close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

Sage Pay Integration - how difficult is this?

Thread began 8/10/2015 3:49 pm by Nathon Jones Web Design | Last modified 7/26/2019 11:52 pm by Nathon Jones Web Design | 3711 views | 6 replies

Nathon Jones Web Design

Thank you.

mcrypt is installed on our server.

We have replaced Protx_VSPForm.php with the newer version that you provided in the forum post you've linked to above (however further down that thread you provide another version. Can you confirm which one is correct?).

We immediately realised that, within that new Protx_VSPForm.php file, you've got a generic Encryption Password which, when we tried to use it, obviously failed as being incorrect. You have the following on line 2 of that file:
$Protx_EncryptionPassword = "8GejG5SG2jCjMsbY";

Checking the version of Protx_VSPForm.php that eCart Checkout Wizard installed by default on OUR site we note that its line 2 is:
$Protx_EncryptionPassword = "<?php echo($WA_SagePay_VSP_Form_Encryption_Password); ?>";

Can you clarify if we should use the above reference or should we just manually enter our own encryption password as you have done with your replacement example file?

We assume that if we use this:
<?php echo($WA_SagePay_VSP_Form_Encryption_Password); ?>

...then eCart is trying to use the encryption password that was entered when using the eCart Checkout Wizard which we are unable to check/change because we can't re-enter the wizard. Where is this value stored?

On confirm.php we changed the hidden form element to this:

<input type="hidden" name="VPSProtocol" id="VPSProtocol" value="3.0" />



...and, just below it we added this:

<?php
$timeStamp = WAEC_getTimestamp();
$optionArray = array();
$optionArray['VendorTxCode'] = $timeStamp;
$optionArray['Amount'] = $whiskyCART->GrandTotal();
$optionArray['Currency'] = "GBP";
$optionArray['Description'] = $timeStamp;
$optionArray['SuccessURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_success.php";
$optionArray['FailureURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_failure.php";
$optionArray['CustomerEmail'] = ((isset($_POST["Email_Address"]))?$_POST["Email_Address"]:"");
$optionArray['VendorEmail'] = "info@whiskybroker.co.uk";
$optionArray['DeliverySurname'] = ((isset($_POST["Last_Name_2"]))?$_POST["Last_Name_2"]:"");
$optionArray['DeliveryFirstnames'] = ((isset($_POST["First_Name_2"]))?$_POST["First_Name_2"]:"");
$optionArray['DeliveryAddress1'] = ((isset($_POST["Address_1_2"]))?$_POST["Address_1_2"]:"");
$optionArray['DeliveryAddress2'] = ((isset($_POST["Address_2_2"]))?$_POST["Address_2_2"]:"");
$optionArray['DeliveryPostCode'] = ((isset($_POST["Postal_Code_2"]))?$_POST["Postal_Code_2"]:"");
$optionArray['DeliveryCity'] = ((isset($_POST["City_2"]))?$_POST["City_2"]:"");
$optionArray['DeliveryCountry'] = ((isset($_POST["Country_2"]))?$_POST["Country_2"]:"");
$optionArray['BillingSurname'] = ((isset($_POST["Last_Name"]))?$_POST["Last_Name"]:"");
$optionArray['BillingFirstnames'] = ((isset($_POST["First_Name"]))?$_POST["First_Name"]:"");
$optionArray['BillingAddress1'] = ((isset($_POST["Address_1"]))?$_POST["Address_1"]:"");
$optionArray['BillingAddress2'] = ((isset($_POST["Address_2"]))?$_POST["Address_2"]:"");
$optionArray['BillingPostCode'] = ((isset($_POST["Postal_Code"]))?$_POST["Postal_Code"]:"");
$optionArray['BillingCity'] = ((isset($_POST["City"]))?$_POST["City"]:"");
$optionArray['BillingCountry'] = ((isset($_POST["Country"]))?$_POST["Country"]:"");
$optionArray['ContactNumber'] = ((isset($_POST["Phone_Number"]))?$_POST["Phone_Number"]:"");
$optionArray['ContactFax'] = ((isset($_POST["Fax_Number"]))?$_POST["Fax_Number"]:"");
$optionArray['AllowGiftAid'] = "0";
$optionArray['ApplyAVSCV2'] = "0";
$optionArray['Apply3DSecure'] = "0";
$optionArray['EMailMessage'] = "";
?>



We still have the following below that though...

<input id="TxType" name="TxType" type="hidden" value="<?php echo("PAYMENT"); ?>">
<input id="VendorTxCode" name="VendorTxCode" type="hidden" value="<?php echo("".WAEC_getTimestamp() .""); ?>">
<input id="Amount" name="Amount" type="hidden" value="<?php echo("".$whiskyCART->GrandTotal() .""); ?>">
<input id="Currency" name="Currency" type="hidden" value="<?php echo("GBP"); ?>">
<input id="Description" name="Description" type="hidden" value="<?php echo("".WAEC_getTimestamp() .""); ?>">
<input id="SuccessURL" name="SuccessURL" type="hidden" value="<?php echo("checkout_success.php"); ?>">
<input id="FailureURL" name="FailureURL" type="hidden" value="<?php echo("checkout_failure.php"); ?>">
<input id="CustomerEMail" name="CustomerEMail" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Email_Address')) .""); ?>">
<input id="BillingAddress1" name="BillingAddress1" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1')) .""); ?>">
<input id="BillingPostCode" name="BillingPostCode" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code')) .""); ?>">
<input id="BillingSurname" name="BillingSurname" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name')) .""); ?>">
<input id="BillingFirstnames" name="BillingFirstnames" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name')) .""); ?>">
<input id="BillingState" name="BillingState" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','State')) .""); ?>">
<input id="BillingCity" name="BillingCity" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City')) .""); ?>">
<input id="BillingCountry" name="BillingCountry" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country')) .""); ?>">
<input id="DeliveryAddress1" name="DeliveryAddress1" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1_2')) .""); ?>">
<input id="DeliveryPostCode" name="DeliveryPostCode" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code_2')) .""); ?>">
<input id="DeliverySurname" name="DeliverySurname" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name_2')) .""); ?>">
<input id="DeliveryFirstnames" name="DeliveryFirstnames" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name_2')) .""); ?>">
<input id="DeliveryCity" name="DeliveryCity" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City_2')) .""); ?>">
<input id="DeliveryState" name="DeliveryState" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','State_2')) .""); ?>">
<input id="DeliveryCountry" name="DeliveryCountry" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country_2')) .""); ?>">
<input id="ContactNumber" name="ContactNumber" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Phone_Number')) .""); ?>">
<input id="ContactFax" name="ContactFax" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Fax_Number')) .""); ?>">
<input id="AllowGiftAid" name="AllowGiftAid" type="hidden" value="<?php echo("0"); ?>">
<input id="ApplyAVSCV2" name="ApplyAVSCV2" type="hidden" value="<?php echo("0"); ?>">
<input id="Apply3DSecure" name="Apply3DSecure" type="hidden" value="<?php echo("0"); ?>">



Should we have removed that?

Then, just below that, we have...

<input id="Crypt" name="Crypt" type="hidden" value="<?php echo("".WA_Protx_VSPFormHash($whiskyCART, ''.($WA_SagePay_VSP_Form_Encryption_Password)  .'', ''.WAEC_getTimestamp()  .'', ''.$whiskyCART->GrandTotal()  .'', 'GBP', ''.WAEC_getTimestamp()  .'', 'checkout_success.php', 'checkout_failure.php', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Email_Address'))  .'', '', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Phone_Number'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Fax_Number'))  .'', '0', '0', '0', '')  .""); ?>">



...but you've instructed us to remove that and replace it with:

<input type="hidden" name="Crypt" id="Crypt" value="<?php echo WA_Protx_VSPFormHash_v3($whiskyCART, "[yourprotxpassword]", $optionArray); ?>" />



Is that correct?

Sage Pay offer 4 different types of integration:
http://www.sagepay.co.uk/support/integration-kits-protocols-document

Form Integration
Server Integration
Server InFrame Integration
Direct Integration

Which one should we be using with eCart because the test URL is different for each?

For example:
Form Integration - https://test.sagepay.com/gateway/service/vspform-register.vsp
Server Integration - https://test.sagepay.com/gateway/service/vspserver-register.vsp

When we test all of this, using the Form Integration method, we get the following error:

This transaction attempt has failed. We are unable to redirect you back to the web store from which you were purchasing. The details of the failure are given below.
Status: ERROR
Status Detail: 5070 : Form transactions are disabled for this vendor in the test environment. Please contact support to re-enable this functionality.

Prior to this we were getting:
Error number: 3076 Error message: The NotificationURL is required. Explanation: The NotificationURL is required. Solution: There is a problem with the details that have been supplied. Please check and retry Site Section: Support

We contacted Sage Pay support and they confirmed that form transactions were disabled on the account. They re-enabled them for us but now we're getting the following:

This transaction attempt has failed. We are unable to redirect you back to the web store from which you were purchasing. The details of the failure are given below.
Status: MALFORMED
Status Detail: 3045 : The Currency field is missing.

Hope you can help. I attach confirm.php and Protx_VSPForm.php.

Thank you.
NJ

EDIT:

I changed the form on confirm.php to this:

<form class="NewFromBlank_Default" id="Payment_NewFromBlank_Default" name="Payment_NewFromBlank_Default" method="post" action="https://test.sagepay.com/gateway/service/vspform-register.vsp">
<!--
WebAssist CSS Form Builder - Form v1
CC: eCommerce
CP: Payment
TC: <New From Blank>
TP: Default
-->
<ul class="NewFromBlank_Default">
<li>
<fieldset class="NewFromBlank_Default" id="Payment_Info">
<legend class="groupHeader">Complete your Purchase</legend>
<ul class="formList">
<li class="formItem">
<span class="buttonFieldGroup" >
<input id="Vendor" name="Vendor" type="hidden" value="<?php echo("".($WA_SagePay_VSP_Form_Vendor) .""); ?>">
<input id="EncryptionPassword" name="EncryptionPassword" type="hidden" value="<?php echo("".($WA_SagePay_VSP_Form_Encryption_Password) .""); ?>">
<input id="VPSProtocol" name="VPSProtocol" type="hidden" value="3.0">
<input id="TxType" name="TxType" type="hidden" value="<?php echo("PAYMENT"); ?>">

<?php
$timeStamp = WAEC_getTimestamp();
$optionArray = array();
$optionArray['VendorTxCode'] = $timeStamp;
$optionArray['Amount'] = $whiskyCART->GrandTotal();
$optionArray['Currency'] = "GBP";
$optionArray['Description'] = $timeStamp;
$optionArray['SuccessURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_success.php";
$optionArray['FailureURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_failure.php";
$optionArray['CustomerEmail'] = ((isset($_POST["Email_Address"]))?$_POST["Email_Address"]:"");
$optionArray['VendorEmail'] = "info@whiskybroker.co.uk";
$optionArray['DeliverySurname'] = ((isset($_POST["Last_Name_2"]))?$_POST["Last_Name_2"]:"");
$optionArray['DeliveryFirstnames'] = ((isset($_POST["First_Name_2"]))?$_POST["First_Name_2"]:"");
$optionArray['DeliveryAddress1'] = ((isset($_POST["Address_1_2"]))?$_POST["Address_1_2"]:"");
$optionArray['DeliveryAddress2'] = ((isset($_POST["Address_2_2"]))?$_POST["Address_2_2"]:"");
$optionArray['DeliveryPostCode'] = ((isset($_POST["Postal_Code_2"]))?$_POST["Postal_Code_2"]:"");
$optionArray['DeliveryCity'] = ((isset($_POST["City_2"]))?$_POST["City_2"]:"");
$optionArray['DeliveryCountry'] = ((isset($_POST["Country_2"]))?$_POST["Country_2"]:"");
$optionArray['BillingSurname'] = ((isset($_POST["Last_Name"]))?$_POST["Last_Name"]:"");
$optionArray['BillingFirstnames'] = ((isset($_POST["First_Name"]))?$_POST["First_Name"]:"");
$optionArray['BillingAddress1'] = ((isset($_POST["Address_1"]))?$_POST["Address_1"]:"");
$optionArray['BillingAddress2'] = ((isset($_POST["Address_2"]))?$_POST["Address_2"]:"");
$optionArray['BillingPostCode'] = ((isset($_POST["Postal_Code"]))?$_POST["Postal_Code"]:"");
$optionArray['BillingCity'] = ((isset($_POST["City"]))?$_POST["City"]:"");
$optionArray['BillingCountry'] = ((isset($_POST["Country"]))?$_POST["Country"]:"");
$optionArray['ContactNumber'] = ((isset($_POST["Phone_Number"]))?$_POST["Phone_Number"]:"");
$optionArray['ContactFax'] = ((isset($_POST["Fax_Number"]))?$_POST["Fax_Number"]:"");
$optionArray['AllowGiftAid'] = "0";
$optionArray['ApplyAVSCV2'] = "0";
$optionArray['Apply3DSecure'] = "0";
$optionArray['EMailMessage'] = "";
?>



<input type="hidden" name="Crypt" id="Crypt" value="<?php echo WA_Protx_VSPFormHash_v3($whiskyCART, $WA_SagePay_VSP_Form_Encryption_Password, $optionArray); ?>" />

<input class="formButton" name="Payment_submit" type="submit" id="Payment_submit" value="Process Payment" tabindex="101">
</span>
</li>
</ul>
</fieldset>
</li>
</ul>
</form>



...and it's submitting nicely to the Sage Pay test environment now however we're in an odd situation where no shipping is being added to the order despite us hooking up the UPS account - details of that are here: http://www.webassist.com/forums/posts.php?pid=194457

Hope you can help. Thank you.
NJ

Attached Files
Protx_VSPForm.php
confirm.php

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...