureCardMerchantRef,​ $secureCardCardRef,​ $dateTime, $responseHash) {
 + global $terminalId,​ $secret;
 + return (md5($terminalId . $responseCode . $responseText . $secureCardMerchantRef . $secureCardCardRef . $dateTime . $secret)==$responseHash);​
 +}
 +
 +?>
 +
 +</​file>​
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International