World pay payment response updating orders

Thanks for the answer Base5.

Another question, I am a little confused on how to do the payment respsonse page. Is this scenario correct?

Click checkout, complete details, submit to WorldPay and pay. Successful payment which includes transaction ID and another id is then sent back to your website where code on the page captures these details, displays the order summary etc. etc. This would be instead of the default WorldPay completion page would it?

If so, is there a default page already setup for WorlPay that I can use within ECart or does WorldPay have this for download?, as I am not sure how to do this or what coding to use to capture the details etc. What I have done so far returns this error message:

Error Reported: Callback to (web page full url) NOT OK, received HTTP status: 302 Server reference blah, blah, blah

Many thanks for any answers

hi there thats pretty much correct, inyour worldpay installation you select your customer response url to go to the response page on your site which will process the response from world pay.
you can configure his page to update the order stored in the orders table.

As well as updating the order table with transaction success/refused information it also displays a message to the customer, the page is fetched by worldpay and then displayed, so any images you reference need to have the url as /i/#instalationID/imagename.jpg
and they need to be uploaded to your worldpay instalation.

i wrote he following script which takes the response from worldpay and updates the order.
feel free to use it:

<?php require_once($_SERVER['DOCUMENT_ROOT'] .'/Connections/yourconnectionfile.php'); ?>
<?php require_once($_SERVER['DOCUMENT_ROOT'] ."/webassist/database_management/wa_appbuilder_php.php"); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$mmid_ordersum = "-1";
if (isset($_POST['cartId'])) {
$mmid_ordersum = (get_magic_quotes_gpc()) ? $_POST['cartId'] : addslashes($_POST['cartId']);
}
mysql_select_db($database_albionwines, $albionwines);
$query_ordersum = sprintf("SELECT * FROM orders WHERE orders.OrderCartID = %s", GetSQLValueString($mmid_ordersum, "text"));
$ordersum = mysql_query($query_ordersum, $albionwines) or die(mysql_error());
$row_ordersum = mysql_fetch_assoc($ordersum);
$totalRows_ordersum = mysql_num_rows($ordersum);
$orderID = $row_ordersum['OrderID'];

$mmid_orderdet = "-1";
if (isset($orderID)) {
$mmid_orderdet = (get_magic_quotes_gpc()) ? $orderID : addslashes($orderID);
}
mysql_select_db($database_albionwines, $albionwines);
$query_orderdet = sprintf("SELECT * FROM orderdetails WHERE orderdetails.DetailOrderID = %s", GetSQLValueString($mmid_orderdet, "int"));
$orderdet = mysql_query($query_orderdet, $albionwines) or die(mysql_error());
$row_orderdet = mysql_fetch_assoc($orderdet);
$totalRows_orderdet = mysql_num_rows($orderdet);
?>
<?php
//get returned data for the worldpay transaction

// An integer greater than 0 (zero) specifying that this is a test payment.
// Specify the test result you want by entering REFUSED, AUTHORISED, ERROR or CAPTURED in the name parameter.
if(isset($_POST["testMode"])){
if($_POST["testMode"] > 0){
$paymentMode = '<b>Test Transaction</b><br>';
}else{
$paymentMode = '<b>Live Transaction</b><br>';
};
};
// the carts ID (Your own reference number for the order normally set to the sessionid)
if(isset($_POST["cartId"])){
$cartID = $_POST["cartId"];
};
if(isset($_POST["transId"])){
$transID = $_POST["transId"];
};
// Result of the transaction - "Y" for a successful payment authorisation, "C" for a cancelled payment
$transStatus = 0;
$transStatusMessage = 'Transaction Status: Not known<br>';
$transStatusDB = 'Pending';
if(isset($_POST['transStatus'])){
if($_POST['transStatus'] == 'Y'){
$transStatusMessage = 'The payment has been Authorised<br>';
$transStatusDB = 'Authorised';
};
if($_POST['transStatus'] == 'C'){
$transStatusMessage = 'The payment has been Cancelled<br>';
$transStatusDB = 'Cancelled';
}
};
$cardType = 'Card Type: Not avaliable';
// get the card type
if(isset($_POST['cardType'])){
$cardType = 'Card Type'. $_POST['cardType'].'';
};
$authAmountString = 'Amount authorised: Not avaliable<br>';
// HTML string produced from authorisation amount and currency
if(isset($_POST['authAmountString'])){
$authAmountString = 'Amount authorised: '.$_POST['authAmountString'].'<br>';
};
$cardAmount = $cardType.' '.$authAmountString.'<br>';
//A textual description of the payment (up to 255 characters). Note: For recurring payment response the desc parameter will include the word FuturePay as well as the payment number and FuturePay Agreement ID.
$desc = 'Purchase Description: Not known<br>';
if(isset($_POST['desc'])){
$desc = 'Purchase Description: '.$_POST['desc'].'<br>';
};
// The following function parses the data and returns a string with the results of the fraud check
function avsCheck($AVS){
// break the $AVS value into an array
if ($AVS <> ''){
//$AVSvalues = implode(',' , explode(',' , $AVS));
$AVSvalues = str_split($AVS);
//loop through our array of checks
for($i = 0; $i < count($AVSvalues); $i++){
//store the result of the current item as $checkValue
$checkValue = $AVSvalues[$i];
switch($i){
case 0://`first item is the card verification check
$cardVeriCheck = 'Card Verification check: '.$AVSMessages[$checkValue].'<br>';
break;
case 1: // second item is the postcode check
$postCodeCheck = 'Post Code Check: '.$AVSMessages[$checkValue].'<br>';
break;
case 2: // third item is the address check
$addressCheck = 'Address Check: '.$AVSMessages[$checkValue].'<br>';
break;
case 3: // fouth item is the country check
$countryCheck = 'Country Check: '.$AVSMessages[$checkValue].'<br>';
break;
};
};
//make string from the checks
$string = $cardVeriCheck . $postCodeCheck . $addressCheck . $countryCheck;
}else{
$string = 'did not recieve check results<br>';
};
return ($string);
};
$AVSString = 'Security Checks: Not Known<br>';
if(isset($_POST['AVS'])){
$AVS = $_POST['AVS'];
$AVSString = avsCheck($AVS);
};

$fullVeriMessage = $paymentMode . $transStatusMessage . $cardAmount . $desc;
$DBVeriMessage = $paymentMode . $transStatusMessage . $cardAmount . $desc . $AVSString;
?><?
// WA DataAssist Update
$WA_connection = $albionwines;
$WA_table = "orders";
$WA_redirectURL = "";
if (function_exists("rel2abs")) $WA_redirectURL = $WA_redirectURL?rel2abs($WA_redirectURL,dirname(__FILE__)):"";
$WA_keepQueryString = false;
$WA_indexField = "OrderCartID";
$WA_fieldNamesStr = "worldPayRef|OrderStatus|OrderStatusMessage";
$WA_fieldValuesStr = "". $transID ."". $WA_AB_Split ."". $transStatusDB ."" . $WA_AB_Split . "". $DBVeriMessage ."";
$WA_columnTypesStr = "',none,''|',none,''|',none,''";
$WA_comparisonStr = "=|=";
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_fieldValues = explode($WA_AB_Split, $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);

$WA_where_fieldValuesStr = "".($cartID) ."";
$WA_where_columnTypesStr = "',none,''";
$WA_where_comparisonStr = "=";
$WA_where_fieldNames = explode("|", $WA_indexField);
$WA_where_fieldValues = explode($WA_AB_Split, $WA_where_fieldValuesStr);
$WA_where_columns = explode("|", $WA_where_columnTypesStr);
$WA_where_comparisons = explode("|", $WA_where_comparisonStr);

$WA_connectionDB = $database_albionwines;
mysql_select_db($WA_connectionDB, $WA_connection);

$updateParamsObj = WA_AB_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WhereObj = WA_AB_generateWhereClause($WA_where_fieldNames, $WA_where_columns, $WA_where_fieldValues, $WA_where_comparisons );
$WA_Sql = "UPDATE `" . $WA_table . "` SET " . $updateParamsObj->WA_setValues . " WHERE " . $WhereObj->sqlWhereClause . "";
$MM_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Albion Wineshippers - Checkout Response</title>
</head>
<body style="background-color: #fff;">
<div id="background" style="font-family: 'Times New Roman', Times, serif; background-color: #FFF; padding: 20px; text-align: center; color: #5F721C; font-size: 12px; width:97%">
<div id="page" style="padding: 10px; width: 600px; margin: 0 auto; text-align: left; background-color: #fff; border: 1px solid #C0C0C0;">
<div id="header" style="width: 600px; height: 84px">
<img src="/i/########/banner-email.jpg" height="84px" width="600px" />
</div>
<div id="contentWrapper" style="padding: 0px 2px 10px 2px;">
<div id="contentHeader" style="border-right-width: 0px; border-left-width: 0px;"></div>
<div id="content" style="padding: 0px 10px 10px 0px;"><WPDISPLAY ITEM=banner><br />
<br />
<?php echo($fullVeriMessage);?><br />
<br /><a href="http://www.mywebsite.co.uk/index.php"><img src="/i/######/returntoalbion.gif" width="177" height="27" align="right" /></a>

</div>

</div><div style="width: 600px; height: 13px;">
<img src="/i/######/footerbar_email.jpg" width="600px"; height"13px" />
</div>
</div>

</div>
</body>
</html>

<?php
mysql_free_result($orderdet);

mysql_free_result($ordersum);
?>

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

8/25/2011 5:22 am | #1 Base5 Designs