Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Can a PHP expert help me out with a new module


ciobitud

Recommended Posts

Posted

Hello!

 

I would realy like to make a new module that will use as payemnt a one time code that you can receive by phone (the allopass system) but the problem is that I can not do it (I am a php newbie :rolleyes: ).

 

Here you go the info needed:

 

Technical datas about ONE SHOT payment

 

 

A - The form in which the access code is entered

 

The provided script contains :

? A PNG image whose source is located on our server and which indicates the telephone number to be dialled according to the rate level you selected.

? An HTML form comprised of different fields.

 

This HTML form must contain at least 3 fields :

? The field CODE (with the type TEXT in the script) in which the internet user enters his/her access code

? The field SITE_ID containing the Allopass ID of your site.

? The field DOC_ID containing the Allopass ID of the protected document.

 

When the form is submitted, all these data are sent to the URL http://www.allopass.com/check

The AlloPass system then checks the validity of the code. If the code is valid, there is an immediate redirection to your return URL.

 

B - Optional fields of the form

 

You can add to this form six optional fields that do not appear in the default script :

- The field DATAS : this hidden field (so with the type HIDDEN) can contain any value of your choice.

When your customer is redirected to your site in case the access code is valid, your return URL will be reached with an added parameter called DATAS which contains what you had put in the form.

 

For example, if you have configured the return URL : http://www.mysite.com/return.php

the AlloPass system will reach this URL in the following way : http://www.mysite.com/return.php?DATAS=xxxx

with "xxxx" being what you had indicated in the field DATAS of the form.

 

- The field RECALL : this hidden field, so much found in the form and whose value is '1', will allow you to know the code typed by the internet user in case the code is valid.

A parameter called RECALL will be returned to you in the return URL containing the entered code.

For example : http://www.mysite.com/return.php?RECALL=12345678

 

- The field AP_CA : this hidden field, if present, should contain a "partner code", that you can generate in the section "partners' links".

If such a field is present in your form, then whoever your visitor may be, the percentage you specified when you created this partner code will be credited on your partner's account.

This sum of money will be deducted from your payment.

This field can be useful if for instance you sell a site content as a partnership with another person.

The other person will earn a percentage of the generated gains and like you, will be able to write his/her cheque requests on Allopass.

 

- the field AP_CA_IDCn (n from 0 to 4) : this hidden field contains a partner's ID to which you wish to transfer a percentage of your profit without to have created a partner link before.

Your partner will find his ID in the "Personal Datas" section of the Webmaster's Lounge.

 

- The field AP_CA_MNTn (n from 0 to 4) : it is the amount (expressed as a percentage) has to transfer with the partner whom you defined with parameter AP_CA_IDC.

This value must be between 0 and 100.

 

With these two fields AP_CA_IDCn and AP_CA_MNTn, you can share your gain with up to 5 partners !

Of course, the sum of the AP_CA_MNTn fields must not exceed the value of 100.

 

- The field NDE : this hidden field, if present, and with a value of "1", prevent the return of other parameters (such as RECALL, DATAS...) to your script if the entered code is invalid. So, your retourn error script will not receive these values.

 

 

C - Verification of the validity of a code

 

Your scripts in PHP, ASP, ... can ask the Allopass platform whether a code which is returned using the parameter RECALL of the form is valid.

 

After your return page has received this information, you have 2 minutes to know if this code has just been validated for the access to a given document.

 

The idea is that your script will make a HTTP request to our server containing both the code you want to check and the ID of your private documents as parameters.

 

Our server then answers you whether this code is valid or not for accessing this document.

 

Implementation :

 

- First you must take down the ID of the protected document. This ID can be found in the list of your documents in the column "Identifier (ID)".

This ID has the following format "54/75/4567".

 

- Then, your return page must send a request to our server with a parameter called CODE contained the code to be checked and a paramater called AUTH containing the document ID.

 

- Our server can answer you :

OK : this code has been accepted in the last two minutes for the access to this document.

NOK : this code is not valid

ERR : The request was not understood (it may be an error in the document ID).

For example, if the code is valid, you can send a cookie to your visitor telling him/her he/she has indeed paid for his/her consultation.

On the other pages of your private part, you'll only have to test this cookie. If the cookie is not present, then you redirect the internet user to an error page.

 

Here is an actual example (in PHP):

 

Your HTML form where you type in the code is as follows :

<form action ="http://www.allopass.com/check/index.php4" method="POST">

<input type="hidden" name="SITE_ID" value="99">

<input type="hidden" name="DOC_ID" value="74">

<input type="hidden" name="RECALL" value="1">

<input type="text" name="CODE" size="8">

<input type="submit" value=" Enter " >

</form>

 

 

Of course, the values of the parameters SITE_ID and DOC_ID must correspond to the ones provided in the original script.

 

If your return page is a script called return.php4, then this script will be called after a valid code is entered.

There you will recognize the variable $RECALL containing the entered code.

 

Then you make a request to the Allopass platform. Here is the example in PHP :

<?php

$RECALL = HTTP_GET_VARS["RECALL"];

if (trim($RECALL)=="") {

// The variable RECALL is empty, the user is redirected

//to an error page

Header("Location: error.html");

exit;

}

// $RECALL contains the access code

$RECALL = urlencode($RECALL);

// $AUTH must contain the ID of YOUR document

$AUTH = urlencode("54/75/456");

 

// the request is sent to the Allopass server

// in the variable $r[0] we'll have the answer of the server

 

$r=@file("http://www.allopass.com/check/vf.php4?CODE=$RECALL&AUTH=$AUTH");

 

// the answer of the server is tested

if (ereg("ERR",$r[0]) || ereg("NOK",$r[0])) {

// The server has answered ERR or NOK : the access is denied

header("Location: error.html");

exit;

}

// The code is valid !

// a cookie called CODE_OK is placed and its value is 1

// This cookie expires when the internet user exits his/her browser

// In the following pages testing the existence of this cookie will be enough

// If it exits, the internet user is authorized,

// otherwise he/she will be redirected to an error page

setCookie("CODE_OK","1",0,"/","$SERVER_NAME",false);

?>

 

 

In the following pages from the restricted zone of your site, you can then verify the existence of this cookie as follows :

<?php

if ($HTTP_COOKIE_VARS['CODE_OK']!='1') {

Header("Location: error.html");

exit;

}

?>

 

If someone could help me out... :rolleyes:

Posted

Well, thanks for the reply! :-)

 

No, my question is in the first 4 rows of the topic and, if you agree and want to help me out well, you need all the technical info and "tha crap" is just that: the technical info (if you can't or don't want to help me out, the technical info will not help you in any way so you shouldn't bother reading ;-) )

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...