--- developer:sample_codes:php_hosted_secure_cards [2017/11/02 05:00]
tleite
+++ developer:sample_codes:php_hosted_secure_cards [2019/05/21 12:36]
robinc Updated Secure Card URL section content
@@ Line 1: / Line 1: @@
+====== PHP Hosted SecureCards ======
+**Settings file (nuvei_account.inc):**
+<file php nuvei_account.inc>
+<?php
+# These values are used to identify and validate the account that you are using. They are mandatory.
+$gateway = '';			# This is the Nuvei payments gateway that you should use, assigned to the site by Nuvei.
+$terminalId = '';		# This is the Terminal ID assigned to the site by Nuvei.
+$currency = '';			# This is the 3 digit ISO currency code for the above Terminal ID.
+$secret = '';			# This shared secret is used when generating the hash validation strings.
+						# It must be set exactly as it is in the Nuvei SelfCare  system.
+$testAccount = true;
+# These are used only in the case where the response hash is incorrect, which should
+# never happen in the live environment unless someone is attempting fraud.
+$adminEmail = '';
+$adminPhone = '';
+?>
+</file>
+----
+\\
+**SecureCard redirect (nuvei_securecard.php):**
+<file php nuvei_securecard.php>
+<?php
+# This is the file that contains the account settings for Nuvei.
+require('nuvei_account.inc');
+# This is a helper file for integrating to the Nuvei HPP in PHP.
+require('nuvei_securecard_functions.inc');
+$secureCardAction = '';			# "register" or "update".
+$secureCardMerchantRef = '';	# Unique Merchant Reference for this card. Length is limited to 48 chars.
+$host = '';						# This is your host eg. http://localhost:8000
+$dateTime = requestDateTime();
+# Verification string
+$requestHash = secureCardRequestHash($secureCardMerchantRef, $dateTime, $secureCardAction);
+$requestURL = $host."/merchant/securecardpage";
+# Write the HTML of the submission form
+echo "<html><body><form id='nuveisecurecardform' action='" . $requestURL . "' method='post'>\n";
+writeHiddenField("ACTION", $secureCardAction);
+writeHiddenField("TERMINALID", $terminalId);
+writeHiddenField("MERCHANTREF", $secureCardMerchantRef);
+writeHiddenField("DATETIME", $dateTime);
+writeHiddenField("HASH", $requestHash);
+# Write the JavaScript that will submit the form to Nuvei.
+echo '</form>Submitting SecureCard request to Nuvei...<script language="JavaScript">document.getElementById("nuveisecurecardform").submit();</script></body></html>';
+?>
+</file>
+----
+\\
+Secure Card URL (**nuvei_securecard_response.php**) (URL for this page is setup as “**Secure Card URL**” through Terminal Setup in the SelfCare  ):
+<file php nuvei_securecard_response.php>
+<?php
+# This is the file that contains the account settings for Nuvei.
+require('nuvei_account.inc');
+# This is a helper file for integrating to the Nuvei HPP in PHP.
+require('nuvei_securecard_functions.inc');
+$secureCardAction = '';            # "register" or "update".
+$secureCardMerchantRef = '';    # Unique Merchant Reference for this card. Length is limited to 48 chars.
+$dateTime = requestDateTime();
+# Verification string
+$requestHash = secureCardRequestHash($secureCardMerchantRef, $dateTime, $secureCardAction);
+$requestURL = $gateway."/merchant/securecardpage";
+# Write the HTML of the submission form
+echo "<html><body><form id='nuveisecurecardform' action='" . $requestURL . "' method='post'>\n";
+writeHiddenField("ACTION", $secureCardAction);
+writeHiddenField("TERMINALID", $terminalId);
+writeHiddenField("MERCHANTREF", $secureCardMerchantRef);
+writeHiddenField("DATETIME", $dateTime);
+writeHiddenField("HASH", $requestHash);
+# Write the JavaScript that will submit the form to Nuvei.
+echo '</form>Submitting SecureCard request to Nuvei...<script language="JavaScript">document.getElementById("nuveisecurecardform").submit();</script></body></html>';
+?>
+</file>
+----
+\\
+**Helper file (nuvei_securecard_functions.inc):**
+<file php nuvei_securecard_functions.inc>
+<?php
+# This function returns the URL that should be used as the "action" for the form posting the Nuvei's servers.
+function secureCardURL() {
+	global $gateway, $testAccount;
+	$url = 'https://';
+	if($testAccount) $url .= 'test';
+	switch (strtolower($gateway)) {
+		default :
+		case 'nuvei'  : $url .= 'payments'; break;
+		case 'cashflows' : $url .= 'cashflows'; break;
+	}
+	$url .= '.nuvei.com/merchant/securecardpage';
+	return $url;
+}
+# This simply reduces the PHP code required to build the form.
+function writeHiddenField($fieldName, $fieldValue) {
+	echo "<input type='hidden' name='" . $fieldName . "' value='" . $fieldValue . "' />\r";
+}
+# This generates a DATETIME value in the correct format expected in the request.
+function requestDateTime() {
+	return date('d-m-Y:H:i:s:000');
+}
+# This is used to generate the Authorisation Request Hash.
+function secureCardRequestHash($secureCardMerchantRef, $dateTime, $secureCardAction) {
+	global $terminalId, $secret;
+	return md5($terminalId . $secureCardMerchantRef . $dateTime . $secureCardAction . $secret);
+}
+# This function is used to validate that the MPI Response Hash from the server is correct.
+#     If secureCardResponseHashIsValid(...) != $_REQUEST["HASH"] then an error should be shown and the SecureCard registration should fail.
+function secureCardResponseHashIsValid($responseCode, $responseText, $secureCardMerchantRef, $secureCardCardRef, $dateTime, $responseHash) {
+	global $terminalId, $secret;
+	return (md5($terminalId . $responseCode . $responseText . $secureCardMerchantRef . $secureCardCardRef . $dateTime . $secret)==$responseHash);
+}
+?>
+</file>

Differences

Worldnet

Learn More

Request

Contact Us