Learn VBA & Macros in 1 Week!

PHP - Saving Payment Gateway Credentials In Web Root??

Full Excel VBA Course - Beginner to Expert

Saving Payment Gateway Credentials In Web Root??	View Content

I need to store the Login ID and Key for my Payment Gateway, and figured it was best to do this outside my web root ("httpdocs") on my VPS.

Unfortunately, my PHP Include is breaking, and it looks like this is a *major* thing to get working, since requires me to tinker with Plesk's default settings in Linux. (This link seems to discuss the same issues I'm having: http://stackoverflow.com/questions/2370053/how-to-include-file-outside-document-root )

Anyways...

Since I'm no Linux guru and afraid of breaking my VPS, how bad would it be to store my Authorize.net API ID and Key in a PHP file in my web root and include that file in my "checkout.php" file??

If anyone knows a reasonably easy way to fix the issue described in the link above, I'm all for it, but I am thinking I may have to just settle on leaving things in my web root...

Thanks,

Debbie

Full Excel VBA Course - Beginner to Expert

Similar Tutorials

Securenet Payment Gateway

Problem With Payment Gateway...

Streamline Payment Gateway

Payment Gateway Vulnerabilty Using Post

How To Integrate Payeezy Payment Gateway In Php Page?

How To Pass My Form Total Value To Ccavenue Payment Gateway?

Session Problem With Different Browsers On Redirecting From Payment Gateway

Moved: Payment Gateway - Wordpress E-commerce/worldpay

Cc-avenue Payment Gateway Response Page Return 404 Error?

Notification.php (update Data In Mysql And Send Email To User) After Redsys Payment Gateway Is Not Working Help!

Payubiz Payment Gateway Success Page Return Blank Page

Trying To Send Credentials To An Ip Camera

Redirect Based On Credentials

Hiding Mysql Connection Credentials

Ldap_bind Returns Error 49 Invalid Credentials

Is It Save To Rely On Ini_set() For Mysql Credentials?

Sms Gateway Software Using Php

502 Bad Gateway Error

Problem Connecting A Cms To Gateway

Moved: Clickandbuy Api Gateway Integration

Learn VBA & Macros for Excel in 1 Week!

Securenet Payment Gateway

Similar Tutorials

Hi,
Is there any one has integrated securenet payment gateway in php?
Is yes, can any one provide me HTML code and php code for it?
Looking foward

Problem With Payment Gateway...

Similar Tutorials

Hi guys,

I'm not really experienced with PHP to a high degree, very very basic knowledge. I took a website for a client which was an e-commerce website in need of a re-host? Sounds Simple enough.

However when uploading the site i found it went to a secure server outside of the one I was hosting it on when it came to submitting the payment. I then had to get access to these files and get them working on locally on my server. This where I'm having trouble...

It's easier to show you the problems rather than try and explain them.

This is the original working version of the payment page:
https://secure.wilkesdesign.com/egowear/pay.php

And this is my version:
http://www.egowear.co.uk/payment/pay.php

Which is essentially a duplicate, all I have changed is the details for it accessing the database on the the server which is included in "inc_db.php"
As well as updating the link in protx.php to the correct TermUrl.

The rest is the same as the original

If you go to the first page and enter no details and just click "Make Payment" at the bottom of the page, you should get several validation errors appear in red at the top of the page.

Do exactly the same on my version, the second link. And nothing seems to happen, no errors nothing.

I'll admit i'm quite out of my depth here now, and I'm betting it's just me missing something obvious. So if anyone has any ideas I'd really appreciate it .

Best Regards
Chris

Source code for pay.php:

Code: [Select]
<?php
ini_set('display_errors','1');
ini_set('display_startup_errors','1');
error_reporting(E_ALL ^ E_NOTICE);
$homeURL = "http://www.egowear.co.uk/";
//$homeURL = "http://intranet.wilkesdb.com/ego/";
// include at the start of the script being called.
//error_reporting(E_ALL); ini_set('display_errors', '1');
$asId = 1;
include "includes/inc_db.php";
$db = new DB; $db1 = new DB;
$vatRate = $db->getval("SELECT glValue FROM globals WHERE glId=1","glValue")+0;
$xorCountry = 2; $orDelCountry="UK";
$orPayNote='Unconfirmed';
$orPaid=0.00;
$header =  "MIME-Versin: 1.0\r\n" .
            "Content-type: text/plain; charset=ISO-8859-1; format=flowed\r\n" .
"From: Egowear <sales@egowear.co.uk>\r\n";
$header .=  "Reply-To: Egowear <sales@egowear.co.uk>\r\n";
$header .=  "X-Mailer: PHP/" . phpversion() . "\r\n";

if($basketURL) {

$basketArray = double_explode(":","|",$basketURL);
//print_r($basketArray);
$subTotal=$discount=$orDelCharge=0;

$items = $subTotal = $totalWeight = 0;
foreach ($basketArray as $key => $val) {
$extraCost = 0;
$prId = $val[0]; $qty = $val[1]; $prSize=$val[2]; $prColour=$val[3];
$extraCost = $val[5];
$db->query("SELECT prtName, prtPrice, prtImage, prColour, prPrtId, prVatable, IF(prWeight>0,prWeight,prtWeight) weight FROM products, prtypes WHERE prId='$prId' AND prtId=prPrtId");
$db->next_record();
list($prtName, $prPrice, $prtImage, $prColour,  $prPrtId, $prVatable, $weight) = $db->Record;
$prPrice = $prPrice + $extraCost;
if($prVatable) $prPrice = calcVat($prPrice);
$totalWeight += $qty*$weight;
$items += $qty;
$lineTotal = $qty*$prPrice;
$subTotal += $lineTotal;
}

// calulate delivery (use function!!!!)
$orDelChargeArray = getDelCharge($totalWeight, $xorCountry);

//var_dump($orDelChargeArray);
$deliveryTypesCount = count($orDelChargeArray);
//echo "count: $deliveryTypesCount";
if (!$deliveryTypesCount) $orDelCharge = -1;
elseif ($deliveryTypesCount==1) {
list($crType) = array_keys($orDelChargeArray);
$orDelCharge = $orDelChargeArray[$crType];
}
if ($delOverride) $orDelCharge = $delOverride;

$orVcId=0;
if($xcnId) {
$voucherCode = $db->getval("SELECT cnCurrentVoucherCode FROM contacts WHERE cnId='$xcnId'","cnCurrentVoucherCode");
if($voucherCode) {
list($valid, $offerDescription, $vcDiscountPercent, $vcDiscountValue, $vcFreePostage, $vcMinValue, $orVcId) = validateVoucherCode($voucherCode, $xcnId);
if($valid) {
if($vcFreePostage) $orDelCharge=0;

if($vcDiscountPercent>0) {
if(!($vcMinValue>0) || ($subTotal>=$vcMinValue)) $discount = $subTotal*($vcDiscountPercent/100);
}

if($vcDiscountValue>0) {
if(!($vcMinValue>0) || ($subTotal>=$vcMinValue)) $discount = $vcDiscountValue;
}
}
}
}

$orTotal = round($subTotal+$orDelCharge-$discount,2);
//$orTotal = round($subTotal*1.175,2);
//echo formatnumber($subTotal).",".formatnumber($orDelCharge).",".formatnumber($discount);
//$orTotal=0.01;

}
//echo "$subTotal<br />$orDelCharge<br />";
//echo "$orTotal<br />";
if ($sbmt) {
// not used but leave in just in case!!
if ($paypalOK) $ignorePayment = 1;
// go with payment processing
// first validate

// validate fields
if ($action!="callback") {
if (strlen($cardHolder) < 2) $error = "     •   Enter the name as it appears on your card <br>";
if (!ereg("^[0-9]{10,20}", $cardNumber)) $error .= "     •   Please enter a valid card number <br>";
if ($startDate AND !ereg("^[0-9]{2}[0-9]{2}", $startDate)) $error .= "     •   Your start date is invalid <br>";
if (!ereg("^[0-9]{2}[0-9]{2}", $expiryDate)) $error .= "     •   Your expiry date is invalid <br>";
$billingAddress = $ccAddress1."\n\r".$ccAddress2."\n\r".$ccAddress3."\n\r".$ccTown;
//if (strlen($billingAddress) < 10) $error .= "     •   Enter a valid billing address <br>";
$ccPostcode = strtoupper($ccPostcode);
if($orDelCountry == "UK") {
//if (!ereg("^[A-Z]{1,2}[0-9]{1,2}[A-Z]{0,1}[[:space:]][0-9]{1}[A-Z]{2}", $ccPostcode)) $error .= "     •   Enter a valid billing postcode. (Ensure that you have included the space!) <br>";
}
if (!ereg("^[0-9]{3,4}", $CV2)) $error .= "     •   You have missed out your CV2 number<br>";

$orDelPostcode = strtoupper($orDelPostcode);
//if ($orDelCountry == "UK") if (!ereg("^[A-Z]{1,2}[0-9]{1,2}[A-Z]{0,1}[[:space:]][0-9]{1}[A-Z]{2}", $orDelPostcode)) $error .= "     •   Your delivery postcode is invalid. (Ensure that you have included the space!) <br>";
// check if UK and BT (i.e. NI postcode) - should do this as part of the delivery package.
//if ($orDelCountry == "UK" && substr($orDelPostcode, 0, 2) == "BT") $error .= "     •   You have selected UK postage. 'BT' postcodes are Northern Ireland and have different rates from mainland UK. Please click 'Cancel' and sellect the correct postal type.";

if (strlen($orName) < 2) $error .= "     •   Please enter a customer name<br>";
if (strlen($orTel) < 5) $error .= "     •   Please tell us your telephone number<br>";
//if (strlen($orDelAddress1) < 2 || strlen($orDelTown) < 2) $error .= "     •   Please enter a valid customer address<br />";

if ($cnUsername) {
$chkCnId = $db->getval("SELECT cnId FROM contacts WHERE cnUsername = '$cnUsername'", "cnId");
if ($cnUsername AND $chkCnId AND $chkCnId != $cnId) $error .= "     •   Your username is already in use by someone else. Please try another<br />";
}
} //end if not callback
// if(!eregi('^([a-z0-9\._-])+@([^\.]+\.[^\.]+)', $cnEmail, $matched)) $error .= "     •   Enter a valid email address<br>";
// second go with payment
if (!$error) {

/////////////////////////////////////// Payment not started yet so create order ///////////////////////////////////
if(!isset($_GET['action']) && !($orId)) {

//Add order
if($xcnId>0) {
// update contact
$db->query("UPDATE contacts SET cnName='$cardHolder', cnEmail='$orEmail', cnAddress1='$ccAddress1', cnAddress2='$ccAddress2', cnAddress3='$ccAddress3', cnTown='$ccTown', cnPostcode='$ccPostcode' WHERE cnId='$xcnId'");
} else {
$db->query("INSERT INTO contacts SET cnName='$cardHolder', cnUsername='$cnUsername', cnPassword='$cnPassword', cnEmail='$orEmail', cnAddress1='$ccAddress1', cnAddress2='$ccAddress2', cnAddress3='$ccAddress3', cnTown='$ccTown', cnPostcode='$ccPostcode', cnGroups='$cnGroups', cnPrefs='$cnPrefs'");
$xcnId = mysql_insert_id();
}

if ($paypalOK) $orStatus = "Check Paypal Payment"; else $orStatus = "Payment Pending";

$db->query("INSERT INTO orders SET orCnId='$xcnId', orName='$orName', orDelAddress1='$orDelAddress1', orDelAddress2='$orDelAddress2', orDelAddress3='$orDelAddress3', orDelTown='$orDelTown', orDelCounty='$orDelCounty', orDelPostcode='$orDelPostcode', orDelCountry='$orDelCountry', orEmail='$orEmail', orDate=NOW(), orDelCharge='$orDelCharge', orDelType='$orDelType', orStatus='$orStatus', orVcId='$orVcId', orPayNote='$orPayNote', orPaid='$orPaid', orTotal='$orTotal', orDiscount='$discount', orTel='$orTel', orVatRate='$vatRate'");
$orId = mysql_insert_id();

$orVat=$orNet=0;
foreach ($basketArray as $key => $val) {
$flexString="";
$prId = $val[0]; $qty = $val[1]; $prSize=$val[2]; $flexString=$val[3];
$oiVat=$oiNet=0;
$db->query("SELECT prtName, prtPrice, prtImage, prColour, prPrtId, prVatable, IF(prWeight>0,prWeight,prtWeight) weight FROM products, prtypes WHERE prId='$prId' AND prtId=prPrtId");
$db->next_record();
list($prtName, $prPrice, $prtImage, $prColour,  $prPrtId, $prVatable, $weight) = $db->Record;
$oiNet=$prPrice;
if($prVatable) {
$prPrice = calcVat($prPrice);
$oiVat=$prPrice-$oiNet;
$orVat+=$oiVat;
} else $oiVat=0;

if($qty) {
$db->query("INSERT INTO orderitems SET oiOrId='$orId', oiPrId='$prId', oiQty='$qty',oiSize='$prSize',oiColour='$prColour', oiWidth='$prWidth',oiVat='$oiVat',oiNet='$oiNet',oiPriceEach='$prPrice', oiName='$prtName', oiFlexString='$flexString'");
$lineTotal = $qty*$prPrice;
}
}

}
$db->query("UPDATE orders SET orVat='$orVat', orNet='$orNet' WHERE orId='$orId'");

$vendorTxCode = "Order_".$orId;
$billingAddress = substr($ccAddress1."\n\r".$ccAddress2."\n\r".$ccAddress3."\n\r".$ccTown,0,199);

include("includes/protx.php");
$data = array (
'VPSProtocol' => '2.22',
'TxType' => 'PAYMENT',
'Vendor' => 'egowear',
'VendorTxCode' => substr(substr($vendorTxCode,0,40-strlen(time())).'_'.time(),0,40),
'Amount' => number_format($orTotal,2),
'Currency' => "GBP",
'Description' => substr("Egowear Website Order: (".trim($typeDescrip).")",0,99),
'CardHolder' => substr($cardHolder,0,50),
'CardNumber' => substr($cardNumber,0,20),
'StartDate' => substr($startDate,0,4),
'ExpiryDate' => substr($expiryDate,0,4),
'IssueNumber' => substr($issueNumber,0,2),
'CV2' => substr($CV2,0,4),
'CardType' => substr($cardType,0,15),
'BillingAddress' => substr($billingAddress,0,199),
'BillingPostCode' => substr($ccPostcode,0,10),
'CustomerName' => substr($orName,0,99),
'CustomerEMail' => substr($orEmail,0,254),
'ContactNumber' => substr("",0,20),
'ClientIPAddress'=>$_SERVER['REMOTE_ADDR']
);
//echo $vendorTxCode;
if($data) $optRequest = formatData($data);

/////////////////////////////////////// Protx.php ///////////////////////////////////
if(!isset($_GET['action'])) {
$p = null;
$response1 = _CompletePayment($p,$Vars,$optRequest,$orId);
if(substr($response1,0,6)=="iframe") $iframecode=substr($response1,6); else if($response1) $error.=$response1; else $iframecode=0;
} else if($_GET['action'] == 'callback') {
$error .= __VerifyCallback($_POST, $Vars,null,$orId);
} else if($_GET['action'] == 'callbacktest') {
$optRequest = '...  .. ';
__VerifyCallback($p = null, $Vars, $optRequest);
} else {
$error.=('Invalid action');
}

} // no error

} else { // end submit
if($xcnId && !$error && !$cardHolder) {
$db->query("SELECT cnName, cnAddress1, cnAddress2, cnAddress3, cnTown, cnPostcode FROM contacts WHERE cnId='$xcnId'");
$db->next_record();
list($cardHolder, $ccAddress1, $ccAddress2, $ccAddress3, $ccTown, $ccPostcode) = $db->Record;
/*$orName = $cardHolder;
$orDelAddress1 = $ccAddress1;
$orDelAddress2 = $ccAddress2;
$orDelAddress3 = $ccAddress3;
$orDelTown = $ccTown;
$orDelPostcode = $ccPostcode;*/
}
} // end no submit

if($iframecode) echo $iframecode; else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Egowear</title>
<link rel="stylesheet" type="text/css" href="includes/default.css">
<script language="javascript">
function goCopy() {
document.getElementById('cardHolder').value = document.getElementById('orName').value;
document.getElementById('ccAddress1').value = document.getElementById('orDelAddress1').value;
document.getElementById('ccAddress2').value = document.getElementById('orDelAddress2').value;
document.getElementById('ccAddress3').value = document.getElementById('orDelAddress3').value;
document.getElementById('ccTown').value = document.getElementById('orDelTown').value;
document.getElementById('ccPostcode').value =document.getElementById('orDelPostcode').value;
}
</script>

</head>
<body>
<div align="center">
<? include "includes/nav.php"; ?>

<div id="wrapper2" style="position:relative;z-index:1;top:25px">

<div align="left" id="<?= $theme ?>">

<div style="text-align:left;padding:18px 0px 0px 18px;overflow:hidden;">
<div style="float:right;padding:20px 160px 0px 0px;border:0px solid #000;width:535px;text-align:center;height:25px">
<h1><?= $wcTitle ?></h1>
</div>
<div><img src="images/logo.jpg" /></div>
</div>

<div align="left" class="pageMiddle">
<div style="position:relative;z-index:1;padding:2px 30px 10px 32px;" >
<h1>Card Payment</h1>

<form name="form1" method="post" action="">
<table id="tableSubCategories" style="width:100%;text-align:left;">
<tr id="trColumnTitles" >
<td colspan="2" style=""><div style="background:#FF0000; color:#FFFFFF; font-weight:bold"><? echo $error ?></div></td>
</tr>
<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Delivery Address:</strong></td>
</tr>
<tr >
<td style="width:45%"><div align="right">Name*:</div></td>
<td><input name="orName" type="text" id="orName" value="<? echo $orName ?>" size="40" maxlength="100">
 </td>
</tr>
<tr>
<td><div align="right">Delivery Address: *: </div></td>
<td><input name="orDelAddress1" type="text" id="orDelAddress1" value="<? if($orDelAddress1) echo $orDelAddress1; else echo $orDelAddress1; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td> </td>
<td><input name="orDelAddress2" type="text" id="orDelAddress2" value="<? if($orDelAddress2) echo $orDelAddress2; else echo $orDelAddress2; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right"> </div></td>
<td><input name="orDelAddress3" type="text" id="orDelAddress3" value="<? if($orDelAddress3) echo $orDelAddress3; else echo $orDelAddress3; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Town:</div></td>
<td><input name="orDelTown" type="text" id="orDelTown" value="<? if($orDelTown) echo $orDelTown; else echo $orDelTown; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Post Code<? if($orDelCountry == "UK") echo "*" ?>: </div></td>
<td><input name="orDelPostcode" type="text" id="orDelPostcode" value="<? if($orDelPostcode) echo $orDelPostcode; else echo $orDelPostcode; ?>" size="10" maxlength="10"></td>
</tr>
<tr>
<td><div align="right">County:</div></td>
<td><input name="orDelCounty" type="text" id="orDelCounty" value="<? echo $orDelCounty ?>" size="40" maxlength="100">
 </td>
</tr>
<tr>
<td><div align="right">Email*:</div></td>
<td><input name="orEmail" type="text" id="orEmail" value="<? echo $orEmail ?>" size="40" maxlength="100"></td>
</tr>

<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Billing Address:</strong></td>
</tr>
<tr>
<td><div align="right"> Credit Card Billing Address: *: </div></td>
<td><input name="ccAddress1" type="text" id="ccAddress1" value="<? if($ccAddress1) echo $ccAddress1; else echo $orDelAddress1; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">[<a href="Javascript:goCopy();">click here to copy from delivery address </a>] </div></td>
<td><input name="ccAddress2" type="text" id="ccAddress2" value="<? if($ccAddress2) echo $ccAddress2; else echo $orDelAddress2; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right"> </div></td>
<td><input name="ccAddress3" type="text" id="ccAddress3" value="<? if($ccAddress3) echo $ccAddress3; else echo $orDelAddress3; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Town:</div></td>
<td><input name="ccTown" type="text" id="ccTown" value="<? if($ccTown) echo $ccTown; else echo $orDelTown; ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Post Code<? if($orDelCountry == "UK") echo "*" ?>: </div></td>
<td><input name="ccPostcode" type="text" id="ccPostcode" value="<? if($ccPostcode) echo $ccPostcode; else echo $orDelPostcode; ?>" size="10" maxlength="10"></td>
</tr>
<tr>
<td><div align="right">Telephone No *: </div></td>
<td><input name="orTel" type="text" id="orTel" value="<?= $orTel; ?>" size="14" maxlength="20"></td>
</tr>
<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Card details:</strong></td>
</tr>
<tr>
<td><div align="right">Payment amount: £</div></td>
<td><input name="orTotal" type="text" id="orTotal" value="<? echo number_format($orTotal,2, ".", ""); ?>" size="20" maxlength="20" readonly=""></td>
</tr>
<tr>
<td><div align="right">Card holder's name as it appears on your card*:</div></td>
<td><input name="cardHolder" type="text" id="cardHolder" value="<? if($cardHolder) echo $cardHolder; else echo $orName ?>" size="50" maxlength="50"></td>
</tr>
<tr>
<td><div align="right">Card Type*:</div></td>
<td>
<select name="cardType" id="cardType">
<option value="VISA" <? if($cardType=="VISA") echo "selected"; ?>>Visa</option>
<option value="DELTA" <? if($cardType=="DELTA") echo "selected"; ?>>Visa Delta/Debit </option>
<option value="MC" <? if($cardType=="MC") echo "selected"; ?>>Mastercard</option>
<option value="SWITCH" <? if($cardType=="SWITCH") echo "selected"; ?>>Maestro</option>
<option value="SOLO" <? if($cardType=="SOLO") echo "selected"; ?>>SOLO</option>
<option value="UKE" <? if($cardType=="UKE") echo "selected"; ?>>Visa Electron</option>
</select>
</td>
</tr>
<tr>
<td><div align="right">Card Number*:</div></td>
<td><input name="cardNumber" type="text" id="cardNumber" value="<? echo $cardNumber ?>" size="20" maxlength="20">
(no spaces please)</td>
</tr>
<tr>
<td><div align="right">Start Date:</div></td>
<td><input name="startDate" type="text" id="startDate" value="<? echo $startDate ?>" size="4" maxlength="4">
(MMYY) Switch and Solo cards only </td>
</tr>
<tr>
<td><div align="right">Expiry Date*:</div></td>
<td><input name="expiryDate" type="text" id="expiryDate" value="<? echo $expiryDate ?>" size="4" maxlength="4">
(MMYY)</td>
</tr>
<tr>
<td><div align="right">Issue Number:</div></td>
<td><input name="issueNumber" type="text" id="issueNumber" value="<? echo $issueNumber ?>" size="2" maxlength="2">
Exactly as it appears on the card</td>
</tr>
<tr>
<td><div align="right">CV2*: </div></td>
<td><input name="CV2" type="text" id="CV2" value="<? echo $CV2 ?>" size="4" maxlength="4">
Last three digits on signature strip</td>
</tr>
<? if(!$xcnId) {?>
<tr id="trColumnTitles" >
<td colspan="2" style="background-color:#CCC"> <strong>Confirm order:</strong></td>
</tr>
<tr>
<td colspan="2">
If you would like us to save your details for future orders create a username and password below:
</td>
</tr>
<tr>
<td colspan="2"><div style="float:left; width:10%">Username: </div><div style="float:left;"> <input name="cnUsername" type="text" id="cnUsername" value="<? echo $cnUsername ?>" size="40" maxlength="100"></div></td>
</tr>
<tr>
<td colspan="2"><div style="float:left; width:10%">Password: </div><div style="float:left"> <input name="cnPassword" type="password" id="cnPassword" value="<? echo $cnPassword ?>" size="40" maxlength="100"></div></td>
</tr>
<? } ?>

<tr >
<td colspan="2"><input name="sbmt" type="hidden" id="sbmt" value="1">
<input type="submit" name="Submit" value="Make payment">
<? echo back($back); ?>
<input name="paypalOK" type="hidden" id="paypalOK" value="0"></td>
</tr>
</table>
<input type="hidden" name="basketURL" value="<?= double_implode(":","|",$basketArray); ?>" />
<input type="hidden" name="xcnId" value="<?= $xcnId ?>" />
<input type="hidden" name="orId" value="<?= $orId ?>" />
<input type="hidden" name="prSize" value="<?= $prSize?>" />
</form>
</div>
</div>
<div style="position:absolute;">
<div style="position:relative;z-index:2;margin-top:5px;margin-left:35px" >
<a style="text-decoration:none;background:none" href="http://www.egowear.co.uk/designer.php"><img src="images/spacer.gif" border="0" width="200" height="205" /></a>
</div>
</div>
<img src="images/bot1.jpg" />
</div>
</div>
</div>
</body>
</html>
<? } ?>

Streamline Payment Gateway

Similar Tutorials

Hi guys,

I just want to know if any one has worked with streamline payment gateway before, we are building a cart for a customer, a in house built sulition, and just wanted some help / advice on how to process payments. The customer has picked streamline as their merchant

Thank you

Payment Gateway Vulnerabilty Using Post

Similar Tutorials

hey guys.

I am using Liberty reserve to sell my digital items online, when the user buys the item LR posts back item_id so I can grab the id out of the database to display to the buyer and lr_amnt to check the amount against the one inside the database before displaying the result to the user.

TOP:
<?php

include 'includes/config.inc.php';

if(isset($_POST['item_id']) && isset($_POST['lr_amnt']))
{
    $itemID = $_POST['item_id'];
    $lrAmt = $_POST['lr_amnt'];

   $result = mysql_query("SELECT * FROM items WHERE item_id='$itemID'");

   while($row = mysql_fetch_array($result))
   {
      $login = $row['item_login'];
      $pass = $row['item_pass'];
      $itemName = $row['item_account'];
      $itemDel = $row['item_del'];
      $price = $row['item_price'];
   }

}

?>

--------------------------------

Header:
<?php if($lrAmt != $price) : ?>
        <h2>Fatal error in transaction: the price does not match that in the database</h2>
        <?php else: ?>
        <h2>Thank you for you're purchase of <?php echo $itemName; ?>. Please keep these details safe as they have been deleted from our database.</h2>
        <?php
            echo '<br />';
            echo 'Your new Username: ' . $login;
            echo '<br />';
            echo 'Your password: ' . $pass;
            ?>
        <?php endif; ?>

but if the user views the source code and grabs the ID they could easily get it for free by making a simple html script that takes in item_id and lr_amnt and put in the values and post it to the success page.

example:
Code: [Select]
<fieldset>

<form method="post" action="http://angrypossum.org/carl/mySaleTwo/success.php">
<p>
<label for="itemid">Item ID: </label>
<input type="text" name="item_id" id="itemid" class="input" />
</p>

<p>
<label for="itemprice">Item price: </label>
<input type="text" name="lr_amnt" id="itemprice" class="input" />
</p>

<p>
<input type="submit" name="login" value="Steal" class="button" />
</p>

</form>
</fieldset>

how could I stop that?

thanks

How To Integrate Payeezy Payment Gateway In Php Page?

Similar Tutorials

I am using Payeezy Payment Gateway, how to integrate with my PHP page, actually the payment gateway for my customer form, i done with form using PHP, how can i integrate Payeezy Payment Gateway with my PHP form.

How To Pass My Form Total Value To Ccavenue Payment Gateway?

Similar Tutorials

I have a form, details getting from customer and calculate the grand total, here how can i pass my grand total value to ccavenue payment gateway page and getting payment form customer?

code : https://www.pastiebin.com/5cdbae859bb64

Session Problem With Different Browsers On Redirecting From Payment Gateway

Similar Tutorials

We are trying to capture customer details & redirecting the customer to payment gateway page and, after succesful transaction from payment gateway we are facing a problem for different browsers.

Ideally after successful transaction the page should redirect to order confirmation page but it is redirecting to our cart page.In IE7 it is working fine but in mozilla firefox it is redireting to cart page.On analyzing we found that session is not persisting in firefox.
Please help we have stuck here Suggest something if you have faced similar issue with different browsers.

Moved: Payment Gateway - Wordpress E-commerce/worldpay

Similar Tutorials

This topic has been moved to PHP Applications.

http://www.phpfreaks.com/forums/index.php?topic=276607.0

Cc-avenue Payment Gateway Response Page Return 404 Error?

Similar Tutorials

Here is my code :

https://paiza.io/projects/SUiG5qp_wttfcrQn-0Mwew?language=php FYI -> [index.htm -> LineNo : 781 & 782]

After successfully received payment response page return 404 error

The form & CC-Avenue Payment Gateway Request page working good, after customer paid the response page return 404 error.

How can i solve the error?

Edited May 22, 2019 by aveeva

Notification.php (update Data In Mysql And Send Email To User) After Redsys Payment Gateway Is Not Working Help!

Similar Tutorials

Hello.
I have a form for users to make reservations and they have to pay for that.

I activate the Payment Gateway Platform (by Redsys in Spain), and it works fine asking you for card number and it goes through correctly and says PAYMENT OK, but the notification.PHP FILE does not work.

Could my server (SSL) configuration be the problem? or is it the CODE?

Any help about this, please, would be highly appreciated.

Thank you.

Part of the Nofication.php code is:

__________________________________________________________________________________

<?php
@ini_set("display_errors","1");
@ini_set("display_startup_errors","1");

$handle = fopen("_redsys.log", "a");

require_once("include/dbcommon.php");
require_once("redsysHMAC256_API_PHP_4.0.2/apiRedsys.php");

$miObj = new RedsysAPI;

$version = postvalue("Ds_SignatureVersion");
$params = postvalue("Ds_MerchantParameters");
$signatureRecibida = postvalue("Ds_Signature");

// $version = "HMAC_SHA256_V1";
// $params = "eyJEc19BbW91bnQiOiIyMDAiLCJEc19DdXJyZW5jeSI6Ijk3OCIsIkRzX09yZGVyIjoiMjAwNjE4MDkyNDMzIiwiRHNfTWVyY2hhbnRDb2RlIjoiOTk5MDA4ODgxIiwiRHNfVGVybWluYWwiOiIxIiwiRHNfUmVzcG9uc2UiOiI5OTk4IiwiRHNfQXV0aG9yaXNhdGlvbkNvZGUiOiIiLCJEc19UcmFuc2FjdGlvblR5cGUiOiIwIiwiRHNfU2VjdXJlUGF5bWVudCI6IjAiLCJEc19MYW5ndWFnZSI6IjEiLCJEc19NZXJjaGFudERhdGEiOiIifQ==";
// $signatureRecibida = "Aa6GG9IfCYlRrj-yF5VxXg_qmhJ3R-fmfXxGvB8w2Sk=";

$txt = "version=".$version."\nparams=".$params."\nsignatureRecibida=".$signatureRecibida."\n";
fwrite($handle,"\n\n\n".date("Y-m-d h:i:s")."\n");
fwrite($handle,$txt);

$decodec = $miObj->decodeMerchantParameters($params);
$codigoRespuesta = $miObj->getParameter("Ds_Response");

$claveModuloAdmin = 'sq7HjrUOBfKmC576ILgskD5srU870gJ7';
$signatureCalculada = $miObj->createMerchantSignatureNotif($claveModuloAdmin, $params);
$res = my_json_decode($decodec);
fwrite($handle,$decodec."\n");

if ($signatureCalculada === $signatureRecibida && $res["Ds_AuthorisationCode"]!="++++++" && !isset($res["Ds_ErrorCode"]) {

   fwrite($handle,"Ds_Order = ".$res["Ds_Order"]."\n");
   DB::Query("update reservas set status=1 where Ds_Order='".$res["Ds_Order"]."'");
   $rs2 = DB::Query("select * from reservas where Ds_Order='".$res["Ds_Order"]."'");
   $values = $rs2->fetchAssoc();
   $email=$values['Email'];
   $msg="";
   $msg.= "El seu codi de reserva Ã©s: ". dechex(999999999-$values['Id_Reserva'])."<br>";
   $msg.= "CÃ³digo sin cifrar: ". 999999999-$values['Id_Reserva']."<br>";
   $msg.= "Reserva descifrada ". (((hexdec(dechex(999999999-$values['Id_Reserva'])))-999999999)*-1)."<br>";
   $msg.= "La data de la seva reserva es : ".$values['Dia']."-".$values['Mes']."-".$values['AÃ±o']."<br>";

   $sql = "SELECT Espacio FROM Espacios WHERE Id_Espacio=" . $values["Id_Espacio"];
   $rs = CustomQuery($sql);
   $data = db_fetch_array($rs);
   //$result["txt"] = "Ãrea: " . $data["c"];
   //$msg.= "QR : " .$values['QR']."\r\n"; //json_decode($image, true);
   //<img src="http://www.htmldog.com/badge1.gif"> https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=12345678
   //$image2= '<img src="data:image/jpeg;base64,'.$values['QR'].'>';
   $msg.= '<img src="https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=http%3A%2F%2Fwww.sungest.net/reservas_list.php?qs='.dechex(999999999-$values['Id_Reserva']).'&f=all%2F&choe=UTF-8">';
   //echo '<img src="https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=http%3A%2F%2Fwww.sungest.net/reservas_list.php?qs='.dechex(999999999-$values['Id_Reserva']).'&f=all%2F&choe=UTF-8">';

   // echo '<img src="data:image/jpeg;base64,'.$imageData.'">';
   //echo '<img src="data:image/jpeg;base64,'.$imageData.'">';
   //echo '<img src="data:image/jpeg;base64,'.$imageData.'">';
   $msg.= "<font size=4 color='Navy'><b>La seva reserva Ã©s per anar a : </b></font>". "<font size=5 color='Olive'><b>" .$data["Espacio"] . "</b></font><br>";
   $msg.= "<font size=4 color='Olive'><b>La seva Ã rea assignada Ã©s: </b></font>".$values['Id_Area']."<br>";

   $subject="La seva reserva per la platja";
   $ret=runner_mail(array('to' => $email, 'subject' => $subject, 'htmlbody' => $msg));
       echo "ok";
}
else
   DB::Exec("delete from reservas where Ds_Order='".$res["Ds_Order"]."'");
fclose($handle);
?>

_______________________________________________________________________________________________

Payubiz Payment Gateway Success Page Return Blank Page

Similar Tutorials

I am using Magento (Ver 1.9.x)

If i try with my localhost success url like,

http://192.168.1.65/magento/index.php/checkout/onepage/success/ and return success message with order id.

if i try with live, success url like,

https://abc.in/payubiz/redirect/success/ success page like blank page.

How to solve the issue?

Code : https://github.com/ZusZus/Payubiz

Edited February 4, 2020 by aveeva

Trying To Send Credentials To An Ip Camera

Similar Tutorials

Trying for days to communicate to an IP camera from an apache server using PHP

I do get responses from the camera

RTSP/1.0 401 Unauthorized CSeq: 1 WWW-Authenticate: Digest realm="Login to 3E072F5PAL00180", nonce="bf2693784e774fb41b569ca02d8abe54"

The nonce changes each time I refresh, I guess that is exactly what It should do.

I read that I must MD5 the user and password along with some other data and create a string that goes back to the camera to authenticate and once done the camera replies RTSP/1.0 200 OK

Somebody has a small bit of code to build the required answer from strings?

I am not big in PHP,

I did find this on a page but it is way over my head, I do not have anything called $data.



$A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]);
$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);

I get the idea of sending commands with an existing socket. socket_write($socket,$answer);

NONCE :62d72a3d3b35bb5440ba29222e3669aa
REALM :Login to 3E072F5PAL00180
User :
Password :

I have assigned directly as strings the password and user.

Redirect Based On Credentials

Similar Tutorials

Greetings gurus,

I need some help, please.

I have a classic ASP background and now trying to get my feet wet with php.

We have a web app that is used by several depts.

I have been told to modify the app so that user is redirected to a site specific to their dept.

For instance, if we have say, 3 deppts, HR, IT, and Payroll; if a user who belongs to the Payroll dept logs into the system, s/he will be redirected to PayRoll section of the page.

I have done this tons of times using asp.

Below is the code I used for asp:

Code: [Select]
'Page = validateUser.asp

SQL ="SELECT * FROM users " _
& " WHERE Username = '" & Request.Form("txtUserid") & "'" _
& " AND password = '" & Request.Form("TxtPassword") & "' "

Set objRS = objConn.Execute( SQL )

If Not objRS.EOF Then
If objRS("password") = Request.Form("txtPassword") Then
Session.Contents("access_level") = objRS("access_level")
Session.Contents("userID") = objRS("userID") 'ID column
Session("username") = objRS("username")
Session("password") = objRS("password")

access_level = CInt(Session("access_level"))
username = CStr(Session("username"))

Select Case access_level
Case 1
Response.Redirect "HRPage.asp"
Case 2
Response.Redirect "PayrollPage.asp"
Case 3
Response.Redirect "ITPage.asp"
Case Else
Response.Redirect "default.asp"
End Select
Else
Response.Write "Sorry, but the password that you entered is incorrect."
End If
Else
Response.Write "Sorry, but the username that you entered does not exist."
End If
objRS.Close
Set objRS = Nothing
objConn.Close
Set objConn = Nothing

Then on each page, I would do the check before redirecting the user:

Code: [Select]
If Session.Contents("access_level") <> 1 AND _
Session.Contents("access_level") <> 2 AND _
Session.Contents("access_level") Then
Response.Redirect "default.asp"
End If

How I can use similar code in php?

I hope you can assist me.

Thanks very much

Hiding Mysql Connection Credentials

Similar Tutorials

Alright, first off, I'm fairly new to this aspect of web design. While I have been messing around and designing sites using your basic HTML/CSS/Flash for some time, I've decided to get into the more serious aspects of web design. As of right now, I'm using a fairly basic webhosting service that doesn't give me full administrative permission to MySQL because, as far as I can tell, the databases reside under their super-database and not on your actual allotted server. This creates a problem with creating a true MySQL database in which you set up users for their given tables you want them to be able to edit. Let me remind you here again that I am faily new to this aspect of web design, so maybe no one actually runs their databases in this way. My work around is to have the first table be the user/password table and only have a singular script that I call up every time my forms need to modify a table. I hide this small connection script in the root folder of my server where it is not viewable and just call it into my php scripts using 'include()' or 'get_file_contents.'

What I'm asking here I guess is if this method is secure? And if anyone has any other ideas as to how to go about creating this database. Thanks in advance!

Ldap_bind Returns Error 49 Invalid Credentials

Similar Tutorials

I am able to connect to my AD server successfully. This server serves multiple domains.
Example is user1@dom1.dom.net is able to successfully bind.
user2@dom2.com is not able to bind but gets error 49: invalid credentials.

Using windows ldp.exe, I can connect successfully, then select bind from the connection menu, enter the username (user2), the account password, and the Domain (dom2.com) and the result indicated is successful.

Using php I attempt to bind using:
$adBind = ldap_bind($ad, $adUname, $ldappass);
Where $ad = successful connection resource, $adUname = user1@dom1.dom.com OR user2@dom2.com, $ldappass is the account password.
As user1 it is successful, with user2 it is unable to bind with error 49.
Any suggestions or help is greatly appreciated.

Thanks in advance!

Is It Save To Rely On Ini_set() For Mysql Credentials?

Similar Tutorials

In MVC type architecture, is it safe to do this

ini_set("mysql.default_host"$mysql_host);
ini_set("mysql.default_user",$mysql_user);
ini_set("mysql.default_password",$mysql_pass);

in my index.php file.

Then, every time time I do a query in a model,

mysql_connect(); // MySQL connects using the default values from the ini_sets we did.
mysql_query($query);
mysql_close();

The reason behind this, would be to avoid passing database variables to objects/models etc or defining constants.

Maybe there's a better way? I'm looking into database abstraction.

Sms Gateway Software Using Php

Similar Tutorials

Hey guys,

glad I found this forum!

I have written a SMS gateway software using VB6 and would like to port to PHP.

Is there a way to write it under windows OS? I m using the dio_* commands in PHP and it works, but I dont want to do infinite loop to read incoming sms... right now I do infinite loop until I received +CMTI and the while loop breaks. This is very redundant and costly, is there any way that PHP has a "timer" feature-like in VB6 to check on incoming sms, like say, every second?

Thanks guys!

502 Bad Gateway Error

Similar Tutorials

Hi i buy new domain www.ipogtech.com

Server is IIS 7
I have installed SMF Forum which is fully developed by PHP and add the database also but when i opened the site it is showing

Bad Gateway
Web server received an invalid response while acting as a gateway or proxy server.
Web Server at ipogtech.com

pls help me to recover form this error.

Problem Connecting A Cms To Gateway

Similar Tutorials

hi,
i`m trying to connect a cms to a gateway but in my country i cant use paypal or any other known gateways so i use a local bank for payments .
i want to change cms`s paypal gateway to the local one these are the sample codes they gave me
: sender.php

  

<?php     function send($url,$api,$amount,$redirect){         $ch = curl_init();         curl_setopt($ch,CURLOPT_URL,$url);         curl_setopt($ch,CURLOPT_POSTFIELDS,"api=$api&amount=$amount&redirect=$redirect");         curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);         curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);         $res = curl_exec($ch);         curl_close($ch);         return $res;     }     function get($url,$api,$trans_id,$id_get){         $ch = curl_init();         curl_setopt($ch,CURLOPT_URL,$url);

        curl_setopt($ch,CURLOPT_POSTFIELDS,"api=$api&id_get=$id_get&trans_id=$trans_id");         curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);         curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);         $res = curl_exec($ch);         curl_close($ch);         return $res;     } ?>

: send.php



<?php     include_once("sender.php");     $url = 'http://payline.ir/payment/gateway-send';     $api = ' Your-API ';     $amount = 1000;     $redirect = 'REDIRECT-PAGE';     $result = send($url,$api,$amount,$redirect);     if($result > 0 && is_numeric($result)){         $go = "http://payline.ir/payment/gateway-$result";         header("Location: $go");     } ?>  




:  get.php





<?php     include_once("sender.php");     $url = 'http://payline.ir/payment/gateway-result-second';     $api = ' Your-API';     $trans_id = $_POST['trans_id'];     $id_get = $_POST['id_get'];     $result = get($url,$api,$trans_id,$id_get); ?>

and this one is for cms `s paypal gate way

  define("_VALID_PHP", true);

  define("_PIPN", true);



  ini_set('log_errors', true);

  ini_set('error_log', dirname(__file__) . '/ipn_errors.log');


  if (isset($_POST['payment_status'])) {

      require_once ("../../init.php");

      require_once (BASEPATH . "lib/class_pp.php");


      $pp = Co :getRow(Membership::gTable, "name", "paypal");


      $listener = new IpnListener();

      $listener->use_live = $pp->live;

      $listener->use_ssl = true;

      $listener->use_curl = false;


      try {

          $listener->requirePostMethod();

          $ppver = $listener->processIpn();

      }

      catch (exception $e) {

          error_log($e->getMessage(), 3, "pp_errorlog.log");

          exit(0);

      }


      $payment_status = $_POST['payment_status'];

      $receiver_email = $_POST['business'];

      $mc_currency = $_POST['mc_currency'];

      list($membership_id, $user_id) = explode("_", $_POST['item_number']);

      $mc_gross = $_POST['mc_gross'];

      $txn_id = $_POST['txn_id'];


      $getxn_id = Co :verifyTxnId($txn_id);

      $price = getValueById("price", Membership::mTable, intval($membership_id));

      $v1 = compareFloatNumbers($mc_gross, $price, "=");


      if ($ppver) {

          if ($_POST['payment_status'] == 'Completed') {

              if ($receiver_email == $pp->extra && $v1 == true && $getxn_id == true) {

                  $sql = "SELECT * FROM " . Membership::mTable . " WHERE id=" . (int)$membership_id;

                  $row = $db->first($sql);


                  $username = getValueById("username", Users::uTable, (int)$user_id);


                  $data = array(

                      'txn_id' => $txn_id,

                      'membership_id' => $row->id,

                      'user_id' => (int)$user_id,

                      'rate_amount' => (float)$mc_gross,

                      'ip' => $_SERVER['REMOTE_ADDR'],

                      'date' => "NOW()",

                      'pp' => "PayPal",

                      'currency' => sanitize($mc_currency),

                      'status' => 1);


                  $db->insert(Membership::pTable, $data);


                  $udata = array(

                      'membership_id' => $row->id,

                      'mem_expire' => $user->calculateDays($row->id),

                      'trial_used' => ($row->trial == 1) ? 1 : 0,

                      'memused' => 1);


                  $db->update(Users::uTable, $udata, "id=" . (int)$user_id);


                  /* == Notify Administrator == */

                  require_once (BASEPATH . "lib/class_mailer.php");

                  $row2 = Co :getRowById(Content::eTable, 5);


                  $body = str_replace(array(

                      '[USERNAME]',

                      '[ITEMNAME]',

                      '[PRICE]',

                      '[STATUS]',

                      '[PP]',

                      '[IP]'), array(

                      $username,

                      $row->{'title' . Lang::$lang},

                      $core->formatMoney($mc_gross),

                      "Completed",

                      "PayPal",

                      $_SERVER['REMOTE_ADDR']), $row2->{'body' . Lang::$lang}

                      );


                  $newbody = cleanOut($body);


                  $mailer = Mailer::sendMail();

                  $message = Swift_Message::newInstance()

                            ->setSubject($row2->{'subject' . Lang::$lang})

                            ->setTo(array($core->site_email => $core->site_name))

                            ->setFrom(array($core->site_email => $core->site_name))

                            ->setBody($newbody, 'text/html');


                  $mailer->send($message);

                  Security::writeLog($username . ' ' . Lang::$word->_LG_PAYMENT_OK . ' ' . $row->{'title' . Lang::$lang}, "", "yes", "payment");

              }


          } else {

              /* == Failed Transaction= = */

              require_once (BASEPATH . "lib/class_mailer.php");

              $row2 = Co :getRowById(Content::eTable, 6);

              $itemname = getValueById("title" . Lang::$lang, Membership::mTable, $membership_id);

              $username = getValueById("username", Users::uTable, (int)$user_id);


              $body = str_replace(array(

                  '[USERNAME]',

                  '[ITEMNAME]',

                  '[PRICE]',

                  '[STATUS]',

                  '[PP]',

                  '[IP]'), array(

                  $username,

                  $itemname,

                  $core->formatMoney($mc_gross),

                  "Failed",

                  "PayPal",

                  $_SERVER['REMOTE_ADDR']), $row2->{'body' . Lang::$lang}

                  );


              $newbody = cleanOut($body);


              $mailer = $mail->sendMail();

              $message = Swift_Message::newInstance()

                        ->setSubject($row2->{'subject' . Lang::$lang})

                        ->setTo(array($core->site_email => $core->site_name))

                        ->setFrom(array($core->site_email => $core->site_name))

                        ->setBody($newbody, 'text/html');


              $mailer->send($message);


              Security::writeLog(Lang::$word->_LG_PAYMENT_ERR . $username, "", "yes", "payment");


          }

      }

  }

?>

i`ll be grateful if you help me on this

Moved: Clickandbuy Api Gateway Integration

Similar Tutorials

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=343228.0