Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
developer:sample_codes:php_hosted_secure_cards [2017/11/02 04:50] tleite |
developer:sample_codes:php_hosted_secure_cards [2018/12/03 10:26] 127.0.0.1 external edit |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== PHP Hosted SecureCards ====== | ||
| + | |||
| + | **Settings file (nuvei_account.inc):** | ||
| + | |||
| + | <file php nuvei_account.inc> | ||
| + | |||
| + | <?php | ||
| + | |||
| + | # These values are used to identify and validate the account that you are using. They are mandatory. | ||
| + | $gateway = ''; # This is the Nuvei payments gateway that you should use, assigned to the site by Nuvei. | ||
| + | $terminalId = ''; # This is the Terminal ID assigned to the site by Nuvei. | ||
| + | $currency = ''; # This is the 3 digit ISO currency code for the above Terminal ID. | ||
| + | $secret = ''; # This shared secret is used when generating the hash validation strings. | ||
| + | # It must be set exactly as it is in the Nuvei SelfCare system. | ||
| + | $testAccount = true; | ||
| + | |||
| + | # These are used only in the case where the response hash is incorrect, which should | ||
| + | # never happen in the live environment unless someone is attempting fraud. | ||
| + | $adminEmail = ''; | ||
| + | $adminPhone = ''; | ||
| + | |||
| + | ?> | ||
| + | |||
| + | </file> | ||
| + | ---- | ||
| + | \\ | ||
| + | **SecureCard redirect (nuvei_securecard.php):** | ||
| + | |||
| + | <file php nuvei_securecard.php> | ||
| + | |||
| + | <?php | ||
| + | |||
| + | # This is the file that contains the account settings for Nuvei. | ||
| + | require('nuvei_account.inc'); | ||
| + | |||
| + | # This is a helper file for integrating to the Nuvei HPP in PHP. | ||
| + | require('nuvei_securecard_functions.inc'); | ||
| + | |||
| + | $secureCardAction = ''; # "register" or "update". | ||
| + | $secureCardMerchantRef = ''; # Unique Merchant Reference for this card. Length is limited to 48 chars. | ||
| + | $host = ''; # This is your host eg. http://localhost:8000 | ||
| + | $dateTime = requestDateTime(); | ||
| + | |||
| + | # Verification string | ||
| + | $requestHash = secureCardRequestHash($secureCardMerchantRef, $dateTime, $secureCardAction); | ||
| + | $requestURL = $host."/merchant/securecardpage"; | ||
| + | # Write the HTML of the submission form | ||
| + | echo "<html><body><form id='nuveisecurecardform' action='" . $requestURL . "' method='post'>\n"; | ||
| + | writeHiddenField("ACTION", $secureCardAction); | ||
| + | writeHiddenField("TERMINALID", $terminalId); | ||
| + | writeHiddenField("MERCHANTREF", $secureCardMerchantRef); | ||
| + | writeHiddenField("DATETIME", $dateTime); | ||
| + | writeHiddenField("HASH", $requestHash); | ||
| + | |||
| + | # Write the JavaScript that will submit the form to Nuvei. | ||
| + | echo '</form>Submitting SecureCard request to Nuvei...<script language="JavaScript">document.getElementById("nuveisecurecardform").submit();</script></body></html>'; | ||
| + | |||
| + | ?> | ||
| + | |||
| + | </file> | ||
| + | |||
| + | |||
| + | ---- | ||
| + | \\ | ||
| + | Secure Card URL (**nuvei_securecard_response.php**) (URL for this page is setup as “**Secure Card URL**” through Terminal Setup in the SelfCare ): | ||
| + | |||
| + | <file php nuvei_securecard_response.php> | ||
| + | |||
| + | <?php | ||
| + | |||
| + | # This is the file that contains the account settings for Nuvei. | ||
| + | require('nuvei_account.inc'); | ||
| + | |||
| + | # This is a helper file for integrating to the Nuvei HPP in PHP. | ||
| + | require('nuvei_securecard_functions.inc'); | ||
| + | |||
| + | if($_REQUEST["RESPONSECODE"] != "A") echo 'AN ERROR OCCURED! Your SecureCard request failed. Error message: ' . $_REQUEST["RESPONSETEXT"]; | ||
| + | elseif(secureCardResponseHashIsValid($_REQUEST["RESPONSECODE"], $_REQUEST["RESPONSETEXT"], $_REQUEST["MERCHANTREF"], $_REQUEST["CARDREFERENCE"], $_REQUEST["DATETIME"], $_REQUEST["HASH"])) { | ||
| + | switch($_REQUEST["RESPONSECODE"]) { | ||
| + | case "A" : # SecureCard registration suceeded. You should store the following details against the user account: | ||
| + | $secureCardMerchantRef = $_REQUEST["MERCHANTREF"]; | ||
| + | $secureCardCardRef = $_REQUEST["CARDREFERENCE"]; | ||
| + | $secureCardCardType = $_REQUEST["CARDTYPE"]; | ||
| + | $secureCardMaskedCardNumber = $_REQUEST["MASKEDCARDNUMBER"]; | ||
| + | $secureCardCardCardExpiry = $_REQUEST["CARDEXPIRY"]; | ||
| + | echo "Success! Card Type: " . $secureCardCardType . ", Masked Card number: " . $secureCardMaskedCardNumber . ", expires (MMYY): " . $secureCardCardCardExpiry; | ||
| + | break; | ||
| + | default : # SecureCard registration failed. | ||
| + | echo 'SECURECARD REGISTRATION FAILED! Error Code: ' . $_REQUEST["RESPONSECODE"] . ', Response text: ' . $_REQUEST["RESPONSETEXT"] . '.'; | ||
| + | } | ||
| + | } else { | ||
| + | echo 'SECURECARD REGISTRATION FAILED: INVALID RESPONSE HASH. Please contact ' . $adminEmail . ' or call ' . $adminPhone . ' to inform them of this error.'; | ||
| + | if(isset($_REQUEST["ORDERID"])) echo 'Please quote Nuvei Terminal ID: ' . $terminalId . ', and SecureCard Merchant Reference: ' . $_REQUEST["MERCHANTREF"] . ' when mailling or calling.'; | ||
| + | } | ||
| + | |||
| + | ?> | ||
| + | |||
| + | </file> | ||
| + | |||
| + | ---- | ||
| + | \\ | ||
| + | **Helper file (nuvei_securecard_functions.inc):** | ||
| + | |||
| + | <file php nuvei_securecard_functions.inc> | ||
| + | |||
| + | <?php | ||
| + | |||
| + | # This function returns the URL that should be used as the "action" for the form posting the Nuvei's servers. | ||
| + | function secureCardURL() { | ||
| + | global $gateway, $testAccount; | ||
| + | $url = 'https://'; | ||
| + | if($testAccount) $url .= 'test'; | ||
| + | switch (strtolower($gateway)) { | ||
| + | default : | ||
| + | case 'nuvei' : $url .= 'payments'; break; | ||
| + | case 'cashflows' : $url .= 'cashflows'; break; | ||
| + | } | ||
| + | $url .= '.nuvei.com/merchant/securecardpage'; | ||
| + | return $url; | ||
| + | } | ||
| + | |||
| + | # This simply reduces the PHP code required to build the form. | ||
| + | function writeHiddenField($fieldName, $fieldValue) { | ||
| + | echo "<input type='hidden' name='" . $fieldName . "' value='" . $fieldValue . "' />\r"; | ||
| + | } | ||
| + | |||
| + | # This generates a DATETIME value in the correct format expected in the request. | ||
| + | function requestDateTime() { | ||
| + | return date('d-m-Y:H:i:s:000'); | ||
| + | } | ||
| + | |||
| + | # This is used to generate the Authorisation Request Hash. | ||
| + | function secureCardRequestHash($secureCardMerchantRef, $dateTime, $secureCardAction) { | ||
| + | global $terminalId, $secret; | ||
| + | return md5($terminalId . $secureCardMerchantRef . $dateTime . $secureCardAction . $secret); | ||
| + | } | ||
| + | |||
| + | # This function is used to validate that the MPI Response Hash from the server is correct. | ||
| + | # If secureCardResponseHashIsValid(...) != $_REQUEST["HASH"] then an error should be shown and the SecureCard registration should fail. | ||
| + | function secureCardResponseHashIsValid($responseCode, $responseText, $secureCardMerchantRef, $secureCardCardRef, $dateTime, $responseHash) { | ||
| + | global $terminalId, $secret; | ||
| + | return (md5($terminalId . $responseCode . $responseText . $secureCardMerchantRef . $secureCardCardRef . $dateTime . $secret)==$responseHash); | ||
| + | } | ||
| + | |||
| + | ?> | ||
| + | |||
| + | </file> | ||
| + | |||