This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
developer:sample_codes:php_hosted_subscriptions [2017/11/02 09:16] tleite |
developer:sample_codes:php_hosted_subscriptions [2022/10/07 14:38] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== PHP Hosted Subscriptions ====== | ||
+ | **Settings file (%gatewaySampleFileName_account.inc):** | ||
+ | |||
+ | <file php %gatewaySampleFileName_account.inc> | ||
+ | |||
+ | <?php | ||
+ | |||
+ | # These values are used to identify and validate the account that you are using. They are mandatory. | ||
+ | $gateway = ''; # This is the Gateway payments URL that you should use, assigned to the site. | ||
+ | $terminalId = ''; # This is the Terminal ID assigned to the site by Gateway. | ||
+ | $currency = ''; # This is the 3 digit ISO currency code for the above Terminal ID. | ||
+ | $secret = ''; # This shared secret is used when generating the hash validation strings. | ||
+ | # It must be set exactly as it is in the Gateway SelfCare system. | ||
+ | |||
+ | # This should contain the URL of the receipt page and validation page | ||
+ | $host = ''; # This should be your host eg. http://localhost:8000 | ||
+ | $receiptPageURL = $host.''; # This should be the path to your receipt page | ||
+ | $validationURL = $host.''; # This should be the path to your validation page | ||
+ | |||
+ | # These are used only in the case where the response hash is incorrect, which should | ||
+ | # never happen in the live environment unless someone is attempting fraud. | ||
+ | $adminEmail = ''; | ||
+ | $adminPhone = ''; | ||
+ | |||
+ | ?> | ||
+ | </file> | ||
+ | ---- | ||
+ | \\ | ||
+ | **Subscription redirect (%gatewaySampleFileName_subscription.php):** | ||
+ | |||
+ | <file php %gatewaySampleFileName_subscription.php> | ||
+ | |||
+ | <?php | ||
+ | |||
+ | # This is the file that contains the account settings for Gateway. | ||
+ | require('%gatewaySampleFileName_account.inc'); | ||
+ | |||
+ | # This is a helper file for integrating to the Gateway HPP in PHP. | ||
+ | require('%gatewaySampleFileName_subscription_functions.inc'); | ||
+ | |||
+ | $subscriptionAction = ''; # "register" or "update". | ||
+ | $subscriptionMerchantRef = ''; # Unique Merchant Reference for this subscription. Length is limited to 48 chars. | ||
+ | $storedSubscriptionMerchantRef = ''; # The Merchant Reference for the Stored Subscription (Subscription template/payment plan) that you would like this subscription to run under. | ||
+ | $secureCardMerchantRef = ''; # The Merchant Reference of the SecureCard that the Subscription is to be set up on. | ||
+ | $startDate = ''; # The date the Subscription is to start on (note the setup payment will still be taken immediately if it is >0). Format: DD-MM-YYYY | ||
+ | $dateTime = requestDateTime(); | ||
+ | |||
+ | # Verification string | ||
+ | $requestHash = subscriptionRequestHash($subscriptionMerchantRef,$secureCardMerchantRef, $dateTime, $startDate); | ||
+ | |||
+ | # Request URL for the Gateway | ||
+ | $requestURL = $gateway."/merchant/subscriptionpage/".$subscriptionAction; | ||
+ | |||
+ | # Write the HTML of the submission form | ||
+ | echo "<html><body><form id='gatewaysubscriptionform' action='" . $requestURL . "' method='post'>\n"; | ||
+ | writeHiddenField("TERMINALID", $terminalId); | ||
+ | writeHiddenField("MERCHANTREF", $subscriptionMerchantRef); | ||
+ | writeHiddenField("STOREDSUBSCRIPTIONREF", $storedSubscriptionMerchantRef); | ||
+ | writeHiddenField("SECURECARDMERCHANTREF", $secureCardMerchantRef); | ||
+ | writeHiddenField("DATETIME", $dateTime); | ||
+ | writeHiddenField("STARTDATE", $startDate); | ||
+ | writeHiddenField("HASH", $requestHash); | ||
+ | |||
+ | # Write the JavaScript that will submit the form to Gateway. | ||
+ | echo '</form>Submitting Subscription setup request to Gateway...<script language="JavaScript">document.getElementById("gatewaysubscriptionform").submit();</script></body></html>'; | ||
+ | |||
+ | ?> | ||
+ | |||
+ | </file> | ||
+ | ---- | ||
+ | \\ | ||
+ | Subscription URL **(%gatewaySampleFileName_subscription_response.php)** (URL for this page is setup as “**Subscription URL**” through Terminal Setup in the %SelfCare ): | ||
+ | |||
+ | <file php %gatewaySampleFileName_subscription_response.php> | ||
+ | |||
+ | <?php | ||
+ | |||
+ | # This is the file that contains the account settings for Gateway. | ||
+ | require('%gatewaySampleFileName_account.inc'); | ||
+ | |||
+ | # This is a helper file for integrating to the Gateway HPP in PHP. | ||
+ | require('%gatewaySampleFileName_subscription_functions.inc'); | ||
+ | |||
+ | if($_REQUEST["RESPONSECODE"] != "A") echo 'AN ERROR OCCURED! Your Subscription setup request failed. Error message: ' . $_REQUEST["RESPONSETEXT"]; | ||
+ | |||
+ | if(subscriptionResponseHashIsValid($_REQUEST["RESPONSECODE"], $_REQUEST["RESPONSETEXT"], $_REQUEST["MERCHANTREF"], $_REQUEST["DATETIME"], $_REQUEST["HASH"])) { | ||
+ | switch($_REQUEST["RESPONSECODE"]) { | ||
+ | case "A" : # Subscription setup suceeded. You should store the following details against the user account: | ||
+ | $subscriptionMerchantRef = $_REQUEST["MERCHANTREF"]; | ||
+ | echo "Subscription successfully registered."; | ||
+ | break; | ||
+ | default : # Subscription registration failed. | ||
+ | echo 'SUBSCRIPTION REGISTRATION FAILED! Error Code: ' . $_REQUEST["RESPONSECODE"] . ', Response text: ' . $_REQUEST["RESPONSETEXT"] . '.'; | ||
+ | } | ||
+ | } else { | ||
+ | echo 'SUBSCRIPTION REGISTRATION FAILED: INVALID RESPONSE HASH. Please contact ' . $adminEmail . ' or call ' . $adminPhone . ' to inform them of this error.'; | ||
+ | if(isset($_REQUEST["ORDERID"])) echo 'Please quote Gateway Terminal ID: ' . $terminalId . ', and Subscription Merchant Reference: ' . $_REQUEST["MERCHANTREF"] . ' when mailling or calling.'; | ||
+ | } | ||
+ | |||
+ | ?> | ||
+ | </file> | ||
+ | ---- | ||
+ | \\ | ||
+ | **Helper file (%gatewaySampleFileName_subscription_functions.inc):** | ||
+ | |||
+ | <file php %gatewaySampleFileName_subscription_functions.inc> | ||
+ | |||
+ | <?php | ||
+ | |||
+ | # This simply reduces the PHP code required to build the form. | ||
+ | function writeHiddenField($fieldName, $fieldValue) { | ||
+ | echo "<input type='hidden' name='" . $fieldName . "' value='" . $fieldValue . "' />"; | ||
+ | } | ||
+ | |||
+ | # This generates a DATETIME value in the correct format expected in the request. | ||
+ | function requestDateTime() { | ||
+ | return date('d-m-Y:H:i:s:000'); | ||
+ | } | ||
+ | |||
+ | # This is used to generate the Authorisation Request Hash. | ||
+ | function subscriptionRequestHash($merchantRef, $secureCardMerchantRef, $dateTime, $startDate) { | ||
+ | global $terminalId, $secret; | ||
+ | return md5($terminalId . $merchantRef . $secureCardMerchantRef . $dateTime . $startDate . $secret); | ||
+ | } | ||
+ | |||
+ | # This function is used to validate that the MPI Response Hash from the server is correct. | ||
+ | # If subscriptionResponseHashIsValid(...) != $_REQUEST["HASH"] then an error should be shown and the Subscription registration should fail. | ||
+ | function subscriptionResponseHashIsValid($responseCode, $responseText, $subscriptionMerchantRef, $dateTime, $responseHash) { | ||
+ | global $terminalId, $secret; | ||
+ | return (md5($terminalId . $responseCode . $responseText . $subscriptionMerchantRef . $dateTime . $secret)==$responseHash); | ||
+ | } | ||
+ | |||
+ | ?> | ||
+ | </file> |