close ad
Help us test the new Databridge BETA with MySQLi support
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues


World pay payment response updating orders

Thread began 8/25/2011 8:22 am by Base5 Designs | Last modified 4/18/2012 8:42 am by bill3786 | 104050 views | 18 replies |

Base5 Designs

World pay payment response updating orders

Hi there

i have a confirm.php page which stores the orderand order details in the database.

this gets sent to worldpay then worldpay calls my response.php page which i want to update the order, depending if the transaction was sucseusfull or not.

how do i reference the order id so it knows which transaction to update?

o guess storing the cart id in the db and referencing that wont work because its based as a session variable, can i pass the order id to worldpay in another custom hidden field?

am not sure if tha application flow allows this or not

confirm.php -> click confirm, order stored in db -> order details stored in db ->
store added order id in hidden field order id -> send to worldpay for processing.

would i be correct in thinking this?

Sign in to reply to this post

Jason ByrnesWebAssist

On the confirm page, the hidden form element that sets the transaction ID is the cartId element, by default, this will be set to use the session ID:

<input type="hidden" name="cartId" id="cartId" value="<?php echo session_id() ?>" />

this variable is also returned by the payment response:

In the store order summary, use the session ID as the cart ID and use the cartId variable from the payment response to determine which record to update.

Sign in to reply to this post


Where you say "In the store order summary, use the session ID as the cart ID and use the cartId variable from the payment response to determine which record to update."

Is the cart ID the OrderID field based on the MySql database you provide for download?

Sign in to reply to this post

Base5 Designs

Yes thats correct, in the orderid field in the database this is where you need to store the cartid session variable

Sign in to reply to this post


Payment response worldpay

Thanks for the answer Base5.

Another question, I am a little confused on how to do the payment respsonse page. Is this scenario correct?

Click checkout, complete details, submit to WorldPay and pay. Successful payment which includes transaction ID and another id is then sent back to your website where code on the page captures these details, displays the order summary etc. etc. This would be instead of the default WorldPay completion page would it?

If so, is there a default page already setup for WorlPay that I can use within ECart or does WorldPay have this for download?, as I am not sure how to do this or what coding to use to capture the details etc. What I have done so far returns this error message:

Error Reported: Callback to (web page full url) NOT OK, received HTTP status: 302 Server reference blah, blah, blah

Many thanks for any answers

Sign in to reply to this post

Base5 Designs

hi there thats pretty much correct, inyour worldpay installation you select your customer response url to go to the response page on your site which will process the response from world pay.
you can configure his page to update the order stored in the orders table.

As well as updating the order table with transaction success/refused information it also displays a message to the customer, the page is fetched by worldpay and then displayed, so any images you reference need to have the url as /i/#instalationID/imagename.jpg
and they need to be uploaded to your worldpay instalation.

i wrote he following script which takes the response from worldpay and updates the order.
feel free to use it:

<?php require_once($_SERVER['DOCUMENT_ROOT'] .'/Connections/yourconnectionfile.php'); ?>
<?php require_once($_SERVER['DOCUMENT_ROOT'] ."/webassist/database_management/wa_appbuilder_php.php"); ?>
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
return $theValue;
$mmid_ordersum = "-1";
if (isset($_POST['cartId'])) {
$mmid_ordersum = (get_magic_quotes_gpc()) ? $_POST['cartId'] : addslashes($_POST['cartId']);
mysql_select_db($database_albionwines, $albionwines);
$query_ordersum = sprintf("SELECT * FROM orders WHERE orders.OrderCartID = %s", GetSQLValueString($mmid_ordersum, "text"));
$ordersum = mysql_query($query_ordersum, $albionwines) or die(mysql_error());
$row_ordersum = mysql_fetch_assoc($ordersum);
$totalRows_ordersum = mysql_num_rows($ordersum);
$orderID = $row_ordersum['OrderID'];

$mmid_orderdet = "-1";
if (isset($orderID)) {
$mmid_orderdet = (get_magic_quotes_gpc()) ? $orderID : addslashes($orderID);
mysql_select_db($database_albionwines, $albionwines);
$query_orderdet = sprintf("SELECT * FROM orderdetails WHERE orderdetails.DetailOrderID = %s", GetSQLValueString($mmid_orderdet, "int"));
$orderdet = mysql_query($query_orderdet, $albionwines) or die(mysql_error());
$row_orderdet = mysql_fetch_assoc($orderdet);
$totalRows_orderdet = mysql_num_rows($orderdet);
//get returned data for the worldpay transaction

// An integer greater than 0 (zero) specifying that this is a test payment.
// Specify the test result you want by entering REFUSED, AUTHORISED, ERROR or CAPTURED in the name parameter.
if($_POST["testMode"] > 0){
$paymentMode = '<b>Test Transaction</b><br>';
$paymentMode = '<b>Live Transaction</b><br>';
// the carts ID (Your own reference number for the order normally set to the sessionid)
$cartID = $_POST["cartId"];
$transID = $_POST["transId"];
// Result of the transaction - "Y" for a successful payment authorisation, "C" for a cancelled payment
$transStatus = 0;
$transStatusMessage = 'Transaction Status: Not known<br>';
$transStatusDB = 'Pending';
if($_POST['transStatus'] == 'Y'){
$transStatusMessage = 'The payment has been Authorised<br>';
$transStatusDB = 'Authorised';
if($_POST['transStatus'] == 'C'){
$transStatusMessage = 'The payment has been Cancelled<br>';
$transStatusDB = 'Cancelled';
$cardType = 'Card Type: Not avaliable';
// get the card type
$cardType = 'Card Type'. $_POST['cardType'].'';
$authAmountString = 'Amount authorised: Not avaliable<br>';
// HTML string produced from authorisation amount and currency
$authAmountString = 'Amount authorised: '.$_POST['authAmountString'].'<br>';
$cardAmount = $cardType.' '.$authAmountString.'<br>';
//A textual description of the payment (up to 255 characters). Note: For recurring payment response the desc parameter will include the word FuturePay as well as the payment number and FuturePay Agreement ID.
$desc = 'Purchase Description: Not known<br>';
$desc = 'Purchase Description: '.$_POST['desc'].'<br>';
// The following function parses the data and returns a string with the results of the fraud check
function avsCheck($AVS){
// break the $AVS value into an array
if ($AVS <> ''){
//$AVSvalues = implode(',' , explode(',' , $AVS));
$AVSvalues = str_split($AVS);
//loop through our array of checks
for($i = 0; $i < count($AVSvalues); $i++){
//store the result of the current item as $checkValue
$checkValue = $AVSvalues[$i];
case 0://`first item is the card verification check
$cardVeriCheck = 'Card Verification check: '.$AVSMessages[$checkValue].'<br>';
case 1: // second item is the postcode check
$postCodeCheck = 'Post Code Check: '.$AVSMessages[$checkValue].'<br>';
case 2: // third item is the address check
$addressCheck = 'Address Check: '.$AVSMessages[$checkValue].'<br>';
case 3: // fouth item is the country check
$countryCheck = 'Country Check: '.$AVSMessages[$checkValue].'<br>';
//make string from the checks
$string = $cardVeriCheck . $postCodeCheck . $addressCheck . $countryCheck;
$string = 'did not recieve check results<br>';
return ($string);
$AVSString = 'Security Checks: Not Known<br>';
$AVS = $_POST['AVS'];
$AVSString = avsCheck($AVS);

$fullVeriMessage = $paymentMode . $transStatusMessage . $cardAmount . $desc;
$DBVeriMessage = $paymentMode . $transStatusMessage . $cardAmount . $desc . $AVSString;
// WA DataAssist Update
$WA_connection = $albionwines;
$WA_table = "orders";
$WA_redirectURL = "";
if (function_exists("rel2abs")) $WA_redirectURL = $WA_redirectURL?rel2abs($WA_redirectURL,dirname(__FILE__)):"";
$WA_keepQueryString = false;
$WA_indexField = "OrderCartID";
$WA_fieldNamesStr = "worldPayRef|OrderStatus|OrderStatusMessage";
$WA_fieldValuesStr = "". $transID ."". $WA_AB_Split ."". $transStatusDB ."" . $WA_AB_Split . "". $DBVeriMessage ."";
$WA_columnTypesStr = "',none,''|',none,''|',none,''";
$WA_comparisonStr = "=|=";
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_fieldValues = explode($WA_AB_Split, $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);

$WA_where_fieldValuesStr = "".($cartID) ."";
$WA_where_columnTypesStr = "',none,''";
$WA_where_comparisonStr = "=";
$WA_where_fieldNames = explode("|", $WA_indexField);
$WA_where_fieldValues = explode($WA_AB_Split, $WA_where_fieldValuesStr);
$WA_where_columns = explode("|", $WA_where_columnTypesStr);
$WA_where_comparisons = explode("|", $WA_where_comparisonStr);

$WA_connectionDB = $database_albionwines;
mysql_select_db($WA_connectionDB, $WA_connection);

$updateParamsObj = WA_AB_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WhereObj = WA_AB_generateWhereClause($WA_where_fieldNames, $WA_where_columns, $WA_where_fieldValues, $WA_where_comparisons );
$WA_Sql = "UPDATE `" . $WA_table . "` SET " . $updateParamsObj->WA_setValues . " WHERE " . $WhereObj->sqlWhereClause . "";
$MM_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
<html xmlns="">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Albion Wineshippers - Checkout Response</title>
<body style="background-color: #fff;">
<div id="background" style="font-family: 'Times New Roman', Times, serif; background-color: #FFF; padding: 20px; text-align: center; color: #5F721C; font-size: 12px; width:97%">
<div id="page" style="padding: 10px; width: 600px; margin: 0 auto; text-align: left; background-color: #fff; border: 1px solid #C0C0C0;">
<div id="header" style="width: 600px; height: 84px">
<img src="/i/########/banner-email.jpg" height="84px" width="600px" />
<div id="contentWrapper" style="padding: 0px 2px 10px 2px;">
<div id="contentHeader" style="border-right-width: 0px; border-left-width: 0px;"></div>
<div id="content" style="padding: 0px 10px 10px 0px;"><WPDISPLAY ITEM=banner><br />
<br />
<?php echo($fullVeriMessage);?><br />
<br /><a href=""><img src="/i/######/returntoalbion.gif" width="177" height="27" align="right" /></a>


</div><div style="width: 600px; height: 13px;">
<img src="/i/######/footerbar_email.jpg" width="600px"; height"13px" />




Sign in to reply to this post


Hi Base5

I would like to use your script for the response page from Worldpay. If this is OK please could you give some specific additional information on what has to be edited in the script for use on my site and do extra columns etc. need to be added to the orders and users table and any other changes elsewhere?

Thanks in anticipation as any help would be appreciated.

Sign in to reply to this post


Jason, while waiting for a reply from Base5, do you have any comments on implementing this script?

Are new columns needed in the orders database and are changes needed elswhere? Is the creation of a Worldpay response page relatively straightforward?

Sign in to reply to this post

Jason ByrnesWebAssist

I cannot comment on the script provided, it is third party code that I have not tested and have not tried.

Sign in to reply to this post


Ok, I understand, but could you give a general outline of how a Worldpay response page can be configured to perform an update of the orders database.

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question





Ease of use


security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...