X-Cart: shopping cart software

X-Cart forums (https://forum.x-cart.com/index.php)
-   Dev Questions (https://forum.x-cart.com/forumdisplay.php?f=20)
-   -   HSBC Secure ePayments API (https://forum.x-cart.com/showthread.php?t=16309)

a.harris 09-01-2005 09:21 AM

HSBC Secure ePayments API
 
If you are willing to do a little work, you'll be pleasently surprised that you can use the fully integrated ClearCommerce module as a base to link into the HSBC Secure ePayments API.

This means that clients do not get redirected to the HSBC website as part of the order process.

It works out the box for Visa and Mastercard, and requires a little bit of modification for Switch/Solo.

For config options:
Code:

Name = Username (normally your surname)
Password = Password
Client ID = 4 digit store ID (login to secure epayments and look at the top header)
Test Server = www.secure-epayments.apixml.hsbc.com
Live Server = www.secure-epayments.apixml.hsbc.com
Order Prefix = Blank

You also need to change one line (#45) in payment/cc_fuse.php:

From:
Code:

$port = ($module_params["testmode"]=="N" ? 443 : 11500);
To:
Code:

$port = ($module_params["testmode"]=="N" ? 443 : 443);
That's it! Enjoy the wonderful word of HSBC API.

If you would like to add Switch/Solo support; make the following changes to payment/cc_fuse.php:

Line 53: Add the following:
Code:

if ($userinfo["card_type"] == "VISA") {
        $card_type = "1";
} elseif ($userinfo["card_type"] == "MC") {
        $card_type = "2";
} elseif ($userinfo["card_type"] == "SW") {
        $card_type = "10";
} elseif ($userinfo["card_type"] == "SO") {
        $card_type = "9";
} elseif  ($userinfo["card_type"] == "UKE") {
        $card_type = "11";
}


Line 67 (on original document - next line after "$post[] = "<Expires...":
Code:

$post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>";
$post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>";
$post[] = "<Type>".$card_type."</Type>";


You will need to enable:

Code:

Enable 'Issue Number' and 'Valid from' fields in the CC info form

In General Settings.

cotc2001 09-01-2005 10:18 AM

Adam if that works then your are a true gent. is this got the latest 4.0.14???

If poss could you post the entire script (including switch/solo bits as im sure most people use them) here and just xxxx out your security sensitive bits.

I personally would appreciate and as im sure others would

a.harris 09-01-2005 10:29 AM

I have simply modded a module that already existed. When I have a free moment, I will make it into its own module so it is easily distributed.

We are using 4.0.14.

If you need any help making the changes I outlined, please do not hesitate to contact me off forum.

Dongan 09-01-2005 08:11 PM

surely, it is a great addition. cheers....

a.harris 09-02-2005 01:45 AM

Found one small bug for Switch/Solo.

The final code changes should read:
Code:

if (($card_type == 9)||($card_type == 10)){
        $post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>";
        $post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>";
}


cotc2001 09-08-2005 01:23 AM

can someone please, please please just post the full script with the changes

I've made the changes as above but it just hangs at the "Your order is being placed. Please wait..." section

a.harris 09-08-2005 07:11 AM

You need to make sure the $port line is set to 443 : 443; else it will hang until it timeouts.

Also make sure that the module is set to HTTPS in the Payment Modules area of the admin control panel.

Adam

cotc2001 09-08-2005 08:23 AM

Yeah done all that still just hangs,
This is my code - I will happily pay if someone can sort this out

Code:

<?php
/*****************************************************************************\
+-----------------------------------------------------------------------------+
| X-Cart                                                                      |
| Copyright (c) 2001-2005 Ruslan R. Fazliev <rrf@rrf.ru>                      |
| All rights reserved.                                                        |
+-----------------------------------------------------------------------------+
| PLEASE READ  THE FULL TEXT OF SOFTWARE LICENSE AGREEMENT IN THE "COPYRIGHT" |
| FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS ALSO AVAILABLE  |
| AT THE FOLLOWING URL: http://www.x-cart.com/license.php                    |
|                                                                            |
| THIS  AGREEMENT  EXPRESSES  THE  TERMS  AND CONDITIONS ON WHICH YOU MAY USE |
| THIS SOFTWARE  PROGRAM  AND  ASSOCIATED  DOCUMENTATION  THAT  RUSLAN  R. |
| FAZLIEV (hereinafter  referred to as "THE AUTHOR") IS FURNISHING  OR MAKING |
| AVAILABLE TO YOU WITH  THIS  AGREEMENT  (COLLECTIVELY,  THE  "SOFTWARE").  |
| PLEASE  REVIEW  THE  TERMS  AND  CONDITIONS  OF  THIS  LICENSE AGREEMENT |
| CAREFULLY  BEFORE  INSTALLING  OR  USING  THE  SOFTWARE.  BY INSTALLING, |
| COPYING  OR  OTHERWISE  USING  THE  SOFTWARE,  YOU  AND  YOUR  COMPANY |
| (COLLECTIVELY,  "YOU")  ARE  ACCEPTING  AND AGREEING  TO  THE TERMS OF THIS |
| LICENSE  AGREEMENT.  IF  YOU    ARE  NOT  WILLING  TO  BE  BOUND BY THIS |
| AGREEMENT, DO  NOT INSTALL OR USE THE SOFTWARE.  VARIOUS  COPYRIGHTS  AND |
| OTHER  INTELLECTUAL  PROPERTY  RIGHTS    PROTECT  THE  SOFTWARE.  THIS |
| AGREEMENT IS A LICENSE AGREEMENT THAT GIVES  YOU  LIMITED  RIGHTS  TO  USE |
| THE  SOFTWARE  AND  NOT  AN  AGREEMENT  FOR SALE OR FOR  TRANSFER OF TITLE.|
| THE AUTHOR RETAINS ALL RIGHTS NOT EXPRESSLY GRANTED BY THIS AGREEMENT.      |
|                                                                            |
| The Initial Developer of the Original Code is Ruslan R. Fazliev            |
| Portions created by Ruslan R. Fazliev are Copyright (C) 2001-2005          |
| Ruslan R. Fazliev. All Rights Reserved.                                    |
+-----------------------------------------------------------------------------+
\*****************************************************************************/

#
# $Id: cc_fuse.php,v 1.13.2.2 2005/01/12 07:43:07 svowl Exp $
#

if (!defined('XCART_START')) { header("Location: ../"); die("Access denied"); }

@set_time_limit(100);

$pp_login = $module_params["param01"];
$pp_pass = $module_params["param02"];
$pp_client = $module_params["param03"];
$domen = ($module_params["testmode"]=="N" ? $module_params["param06"] : $module_params["param07"]);
$port = ($module_params["testmode"]=="N" ? 443 : 443);
$curr = $module_params["param08"];

switch($module_params["testmode"]) {
        case "N": $pp_mode="P"; break;
        case "A": $pp_mode="Y"; break;
        default: $pp_mode="N"; break;
}
if ($userinfo["card_type"] == "VISA") {
  $card_type = "1";
} elseif ($userinfo["card_type"] == "MC") {
  $card_type = "2";
} elseif ($userinfo["card_type"] == "SW") {
  $card_type = "10";
} elseif ($userinfo["card_type"] == "SO") {
  $card_type = "9";
} elseif  ($userinfo["card_type"] == "UKE") {
  $card_type = "11";
}
$post = "";
$post[] = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>";
$post[] = "<EngineDocList><DocVersion>1.0</DocVersion><EngineDoc><ContentType>OrderFormDoc</ContentType>";
$post[] = "<User><Name>$pp_login</Name><Password>$pp_pass</Password><ClientId DataType=\"S32\">$pp_client</ClientId></User>";
$post[] = "<Instructions><Pipeline>Payment</Pipeline></Instructions><OrderFormDoc><Mode>$pp_mode</Mode>";
#$post[] = "<Instructions><Pipeline>PaymentNoFraud</Pipeline></Instructions><OrderFormDoc><Mode>Y</Mode>";
$post[] = "<Consumer>";
$post[] = "<Email>".$userinfo["email"]."</Email>";
$post[] = "<BillTo><Location><TelVoice>".$userinfo["phone"]."</TelVoice>";
$post[] = "<Address><Name>".$userinfo["b_firstname"]." ".$userinfo["b_lastname"]."</Name>";
$post[] = "<City>".$userinfo["b_city"]."</City><Street1>".$userinfo["b_address"]."</Street1>";
$post[] = "<StateProv>".$userinfo["b_state"]."</StateProv><PostalCode>".$userinfo["b_zipcode"]."</PostalCode></Address></Location></BillTo>";
$post[] = "<PaymentMech><CreditCard><Number>".$userinfo["card_number"]."</Number>";
$post[] = "<Expires DataType=\"ExpirationDate\" Locale=\"840\">".substr($userinfo["card_expire"],0,2)."/".substr($userinfo["card_expire"],2,2)."</Expires>";
$post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>";
$post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>";
$post[] = "<Type>".$card_type."</Type>";
$post[] = "<Cvv2Val>".$userinfo["card_cvv2"]."</Cvv2Val>";
$post[] = "<Cvv2Indicator>".(!empty($userinfo["card_cvv2"])?1:2)."</Cvv2Indicator>";
$post[] = "</CreditCard></PaymentMech></Consumer>";
$post[] = "<Transaction><Type>Auth</Type><ChargeDesc1></ChargeDesc1>";
$post[] = "<CurrentTotals><Totals><Total DataType=\"Money\" Currency=\"".$curr."\">".(100*$cart["total_cost"])."</Total></Totals></CurrentTotals>";
$post[] = "</Transaction></OrderFormDoc></EngineDoc></EngineDocList>";


$pst = array("CLRCMRC_XML=".join("",$post));
list($a,$return)=func_https_request("POST","https://".$domen.":$port/",$pst);

$return=preg_replace("/\n/","",$return);

if (preg_match("/<CcReturnMsg(.*)>(.*)<\/CcReturnMsg>/",$return,$out))
        $bill_output["billmes"] = $out[2];

if (preg_match("/<CcErrCode(.*)>(.*)<\/CcErrCode>/",$return,$out)) {
        $bill_output["code"] = ($out[2] == "1") ? 1 : 2;
        $bill_output["billmes"] .= " (CcErrCode: ".$out[2].")";
}
else
        $bill_output["code"] = 0;

if ($bill_output["code"] == 1) {
        preg_match("/<AuthCode(.*)>(.*)<\/AuthCode>/",$return,$out);
        $bill_output["billmes"] .= " (AuthCode: ".$out[2].")";

        preg_match("/<CardholderPresentCode(.*)>(.*)<\/CardholderPresentCode>/",$return,$out);
        $bill_output["billmes"] .= " (CardholderPresentCode: ".$out[2].")";

        preg_match("/<InputEnvironment(.*)>(.*)<\/InputEnvironment>/",$return,$out);
        $bill_output["billmes"] .= " (InputEnvironment: ".$out[2].")";

        preg_match("/<TerminalInputCapability(.*)>(.*)<\/TerminalInputCapability>/",$return,$out);
        $bill_output["billmes"] .= " (TerminalInputCapability: ".$out[2].")";

        preg_match("/<SecurityIndicator(.*)>(.*)<\/SecurityIndicator>/",$return,$out);
        $bill_output["cvvmes"] = "SecurityIndicator: ".$out[2];
}
elseif ($bill_output["code"] == 2) {
        preg_match("/<Text(.*)>(.*)<\/Text>/",$return,$out);
        $bill_output["billmes"] .= $out[2];

        preg_match("/<ResourceId(.*)>(.*)<\/ResourceId>/",$return,$out);
        $bill_output["billmes"] .= " (ResourceID: ".$out[2].")";

        preg_match("/<Sev(.*)>(.*)<\/Sev>/",$return,$out);
        $bill_output["billmes"] .= " (Sev: ".$out[2].")";
}
else
{
        $bill_output["code"] = 0;
}

if(preg_match("/<DocumentId(.*)>(.*)<\/DocumentId>/",$return,$out))
        $bill_output["billmes"].= " (DocumentId: ".$out[2].")";

if(preg_match("/<FraudResultCode(.*)>(.*)<\/FraudResultCode>/",$return,$out))
        $bill_output["avsmes"] = "FraudResultCode: ".$out[2];


?>


cotc2001 09-08-2005 08:35 AM

a.harris бё100 to you if you can get this to work for me by tomorrow 8am (and im a man of my word)

ShishaPipeUK 03-18-2006 11:37 AM

Has this been completed, as i am just getting this from HSBC and would like to use my own pages and dont want the customer to be diverted.
I am using 4.0.18 at the moment and my full code which is at shopcart/payment/cc_fuse.php is below.

Code:

<?php

#
# $Id: cc_fuse.php,v 1.13.2.2 2005/01/12 07:43:07 svowl Exp $
#

if (!defined('XCART_START')) { header("Location: ../"); die("Access denied"); }

@set_time_limit(100);

$pp_login = $module_params["param01"];
$pp_pass = $module_params["param02"];
$pp_client = $module_params["param03"];
$domen = ($module_params["testmode"]=="N" ? $module_params["param06"] : $module_params["param07"]);
# $port = ($module_params["testmode"]=="N" ? 443 : 11500);
$port = ($module_params["testmode"]=="N" ? 443 : 443);
$curr = $module_params["param08"];

switch($module_params["testmode"]) {
        case "N": $pp_mode="P"; break;
        case "A": $pp_mode="Y"; break;
        default: $pp_mode="N"; break;
}

# Mod 1 - Added this line as per x-cart http://forum.x-cart.com/viewtopic.php?t=22246
if ($userinfo["card_type"] == "VISA") {
  $card_type = "1";
} elseif ($userinfo["card_type"] == "MC") {
  $card_type = "2";
} elseif ($userinfo["card_type"] == "SW") {
  $card_type = "10";
} elseif ($userinfo["card_type"] == "SO") {
  $card_type = "9";
} elseif  ($userinfo["card_type"] == "UKE") {
  $card_type = "11";
}
# Mod 1 - Finish Mode 1

$post = "";
$post[] = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>";
$post[] = "<EngineDocList><DocVersion>1.0</DocVersion><EngineDoc><ContentType>OrderFormDoc</ContentType>";
$post[] = "<User><Name>$pp_login</Name><Password>$pp_pass</Password><ClientId DataType=\"S32\">$pp_client</ClientId></User>";
$post[] = "<Instructions><Pipeline>Payment</Pipeline></Instructions><OrderFormDoc><Mode>$pp_mode</Mode>";
#$post[] = "<Instructions><Pipeline>PaymentNoFraud</Pipeline></Instructions><OrderFormDoc><Mode>Y</Mode>";
$post[] = "<Consumer>";
$post[] = "<Email>".$userinfo["email"]."</Email>";
$post[] = "<BillTo><Location><TelVoice>".$userinfo["phone"]."</TelVoice>";
$post[] = "<Address><Name>".$userinfo["b_firstname"]." ".$userinfo["b_lastname"]."</Name>";
$post[] = "<City>".$userinfo["b_city"]."</City><Street1>".$userinfo["b_address"]."</Street1>";
$post[] = "<StateProv>".$userinfo["b_state"]."</StateProv><PostalCode>".$userinfo["b_zipcode"]."</PostalCode></Address></Location></BillTo>";
$post[] = "<PaymentMech><CreditCard><Number>".$userinfo["card_number"]."</Number>";
$post[] = "<Expires DataType=\"ExpirationDate\" Locale=\"840\">".substr($userinfo["card_expire"],0,2)."/".substr($userinfo["card_expire"],2,2)."</Expires>";

# Mod 2 - Added another from xcart mod
if (($card_type == 9)||($card_type == 10)){
  $post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>";
  $post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>";
}
# Mod2 - Finished adding mod 2

$post[] = "<Cvv2Val>".$userinfo["card_cvv2"]."</Cvv2Val>";
$post[] = "<Cvv2Indicator>".(!empty($userinfo["card_cvv2"])?1:2)."</Cvv2Indicator>";
$post[] = "</CreditCard></PaymentMech></Consumer>";
$post[] = "<Transaction><Type>Auth</Type><ChargeDesc1></ChargeDesc1>";
$post[] = "<CurrentTotals><Totals><Total DataType=\"Money\" Currency=\"".$curr."\">".(100*$cart["total_cost"])."</Total></Totals></CurrentTotals>";
$post[] = "</Transaction></OrderFormDoc></EngineDoc></EngineDocList>";


$pst = array("CLRCMRC_XML=".join("",$post));
list($a,$return)=func_https_request("POST","https://".$domen.":$port/",$pst);

$return=preg_replace("/\n/","",$return);

if (preg_match("/<CcReturnMsg(.*)>(.*)<\/CcReturnMsg>/",$return,$out))
        $bill_output["billmes"] = $out[2];

if (preg_match("/<CcErrCode(.*)>(.*)<\/CcErrCode>/",$return,$out)) {
        $bill_output["code"] = ($out[2] == "1") ? 1 : 2;
        $bill_output["billmes"] .= " (CcErrCode: ".$out[2].")";
}
else
        $bill_output["code"] = 0;

if ($bill_output["code"] == 1) {
        preg_match("/<AuthCode(.*)>(.*)<\/AuthCode>/",$return,$out);
        $bill_output["billmes"] .= " (AuthCode: ".$out[2].")";

        preg_match("/<CardholderPresentCode(.*)>(.*)<\/CardholderPresentCode>/",$return,$out);
        $bill_output["billmes"] .= " (CardholderPresentCode: ".$out[2].")";

        preg_match("/<InputEnvironment(.*)>(.*)<\/InputEnvironment>/",$return,$out);
        $bill_output["billmes"] .= " (InputEnvironment: ".$out[2].")";

        preg_match("/<TerminalInputCapability(.*)>(.*)<\/TerminalInputCapability>/",$return,$out);
        $bill_output["billmes"] .= " (TerminalInputCapability: ".$out[2].")";

        preg_match("/<SecurityIndicator(.*)>(.*)<\/SecurityIndicator>/",$return,$out);
        $bill_output["cvvmes"] = "SecurityIndicator: ".$out[2];
}
elseif ($bill_output["code"] == 2) {
        preg_match("/<Text(.*)>(.*)<\/Text>/",$return,$out);
        $bill_output["billmes"] .= $out[2];

        preg_match("/<ResourceId(.*)>(.*)<\/ResourceId>/",$return,$out);
        $bill_output["billmes"] .= " (ResourceID: ".$out[2].")";

        preg_match("/<Sev(.*)>(.*)<\/Sev>/",$return,$out);
        $bill_output["billmes"] .= " (Sev: ".$out[2].")";
}
else
{
        $bill_output["code"] = 0;
}

if(preg_match("/<DocumentId(.*)>(.*)<\/DocumentId>/",$return,$out))
        $bill_output["billmes"].= " (DocumentId: ".$out[2].")";

if(preg_match("/<FraudResultCode(.*)>(.*)<\/FraudResultCode>/",$return,$out))
        $bill_output["avsmes"] = "FraudResultCode: ".$out[2];

?>



All times are GMT -8. The time now is 07:07 PM.

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.