Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Recommended Posts

Posted

Hi can anyone help with a response script for Realex payments?

 

 

I copied the code from checkout_process.php and pasted it into where it should go. I have it working almost perfectly in test mode, the payment goes through to Realex successfully and the oscommerce database gets updates and the customer is emailed. Except when I enter a declined card (for testing purposes), I get no result, just a blank page. Here is the script (a template provided by Realex). Realex say you must add the part about updating/emailing yourself. I'm not a PHP programmer so I'm a bit out of my depth here.

 

<html>

<head>

<title>Response Script</title>

 

<?

 

/*

Note:The below code is used to grab the fields Realex Payments POSTs back

to this script after a card has been authorised. Realex Payments need

to know the full URL of this script in order to POST the data back to this

script. Please inform Realex Payments of this URL if they do not have it

already.

 

Look at the Realex Documentation to view all hidden fields Realex POSTs back

for a card transaction.

*/

 

 

 

$timestamp = $_POST['TIMESTAMP'];

$result = $_POST['RESULT'];

$orderid = $_POST['ORDER_ID'];

$message = $_POST['MESSAGE'];

$authcode = $_POST['AUTHCODE'];

$pasref = $_POST['PASREF'];

$realexmd5 = $_POST['MD5HASH'];

 

// -------------------------------------------------------------

// Replace these with the values you receive from Realex Payments.If you have not yet received these values please contact us.

$merchantid = "*******";

$secret = "*******";

 

//---------------------------------------------------------------

//Below is the code for creating the digital signature using the md5 algorithm.

//This digital siganture should correspond to the

//one Realex Payments POSTs back to this script and can therefore be used to verify the message Realex sends back.

 

$tmp = "$timestamp.$merchantid.$orderid.$result.$message.$pasref.$authcode";

$md5hash = md5($tmp);

$tmp = "$md5hash.$secret";

$md5hash = md5($tmp);

 

//Check to see if hashes match or not

if ($md5hash != $realexmd5) {

echo "hashes don't match - response not authenticated!";

}

 

/* --------------------------------------------------------------

send yourself an email or send the customer an email or update a database or whatever you want to do here.

*/

 

 

/*

$Id: checkout_process.php,v 1.128 2003/05/28 18:00:29 hpdl Exp $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

include('includes/application_top.php');

 

// if the customer is not logged on, redirect them to the login page

if (!tep_session_is_registered('customer_id')) {

$navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));

tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));

}

 

if (!tep_session_is_registered('sendto')) {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));

}

 

if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));

}

 

// avoid hack attempts during the checkout procedure by checking the internal cartID

if (isset($cart->cartID) && tep_session_is_registered('cartID')) {

if ($cart->cartID != $cartID) {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));

}

}

 

include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS);

 

// load selected payment module

require(DIR_WS_CLASSES . 'payment.php');

$payment_modules = new payment($payment);

 

// load the selected shipping module

require(DIR_WS_CLASSES . 'shipping.php');

$shipping_modules = new shipping($shipping);

 

require(DIR_WS_CLASSES . 'order.php');

$order = new order;

 

// load the before_process function from the payment modules

$payment_modules->before_process();

 

require(DIR_WS_CLASSES . 'order_total.php');

$order_total_modules = new order_total;

 

$order_totals = $order_total_modules->process();

 

$sql_data_array = array('customers_id' => $customer_id,

'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],

'customers_company' => $order->customer['company'],

'customers_street_address' => $order->customer['street_address'],

'customers_suburb' => $order->customer['suburb'],

'customers_city' => $order->customer['city'],

'customers_postcode' => $order->customer['postcode'],

'customers_state' => $order->customer['state'],

'customers_country' => $order->customer['country']['title'],

'customers_telephone' => $order->customer['telephone'],

'customers_email_address' => $order->customer['email_address'],

'customers_address_format_id' => $order->customer['format_id'],

'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'],

'delivery_company' => $order->delivery['company'],

'delivery_street_address' => $order->delivery['street_address'],

'delivery_suburb' => $order->delivery['suburb'],

'delivery_city' => $order->delivery['city'],

'delivery_postcode' => $order->delivery['postcode'],

'delivery_state' => $order->delivery['state'],

'delivery_country' => $order->delivery['country']['title'],

'delivery_address_format_id' => $order->delivery['format_id'],

'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'],

'billing_company' => $order->billing['company'],

'billing_street_address' => $order->billing['street_address'],

'billing_suburb' => $order->billing['suburb'],

'billing_city' => $order->billing['city'],

'billing_postcode' => $order->billing['postcode'],

'billing_state' => $order->billing['state'],

'billing_country' => $order->billing['country']['title'],

'billing_address_format_id' => $order->billing['format_id'],

'payment_method' => $order->info['payment_method'],

'cc_type' => $order->info['cc_type'],

'cc_owner' => $order->info['cc_owner'],

'cc_number' => $order->info['cc_number'],

'cc_expires' => $order->info['cc_expires'],

'date_purchased' => 'now()',

'orders_status' => $order->info['order_status'],

'currency' => $order->info['currency'],

'currency_value' => $order->info['currency_value']);

tep_db_perform(TABLE_ORDERS, $sql_data_array);

$insert_id = tep_db_insert_id();

for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {

$sql_data_array = array('orders_id' => $insert_id,

'title' => $order_totals[$i]['title'],

'text' => $order_totals[$i]['text'],

'value' => $order_totals[$i]['value'],

'class' => $order_totals[$i]['code'],

'sort_order' => $order_totals[$i]['sort_order']);

tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);

}

 

$customer_notification = (SEND_EMAILS == 'true') ? '1' : '0';

$sql_data_array = array('orders_id' => $insert_id,

'orders_status_id' => $order->info['order_status'],

'date_added' => 'now()',

'customer_notified' => $customer_notification,

'comments' => $order->info['comments']);

tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);

 

// initialized for the email confirmation

$products_ordered = '';

$subtotal = 0;

$total_tax = 0;

 

for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {

// Stock Update - Joao Correia

if (STOCK_LIMITED == 'true') {

if (DOWNLOAD_ENABLED == 'true') {

$stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename

FROM " . TABLE_PRODUCTS . " p

LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa

ON p.products_id=pa.products_id

LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad

ON pa.products_attributes_id=pad.products_attributes_id

WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";

// Will work with only one option for downloadable products

// otherwise, we have to build the query dynamically with a loop

$products_attributes = $order->products[$i]['attributes'];

if (is_array($products_attributes)) {

$stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";

}

$stock_query = tep_db_query($stock_query_raw);

} else {

$stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

}

if (tep_db_num_rows($stock_query) > 0) {

$stock_values = tep_db_fetch_array($stock_query);

// do not decrement quantities if products_attributes_filename exists

if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {

$stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];

} else {

$stock_left = $stock_values['products_quantity'];

}

tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {

tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

}

}

}

 

// Update products_ordered (for bestsellers list)

tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

 

$sql_data_array = array('orders_id' => $insert_id,

'products_id' => tep_get_prid($order->products[$i]['id']),

'products_model' => $order->products[$i]['model'],

'products_name' => $order->products[$i]['name'],

'products_price' => $order->products[$i]['price'],

'final_price' => $order->products[$i]['final_price'],

'products_tax' => $order->products[$i]['tax'],

'products_quantity' => $order->products[$i]['qty']);

tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);

$order_products_id = tep_db_insert_id();

 

//------insert customer choosen option to order--------

$attributes_exist = '0';

$products_ordered_attributes = '';

if (isset($order->products[$i]['attributes'])) {

$attributes_exist = '1';

for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {

if (DOWNLOAD_ENABLED == 'true') {

$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename

from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa

left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad

on pa.products_attributes_id=pad.products_attributes_id

where pa.products_id = '" . $order->products[$i]['id'] . "'

and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'

and pa.options_id = popt.products_options_id

and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'

and pa.options_values_id = poval.products_options_values_id

and popt.language_id = '" . $languages_id . "'

and poval.language_id = '" . $languages_id . "'";

$attributes = tep_db_query($attributes_query);

} else {

$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");

}

$attributes_values = tep_db_fetch_array($attributes);

// BOF Separate Pricing Per Customer attribute_groups mod

if (isset($_SESSION['sppc_customer_group_id']) && $_SESSION['sppc_customer_group_id'] != '0') {

$attributes_group_query = tep_db_query("select pag.options_values_price, pag.price_prefix from " . TABLE_PRODUCTS_ATTRIBUTES . " pa left join " . TABLE_PRODUCTS_ATTRIBUTES_GROUPS . " pag using(products_attributes_id) where pa.products_id = '" . tep_get_prid($order->products[$i]['id']) . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pag.customers_group_id = '" . (int)$_SESSION['sppc_customer_group_id'] . "'");

if ($attributes_group = tep_db_fetch_array($attributes_group_query)) {

$attributes_values['options_values_price'] = $attributes_group['options_values_price'];

$attributes_values['price_prefix'] = $attributes_group['price_prefix'];

}

}

// EOF Separate Pricing Per Customer attribute_groups mod

 

$sql_data_array = array('orders_id' => $insert_id,

'orders_products_id' => $order_products_id,

'products_options' => $attributes_values['products_options_name'],

'products_options_values' => $attributes_values['products_options_values_name'],

'options_values_price' => $attributes_values['options_values_price'],

'price_prefix' => $attributes_values['price_prefix']);

tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);

 

if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {

$sql_data_array = array('orders_id' => $insert_id,

'orders_products_id' => $order_products_id,

'orders_products_filename' => $attributes_values['products_attributes_filename'],

'download_maxdays' => $attributes_values['products_attributes_maxdays'],

'download_count' => $attributes_values['products_attributes_maxcount']);

tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);

}

$products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];

}

}

//------insert customer choosen option eof ----

$total_weight += ($order->products[$i]['qty'] * $order->products[$i]['weight']);

$total_tax += tep_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty'];

$total_cost += $total_products_price;

 

$products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";

}

 

// lets start with the email confirmation

$email_order = STORE_NAME . "\n" .

EMAIL_SEPARATOR . "\n" .

EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" .

EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" .

EMAIL_TEXT_DATE_ORDERED . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n";

if ($order->info['comments']) {

$email_order .= tep_db_output($order->info['comments']) . "\n\n";

}

$email_order .= EMAIL_TEXT_PRODUCTS . "\n" .

EMAIL_SEPARATOR . "\n" .

$products_ordered .

EMAIL_SEPARATOR . "\n";

 

for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {

$email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";

}

 

if ($order->content_type != 'virtual') {

$email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" .

EMAIL_SEPARATOR . "\n" .

tep_address_label($customer_id, $sendto, 0, '', "\n") . "\n";

}

 

$email_order .= "\n" . EMAIL_TEXT_BILLING_ADDRESS . "\n" .

EMAIL_SEPARATOR . "\n" .

tep_address_label($customer_id, $billto, 0, '', "\n") . "\n\n";

if (is_object($$payment)) {

$email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .

EMAIL_SEPARATOR . "\n";

$payment_class = $$payment;

$email_order .= $payment_class->title . "\n\n";

if ($payment_class->email_footer) {

$email_order .= $payment_class->email_footer . "\n\n";

}

}

tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

 

// send emails to other people

if (SEND_EXTRA_ORDER_EMAILS_TO != '') {

tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

}

 

// load the after_process function from the payment modules

$payment_modules->after_process();

 

$cart->reset(true);

 

// unregister session variables used during checkout

tep_session_unregister('sendto');

tep_session_unregister('billto');

tep_session_unregister('shipping');

tep_session_unregister('payment');

tep_session_unregister('comments');

 

 

require(DIR_WS_INCLUDES . 'application_bottom.php');

 

 

//

//The next part is important to understand. The result field sent back to this

//response script will indicate whether the card transaction was successful or not.

//The result 00 indicates it was while anything else indicates it failed.

//Refer to the Realex Payments documentation to get a full list to response codes.

//

//IMPORTANT: Whatever this response script prints is grabbed by Realex Payments

//and placed in the template again. It is placed wherever the comment "<!--E-PAGE TABLE HERE-->"

//is in the template you provide. This is the case so that from a customer's perspective, they are not suddenly removed from

//a secure site to an unsecure site. This means that although we call this response script the

//customer is still on Realex PAyemnt's site and therefore it is recommended that a HTML link is

//printed in order to redirect the customrer back to the merchants site.

 

?>

 

<body bgcolor="#FFFFFF">

<font face=verdana,helvetica,arial size=2>

 

<?

if ($result == "00") {

?>

 

Thank you

<br/><br/>

To continue browsing please <a href="http://www.*******.com"><b><u>click here</u></b></a>

<br/><br/>

 

<?

} else {

?>

 

<br/><br/>

There was an error processing your payment.

To try again please <a href="http://www.*******.com"><b><u>click here</u></b></a><br><BR>

Please contact our customer care department at <a href="mailto:info@*******.com"><b><u>info@*******.com</u></b></a>

 

 

 

<?

}

?>

 

 

</font>

 

</body>

</html>

  • 2 years later...
Posted

Hi MrJoesph, I know this was a very long time ago that you were having this issue, and I am wondering if you managed to resolve the issue that you were having. it appears that I am having the same issue, I get a blank screen after putting in my credit card details. In the address that I am sent back to I can see the error: http://www.x.com/index.php?main_page=checkout_payment&payment_error=realex&error=Hashes%20don't%20match%20-%20response%20not%20authenticated!

 

Do you know was this the same issue that you were getting and by any chance do you remember what you did to fix this issue.

 

Any help that you may be able to give would be really appreciative.

Many thanks

Alex

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...