close ad
WARNING PC USERS: Do Not Install the DREAMWEAVER CC 2017 Update »
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Sage Pay Integration - how difficult is this?

Thread began 8/10/2015 6:49 pm by Nathon Jones Web Design | Last modified 8/12/2015 1:22 pm by Ray Borduin | 301 views | 5 replies |

Nathon Jones Web Design

Sage Pay Integration - how difficult is this?

Do you have any guides on integration with Sage Pay?

I notice it as an option in the eCart Checkout Wizard and we have the Vendor and Encryption Password for the VPS Form Settings albeit I believe these are for the test environment which we've been given a link to:
https://test.sagepay.com/mysagepay/login.msp

This is a brand new setup so they are using version 3, although I can't see where to verify this at Sage Pay.

When I go into the Orders tab in the eCart Checkout Wizard I notice a "Default - Sage Pay" Orders table preset which I assume will be created into our MySQL database upon completion of the wizard.

Thing is, I don't have the UPS details from the client yet so am nervous about completing the wizard as, as far as I understand it, there's no way to go back into the wizard to add the UPS option once you've run the wizard, is that correct?

Would appreciate some advice on how easy it is to set up with Sage Pay and if there is anything, in particular, I should look out for as it appears that quite a few people have had some trouble with it when using eCart.

Thank you.
NJ

Sign in to reply to this post

Ray BorduinWebAssist

You will have to update the code to use V3 of sage pay manually after running the wizard. There is a forum post that you can find that has all of the necessary code and steps.

Run the wizard with UPS and just put in bad credentials. It should just fail to return a result and won't cause issues and then you can update the UPS server behavior on the confirm_cart with the correct credentials once you have them.

Sign in to reply to this post

Nathon Jones Web Design

There are lots of Sage Pay v3 posts Ray. Which one, in particular, has the code that I need?

Also, are there plans to update eCart to accommodate this change by Sage Pay? I'm assuming what you're saying is that the current version of eCart doesn't work with Sage Pay.

Thank you.
NJ

Sign in to reply to this post

Ray BorduinWebAssist

This post has all the information you need:

http://www.webassist.com/forums/post/191854/


We will have to update eCart to work with the new version of Sagepay in the next release. It currently only works with Sagepay v2

Sign in to reply to this post

Nathon Jones Web Design

Thank you.

mcrypt is installed on our server.

We have replaced Protx_VSPForm.php with the newer version that you provided in the forum post you've linked to above (however further down that thread you provide another version. Can you confirm which one is correct?).

We immediately realised that, within that new Protx_VSPForm.php file, you've got a generic Encryption Password which, when we tried to use it, obviously failed as being incorrect. You have the following on line 2 of that file:
$Protx_EncryptionPassword = "8GejG5SG2jCjMsbY";

Checking the version of Protx_VSPForm.php that eCart Checkout Wizard installed by default on OUR site we note that its line 2 is:
$Protx_EncryptionPassword = "<?php echo($WA_SagePay_VSP_Form_Encryption_Password); ?>";

Can you clarify if we should use the above reference or should we just manually enter our own encryption password as you have done with your replacement example file?

We assume that if we use this:
<?php echo($WA_SagePay_VSP_Form_Encryption_Password); ?>

...then eCart is trying to use the encryption password that was entered when using the eCart Checkout Wizard which we are unable to check/change because we can't re-enter the wizard. Where is this value stored?

On confirm.php we changed the hidden form element to this:

<input type="hidden" name="VPSProtocol" id="VPSProtocol" value="3.0" />



...and, just below it we added this:

<?php
$timeStamp = WAEC_getTimestamp();
$optionArray = array();
$optionArray['VendorTxCode'] = $timeStamp;
$optionArray['Amount'] = $whiskyCART->GrandTotal();
$optionArray['Currency'] = "GBP";
$optionArray['Description'] = $timeStamp;
$optionArray['SuccessURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_success.php";
$optionArray['FailureURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_failure.php";
$optionArray['CustomerEmail'] = ((isset($_POST["Email_Address"]))?$_POST["Email_Address"]:"");
$optionArray['VendorEmail'] = "info@whiskybroker.co.uk";
$optionArray['DeliverySurname'] = ((isset($_POST["Last_Name_2"]))?$_POST["Last_Name_2"]:"");
$optionArray['DeliveryFirstnames'] = ((isset($_POST["First_Name_2"]))?$_POST["First_Name_2"]:"");
$optionArray['DeliveryAddress1'] = ((isset($_POST["Address_1_2"]))?$_POST["Address_1_2"]:"");
$optionArray['DeliveryAddress2'] = ((isset($_POST["Address_2_2"]))?$_POST["Address_2_2"]:"");
$optionArray['DeliveryPostCode'] = ((isset($_POST["Postal_Code_2"]))?$_POST["Postal_Code_2"]:"");
$optionArray['DeliveryCity'] = ((isset($_POST["City_2"]))?$_POST["City_2"]:"");
$optionArray['DeliveryCountry'] = ((isset($_POST["Country_2"]))?$_POST["Country_2"]:"");
$optionArray['BillingSurname'] = ((isset($_POST["Last_Name"]))?$_POST["Last_Name"]:"");
$optionArray['BillingFirstnames'] = ((isset($_POST["First_Name"]))?$_POST["First_Name"]:"");
$optionArray['BillingAddress1'] = ((isset($_POST["Address_1"]))?$_POST["Address_1"]:"");
$optionArray['BillingAddress2'] = ((isset($_POST["Address_2"]))?$_POST["Address_2"]:"");
$optionArray['BillingPostCode'] = ((isset($_POST["Postal_Code"]))?$_POST["Postal_Code"]:"");
$optionArray['BillingCity'] = ((isset($_POST["City"]))?$_POST["City"]:"");
$optionArray['BillingCountry'] = ((isset($_POST["Country"]))?$_POST["Country"]:"");
$optionArray['ContactNumber'] = ((isset($_POST["Phone_Number"]))?$_POST["Phone_Number"]:"");
$optionArray['ContactFax'] = ((isset($_POST["Fax_Number"]))?$_POST["Fax_Number"]:"");
$optionArray['AllowGiftAid'] = "0";
$optionArray['ApplyAVSCV2'] = "0";
$optionArray['Apply3DSecure'] = "0";
$optionArray['EMailMessage'] = "";
?>



We still have the following below that though...

<input id="TxType" name="TxType" type="hidden" value="<?php echo("PAYMENT"); ?>">
<input id="VendorTxCode" name="VendorTxCode" type="hidden" value="<?php echo("".WAEC_getTimestamp() .""); ?>">
<input id="Amount" name="Amount" type="hidden" value="<?php echo("".$whiskyCART->GrandTotal() .""); ?>">
<input id="Currency" name="Currency" type="hidden" value="<?php echo("GBP"); ?>">
<input id="Description" name="Description" type="hidden" value="<?php echo("".WAEC_getTimestamp() .""); ?>">
<input id="SuccessURL" name="SuccessURL" type="hidden" value="<?php echo("checkout_success.php"); ?>">
<input id="FailureURL" name="FailureURL" type="hidden" value="<?php echo("checkout_failure.php"); ?>">
<input id="CustomerEMail" name="CustomerEMail" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Email_Address')) .""); ?>">
<input id="BillingAddress1" name="BillingAddress1" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1')) .""); ?>">
<input id="BillingPostCode" name="BillingPostCode" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code')) .""); ?>">
<input id="BillingSurname" name="BillingSurname" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name')) .""); ?>">
<input id="BillingFirstnames" name="BillingFirstnames" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name')) .""); ?>">
<input id="BillingState" name="BillingState" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','State')) .""); ?>">
<input id="BillingCity" name="BillingCity" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City')) .""); ?>">
<input id="BillingCountry" name="BillingCountry" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country')) .""); ?>">
<input id="DeliveryAddress1" name="DeliveryAddress1" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1_2')) .""); ?>">
<input id="DeliveryPostCode" name="DeliveryPostCode" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code_2')) .""); ?>">
<input id="DeliverySurname" name="DeliverySurname" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name_2')) .""); ?>">
<input id="DeliveryFirstnames" name="DeliveryFirstnames" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name_2')) .""); ?>">
<input id="DeliveryCity" name="DeliveryCity" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City_2')) .""); ?>">
<input id="DeliveryState" name="DeliveryState" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','State_2')) .""); ?>">
<input id="DeliveryCountry" name="DeliveryCountry" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country_2')) .""); ?>">
<input id="ContactNumber" name="ContactNumber" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Phone_Number')) .""); ?>">
<input id="ContactFax" name="ContactFax" type="hidden" value="<?php echo("".(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Fax_Number')) .""); ?>">
<input id="AllowGiftAid" name="AllowGiftAid" type="hidden" value="<?php echo("0"); ?>">
<input id="ApplyAVSCV2" name="ApplyAVSCV2" type="hidden" value="<?php echo("0"); ?>">
<input id="Apply3DSecure" name="Apply3DSecure" type="hidden" value="<?php echo("0"); ?>">



Should we have removed that?

Then, just below that, we have...

<input id="Crypt" name="Crypt" type="hidden" value="<?php echo("".WA_Protx_VSPFormHash($whiskyCART, ''.($WA_SagePay_VSP_Form_Encryption_Password)  .'', ''.WAEC_getTimestamp()  .'', ''.$whiskyCART->GrandTotal()  .'', 'GBP', ''.WAEC_getTimestamp()  .'', 'checkout_success.php', 'checkout_failure.php', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Email_Address'))  .'', '', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country_2'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Last_Name'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','First_Name'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Address_1'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Postal_Code'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','City'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Country'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Phone_Number'))  .'', ''.(WA_getSavedFormValue('CheckoutWizard_NewFromBlank_Default','Fax_Number'))  .'', '0', '0', '0', '')  .""); ?>">



...but you've instructed us to remove that and replace it with:

<input type="hidden" name="Crypt" id="Crypt" value="<?php echo WA_Protx_VSPFormHash_v3($whiskyCART, "[yourprotxpassword]", $optionArray); ?>" />



Is that correct?

Sage Pay offer 4 different types of integration:
http://www.sagepay.co.uk/support/integration-kits-protocols-document

Form Integration
Server Integration
Server InFrame Integration
Direct Integration

Which one should we be using with eCart because the test URL is different for each?

For example:
Form Integration - https://test.sagepay.com/gateway/service/vspform-register.vsp
Server Integration - https://test.sagepay.com/gateway/service/vspserver-register.vsp

When we test all of this, using the Form Integration method, we get the following error:

This transaction attempt has failed. We are unable to redirect you back to the web store from which you were purchasing. The details of the failure are given below.
Status: ERROR
Status Detail: 5070 : Form transactions are disabled for this vendor in the test environment. Please contact support to re-enable this functionality.

Prior to this we were getting:
Error number: 3076 Error message: The NotificationURL is required. Explanation: The NotificationURL is required. Solution: There is a problem with the details that have been supplied. Please check and retry Site Section: Support

We contacted Sage Pay support and they confirmed that form transactions were disabled on the account. They re-enabled them for us but now we're getting the following:

This transaction attempt has failed. We are unable to redirect you back to the web store from which you were purchasing. The details of the failure are given below.
Status: MALFORMED
Status Detail: 3045 : The Currency field is missing.

Hope you can help. I attach confirm.php and Protx_VSPForm.php.

Thank you.
NJ

EDIT:

I changed the form on confirm.php to this:

<form class="NewFromBlank_Default" id="Payment_NewFromBlank_Default" name="Payment_NewFromBlank_Default" method="post" action="https://test.sagepay.com/gateway/service/vspform-register.vsp">
<!--
WebAssist CSS Form Builder - Form v1
CC: eCommerce
CP: Payment
TC: <New From Blank>
TP: Default
-->
<ul class="NewFromBlank_Default">
<li>
<fieldset class="NewFromBlank_Default" id="Payment_Info">
<legend class="groupHeader">Complete your Purchase</legend>
<ul class="formList">
<li class="formItem">
<span class="buttonFieldGroup" >
<input id="Vendor" name="Vendor" type="hidden" value="<?php echo("".($WA_SagePay_VSP_Form_Vendor) .""); ?>">
<input id="EncryptionPassword" name="EncryptionPassword" type="hidden" value="<?php echo("".($WA_SagePay_VSP_Form_Encryption_Password) .""); ?>">
<input id="VPSProtocol" name="VPSProtocol" type="hidden" value="3.0">
<input id="TxType" name="TxType" type="hidden" value="<?php echo("PAYMENT"); ?>">

<?php
$timeStamp = WAEC_getTimestamp();
$optionArray = array();
$optionArray['VendorTxCode'] = $timeStamp;
$optionArray['Amount'] = $whiskyCART->GrandTotal();
$optionArray['Currency'] = "GBP";
$optionArray['Description'] = $timeStamp;
$optionArray['SuccessURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_success.php";
$optionArray['FailureURL'] = "http://www.nathonjoneswebdesign.co.uk/whiskybroker/checkout_failure.php";
$optionArray['CustomerEmail'] = ((isset($_POST["Email_Address"]))?$_POST["Email_Address"]:"");
$optionArray['VendorEmail'] = "info@whiskybroker.co.uk";
$optionArray['DeliverySurname'] = ((isset($_POST["Last_Name_2"]))?$_POST["Last_Name_2"]:"");
$optionArray['DeliveryFirstnames'] = ((isset($_POST["First_Name_2"]))?$_POST["First_Name_2"]:"");
$optionArray['DeliveryAddress1'] = ((isset($_POST["Address_1_2"]))?$_POST["Address_1_2"]:"");
$optionArray['DeliveryAddress2'] = ((isset($_POST["Address_2_2"]))?$_POST["Address_2_2"]:"");
$optionArray['DeliveryPostCode'] = ((isset($_POST["Postal_Code_2"]))?$_POST["Postal_Code_2"]:"");
$optionArray['DeliveryCity'] = ((isset($_POST["City_2"]))?$_POST["City_2"]:"");
$optionArray['DeliveryCountry'] = ((isset($_POST["Country_2"]))?$_POST["Country_2"]:"");
$optionArray['BillingSurname'] = ((isset($_POST["Last_Name"]))?$_POST["Last_Name"]:"");
$optionArray['BillingFirstnames'] = ((isset($_POST["First_Name"]))?$_POST["First_Name"]:"");
$optionArray['BillingAddress1'] = ((isset($_POST["Address_1"]))?$_POST["Address_1"]:"");
$optionArray['BillingAddress2'] = ((isset($_POST["Address_2"]))?$_POST["Address_2"]:"");
$optionArray['BillingPostCode'] = ((isset($_POST["Postal_Code"]))?$_POST["Postal_Code"]:"");
$optionArray['BillingCity'] = ((isset($_POST["City"]))?$_POST["City"]:"");
$optionArray['BillingCountry'] = ((isset($_POST["Country"]))?$_POST["Country"]:"");
$optionArray['ContactNumber'] = ((isset($_POST["Phone_Number"]))?$_POST["Phone_Number"]:"");
$optionArray['ContactFax'] = ((isset($_POST["Fax_Number"]))?$_POST["Fax_Number"]:"");
$optionArray['AllowGiftAid'] = "0";
$optionArray['ApplyAVSCV2'] = "0";
$optionArray['Apply3DSecure'] = "0";
$optionArray['EMailMessage'] = "";
?>



<input type="hidden" name="Crypt" id="Crypt" value="<?php echo WA_Protx_VSPFormHash_v3($whiskyCART, $WA_SagePay_VSP_Form_Encryption_Password, $optionArray); ?>" />

<input class="formButton" name="Payment_submit" type="submit" id="Payment_submit" value="Process Payment" tabindex="101">
</span>
</li>
</ul>
</fieldset>
</li>
</ul>
</form>



...and it's submitting nicely to the Sage Pay test environment now however we're in an odd situation where no shipping is being added to the order despite us hooking up the UPS account - details of that are here: http://www.webassist.com/forums/posts.php?pid=194457

Hope you can help. Thank you.
NJ

Attached Files
Protx_VSPForm.php
confirm.php
Sign in to reply to this post

Ray BorduinWebAssist

I'm working with you on the UPS shipping quote issue in another thread. Let's handle it there so we aren't repeating efforts.

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...