====== PHP Hosted Subscriptions ======

**Settings file (nuvei_account.inc):**

<file php nuvei_account.inc>

<?php

# These values are used to identify and validate the account that you are using. They are mandatory.
$gateway = '';			# This is the Nuvei payments gateway that you should use, assigned to the site by Nuvei.
$terminalId = '';		# This is the Terminal ID assigned to the site by Nuvei.
$currency = '';			# This is the 3 digit ISO currency code for the above Terminal ID.
$secret = '';			# This shared secret is used when generating the hash validation strings. 
				# It must be set exactly as it is in the Nuvei SelfCare  system.
$testAccount = true;

# These are used only in the case where the response hash is incorrect, which should
# never happen in the live environment unless someone is attempting fraud.
$adminEmail = '';
$adminPhone = '';

?>

</file>
----
\\
**Subscription redirect (nuvei_subscription.php):**

<file php nuvei_subscription.php>

<?php

# This is the file that contains the account settings for Nuvei.
require('nuvei.inc');

# This is a helper file for integrating to the Nuvei HPP in PHP.
require('nuvei_subscription_functions.inc');

$subscriptionAction = '';		# "register" or "update".
$subscriptionMerchantRef = '';	     # Unique Merchant Reference for this subscription. Length is limited to 48 chars.
$storedSubscriptionMerchantRef = '';	     # The Merchant Reference for the Stored Subscription (Subscription template/payment plan) that you would like this subscription to run under.
$secureCardMerchantRef = '';	     # The Merchant Reference of the SecureCard that the Subscription is to be set up on.
$startDate = '';	         # The date the Subscription is to start on (note the setup payment will still be taken immediately if it is >0). Format: DD-MM-YYYY
$host ='';			# This is your host eg. http://localhost:8000
$dateTime = requestDateTime();

# Verification string
$requestHash = subscriptionRequestHash($subscriptionMerchantRef,$secureCardMerchantRef, $dateTime, $startDate);

$requestURL = $host."/merchant/subscriptionpage/".$subscriptionAction;
# Write the HTML of the submission form
echo "<html><body><form id='nuveisubscriptionform' action='" . $requestURL . "' method='post'>\n";
writeHiddenField("TERMINALID", $terminalId);
writeHiddenField("MERCHANTREF", $subscriptionMerchantRef);
writeHiddenField("STOREDSUBSCRIPTIONREF", $storedSubscriptionMerchantRef);
writeHiddenField("SECURECARDMERCHANTREF", $secureCardMerchantRef);
writeHiddenField("DATETIME", $dateTime);
writeHiddenField("STARTDATE", $startDate);
writeHiddenField("HASH", $requestHash);

# Write the JavaScript that will submit the form to Nuvei.
echo '</form>Submitting Subscription setup request to Nuvei...<script language="JavaScript">document.getElementById("nuveisubscriptionform").submit();</script></body></html>';

?>

</file>
----
\\
Subscription URL **(nuvei_subscription_response.php)** (URL for this page is setup as “**Subscription URL**” through Terminal Setup in the SelfCare  ):

<file php nuvei_subscription_response.php>

<?php

# This is the file that contains the account settings for Nuvei.
require('nuvei_account.inc');

# This is a helper file for integrating to the Nuvei HPP in PHP.
require('nuvei_subscription_functions.inc');

if($_REQUEST["RESPONSECODE"] != "A") echo 'AN ERROR OCCURED! Your Subscription setup request failed. Error message: ' . $_REQUEST["RESPONSETEXT"];
} elseif(subscriptionResponseHashIsValid($_REQUEST["RESPONSECODE"], $_REQUEST["RESPONSETEXT"], $_REQUEST["MERCHANTREF"], $_REQUEST["DATETIME"], $_REQUEST["HASH"])) {
	switch($_REQUEST["RESPONSECODE"]) {
		case "A" :	# Subscription setup suceeded. You should store the following details against the user account:
				$subscriptionMerchantRef = $_REQUEST["MERCHANTREF"];
				echo "Subscription successfully registered.";
				break;
		default  :	# Subscription registration failed.
				echo 'SUBSCRIPTION REGISTRATION FAILED! Error Code: ' . $_REQUEST["RESPONSECODE"] . ', Response text: ' . $_REQUEST["RESPONSETEXT"] . '.';
	}
} else {
	echo 'SUBSCRIPTION REGISTRATION FAILED: INVALID RESPONSE HASH. Please contact ' . $adminEmail . ' or call ' . $adminPhone . ' to inform them of this error.';
	if(isset($_REQUEST["ORDERID"])) echo 'Please quote Nuvei Terminal ID: ' . $terminalId . ', and Subscription Merchant Reference: ' . $_REQUEST["MERCHANTREF"] . ' when mailling or calling.';
}

?>

</file>
----
\\
**Helper file (nuvei_subscription_functions.inc):**

<file php nuvei_subscription_functions.inc>

<?php

# This function returns the URL that should be used as the "action" for the form posting the Nuvei's servers.
function subscriptionURL($subscriptionAction) {
	global $gateway, $testAccount;
	$url = 'https://';
	if($testAccount) $url .= 'test';
	switch (strtolower($gateway)) {
		default :
		case 'nuvei'  : $url .= 'payments'; break;
		case 'cashflows' : $url .= 'cashflows'; break;
	}
	$url .= '.nuvei.com/merchant/subscriptionpage/'.$subscriptionAction;
	return $url;
}

# This simply reduces the PHP code required to build the form.
function writeHiddenField($fieldName, $fieldValue) {
	echo "<input type='hidden' name='" . $fieldName . "' value='" . $fieldValue . "' />\r";
}

# This generates a DATETIME value in the correct format expected in the request.
function requestDateTime() {
	return date('d-m-Y:H:i:s:000');
}

# This is used to generate the Authorisation Request Hash.
function subscriptionRequestHash($merchantRef, $secureCardMerchantRef, $dateTime, $startDate) {
	global $terminalId, $secret;
	return md5($terminalId . $merchantRef . $secureCardMerchantRef . $dateTime . $startDate . $secret);
}

# This function is used to validate that the MPI Response Hash from the server is correct.
#     If subscriptionResponseHashIsValid(...) != $_REQUEST["HASH"] then an error should be shown and the Subscription registration should fail.
function subscriptionResponseHashIsValid($responseCode, $responseText, $subscriptionMerchantRef, $dateTime, $responseHash) {
	global $terminalId, $secret;
	return (md5($terminalId . $responseCode . $responseText . $subscriptionMerchantRef . $dateTime . $secret)==$responseHash);
}

?>

</file>