Follow us on Twitter X-Cart on Facebook Wiki
Shopping cart software Solutions for online shops and malls
 

HSBC Secure ePayments API

 
Reply
   X-Cart forums > X-Cart 4 > Dev Questions
 
Thread Tools Search this Thread
  #1  
Old 09-01-2005, 09:21 AM
 
a.harris a.harris is offline
 

Member
  
Join Date: Aug 2005
Posts: 13
 

Default HSBC Secure ePayments API

If you are willing to do a little work, you'll be pleasently surprised that you can use the fully integrated ClearCommerce module as a base to link into the HSBC Secure ePayments API.

This means that clients do not get redirected to the HSBC website as part of the order process.

It works out the box for Visa and Mastercard, and requires a little bit of modification for Switch/Solo.

For config options:
Code:
Name = Username (normally your surname) Password = Password Client ID = 4 digit store ID (login to secure epayments and look at the top header) Test Server = www.secure-epayments.apixml.hsbc.com Live Server = www.secure-epayments.apixml.hsbc.com Order Prefix = Blank
You also need to change one line (#45) in payment/cc_fuse.php:

From:
Code:
$port = ($module_params["testmode"]=="N" ? 443 : 11500);
To:
Code:
$port = ($module_params["testmode"]=="N" ? 443 : 443);
That's it! Enjoy the wonderful word of HSBC API.

If you would like to add Switch/Solo support; make the following changes to payment/cc_fuse.php:

Line 53: Add the following:
Code:
if ($userinfo["card_type"] == "VISA") { $card_type = "1"; } elseif ($userinfo["card_type"] == "MC") { $card_type = "2"; } elseif ($userinfo["card_type"] == "SW") { $card_type = "10"; } elseif ($userinfo["card_type"] == "SO") { $card_type = "9"; } elseif ($userinfo["card_type"] == "UKE") { $card_type = "11"; }

Line 67 (on original document - next line after "$post[] = "<Expires...":
Code:
$post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>"; $post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>"; $post[] = "<Type>".$card_type."</Type>";

You will need to enable:

Code:
Enable 'Issue Number' and 'Valid from' fields in the CC info form

In General Settings.
__________________
Rocate
Reply With Quote
  #2  
Old 09-01-2005, 10:18 AM
 
cotc2001 cotc2001 is offline
 

X-Man
  
Join Date: Feb 2003
Location: Shrewsbury, UK
Posts: 2,351
 

Default

Adam if that works then your are a true gent. is this got the latest 4.0.14???

If poss could you post the entire script (including switch/solo bits as im sure most people use them) here and just xxxx out your security sensitive bits.

I personally would appreciate and as im sure others would
__________________
x-cart 4.0.5 (live and heavily modded)
Server: freebsd
Reply With Quote
  #3  
Old 09-01-2005, 10:29 AM
 
a.harris a.harris is offline
 

Member
  
Join Date: Aug 2005
Posts: 13
 

Default

I have simply modded a module that already existed. When I have a free moment, I will make it into its own module so it is easily distributed.

We are using 4.0.14.

If you need any help making the changes I outlined, please do not hesitate to contact me off forum.
__________________
Rocate
Reply With Quote
  #4  
Old 09-01-2005, 08:11 PM
  Dongan's Avatar 
Dongan Dongan is offline
 

X-Wizard
  
Join Date: Jul 2005
Location: www.mercuryminds.com
Posts: 1,531
 

Default

surely, it is a great addition. cheers....
Reply With Quote
  #5  
Old 09-02-2005, 01:45 AM
 
a.harris a.harris is offline
 

Member
  
Join Date: Aug 2005
Posts: 13
 

Default

Found one small bug for Switch/Solo.

The final code changes should read:
Code:
if (($card_type == 9)||($card_type == 10)){ $post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>"; $post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>"; }
__________________
Rocate
Reply With Quote
  #6  
Old 09-08-2005, 01:23 AM
 
cotc2001 cotc2001 is offline
 

X-Man
  
Join Date: Feb 2003
Location: Shrewsbury, UK
Posts: 2,351
 

Default

can someone please, please please just post the full script with the changes

I've made the changes as above but it just hangs at the "Your order is being placed. Please wait..." section
__________________
x-cart 4.0.5 (live and heavily modded)
Server: freebsd
Reply With Quote
  #7  
Old 09-08-2005, 07:11 AM
 
a.harris a.harris is offline
 

Member
  
Join Date: Aug 2005
Posts: 13
 

Default

You need to make sure the $port line is set to 443 : 443; else it will hang until it timeouts.

Also make sure that the module is set to HTTPS in the Payment Modules area of the admin control panel.

Adam
__________________
Rocate
Reply With Quote
  #8  
Old 09-08-2005, 08:23 AM
 
cotc2001 cotc2001 is offline
 

X-Man
  
Join Date: Feb 2003
Location: Shrewsbury, UK
Posts: 2,351
 

Default

Yeah done all that still just hangs,
This is my code - I will happily pay if someone can sort this out

Code:
<?php /*****************************************************************************\ +-----------------------------------------------------------------------------+ | X-Cart | | Copyright (c) 2001-2005 Ruslan R. Fazliev <rrf@rrf.ru> | | All rights reserved. | +-----------------------------------------------------------------------------+ | PLEASE READ THE FULL TEXT OF SOFTWARE LICENSE AGREEMENT IN THE "COPYRIGHT" | | FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS ALSO AVAILABLE | | AT THE FOLLOWING URL: http://www.x-cart.com/license.php | | | | THIS AGREEMENT EXPRESSES THE TERMS AND CONDITIONS ON WHICH YOU MAY USE | | THIS SOFTWARE PROGRAM AND ASSOCIATED DOCUMENTATION THAT RUSLAN R. | | FAZLIEV (hereinafter referred to as "THE AUTHOR") IS FURNISHING OR MAKING | | AVAILABLE TO YOU WITH THIS AGREEMENT (COLLECTIVELY, THE "SOFTWARE"). | | PLEASE REVIEW THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT | | CAREFULLY BEFORE INSTALLING OR USING THE SOFTWARE. BY INSTALLING, | | COPYING OR OTHERWISE USING THE SOFTWARE, YOU AND YOUR COMPANY | | (COLLECTIVELY, "YOU") ARE ACCEPTING AND AGREEING TO THE TERMS OF THIS | | LICENSE AGREEMENT. IF YOU ARE NOT WILLING TO BE BOUND BY THIS | | AGREEMENT, DO NOT INSTALL OR USE THE SOFTWARE. VARIOUS COPYRIGHTS AND | | OTHER INTELLECTUAL PROPERTY RIGHTS PROTECT THE SOFTWARE. THIS | | AGREEMENT IS A LICENSE AGREEMENT THAT GIVES YOU LIMITED RIGHTS TO USE | | THE SOFTWARE AND NOT AN AGREEMENT FOR SALE OR FOR TRANSFER OF TITLE.| | THE AUTHOR RETAINS ALL RIGHTS NOT EXPRESSLY GRANTED BY THIS AGREEMENT. | | | | The Initial Developer of the Original Code is Ruslan R. Fazliev | | Portions created by Ruslan R. Fazliev are Copyright (C) 2001-2005 | | Ruslan R. Fazliev. All Rights Reserved. | +-----------------------------------------------------------------------------+ \*****************************************************************************/ # # $Id: cc_fuse.php,v 1.13.2.2 2005/01/12 07:43:07 svowl Exp $ # if (!defined('XCART_START')) { header("Location: ../"); die("Access denied"); } @set_time_limit(100); $pp_login = $module_params["param01"]; $pp_pass = $module_params["param02"]; $pp_client = $module_params["param03"]; $domen = ($module_params["testmode"]=="N" ? $module_params["param06"] : $module_params["param07"]); $port = ($module_params["testmode"]=="N" ? 443 : 443); $curr = $module_params["param08"]; switch($module_params["testmode"]) { case "N": $pp_mode="P"; break; case "A": $pp_mode="Y"; break; default: $pp_mode="N"; break; } if ($userinfo["card_type"] == "VISA") { $card_type = "1"; } elseif ($userinfo["card_type"] == "MC") { $card_type = "2"; } elseif ($userinfo["card_type"] == "SW") { $card_type = "10"; } elseif ($userinfo["card_type"] == "SO") { $card_type = "9"; } elseif ($userinfo["card_type"] == "UKE") { $card_type = "11"; } $post = ""; $post[] = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>"; $post[] = "<EngineDocList><DocVersion>1.0</DocVersion><EngineDoc><ContentType>OrderFormDoc</ContentType>"; $post[] = "<User><Name>$pp_login</Name><Password>$pp_pass</Password><ClientId DataType=\"S32\">$pp_client</ClientId></User>"; $post[] = "<Instructions><Pipeline>Payment</Pipeline></Instructions><OrderFormDoc><Mode>$pp_mode</Mode>"; #$post[] = "<Instructions><Pipeline>PaymentNoFraud</Pipeline></Instructions><OrderFormDoc><Mode>Y</Mode>"; $post[] = "<Consumer>"; $post[] = "<Email>".$userinfo["email"]."</Email>"; $post[] = "<BillTo><Location><TelVoice>".$userinfo["phone"]."</TelVoice>"; $post[] = "<Address><Name>".$userinfo["b_firstname"]." ".$userinfo["b_lastname"]."</Name>"; $post[] = "<City>".$userinfo["b_city"]."</City><Street1>".$userinfo["b_address"]."</Street1>"; $post[] = "<StateProv>".$userinfo["b_state"]."</StateProv><PostalCode>".$userinfo["b_zipcode"]."</PostalCode></Address></Location></BillTo>"; $post[] = "<PaymentMech><CreditCard><Number>".$userinfo["card_number"]."</Number>"; $post[] = "<Expires DataType=\"ExpirationDate\" Locale=\"840\">".substr($userinfo["card_expire"],0,2)."/".substr($userinfo["card_expire"],2,2)."</Expires>"; $post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>"; $post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>"; $post[] = "<Type>".$card_type."</Type>"; $post[] = "<Cvv2Val>".$userinfo["card_cvv2"]."</Cvv2Val>"; $post[] = "<Cvv2Indicator>".(!empty($userinfo["card_cvv2"])?1:2)."</Cvv2Indicator>"; $post[] = "</CreditCard></PaymentMech></Consumer>"; $post[] = "<Transaction><Type>Auth</Type><ChargeDesc1></ChargeDesc1>"; $post[] = "<CurrentTotals><Totals><Total DataType=\"Money\" Currency=\"".$curr."\">".(100*$cart["total_cost"])."</Total></Totals></CurrentTotals>"; $post[] = "</Transaction></OrderFormDoc></EngineDoc></EngineDocList>"; $pst = array("CLRCMRC_XML=".join("",$post)); list($a,$return)=func_https_request("POST","https://".$domen.":$port/",$pst); $return=preg_replace("/\n/","",$return); if (preg_match("/<CcReturnMsg(.*)>(.*)<\/CcReturnMsg>/",$return,$out)) $bill_output["billmes"] = $out[2]; if (preg_match("/<CcErrCode(.*)>(.*)<\/CcErrCode>/",$return,$out)) { $bill_output["code"] = ($out[2] == "1") ? 1 : 2; $bill_output["billmes"] .= " (CcErrCode: ".$out[2].")"; } else $bill_output["code"] = 0; if ($bill_output["code"] == 1) { preg_match("/<AuthCode(.*)>(.*)<\/AuthCode>/",$return,$out); $bill_output["billmes"] .= " (AuthCode: ".$out[2].")"; preg_match("/<CardholderPresentCode(.*)>(.*)<\/CardholderPresentCode>/",$return,$out); $bill_output["billmes"] .= " (CardholderPresentCode: ".$out[2].")"; preg_match("/<InputEnvironment(.*)>(.*)<\/InputEnvironment>/",$return,$out); $bill_output["billmes"] .= " (InputEnvironment: ".$out[2].")"; preg_match("/<TerminalInputCapability(.*)>(.*)<\/TerminalInputCapability>/",$return,$out); $bill_output["billmes"] .= " (TerminalInputCapability: ".$out[2].")"; preg_match("/<SecurityIndicator(.*)>(.*)<\/SecurityIndicator>/",$return,$out); $bill_output["cvvmes"] = "SecurityIndicator: ".$out[2]; } elseif ($bill_output["code"] == 2) { preg_match("/<Text(.*)>(.*)<\/Text>/",$return,$out); $bill_output["billmes"] .= $out[2]; preg_match("/<ResourceId(.*)>(.*)<\/ResourceId>/",$return,$out); $bill_output["billmes"] .= " (ResourceID: ".$out[2].")"; preg_match("/<Sev(.*)>(.*)<\/Sev>/",$return,$out); $bill_output["billmes"] .= " (Sev: ".$out[2].")"; } else { $bill_output["code"] = 0; } if(preg_match("/<DocumentId(.*)>(.*)<\/DocumentId>/",$return,$out)) $bill_output["billmes"].= " (DocumentId: ".$out[2].")"; if(preg_match("/<FraudResultCode(.*)>(.*)<\/FraudResultCode>/",$return,$out)) $bill_output["avsmes"] = "FraudResultCode: ".$out[2]; ?>
__________________
x-cart 4.0.5 (live and heavily modded)
Server: freebsd
Reply With Quote
  #9  
Old 09-08-2005, 08:35 AM
 
cotc2001 cotc2001 is offline
 

X-Man
  
Join Date: Feb 2003
Location: Shrewsbury, UK
Posts: 2,351
 

Default

a.harris бё100 to you if you can get this to work for me by tomorrow 8am (and im a man of my word)
__________________
x-cart 4.0.5 (live and heavily modded)
Server: freebsd
Reply With Quote
  #10  
Old 03-18-2006, 11:37 AM
  ShishaPipeUK's Avatar 
ShishaPipeUK ShishaPipeUK is offline
 

Senior Member
  
Join Date: Jul 2005
Location: London, England.
Posts: 118
 

Default

Has this been completed, as i am just getting this from HSBC and would like to use my own pages and dont want the customer to be diverted.
I am using 4.0.18 at the moment and my full code which is at shopcart/payment/cc_fuse.php is below.

Code:
<?php # # $Id: cc_fuse.php,v 1.13.2.2 2005/01/12 07:43:07 svowl Exp $ # if (!defined('XCART_START')) { header("Location: ../"); die("Access denied"); } @set_time_limit(100); $pp_login = $module_params["param01"]; $pp_pass = $module_params["param02"]; $pp_client = $module_params["param03"]; $domen = ($module_params["testmode"]=="N" ? $module_params["param06"] : $module_params["param07"]); # $port = ($module_params["testmode"]=="N" ? 443 : 11500); $port = ($module_params["testmode"]=="N" ? 443 : 443); $curr = $module_params["param08"]; switch($module_params["testmode"]) { case "N": $pp_mode="P"; break; case "A": $pp_mode="Y"; break; default: $pp_mode="N"; break; } # Mod 1 - Added this line as per x-cart http://forum.x-cart.com/viewtopic.php?t=22246 if ($userinfo["card_type"] == "VISA") { $card_type = "1"; } elseif ($userinfo["card_type"] == "MC") { $card_type = "2"; } elseif ($userinfo["card_type"] == "SW") { $card_type = "10"; } elseif ($userinfo["card_type"] == "SO") { $card_type = "9"; } elseif ($userinfo["card_type"] == "UKE") { $card_type = "11"; } # Mod 1 - Finish Mode 1 $post = ""; $post[] = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>"; $post[] = "<EngineDocList><DocVersion>1.0</DocVersion><EngineDoc><ContentType>OrderFormDoc</ContentType>"; $post[] = "<User><Name>$pp_login</Name><Password>$pp_pass</Password><ClientId DataType=\"S32\">$pp_client</ClientId></User>"; $post[] = "<Instructions><Pipeline>Payment</Pipeline></Instructions><OrderFormDoc><Mode>$pp_mode</Mode>"; #$post[] = "<Instructions><Pipeline>PaymentNoFraud</Pipeline></Instructions><OrderFormDoc><Mode>Y</Mode>"; $post[] = "<Consumer>"; $post[] = "<Email>".$userinfo["email"]."</Email>"; $post[] = "<BillTo><Location><TelVoice>".$userinfo["phone"]."</TelVoice>"; $post[] = "<Address><Name>".$userinfo["b_firstname"]." ".$userinfo["b_lastname"]."</Name>"; $post[] = "<City>".$userinfo["b_city"]."</City><Street1>".$userinfo["b_address"]."</Street1>"; $post[] = "<StateProv>".$userinfo["b_state"]."</StateProv><PostalCode>".$userinfo["b_zipcode"]."</PostalCode></Address></Location></BillTo>"; $post[] = "<PaymentMech><CreditCard><Number>".$userinfo["card_number"]."</Number>"; $post[] = "<Expires DataType=\"ExpirationDate\" Locale=\"840\">".substr($userinfo["card_expire"],0,2)."/".substr($userinfo["card_expire"],2,2)."</Expires>"; # Mod 2 - Added another from xcart mod if (($card_type == 9)||($card_type == 10)){ $post[] = "<IssueNum>".$userinfo["card_issue_no"]."</IssueNum>"; $post[] = "<StartDate DataType=\"StartDate\" Locale=\"840\">".substr($userinfo["card_valid_from"],0,2)."/".substr($userinfo["card_valid_from"],2,2)."</StartDate>"; } # Mod2 - Finished adding mod 2 $post[] = "<Cvv2Val>".$userinfo["card_cvv2"]."</Cvv2Val>"; $post[] = "<Cvv2Indicator>".(!empty($userinfo["card_cvv2"])?1:2)."</Cvv2Indicator>"; $post[] = "</CreditCard></PaymentMech></Consumer>"; $post[] = "<Transaction><Type>Auth</Type><ChargeDesc1></ChargeDesc1>"; $post[] = "<CurrentTotals><Totals><Total DataType=\"Money\" Currency=\"".$curr."\">".(100*$cart["total_cost"])."</Total></Totals></CurrentTotals>"; $post[] = "</Transaction></OrderFormDoc></EngineDoc></EngineDocList>"; $pst = array("CLRCMRC_XML=".join("",$post)); list($a,$return)=func_https_request("POST","https://".$domen.":$port/",$pst); $return=preg_replace("/\n/","",$return); if (preg_match("/<CcReturnMsg(.*)>(.*)<\/CcReturnMsg>/",$return,$out)) $bill_output["billmes"] = $out[2]; if (preg_match("/<CcErrCode(.*)>(.*)<\/CcErrCode>/",$return,$out)) { $bill_output["code"] = ($out[2] == "1") ? 1 : 2; $bill_output["billmes"] .= " (CcErrCode: ".$out[2].")"; } else $bill_output["code"] = 0; if ($bill_output["code"] == 1) { preg_match("/<AuthCode(.*)>(.*)<\/AuthCode>/",$return,$out); $bill_output["billmes"] .= " (AuthCode: ".$out[2].")"; preg_match("/<CardholderPresentCode(.*)>(.*)<\/CardholderPresentCode>/",$return,$out); $bill_output["billmes"] .= " (CardholderPresentCode: ".$out[2].")"; preg_match("/<InputEnvironment(.*)>(.*)<\/InputEnvironment>/",$return,$out); $bill_output["billmes"] .= " (InputEnvironment: ".$out[2].")"; preg_match("/<TerminalInputCapability(.*)>(.*)<\/TerminalInputCapability>/",$return,$out); $bill_output["billmes"] .= " (TerminalInputCapability: ".$out[2].")"; preg_match("/<SecurityIndicator(.*)>(.*)<\/SecurityIndicator>/",$return,$out); $bill_output["cvvmes"] = "SecurityIndicator: ".$out[2]; } elseif ($bill_output["code"] == 2) { preg_match("/<Text(.*)>(.*)<\/Text>/",$return,$out); $bill_output["billmes"] .= $out[2]; preg_match("/<ResourceId(.*)>(.*)<\/ResourceId>/",$return,$out); $bill_output["billmes"] .= " (ResourceID: ".$out[2].")"; preg_match("/<Sev(.*)>(.*)<\/Sev>/",$return,$out); $bill_output["billmes"] .= " (Sev: ".$out[2].")"; } else { $bill_output["code"] = 0; } if(preg_match("/<DocumentId(.*)>(.*)<\/DocumentId>/",$return,$out)) $bill_output["billmes"].= " (DocumentId: ".$out[2].")"; if(preg_match("/<FraudResultCode(.*)>(.*)<\/FraudResultCode>/",$return,$out)) $bill_output["avsmes"] = "FraudResultCode: ".$out[2]; ?>
__________________
Apache/2.0.55 (Red Hat) & MYSQL Server: 5.0.24
PERL: 5.008005 / PHP: 4.4.4 - 4.3.1 X-CART

Shop carts at
http://www.nightscene.co.uk/shop/home.php
http://www.theshisha.net/shopcart/home.php
http://www.system-maintenance.com/maint/home.php
http://www.tabac4u.com
Reply With Quote
Reply
   X-Cart forums > X-Cart 4 > Dev Questions



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 03:17 PM.

   

 
X-Cart forums © 2001-2020