Also, how does the verification process work?
Because at the moment this page also sends to the db that the order has been completed, but obviously the user can bypass this by going straight to the checkout_success.php page.
Surely sagepay sends back a transaction id, if this exists then the payment has been accepted?
Is this the case or do I have to do something funky to get this working?
Thanks again.
<p class="eC_OrderInfo">SUCCESS: <?php echo $_SESSION["Protx_VSPServer_Success"]; ?><br />
STATUS CODE: <?php echo $_SESSION["Protx_VSPServer_StatusCode"]; ?> <br />
ERROR MSG: <?php echo $_SESSION["Protx_VSPServer_ErrorMessage"]; ?> </p>
<p class="eC_OrderInfo">COPIED CODE...<br />
Success: <?php echo $_SESSION["Protx_VSPServer_Success"]; ?><br />
Status code: <?php echo $_SESSION["Protx_VSPServer_StatusCode"]; ?><br />
Error message: <?php echo $_SESSION["Protx_VSPServer_ErrorMessage"]; ?><br />
Bug report:
Success: <?php echo $Protx_VSPServer_Auth["Success"]; ?><br />
Status code: <?php echo $Protx_VSPServer_Auth["StatusCode"]; ?><br />
Error message: <?php echo $Protx_VSPServer_Auth["ErrorMessage"]; ?><br />
Vendor trans code: <?php echo $Protx_VSPServer_Auth["VendorTxCode"]; ?><br />
SagePay Trans ID: <?php echo $Protx_VSPServer_Auth["VPSTxId"]; ?><br />
Security Key: <?php echo $Protx_VSPServer_Auth["SecurityKey"]; ?><br />
Next URL: <?php echo $Protx_VSPServer_Auth["NextURL"]; ?><br />
Full response: <?php echo $Protx_VSPServer_Auth["FullResponse"]; ?><br />
Full request: <?php echo $Protx_VSPServer_Auth["FullRequest"]; ?></p>
</p>
None of these exist on the page you see ...