Learn VBA & Macros in 1 Week!

PHP - Moved: Payment Gateway - Wordpress E-commerce/worldpay

Full Excel VBA Course - Beginner to Expert

Moved: Payment Gateway - Wordpress E-commerce/worldpay	View Content

This topic has been moved to PHP Applications.

http://www.phpfreaks.com/forums/index.php?topic=276607.0

Full Excel VBA Course - Beginner to Expert

Moved: Wordpress With Storefront Thems And Instinct E-commerce Plugins

Similar Tutorials

View Content

This topic has been moved to PHP Applications.

http://www.phpfreaks.com/forums/index.php?topic=321270.0

Problem With Payment Gateway...

Similar Tutorials

View Content

Hi guys,

I'm not really experienced with PHP to a high degree, very very basic knowledge. I took a website for a client which was an e-commerce website in need of a re-host? Sounds Simple enough.

However when uploading the site i found it went to a secure server outside of the one I was hosting it on when it came to submitting the payment. I then had to get access to these files and get them working on locally on my server. This where I'm having trouble...

It's easier to show you the problems rather than try and explain them.

This is the original working version of the payment page:
https://secure.wilkesdesign.com/egowear/pay.php

And this is my version:
http://www.egowear.co.uk/payment/pay.php

Which is essentially a duplicate, all I have changed is the details for it accessing the database on the the server which is included in "inc_db.php"
As well as updating the link in protx.php to the correct TermUrl.

The rest is the same as the original

If you go to the first page and enter no details and just click "Make Payment" at the bottom of the page, you should get several validation errors appear in red at the top of the page.

Do exactly the same on my version, the second link. And nothing seems to happen, no errors nothing.

I'll admit i'm quite out of my depth here now, and I'm betting it's just me missing something obvious. So if anyone has any ideas I'd really appreciate it .

Best Regards
Chris

Source code for pay.php:

Code: [Select]
<?php
ini_set('display_errors','1');
ini_set('display_startup_errors','1');
error_reporting(E_ALL ^ E_NOTICE);
$homeURL = "http://www.egowear.co.uk/";
//$homeURL = "http://intranet.wilkesdb.com/ego/";
// include at the start of the script being called.
//error_reporting(E_ALL); ini_set('display_errors', '1');
$asId = 1;
include "includes/inc_db.php";
$db = new DB; $db1 = new DB;
$vatRate = $db->getval("SELECT glValue FROM globals WHERE glId=1","glValue")+0;
$xorCountry = 2; $orDelCountry="UK";
$orPayNote='Unconfirmed';
$orPaid=0.00;
$header =  "MIME-Versin: 1.0\r\n" .
            "Content-type: text/plain; charset=ISO-8859-1; format=flowed\r\n" .
"From: Egowear <sales@egowear.co.uk>\r\n";
$header .=  "Reply-To: Egowear <sales@egowear.co.uk>\r\n";
$header .=  "X-Mailer: PHP/" . phpversion() . "\r\n";

if($basketURL) {

$basketArray = double_explode(":","|",$basketURL);
//print_r($basketArray);
$subTotal=$discount=$orDelCharge=0;

$items = $subTotal = $totalWeight = 0;
foreach ($basketArray as $key => $val) {
$extraCost = 0;
$prId = $val[0]; $qty = $val[1]; $prSize=$val[2]; $prColour=$val[3];
$extraCost = $val[5];
$db->query("SELECT prtName, prtPrice, prtImage, prColour, prPrtId, prVatable, IF(prWeight>0,prWeight,prtWeight) weight FROM products, prtypes WHERE prId='$prId' AND prtId=prPrtId");
$db->next_record();
list($prtName, $prPrice, $prtImage, $prColour,  $prPrtId, $prVatable, $weight) = $db->Record;
$prPrice = $prPrice + $extraCost;
if($prVatable) $prPrice = calcVat($prPrice);
$totalWeight += $qty*$weight;
$items += $qty;
$lineTotal = $qty*$prPrice;
$subTotal += $lineTotal;
}

// calulate delivery (use function!!!!)
$orDelChargeArray = getDelCharge($totalWeight, $xorCountry);

//var_dump($orDelChargeArray);
$deliveryTypesCount = count($orDelChargeArray);
//echo "count: $deliveryTypesCount";
if (!$deliveryTypesCount) $orDelCharge = -1;
elseif ($deliveryTypesCount==1) {
list($crType) = array_keys($orDelChargeArray);
$orDelCharge = $orDelChargeArray[$crType];
}
if ($delOverride) $orDelCharge = $delOverride;

$orVcId=0;
if($xcnId) {
$voucherCode = $db->getval("SELECT cnCurrentVoucherCode FROM contacts WHERE cnId='$xcnId'","cnCurrentVoucherCode");
if($voucherCode) {
list($valid, $offerDescription, $vcDiscountPercent, $vcDiscountValue, $vcFreePostage, $vcMinValue, $orVcId) = validateVoucherCode($voucherCode, $xcnId);
if($valid) {
if($vcFreePostage) $orDelCharge=0;

if($vcDiscountPercent>0) {
if(!($vcMinValue>0) || ($subTotal>=$vcMinValue)) $discount = $subTotal*($vcDiscountPercent/100);
}

if($vcDiscountValue>0) {
if(!($vcMinValue>0) || ($subTotal>=$vcMinValue)) $discount = $vcDiscountValue;
}
}
}
}

$orTotal = round($subTotal+$orDelCharge-$discount,2);
//$orTotal = round($subTotal*1.175,2);
//echo formatnumber($subTotal).",".formatnumber($orDelCharge).",".formatnumber($discount);
//$orTotal=0.01;

}
//echo "$subTotal<br />$orDelCharge<br />";
//echo "$orTotal<br />";
if ($sbmt) {
// not used but leave in just in case!!
if ($paypalOK) $ignorePayment = 1;
// go with payment processing
// first validate

// validate fields
if ($action!="callback") {
if (strlen($cardHolder) < 2) $error = "     •   Enter the name as it appears on your card <br>";
if (!ereg("^[0-9]{10,20}", $cardNumber)) $error .= "     •   Please enter a valid card number <br>";
if ($startDate AND !ereg("^[0-9]{2}[0-9]{2}", $startDate)) $error .= "     •   Your start date is invalid <br>";
if (!ereg("^[0-9]{2}[0-9]{2}", $expiryDate)) $error .= "     •   Your expiry date is invalid <br>";
$billingAddress = $ccAddress1."\n\r".$ccAddress2."\n\r".$ccAddress3."\n\r".$ccTown;
//if (strlen($billingAddress) < 10) $error .= "     •   Enter a valid billing address <br>";
$ccPostcode = strtoupper($ccPostcode);
if($orDelCountry == "UK") {
//if (!ereg("^[A-Z]{1,2}[0-9]{1,2}[A-Z]{0,1}[[:space:]][0-9]{1}[A-Z]{2}", $ccPostcode)) $error .= "     •   Enter a valid billing postcode. (Ensure that you have included the space!) <br>";
}
if (!ereg("^[0-9]{3,4}", $CV2)) $error .= "     •   You have missed out your CV2 number<br>";

$orDelPostcode = strtoupper($orDelPostcode);
//if ($orDelCountry == "UK") if (!ereg("^[A-Z]{1,2}[0-9]{1,2}[A-Z]{0,1}[[:space:]][0-9]{1}[A-Z]{2}", $orDelPostcode)) $error .= "     •   Your delivery postcode is invalid. (Ensure that you have included the space!) <br>";
// check if UK and BT (i.e. NI postcode) - should do this as part of the delivery package.
//if ($orDelCountry == "UK" && substr($orDelPostcode, 0, 2) == "BT") $error .= "     •   You have selected UK postage. 'BT' postcodes are Northern Ireland and have different rates from mainland UK. Please click 'Cancel' and sellect the correct postal type.";

if (strlen($orName) < 2) $error .= "     •   Please enter a customer name<br>";
if (strlen($orTel) < 5) $error .= "     •   Please tell us your telephone number<br>";
//if (strlen($orDelAddress1) < 2 || strlen($orDelTown) < 2) $error .= "     •   Please enter a valid customer address<br />";

if ($cnUsername) {
$chkCnId = $db->getval("SELECT cnId FROM contacts WHERE cnUsername = '$cnUsername'", "cnId");
if ($cnUsername AND $chkCnId AND $chkCnId != $cnId) $error .= "     •   Your username is already in use by someone else. Please try another<br />";
}
} //end if not callback
// if(!eregi('^([a-z0-9\._-])+@([^\.]+\.[^\.]+)', $cnEmail, $matched)) $error .= "     •   Enter a valid email address<br>";
// second go with payment
if (!$error) {

/////////////////////////////////////// Payment not started yet so create order ///////////////////////////////////
if(!isset($_GET['action']) && !($orId)) {

//Add order
if($xcnId>0) {
// update contact
$db->query("UPDATE contacts SET cnName='$cardHolder', cnEmail='$orEmail', cnAddress1='$ccAddress1', cnAddress2='$ccAddress2', cnAddress3='$ccAddress3', cnTown='$ccTown', cnPostcode='$ccPostcode' WHERE cnId='$xcnId'");
} else {
$db->query("INSERT INTO contacts SET cnName='$cardHolder', cnUsername='$cnUsername', cnPassword='$cnPassword', cnEmail='$orEmail', cnAddress1='$ccAddress1', cnAddress2='$ccAddress2', cnAddress3='$ccAddress3', cnTown='$ccTown', cnPostcode='$ccPostcode', cnGroups='$cnGroups', cnPrefs='$cnPrefs'");
$xcnId = mysql_insert_id();
}

if ($paypalOK) $orStatus = "Check Paypal Payment"; else $orStatus = "Payment Pending";

$db->query("INSERT INTO orders SET orCnId='$xcnId', orName='$orName', orDelAddress1='$orDelAddress1', orDelAddress2='$orDelAddress2', orDelAddress3='$orDelAddress3', orDelTown='$orDelTown', orDelCounty='$orDelCounty', orDelPostcode='$orDelPostcode', orDelCountry='$orDelCountry', orEmail='$orEmail', orDate=NOW(), orDelCharge='$orDelCharge', orDelType='$orDelType', orStatus='$orStatus', orVcId='$orVcId', orPayNote='$orPayNote', orPaid='$orPaid', orTotal='$orTotal', orDiscount='$discount', orTel='$orTel', orVatRate='$vatRate'");
$orId = mysql_insert_id();

$orVat=$orNet=0;
foreach ($basketArray as $key => $val) {
$flexString="";
$prId = $val[0]; $qty = $val[1]; $prSize=$val[2]; $flexString=$val[3];
$oiVat=$oiNet=0;
$db->query("SELECT prtName, prtPrice, prtImage, prColour, prPrtId, prVatable, IF(prWeight>0,prWeight,prtWeight) weight FROM products, prtypes WHERE prId='$prId' AND prtId=prPrtId");
$db->next_record();
list($prtName, $prPrice, $prtImage, $prColour,  $prPrtId, $prVatable, $weight) = $db->Record;
$oiNet=$prPrice;
if($prVatable) {
$prPrice = calcVat($prPrice);
$oiVat=$prPrice-$oiNet;
$orVat+=$oiVat;
} else $oiVat=0;

if($qty) {
$db->query("INSERT INTO orderitems SET oiOrId='$orId', oiPrId='$prId', oiQty='$qty',oiSize='$prSize',oiColour='$prColour', oiWidth='$prWidth',oiVat='$oiVat',oiNet='$oiNet',oiPriceEach='$prPrice', oiName='$prtName', oiFlexString='$flexString'");
$lineTotal = $qty*$prPrice;
}
}

}
$db->query("UPDATE orders SET orVat='$orVat', orNet='$orNet' WHERE orId='$orId'");

$vendorTxCode = "Order_".$orId;
$billingAddress = substr($ccAddress1."\n\r".$ccAddress2."\n\r".$ccAddress3."\n\r".$ccTown,0,199);

include("includes/protx.php");
$data = array (
'VPSProtocol' => '2.22',
'TxType' => 'PAYMENT',
'Vendor' => 'egowear',
'VendorTxCode' => substr(substr($vendorTxCode,0,40-strlen(time())).'_'.time(),0,40),
'Amount' => number_format($orTotal,2),
'Currency' => "GBP",
'Description' => substr("Egowear Website Order: (".trim($typeDescrip).")",0,99),
'CardHolder' => substr($cardHolder,0,50),
'CardNumber' => substr($cardNumber,0,20),
'StartDate' => substr($startDate,0,4),
'ExpiryDate' => substr($expiryDate,0,4),
'IssueNumber' => substr($issueNumber,0,2),
'CV2' => substr($CV2,0,4),
'CardType' => substr($cardType,0,15),
'BillingAddress' => substr($billingAddress,0,199),
'BillingPostCode' => substr($ccPostcode,0,10),
'CustomerName' => substr($orName,0,99),
'CustomerEMail' => substr($orEmail,0,254),
'ContactNumber' => substr("",0,20),
'ClientIPAddress'=>$_SERVER['REMOTE_ADDR']
);
//echo $vendorTxCode;
if($data) $optRequest = formatData($data);

/////////////////////////////////////// Protx.php ///////////////////////////////////
if(!isset($_GET['action'])) {
$p = null;
$response1 = _CompletePayment($p,$Vars,$optRequest,$orId);
if(substr($response1,0,6)=="iframe") $iframecode=substr($response1,6); else if($response1) $error.=$response1; else $iframecode=0;
} else if($_GET['action'] == 'callback') {
$error .= __VerifyCallback($_POST, $Vars,null,$orId);
} else if($_GET['action'] == 'callbacktest') {
$optRequest = '...  .. ';
__VerifyCallback($p = null, $Vars, $optRequest);
} else {
$error.=('Invalid action');
}

} // no error

} else { // end submit
if($xcnId && !$error && !$cardHolder) {
$db->query("SELECT cnName, cnAddress1, cnAddress2, cnAddress3, cnTown, cnPostcode FROM contacts WHERE cnId='$xcnId'");
$db->next_record();
list($cardHolder, $ccAddress1, $ccAddress2, $ccAddress3, $ccTown, $ccPostcode) = $db->Record;
/*$orName = $cardHolder;
$orDelAddress1 = $ccAddress1;
$orDelAddress2 = $ccAddress2;
$orDelAddress3 = $ccAddress3;
$orDelTown = $ccTown;
$orDelPostcode = $ccPostcode;*/
}
} // end no submit

if($iframecode) echo $iframecode; else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Egowear</title>
<link rel="stylesheet" type="text/css" href="includes/default.css">
<script language="javascript">
function goCopy() {
document.getElementById('cardHolder').value = document.getElementById('orName').value;
document.getElementById('ccAddress1').value = document.getElementById('orDelAddress1').value;
document.getElementById('ccAddress2').value = document.getElementById('orDelAddress2').value;
document.getElementById('ccAddress3').value = document.getElementById('orDelAddress3').value;
document.getElementById('ccTown').value = document.getElementById('orDelTown').value;
document.getElementById('ccPostcode').value =document.getElementById('orDelPostcode').value;
}
</script>

</head>
<body>
<div align="center">
<? include "includes/nav.php"; ?>

<div id="wrapper2" style="position:relative;z-index:1;top:25px">

<div align="left" id="<?= $theme ?>">

<div style="text-align:left;padding:18px 0px 0px 18px;overflow:hidden;">
<div style="float:right;padding:20px 160px 0px 0px;border:0px solid #000;width:535px;text-align:center;height:25px">
<h1><?= $wcTitle ?></h1>
</div>
<div><img src="images/logo.jpg" /></div>
</div>

<div align="left" class="pageMiddle">
<div style="position:relative;z-index:1;padding:2px 30px 10px 32px;" >
<h1>Card Payment</h1>

<form name="form1" method="post" action="">
<table id="tableSubCategories" style="width:100%;text-align:left;">
<tr id="trColumnTitles" >
<td colspan="2" style=""><div style="background:#FF0000; color:#FFFFFF; font-weight:bold"><? echo $error ?></div></td>
</tr>
<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Delivery Address:</strong></td>
</tr>
<tr >
<td style="width:45%"><div align="right">Name*:</div></td>
<td><input name="orName" type="text" id="orName" value="<? echo $orName ?>" size="40" maxlength="100">
 </td>
</tr>
<tr>
<td><div align="right">Delivery Address: *: </div></td>
<td><input name="orDelAddress1" type="text" id="orDelAddress1" value="<? if($orDelAddress1) echo $orDelAddress1; else echo $orDelAddress1; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td> </td>
<td><input name="orDelAddress2" type="text" id="orDelAddress2" value="<? if($orDelAddress2) echo $orDelAddress2; else echo $orDelAddress2; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right"> </div></td>
<td><input name="orDelAddress3" type="text" id="orDelAddress3" value="<? if($orDelAddress3) echo $orDelAddress3; else echo $orDelAddress3; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Town:</div></td>
<td><input name="orDelTown" type="text" id="orDelTown" value="<? if($orDelTown) echo $orDelTown; else echo $orDelTown; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Post Code<? if($orDelCountry == "UK") echo "*" ?>: </div></td>
<td><input name="orDelPostcode" type="text" id="orDelPostcode" value="<? if($orDelPostcode) echo $orDelPostcode; else echo $orDelPostcode; ?>" size="10" maxlength="10"></td>
</tr>
<tr>
<td><div align="right">County:</div></td>
<td><input name="orDelCounty" type="text" id="orDelCounty" value="<? echo $orDelCounty ?>" size="40" maxlength="100">
 </td>
</tr>
<tr>
<td><div align="right">Email*:</div></td>
<td><input name="orEmail" type="text" id="orEmail" value="<? echo $orEmail ?>" size="40" maxlength="100"></td>
</tr>

<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Billing Address:</strong></td>
</tr>
<tr>
<td><div align="right"> Credit Card Billing Address: *: </div></td>
<td><input name="ccAddress1" type="text" id="ccAddress1" value="<? if($ccAddress1) echo $ccAddress1; else echo $orDelAddress1; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">[<a href="Javascript:goCopy();">click here to copy from delivery address </a>] </div></td>
<td><input name="ccAddress2" type="text" id="ccAddress2" value="<? if($ccAddress2) echo $ccAddress2; else echo $orDelAddress2; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right"> </div></td>
<td><input name="ccAddress3" type="text" id="ccAddress3" value="<? if($ccAddress3) echo $ccAddress3; else echo $orDelAddress3; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Town:</div></td>
<td><input name="ccTown" type="text" id="ccTown" value="<? if($ccTown) echo $ccTown; else echo $orDelTown; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Post Code<? if($orDelCountry == "UK") echo "*" ?>: </div></td>
<td><input name="ccPostcode" type="text" id="ccPostcode" value="<? if($ccPostcode) echo $ccPostcode; else echo $orDelPostcode; ?>" size="10" maxlength="10"></td>
</tr>
<tr>
<td><div align="right">Telephone No *: </div></td>
<td><input name="orTel" type="text" id="orTel" value="<?= $orTel; ?>" size="14" maxlength="20"></td>
</tr>
<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Card details:</strong></td>
</tr>
<tr>
<td><div align="right">Payment amount: £</div></td>
<td><input name="orTotal" type="text" id="orTotal" value="<? echo number_format($orTotal,2, ".", ""); ?>" size="20" maxlength="20" readonly=""></td>
</tr>
<tr>
<td><div align="right">Card holder's name as it appears on your card*:</div></td>
<td><input name="cardHolder" type="text" id="cardHolder" value="<? if($cardHolder) echo $cardHolder; else echo $orName ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Card Type*:</div></td>
<td>
<select name="cardType" id="cardType">
<option value="VISA" <? if($cardType=="VISA") echo "selected"; ?>>Visa</option>
<option value="DELTA" <? if($cardType=="DELTA") echo "selected"; ?>>Visa Delta/Debit </option>
<option value="MC" <? if($cardType=="MC") echo "selected"; ?>>Mastercard</option>
<option value="SWITCH" <? if($cardType=="SWITCH") echo "selected"; ?>>Maestro</option>
<option value="SOLO" <? if($cardType=="SOLO") echo "selected"; ?>>SOLO</option>
<option value="UKE" <? if($cardType=="UKE") echo "selected"; ?>>Visa Electron</option>
</select>
</td>
</tr>
<tr>
<td><div align="right">Card Number*:</div></td>
<td><input name="cardNumber" type="text" id="cardNumber" value="<? echo $cardNumber ?>" size="20" maxlength="20">
(no spaces please)</td>
</tr>
<tr>
<td><div align="right">Start Date:</div></td>
<td><input name="startDate" type="text" id="startDate" value="<? echo $startDate ?>" size="4" maxlength="4">
(MMYY) Switch and Solo cards only </td>
</tr>
<tr>
<td><div align="right">Expiry Date*:</div></td>
<td><input name="expiryDate" type="text" id="expiryDate" value="<? echo $expiryDate ?>" size="4" maxlength="4">
(MMYY)</td>
</tr>
<tr>
<td><div align="right">Issue Number:</div></td>
<td><input name="issueNumber" type="text" id="issueNumber" value="<? echo $issueNumber ?>" size="2" maxlength="2">
Exactly as it appears on the card</td>
</tr>
<tr>
<td><div align="right">CV2*: </div></td>
<td><input name="CV2" type="text" id="CV2" value="<? echo $CV2 ?>" size="4" maxlength="4">
Last three digits on signature strip</td>
</tr>
<? if(!$xcnId) {?>
<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Confirm order:</strong></td>
</tr>
<tr>
<td colspan="2">
If you would like us to save your details for future orders create a username and password below:
</td>
</tr>
<tr>
<td colspan="2"><div style="float:left; width:10%">Username: </div><div style="float:left;"> <input name="cnUsername" type="text" id="cnUsername" value="<? echo $cnUsername ?>" size="40" maxlength="100"></div></td>
</tr>
<tr>
<td colspan="2"><div style="float:left; width:10%">Password: </div><div style="float:left"> <input name="cnPassword" type="password" id="cnPassword" value="<? echo $cnPassword ?>" size="40" maxlength="100"></div></td>
</tr>
<? } ?>

<tr >
<td colspan="2"><input name="sbmt" type="hidden" id="sbmt" value="1">
<input type="submit" name="Submit" value="Make payment">
<? echo back($back); ?>
<input name="paypalOK" type="hidden" id="paypalOK" value="0"></td>
</tr>
</table>
<input type="hidden" name="basketURL" value="<?= double_implode(":","|",$basketArray); ?>" />
<input type="hidden" name="xcnId" value="<?= $xcnId ?>" />
<input type="hidden" name="orId" value="<?= $orId ?>" />
<input type="hidden" name="prSize" value="<?= $prSize?>" />
</form>
</div>
</div>
<div style="position:absolute;">
<div style="position:relative;z-index:2;margin-top:5px;margin-left:35px" >
<a style="text-decoration:none;background:none" href="http://www.egowear.co.uk/designer.php"><img src="images/spacer.gif" border="0" width="200" height="205" /></a>
</div>
</div>
<img src="images/bot1.jpg" />
</div>
</div>
</div>
</body>
</html>
<? } ?>

Securenet Payment Gateway

Similar Tutorials

View Content

Hi,
Is there any one has integrated securenet payment gateway in php?
Is yes, can any one provide me HTML code and php code for it?
Looking foward

Streamline Payment Gateway

Similar Tutorials

View Content

Hi guys,

I just want to know if any one has worked with streamline payment gateway before, we are building a cart for a customer, a in house built sulition, and just wanted some help / advice on how to process payments. The customer has picked streamline as their merchant

Thank you

Payment Gateway Vulnerabilty Using Post

Similar Tutorials

View Content

hey guys.

I am using Liberty reserve to sell my digital items online, when the user buys the item LR posts back item_id so I can grab the id out of the database to display to the buyer and lr_amnt to check the amount against the one inside the database before displaying the result to the user.

TOP:
<?php

include 'includes/config.inc.php';

if(isset($_POST['item_id']) && isset($_POST['lr_amnt']))
{
    $itemID = $_POST['item_id'];
    $lrAmt = $_POST['lr_amnt'];

   $result = mysql_query("SELECT * FROM items WHERE item_id='$itemID'");

   while($row = mysql_fetch_array($result))
   {
      $login = $row['item_login'];
      $pass = $row['item_pass'];
      $itemName = $row['item_account'];
      $itemDel = $row['item_del'];
      $price = $row['item_price'];
   }

}

?>

--------------------------------

Header:
<?php if($lrAmt != $price) : ?>
        <h2>Fatal error in transaction: the price does not match that in the database</h2>
        <?php else: ?>
        <h2>Thank you for you're purchase of <?php echo $itemName; ?>. Please keep these details safe as they have been deleted from our database.</h2>
        <?php
            echo '<br />';
            echo 'Your new Username: ' . $login;
            echo '<br />';
            echo 'Your password: ' . $pass;
            ?>
        <?php endif; ?>

but if the user views the source code and grabs the ID they could easily get it for free by making a simple html script that takes in item_id and lr_amnt and put in the values and post it to the success page.

example:
Code: [Select]
<fieldset>

<form method="post" action="http://angrypossum.org/carl/mySaleTwo/success.php">
<p>
<label for="itemid">Item ID: </label>
<input type="text" name="item_id" id="itemid" class="input" />
</p>

<p>
<label for="itemprice">Item price: </label>
<input type="text" name="lr_amnt" id="itemprice" class="input" />
</p>

<p>
<input type="submit" name="login" value="Steal" class="button" />
</p>

</form>
</fieldset>

how could I stop that?

thanks

How To Integrate Payeezy Payment Gateway In Php Page?

Similar Tutorials

View Content

I am using Payeezy Payment Gateway, how to integrate with my PHP page, actually the payment gateway for my customer form, i done with form using PHP, how can i integrate Payeezy Payment Gateway with my PHP form.

Saving Payment Gateway Credentials In Web Root??

Similar Tutorials

View Content

I need to store the Login ID and Key for my Payment Gateway, and figured it was best to do this outside my web root ("httpdocs") on my VPS.

Unfortunately, my PHP Include is breaking, and it looks like this is a *major* thing to get working, since requires me to tinker with Plesk's default settings in Linux. (This link seems to discuss the same issues I'm having: http://stackoverflow.com/questions/2370053/how-to-include-file-outside-document-root )

Anyways...

Since I'm no Linux guru and afraid of breaking my VPS, how bad would it be to store my Authorize.net API ID and Key in a PHP file in my web root and include that file in my "checkout.php" file??

If anyone knows a reasonably easy way to fix the issue described in the link above, I'm all for it, but I am thinking I may have to just settle on leaving things in my web root...

Thanks,

Debbie

How To Pass My Form Total Value To Ccavenue Payment Gateway?

Similar Tutorials

View Content

I have a form, details getting from customer and calculate the grand total, here how can i pass my grand total value to ccavenue payment gateway page and getting payment form customer?

code : https://www.pastiebin.com/5cdbae859bb64

Session Problem With Different Browsers On Redirecting From Payment Gateway

Similar Tutorials

View Content

We are trying to capture customer details & redirecting the customer to payment gateway page and, after succesful transaction from payment gateway we are facing a problem for different browsers.

Ideally after successful transaction the page should redirect to order confirmation page but it is redirecting to our cart page.In IE7 it is working fine but in mozilla firefox it is redireting to cart page.On analyzing we found that session is not persisting in firefox.
Please help we have stuck here Suggest something if you have faced similar issue with different browsers.

Cc-avenue Payment Gateway Response Page Return 404 Error?

Similar Tutorials

View Content

Here is my code :

https://paiza.io/projects/SUiG5qp_wttfcrQn-0Mwew?language=php FYI -> [index.htm -> LineNo : 781 & 782]

After successfully received payment response page return 404 error

The form & CC-Avenue Payment Gateway Request page working good, after customer paid the response page return 404 error.

How can i solve the error?

Edited May 22, 2019 by aveeva

Notification.php (update Data In Mysql And Send Email To User) After Redsys Payment Gateway Is Not Working Help!

Similar Tutorials

View Content

Hello.
I have a form for users to make reservations and they have to pay for that.

I activate the Payment Gateway Platform (by Redsys in Spain), and it works fine asking you for card number and it goes through correctly and says PAYMENT OK, but the notification.PHP FILE does not work.

Could my server (SSL) configuration be the problem? or is it the CODE?

Any help about this, please, would be highly appreciated.

Thank you.

Part of the Nofication.php code is:

__________________________________________________________________________________

<?php
@ini_set("display_errors","1");
@ini_set("display_startup_errors","1");

$handle = fopen("_redsys.log", "a");

require_once("include/dbcommon.php");
require_once("redsysHMAC256_API_PHP_4.0.2/apiRedsys.php");

$miObj = new RedsysAPI;

$version = postvalue("Ds_SignatureVersion");
$params = postvalue("Ds_MerchantParameters");
$signatureRecibida = postvalue("Ds_Signature");

// $version = "HMAC_SHA256_V1";
// $params = "eyJEc19BbW91bnQiOiIyMDAiLCJEc19DdXJyZW5jeSI6Ijk3OCIsIkRzX09yZGVyIjoiMjAwNjE4MDkyNDMzIiwiRHNfTWVyY2hhbnRDb2RlIjoiOTk5MDA4ODgxIiwiRHNfVGVybWluYWwiOiIxIiwiRHNfUmVzcG9uc2UiOiI5OTk4IiwiRHNfQXV0aG9yaXNhdGlvbkNvZGUiOiIiLCJEc19UcmFuc2FjdGlvblR5cGUiOiIwIiwiRHNfU2VjdXJlUGF5bWVudCI6IjAiLCJEc19MYW5ndWFnZSI6IjEiLCJEc19NZXJjaGFudERhdGEiOiIifQ==";
// $signatureRecibida = "Aa6GG9IfCYlRrj-yF5VxXg_qmhJ3R-fmfXxGvB8w2Sk=";

$txt = "version=".$version."\nparams=".$params."\nsignatureRecibida=".$signatureRecibida."\n";
fwrite($handle,"\n\n\n".date("Y-m-d h:i:s")."\n");
fwrite($handle,$txt);

$decodec = $miObj->decodeMerchantParameters($params);
$codigoRespuesta = $miObj->getParameter("Ds_Response");

$claveModuloAdmin = 'sq7HjrUOBfKmC576ILgskD5srU870gJ7';
$signatureCalculada = $miObj->createMerchantSignatureNotif($claveModuloAdmin, $params);
$res = my_json_decode($decodec);
fwrite($handle,$decodec."\n");

if ($signatureCalculada === $signatureRecibida && $res["Ds_AuthorisationCode"]!="++++++" && !isset($res["Ds_ErrorCode"]) {

   fwrite($handle,"Ds_Order = ".$res["Ds_Order"]."\n");
   DB::Query("update reservas set status=1 where Ds_Order='".$res["Ds_Order"]."'");
   $rs2 = DB::Query("select * from reservas where Ds_Order='".$res["Ds_Order"]."'");
   $values = $rs2->fetchAssoc();
   $email=$values['Email'];
   $msg="";
   $msg.= "El seu codi de reserva Ã©s: ". dechex(999999999-$values['Id_Reserva'])."<br>";
   $msg.= "CÃ³digo sin cifrar: ". 999999999-$values['Id_Reserva']."<br>";
   $msg.= "Reserva descifrada ". (((hexdec(dechex(999999999-$values['Id_Reserva'])))-999999999)*-1)."<br>";
   $msg.= "La data de la seva reserva es : ".$values['Dia']."-".$values['Mes']."-".$values['AÃ±o']."<br>";

   $sql = "SELECT Espacio FROM Espacios WHERE Id_Espacio=" . $values["Id_Espacio"];
   $rs = CustomQuery($sql);
   $data = db_fetch_array($rs);
   //$result["txt"] = "Ãrea: " . $data["c"];
   //$msg.= "QR : " .$values['QR']."\r\n"; //json_decode($image, true);
   //<img src="http://www.htmldog.com/badge1.gif"> https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=12345678
   //$image2= '<img src="data:image/jpeg;base64,'.$values['QR'].'>';
   $msg.= '<img src="https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=http%3A%2F%2Fwww.sungest.net/reservas_list.php?qs='.dechex(999999999-$values['Id_Reserva']).'&f=all%2F&choe=UTF-8">';
   //echo '<img src="https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=http%3A%2F%2Fwww.sungest.net/reservas_list.php?qs='.dechex(999999999-$values['Id_Reserva']).'&f=all%2F&choe=UTF-8">';

   // echo '<img src="data:image/jpeg;base64,'.$imageData.'">';
   //echo '<img src="data:image/jpeg;base64,'.$imageData.'">';
   //echo '<img src="data:image/jpeg;base64,'.$imageData.'">';
   $msg.= "<font size=4 color='Navy'><b>La seva reserva Ã©s per anar a : </b></font>". "<font size=5 color='Olive'><b>" .$data["Espacio"] . "</b></font><br>";
   $msg.= "<font size=4 color='Olive'><b>La seva Ã rea assignada Ã©s: </b></font>".$values['Id_Area']."<br>";

   $subject="La seva reserva per la platja";
   $ret=runner_mail(array('to' => $email, 'subject' => $subject, 'htmlbody' => $msg));
       echo "ok";
}
else
   DB::Exec("delete from reservas where Ds_Order='".$res["Ds_Order"]."'");
fclose($handle);
?>

_______________________________________________________________________________________________

Payubiz Payment Gateway Success Page Return Blank Page

Similar Tutorials

View Content

I am using Magento (Ver 1.9.x)

If i try with my localhost success url like,

http://192.168.1.65/magento/index.php/checkout/onepage/success/ and return success message with order id.

if i try with live, success url like,

https://abc.in/payubiz/redirect/success/ success page like blank page.

How to solve the issue?

Code : https://github.com/ZusZus/Payubiz

Edited February 4, 2020 by aveeva

Moved: Clickandbuy Api Gateway Integration

Similar Tutorials

View Content

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=343228.0

Worldpay Callbacks

Similar Tutorials

View Content

Hi guys,

This is driving me mad, and I'm wondering if it will be resolved when I set the site live.

I have a form with a hidden field containing the callback URL. The form is submitted to Worldpay.

I am creating a new site in Wordpress although the callback file is a normal php file (ie not Wordpress).
However, a successful payment results in staying at the standard Worldpay success pay instead of redirecting to the callback.
This is being hosted on a temporary domain.

I've tried the following combinations:
Form on temp website to callback on current site - works OK.
Form on temp website to callback on temp site - callback doesn't work.
Form on current website to callback on current site - works OK.
Form on current website to callback on temp site - callback doesn't work.

If I take the form and put it on the domain I will be using, the callback seems to operate as I would expect.

The other thing is that currently the site is on a dedicated server, and the temporary site is on a shared server - and will be staying there.

Is this something that sounds like it will be resolved when the new site is hosted on the proper domain?

Thanks!

Moved: Wordpress Help

Similar Tutorials

View Content

This topic has been moved to PHP Applications.

http://www.phpfreaks.com/forums/index.php?topic=310048.0

Moved: Wordpress Theme

Similar Tutorials

View Content

This topic has been moved to PHP Applications.

http://www.phpfreaks.com/forums/index.php?topic=314808.0

Moved: Help With My Wordpress Plugin

Similar Tutorials

View Content

This topic has been moved to PHP Applications.

http://www.phpfreaks.com/forums/index.php?topic=314030.0

Moved: Problem In Like In Wordpress

Similar Tutorials

View Content

This topic has been moved to Other Libraries and Frameworks.

http://www.phpfreaks.com/forums/index.php?topic=327275.0

Moved: Php If Statement Help (wordpress)

Similar Tutorials

View Content

This topic has been moved to PHP Applications.

http://www.phpfreaks.com/forums/index.php?topic=358684.0

Moved: Wordpress-plugin Help

Similar Tutorials

View Content

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=334215.0