Hi I am having some issues with sage pay php form integration. I have built a shopping cart that selects product information from a database and am having issues integrating it with the kit. When I test against the sage servers, everything passes except the cart contents. Is there anyone out there that has encountered the same problem when combining a custom cart, or that can offer any help or advice? I have attached the file that is causing the problem
jpknoob
The attachment preview is chopped off after the first 10 KB. Please download the entire file.
<?
include("includes.php");
session_start();
/**************************************************************************************************
* Form PHP Kit Order Confirmation Page
***************************************************************************************************
***************************************************************************************************
* Change history
* ==============
*
* 10/02/2009 - Simon Wolfe - Updated for protocol 2.23
* 18/10/2007 - Nick Selby - New kit version
***************************************************************************************************
* Description
* ===========
*
* Displays a summary of the order items and customer details and builds the Form Crypt field
* that will be sent along with the user to the Sage Pay payment pages. In SIMULATOR and TEST mode
* the decoded version of this field will be displayed on screen for you to check.
***************************************************************************************************
*** Check we have a cart in the session. If not, go back to the buildOrder page to get one **/
$strCart=$_SESSION["strCart"];
if (strlen($strCart)==0) {
ob_end_flush();
redirect("buildOrder.php");
}
// Check we have a billing address in the session. If not, go back to the customerDetails page to get one
if (strlen($_SESSION["strBillingAddress1"])==0) {
ob_end_flush();
redirect("customerDetails.php");
}
if ($_REQUEST["navigate"]=="back") {
ob_end_flush();
redirect("customerDetails.php");
}
//** Gather customer details from the session **
$strCustomerEMail = $_SESSION["strCustomerEMail"];
$strBillingFirstnames = $_SESSION["strBillingFirstnames"];
$strBillingSurname = $_SESSION["strBillingSurname"];
$strBillingAddress1 = $_SESSION["strBillingAddress1"];
$strBillingAddress2 = $_SESSION["strBillingAddress2"];
$strBillingCity = $_SESSION["strBillingCity"];
$strBillingPostCode = $_SESSION["strBillingPostCode"];
$strBillingCountry = $_SESSION["strBillingCountry"];
$strBillingState = $_SESSION["strBillingState"];
$strBillingPhone = $_SESSION["strBillingPhone"];
$bIsDeliverySame = $_SESSION["bIsDeliverySame"];
$strDeliveryFirstnames = $_SESSION["strDeliveryFirstnames"];
$strDeliverySurname = $_SESSION["strDeliverySurname"];
$strDeliveryAddress1 = $_SESSION["strDeliveryAddress1"];
$strDeliveryAddress2 = $_SESSION["strDeliveryAddress2"];
$strDeliveryCity = $_SESSION["strDeliveryCity"];
$strDeliveryPostCode = $_SESSION["strDeliveryPostCode"];
$strDeliveryCountry = $_SESSION["strDeliveryCountry"];
$strDeliveryState = $_SESSION["strDeliveryState"];
$strDeliveryPhone = $_SESSION["strDeliveryPhone"];
/** Okay, build the crypt field for Form using the information in our session **
*** First we need to generate a unique VendorTxCode for this transaction **
*** We're using VendorName, time stamp and a random element. You can use different methods if you wish **
*** but the VendorTxCode MUST be unique for each transaction you send to Server **/
$intRandNum = rand(0,32000)*rand(0,32000);
$strVendorTxCode=$strVendorName . $intRandNum;
/** Now to calculate the transaction total based on basket contents. For security **
*** we recalculate it here rather than relying on totals stored in the session or hidden fields **
*** We'll also create the basket contents to pass to Form. See the Form Protocol for **
*** the full valid basket format. The code below converts from our "x of y" style into **
*** the system basket format (using a 20% VAT calculation for the tax columns) **/
$sngTotal=0.0;
$strThisEntry=$strCart;
$strBasket="";
$iBasketItems=0;
while (strlen($strThisEntry)>0) {
// Extract the Quantity and Product from the list of "x of y," entries in the cart
$iQuantity=cleanInput(substr($strThisEntry,0,1),"Number");
$iProductId=substr($strThisEntry,strpos($strThisEntry,",")-1,1);
// Add another item to our Form basket
$iBasketItems=$iBasketItems+1;
$sngTotal=$sngTotal + $iQuantity * $arrProducts[$iProductId-1][1];
$strBasket=$strBasket . ":" . $arrProducts[$iProductId-1][0] . ":" . $iQuantity;
$strBasket=$strBasket . ":" . number_format($arrProducts[$iProductId-1][1]/1.2,2); /** Price ex-Vat **/
$strBasket=$strBasket . ":" . number_format($arrProducts[$iProductId-1][1]*1/6,2); /** VAT component **/
$strBasket=$strBasket . ":" . number_format($arrProducts[$iProductId-1][1],2); /** Item price **/
$strBasket=$strBasket . ":" . number_format($arrProducts[$iProductId-1][1]*$iQuantity,2); /** Line total **/
// Move to the next cart entry, if there is one
$pos=strpos($strThisEntry,",");
if ($pos==0)
$strThisEntry="";
else
$strThisEntry=substr($strThisEntry,strpos($strThisEntry,",")+1);
}
// We've been right through the cart, so add delivery to the total and the basket
$sngTotal=$sngTotal+1.50;
$strBasket=$iBasketItems+1 . $strBasket . ":Delivery:1:1.50:---:1.50:1.50";
// Now to build the Form crypt field. For more details see the Form Protocol 2.23
$strPost="VendorTxCode=" . $strVendorTxCode; /** As generated above **/
// Optional: If you are a Sage Pay Partner and wish to flag the transactions with your unique partner id, it should be passed here
if (strlen($strPartnerID) > 0)
$strPost=$strPost . "&ReferrerID=" . $strPartnerID;
$strPost=$strPost . "&Amount=" . number_format($sngTotal,2); // Formatted to 2 decimal places with leading digit
$strPost=$strPost . "&Currency=" . $strCurrency;
// Up to 100 chars of free format description
$strPost=$strPost . "&Description=The best DVDs from " . $strVendorName;
/* The SuccessURL is the page to which Form returns the customer if the transaction is successful
** You can change this for each transaction, perhaps passing a session ID or state flag if you wish */
$strPost=$strPost . "&SuccessURL=" . $strYourSiteFQDN . $strVirtualDir . "/orderSuccessful.php";
/* The FailureURL is the page to which Form returns the customer if the transaction is unsuccessful
** You can change this for each transaction, perhaps passing a session ID or state flag if you wish */
$strPost=$strPost . "&FailureURL=" . $strYourSiteFQDN . $strVirtualDir . "/orderFailed.php";
// This is an Optional setting. Here we are just using the Billing names given.
$strPost=$strPost . "&CustomerName=" . $strBillingFirstnames . " " . $strBillingSurname;
/* Email settings:
** Flag 'SendEMail' is an Optional setting.
** 0 = Do not send either customer or vendor e-mails,
** 1 = Send customer and vendor e-mails if address(es) are provided(DEFAULT).
** 2 = Send Vendor Email but not Customer Email. If you do not supply this field, 1 is assumed and e-mails are sent if addresses are provided. **/
if ($bSendEMail == 0)
$strPost=$strPost . "&SendEMail=0";
else {
if ($bSendEMail == 1) {
$strPost=$strPost . "&SendEMail=1";
} else {
$strPost=$strPost . "&SendEMail=2";
}
if (strlen($strCustomerEMail) > 0)
$strPost=$strPost . "&CustomerEMail=" . $strCustomerEMail; // This is an Optional setting
if (($strVendorEMail <> "[your e-mail address]") && ($strVendorEMail <> ""))
$strPost=$strPost . "&VendorEMail=" . $strVendorEMail; // This is an Optional setting
// You can specify any custom message to send to your customers in their confirmation e-mail here
// The field can contain HTML if you wish, and be different for each order. This field is optional
$strPost=$strPost . "&eMailMessage=Thank you so very much for your order.";
}
// Billing Details:
$strPost=$strPost . "&BillingFirstnames=" . $strBillingFirstnames;
$strPost=$strPost . "&BillingSurname=" . $strBillingSurname;
$strPost=$strPost . "&BillingAddress1=" . $strBillingAddress1;
if (strlen($strBillingAddress2) > 0) $strPost=$strPost . "&BillingAddress2=" . $strBillingAddress2;
$strPost=$strPost . "&BillingCity=" . $strBillingCity;
$strPost=$strPost . "&BillingPostCode=" . $strBillingPostCode;
$strPost=$strPost . "&BillingCountry=" . $strBillingCountry;
if (strlen($strBillingState) > 0) $strPost=$strPost . "&BillingState=" . $strBillingState;
if (strlen($strBillingPhone) > 0) $strPost=$strPost . "&BillingPhone=" . $strBillingPhone;
// Delivery Details:
$strPost=$strPost . "&DeliveryFirstnames=" . $strDeliveryFirstnames;
$strPost=$strPost . "&DeliverySurname=" . $strDeliverySurname;
$strPost=$strPost . "&DeliveryAddress1=" . $strDeliveryAddress1;
if (strlen($strDeliveryAddress2) > 0) $strPost=$strPost . "&DeliveryAddress2=" . $strDeliveryAddress2;
$strPost=$strPost . "&DeliveryCity=" . $strDeliveryCity;
$strPost=$strPost . "&DeliveryPostCode=" . $strDeliveryPostCode;
$strPost=$strPost . "&DeliveryCountry=" . $strDeliveryCountry;
if (strlen($strDeliveryState) > 0) $strPost=$strPost . "&DeliveryState=" . $strDeliveryState;
if (strlen($strDeliveryPhone) > 0) $strPost=$strPost . "&DeliveryPhone=" . $strDeliveryPhone;
$strPost=$strPost . "&Basket=" . $strBasket; // As created above
// For charities registered for Gift Aid, set to 1 to display the Gift Aid check box on the payment pages
$strPost=$strPost . "&AllowGiftAid=0";
/* Allow fine control over AVS/CV2 checks and rules by changing this value. 0 is Default
** It can be changed dynamically, per transaction, if you wish. See the Server Protocol document */
if ($strTransactionType!=="AUTHENTICATE")
$strPost=$strPost . "&ApplyAVSCV2=0";
/* Allow fine control over 3D-Secure checks and rules by changing this value. 0 is Default
** It can be changed dynamically, per transaction, if you wish. See the Form Protocol document */
$strPost=$strPost . "&Apply3DSecure=0";
// Encrypt the plaintext string for inclusion in the hidden field
$strCrypt = base64Encode(SimpleXor($strPost,$strEncryptionPassword));
?>
<html>
<head>
<title>Form PHP Kit Order Confirmation Page</title>
<link rel="STYLESHEET" type="text/css" href="images/formKitStyle.css">
<script type="text/javascript" language="javascript" src="scripts/common.js" ></script>
<script t jpknoob
I have managed to sort out the issue, I inserted my own SQL query and created the basket that way. if you are experiencing a similar problem, drop me a message and I'll be happy to share my work around!
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.