hi there thats pretty much correct, inyour worldpay installation you select your customer response url to go to the response page on your site which will process the response from world pay.
you can configure his page to update the order stored in the orders table.
As well as updating the order table with transaction success/refused information it also displays a message to the customer, the page is fetched by worldpay and then displayed, so any images you reference need to have the url as /i/#instalationID/imagename.jpg
and they need to be uploaded to your worldpay instalation.
i wrote he following script which takes the response from worldpay and updates the order.
feel free to use it:
<?php require_once($_SERVER['DOCUMENT_ROOT'] .'/Connections/yourconnectionfile.php'); ?>
<?php require_once($_SERVER['DOCUMENT_ROOT'] ."/webassist/database_management/wa_appbuilder_php.php"); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$mmid_ordersum = "-1";
if (isset($_POST['cartId'])) {
$mmid_ordersum = (get_magic_quotes_gpc()) ? $_POST['cartId'] : addslashes($_POST['cartId']);
}
mysql_select_db($database_albionwines, $albionwines);
$query_ordersum = sprintf("SELECT * FROM orders WHERE orders.OrderCartID = %s", GetSQLValueString($mmid_ordersum, "text"));
$ordersum = mysql_query($query_ordersum, $albionwines) or die(mysql_error());
$row_ordersum = mysql_fetch_assoc($ordersum);
$totalRows_ordersum = mysql_num_rows($ordersum);
$orderID = $row_ordersum['OrderID'];
$mmid_orderdet = "-1";
if (isset($orderID)) {
$mmid_orderdet = (get_magic_quotes_gpc()) ? $orderID : addslashes($orderID);
}
mysql_select_db($database_albionwines, $albionwines);
$query_orderdet = sprintf("SELECT * FROM orderdetails WHERE orderdetails.DetailOrderID = %s", GetSQLValueString($mmid_orderdet, "int"));
$orderdet = mysql_query($query_orderdet, $albionwines) or die(mysql_error());
$row_orderdet = mysql_fetch_assoc($orderdet);
$totalRows_orderdet = mysql_num_rows($orderdet);
?>
<?php
//get returned data for the worldpay transaction
// An integer greater than 0 (zero) specifying that this is a test payment.
// Specify the test result you want by entering REFUSED, AUTHORISED, ERROR or CAPTURED in the name parameter.
if(isset($_POST["testMode"])){
if($_POST["testMode"] > 0){
$paymentMode = '<b>Test Transaction</b><br>';
}else{
$paymentMode = '<b>Live Transaction</b><br>';
};
};
// the carts ID (Your own reference number for the order normally set to the sessionid)
if(isset($_POST["cartId"])){
$cartID = $_POST["cartId"];
};
if(isset($_POST["transId"])){
$transID = $_POST["transId"];
};
// Result of the transaction - "Y" for a successful payment authorisation, "C" for a cancelled payment
$transStatus = 0;
$transStatusMessage = 'Transaction Status: Not known<br>';
$transStatusDB = 'Pending';
if(isset($_POST['transStatus'])){
if($_POST['transStatus'] == 'Y'){
$transStatusMessage = 'The payment has been Authorised<br>';
$transStatusDB = 'Authorised';
};
if($_POST['transStatus'] == 'C'){
$transStatusMessage = 'The payment has been Cancelled<br>';
$transStatusDB = 'Cancelled';
}
};
$cardType = 'Card Type: Not avaliable';
// get the card type
if(isset($_POST['cardType'])){
$cardType = 'Card Type'. $_POST['cardType'].'';
};
$authAmountString = 'Amount authorised: Not avaliable<br>';
// HTML string produced from authorisation amount and currency
if(isset($_POST['authAmountString'])){
$authAmountString = 'Amount authorised: '.$_POST['authAmountString'].'<br>';
};
$cardAmount = $cardType.' '.$authAmountString.'<br>';
//A textual description of the payment (up to 255 characters). Note: For recurring payment response the desc parameter will include the word FuturePay as well as the payment number and FuturePay Agreement ID.
$desc = 'Purchase Description: Not known<br>';
if(isset($_POST['desc'])){
$desc = 'Purchase Description: '.$_POST['desc'].'<br>';
};
// The following function parses the data and returns a string with the results of the fraud check
function avsCheck($AVS){
// break the $AVS value into an array
if ($AVS <> ''){
//$AVSvalues = implode(',' , explode(',' , $AVS));
$AVSvalues = str_split($AVS);
//loop through our array of checks
for($i = 0; $i < count($AVSvalues); $i++){
//store the result of the current item as $checkValue
$checkValue = $AVSvalues[$i];
switch($i){
case 0://`first item is the card verification check
$cardVeriCheck = 'Card Verification check: '.$AVSMessages[$checkValue].'<br>';
break;
case 1: // second item is the postcode check
$postCodeCheck = 'Post Code Check: '.$AVSMessages[$checkValue].'<br>';
break;
case 2: // third item is the address check
$addressCheck = 'Address Check: '.$AVSMessages[$checkValue].'<br>';
break;
case 3: // fouth item is the country check
$countryCheck = 'Country Check: '.$AVSMessages[$checkValue].'<br>';
break;
};
};
//make string from the checks
$string = $cardVeriCheck . $postCodeCheck . $addressCheck . $countryCheck;
}else{
$string = 'did not recieve check results<br>';
};
return ($string);
};
$AVSString = 'Security Checks: Not Known<br>';
if(isset($_POST['AVS'])){
$AVS = $_POST['AVS'];
$AVSString = avsCheck($AVS);
};
$fullVeriMessage = $paymentMode . $transStatusMessage . $cardAmount . $desc;
$DBVeriMessage = $paymentMode . $transStatusMessage . $cardAmount . $desc . $AVSString;
?><?
// WA DataAssist Update
$WA_connection = $albionwines;
$WA_table = "orders";
$WA_redirectURL = "";
if (function_exists("rel2abs")) $WA_redirectURL = $WA_redirectURL?rel2abs($WA_redirectURL,dirname(__FILE__)):"";
$WA_keepQueryString = false;
$WA_indexField = "OrderCartID";
$WA_fieldNamesStr = "worldPayRef|OrderStatus|OrderStatusMessage";
$WA_fieldValuesStr = "". $transID ."". $WA_AB_Split ."". $transStatusDB ."" . $WA_AB_Split . "". $DBVeriMessage ."";
$WA_columnTypesStr = "',none,''|',none,''|',none,''";
$WA_comparisonStr = "=|=";
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_fieldValues = explode($WA_AB_Split, $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);
$WA_where_fieldValuesStr = "".($cartID) ."";
$WA_where_columnTypesStr = "',none,''";
$WA_where_comparisonStr = "=";
$WA_where_fieldNames = explode("|", $WA_indexField);
$WA_where_fieldValues = explode($WA_AB_Split, $WA_where_fieldValuesStr);
$WA_where_columns = explode("|", $WA_where_columnTypesStr);
$WA_where_comparisons = explode("|", $WA_where_comparisonStr);
$WA_connectionDB = $database_albionwines;
mysql_select_db($WA_connectionDB, $WA_connection);
$updateParamsObj = WA_AB_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WhereObj = WA_AB_generateWhereClause($WA_where_fieldNames, $WA_where_columns, $WA_where_fieldValues, $WA_where_comparisons );
$WA_Sql = "UPDATE `" . $WA_table . "` SET " . $updateParamsObj->WA_setValues . " WHERE " . $WhereObj->sqlWhereClause . "";
$MM_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Albion Wineshippers - Checkout Response</title>
</head>
<body style="background-color: #fff;">
<div id="background" style="font-family: 'Times New Roman', Times, serif; background-color: #FFF; padding: 20px; text-align: center; color: #5F721C; font-size: 12px; width:97%">
<div id="page" style="padding: 10px; width: 600px; margin: 0 auto; text-align: left; background-color: #fff; border: 1px solid #C0C0C0;">
<div id="header" style="width: 600px; height: 84px">
<img src="/i/########/banner-email.jpg" height="84px" width="600px" />
</div>
<div id="contentWrapper" style="padding: 0px 2px 10px 2px;">
<div id="contentHeader" style="border-right-width: 0px; border-left-width: 0px;"></div>
<div id="content" style="padding: 0px 10px 10px 0px;"><WPDISPLAY ITEM=banner><br />
<br />
<?php echo($fullVeriMessage);?><br />
<br /><a href="http://www.mywebsite.co.uk/index.php"><img src="/i/######/returntoalbion.gif" width="177" height="27" align="right" /></a>
</div>
</div><div style="width: 600px; height: 13px;">
<img src="/i/######/footerbar_email.jpg" width="600px"; height"13px" />
</div>
</div>
</div>
</body>
</html>
<?php
mysql_free_result($orderdet);
mysql_free_result($ordersum);
?>