# calling in the WebSession.
#
$nvp7 = new NameValuePair();
$nvp7->setName('Account_updatePaymentMethod_updateBehavior');
$nvp7->setValue('CatchUp');
$nvp8 = new NameValuePair();
$nvp8->setName('Account_updatePaymentMethod_replaceOnAllAutoBills');
$nvp8->setValue('true');
$nvp9 = new NameValuePair();
$nvp9->setName('Account_updatePaymentMethod_ignoreAvsPolicy');
$nvp9->setValue('false');
$nvp10 = new NameValuePair();
$nvp10->setName('Account_updatePaymentMethod_ignoreCvnPolicy');
$nvp10->setValue('false');
$webSession->setMethodParamValues(array($nvp7, $nvp8, $nvp9, $nvp10));
$response = $webSession->initialize();
if ($response['returnCode'] == 200) {
$sessionId = $response['data']->session->getVID();
return $sessionId;
}
// Add error checking and logging of soap ids
});
//Example Method for WebSession Finalize
$app->get('/wsfinalizeaccountupdatepaymentmethod', function (Request $request) use($app) {
$webSession = new WebSession();
$websession_id = $request->query->get('vin_WebSession_VID');
$webSession->setVID($websession_id);
$response = $webSession->finalize();
// Add error checking and logging of soap ids
// Check all the response codes, log soap id.
$paymentMethodVid = $response['data']->session->apiReturnValues->accountUpdatePaymentMethod->account->paymentMethods[0]->VID;
function hoaAccountUpdatePaymentMethod($merchantAccountId = null, $merchantPaymentMethodId = null)
{
$creditCardAccount = '5454541111111111';
$paymentType = 'CreditCard';
$cvn = '111';
$exp = '201805';
$email = get_unique_value() . '@nomail.com';
$successUrl = 'http://good.com';
$errorUrl = 'http://bad.com';
$HOAmethod = 'Account_UpdatePaymentMethod';
$HOAurl = str_replace("soap", "secure", VIN_SOAP_HOST) . "/vws.html";
$HOAversion = '5.0';
// VIN_SOAP_CLIENT_VERSION
$ipAddress = '127.0.0.1';
$name = 'John Vindicia';
$addr1 = '303 Twin Dolphin Drive';
$city = 'Redwood City';
$district = 'CA';
$postalCode = '94065';
$country = 'US';
# Create a new WebSession object
$webSession = new WebSession();
# Set the WebSession parameters
$webSession->setReturnURL($successUrl);
$webSession->setErrorURL($errorUrl);
$webSession->setIpAddress($ipAddress);
$webSession->setMethod($HOAmethod);
$webSession->setVersion($HOAversion);
if (is_null($merchantAccountId)) {
$merchantAccountId = 'account-2015-02-10_02_55_50';
}
if (is_null($merchantPaymentMethodId)) {
$merchantPaymentMethodId = 'pm-2015-02-10_02_55_50';
}
// Step 2: start configuring the WebSession with the parameters we want to have
$nvp1 = new NameValuePair();
$nvp1->setName('vin_Account_merchantAccountId');
$nvp1->setValue($merchantAccountId);
// so that we can use the existing account
$nvp2 = new NameValuePair();
$nvp2->setName('vin_PaymentMethod_merchantPaymentMethodId');
$nvp2->setValue($merchantPaymentMethodId);
$nvp3 = new NameValuePair();
$nvp3->setName('vin_PaymentMethod_type');
$nvp3->setValue($paymentType);
$webSession->setPrivateFormValues(array($nvp1, $nvp2, $nvp3));
$nvp7 = new NameValuePair();
$nvp7->setName('Account_updatePaymentMethod_updateBehavior');
$nvp7->setValue('CatchUp');
$nvp8 = new NameValuePair();
$nvp8->setName('Account_updatePaymentMethod_replaceOnAllAutoBills');
$nvp8->setValue('false');
$nvp9 = new NameValuePair();
$nvp9->setName('Account_updatePaymentMethod_ignoreAvsPolicy');
$nvp9->setValue('false');
$nvp10 = new NameValuePair();
$nvp10->setName('Account_updatePaymentMethod_ignoreCvnPolicy');
$nvp10->setValue('false');
$webSession->setMethodParamValues(array($nvp7, $nvp8, $nvp9, $nvp10));
// now, create the session and generate it's session ID
$response = $webSession->initialize();
print_r($response);
# Check to see that the initialize succeeded
#
if ($response['returnCode'] == 200) {
# The VID of the WebSession object serves as session id
#
$vin_WebSession_vid = $response['data']->session->getVID();
} else {
print_r($response);
return;
}
# populate accountHolderName with same value as on billingAddress:
$post['vin_PaymentMethod_accountHolderName'] = $post['vin_PaymentMethod_billingAddress_name'] = $name;
$post['vin_PaymentMethod_billingAddress_addr1'] = $addr1;
$post['vin_PaymentMethod_billingAddress_city'] = $city;
$post['vin_PaymentMethod_billingAddress_district'] = $district;
$post['vin_PaymentMethod_billingAddress_postalCode'] = $postalCode;
$post['vin_PaymentMethod_billingAddress_country'] = $country;
$post['vin_Account_emailAddress'] = $email;
$post['vin_PaymentMethod_creditCard_account'] = $creditCardAccount;
$post['vin_PaymentMethod_creditCard_expirationDate'] = $exp;
$post['vin_PaymentMethod_nameValues_cvn'] = $cvn;
$post['vin_WebSession_vid'] = $vin_WebSession_vid;
# Copy the BillingAddress to the ShippingAddress to improve
# Chargeback dispute success. Visa will deny disputed Chargeback
# for many reasons. A missing ShippingAddress, even though there
# is nothing being shipped, is commonly one of those reasons.
# This can be done with JavaScript on the checkout form.
#
$post['vin_Account_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_addr1'] = $post['vin_PaymentMethod_billingAddress_addr1'];
$post['vin_Account_shippingAddress_city'] = $post['vin_PaymentMethod_billingAddress_city'];
$post['vin_Account_shippingAddress_district'] = $post['vin_PaymentMethod_billingAddress_district'];
$post['vin_Account_shippingAddress_county'] = $post['vin_PaymentMethod_billingAddress_county'];
$post['vin_Account_shippingAddress_postalCode'] = $post['vin_PaymentMethod_billingAddress_postalCode'];
$post['vin_Account_shippingAddress_country'] = $post['vin_PaymentMethod_billingAddress_country'];
$post['vin_Account_shippingAddress_phone'] = $post['vin_PaymentMethod_billingAddress_phone'];
# Create the curl command line for exec by looping through the
# $post array
#
$curlopts = "";
foreach ($post as $name => $value) {
$curlopts .= " --data-urlencode {$name}=\"{$value}\"";
}
print "<b><i>SOAP URL</i></b>: " . VIN_SOAP_HOST . PHP_EOL;
# Do the POST
#
print "Posting to <b>HOA URL</b>: " . $HOAurl . PHP_EOL;
print PHP_EOL;
exec("curl -s {$curlopts} " . $HOAurl, $curlout, $curlret);
# this line is only here to support testing with a single PHP file:
$_GET = simulate_get($curlout);
# the above function established the $_GET array to be the same as
# what PHP by default populates in the $_GET array when the returnURL
# page is a separate PHP file, and is here to support testing with
# a single PHP file.
#---------------------------------------------------------------------------
#
# PHP specific code handling of HOA WebSession Method finalize processing
# ------------------------------------------------------------------------
#
# The finalize call returns an updated WebSession object. This
# is correct in that it refers to the WebSession.finalize soap request and the
# WebSession.finalizeResponse soap response as defined in the WSDL and Online
# Soap Documentation at:
#
# http://developer.vindicia.com/docs/soap/index.html?ver=9.0
#
# However, specific to the CashBox PHP Client library, this translates into
# the mapping into the PHP API method to invoke the WebSession.finalize soap
# request, and the WebSession.finalizeResponse object containing the returned
# WebSession object may be accessed from the response:
#
# 1) PHP API method to invoke the WebSession.finalize soap request:
#
# $response = WebSession->finalize()
#
# 2) WebSession.finalizeResponse soap response object containing WebSession:
#
# Following a successful call to finalize(), the values from $response, the
# WebSession.finalizeResponse soap response, are then accessible by referencing
# the nested objects in the response corresponding to the hierarchy in the WSDL.
#
# Note that the WebSession data members from the WSDL are documented in the
# Online Soap documentation for the WebSession datatype below:
#
# http://developer.vindicia.com/docs/soap/AllDataTypes.html?pf=1&ver=9.0&type=WebSession
#
# ---
#
# HOA uses the following 3 steps:
# 1. WebSession.initialize (initialize & obtain a sessionId for the WebSession)
# 2. HOA Form Post (Present Form to buyer with hidden sessionId, buyer posts to HOA)
# 3. Redirect to HOA success page (sessionId from redirect for WebSession.finalize)
#
# Below describes the handling of Step 3, HOA success page,
# where the sessionId from the redirect URL is passed to the finalize() method below:
#
# 6. Upon payment form submission if customer’s browser is redirected to the Return URL
# hosted by you and specified in the WebSession object. On this page finalize the
# WebSession object as follows:
#
# a. The redirect URL string contains WebSession’s VID as the value associated with
# name ‘session_id’. Use the VID to make the finalize() call below:
#
# ---
#
# HOA WebSession Method: Account_UpdatePaymentMethod
#
#---------------------------------------------------------------------------
#
# HOA Success Page: Need to call WebSession.finalize() to invoke internal
# soap call to Account.updatePaymentMethod() as indicated by the value of
# WebSession Method (Account_UpdatePaymentMethod), using the parameters already
# contained in the WebSession object stored in the database (on the HOA/CashBox server).
#
#
# Documentation of Soap Objects returned in PHP code (displayed by print_r($response)):
#
# To see the data members in the WebSession (& all other CashBox Soap objects),
# please review the Online Soap Documentation at the link below:
#
# http://developer.vindicia.com/docs/soap/index.html?ver=9.0
#
# Within the Online Soap Documentation, the following links are pertinent:
#
# All Data Types that are returned by PHP (as seen by print_r($response) are found at:
# http://developer.vindicia.com/docs/soap/AllDataTypes.html?ver=9.0
#
# The WebSession methods (including WebSession.initialize() & WebSession.finalize():
# http://developer.vindicia.com/docs/soap/WebSession.html?ver=9.0
#
# Specifically for the code below, the WebSession Data Type definition:
# http://developer.vindicia.com/docs/soap/AllDataTypes.html?pf=1&ver=9.0&type=WebSession
#
# With the above Documentation of the CashBox Soap Objects in mind, the source code
# of the PHP library itself reveals the actual syntax of the PHP methods involved in
# setting data members on the CashBox Soap Objects represented in PHP Objects created
# & used in this sample code.
#
# The source code for the WebSession Object in the PHP library is found under
# Vindicia/Soap/WebSession.php within the PHP library for example.
#
#-Step 3-----------------------------------------------------
#-Step 3-
#-Step 3- This code should be on the returnURL page
#-Step 3-
#-Step 3- Nothing has been committed until the WebSession gets
#-Step 3- finalized. This is done in the returnURL page code. For
#-Step 3- example, the returnURL is a confirmation page and when
#-Step 3- the user clicks a confirmation button the form action
#-Step 3- is a page that performs all the actual finalize steps.
#-Step 3-
print "Parameters from redirect URL:" . PHP_EOL;
print_r($_GET);
$session_id = $_GET['session_id'];
$webSession = new WebSession();
$webSession->setVid($session_id);
# initialize call timestamp in case of error for support information below:
date_default_timezone_set("America/Los_Angeles");
$call_timestamp = date("c");
// c - The ISO-8601 date (e.g. 2015-06-17T16:34:42+00:00)
$response = $webSession->finalize();
print_r($response);
$session = $response['data']->session;
# WebSession.finalizeResponse.return.returnCode
$returnCode = $response['returnCode'];
# WebSession.finalizeResponse.return.returnString
$returnString = $response['returnString'];
# WebSession.finalizeResponse.return.soapId
$finalize_soapId = $response['data']->return->soapId;
print $call_timestamp . " WebSession.finalize soapId: " . $finalize_soapId . "\n";
# log soap id if available in the return values of this call
# WebSession.apiReturn.returnCode
$apiReturnCode = $session->apiReturn->returnCode;
# WebSession.apiReturn.returnString
$apiReturnString = $session->apiReturn->returnString;
# WebSession.apiReturnValues
$apiReturnValues = $session->apiReturnValues;
# WebSession.apiReturnValues.accountUpdatePaymentMethod
$accountUpdatePaymentMethod = $apiReturnValues->accountUpdatePaymentMethod;
# WebSession.apiReturnValues.accountUpdatePaymentMethod.validated
$validated = $accountUpdatePaymentMethod->validated;
if ($response['returnCode'] != '200') {
print $response['returnCode'] . PHP_EOL;
print $returnString . PHP_EOL;
print $apiReturnCode . PHP_EOL;
print $apiReturnString . PHP_EOL;
} else {
print $apiReturnCode . PHP_EOL;
print $apiReturnString . PHP_EOL;
if ($apiReturnCode == "200") {
print PHP_EOL . 'Updated Credit Card. Account=' . $merchantAccountId . ' PaymentMethod=' . $merchantPaymentMethodId . PHP_EOL;
} else {
if ($apiReturnCode = "261") {
print "All active AutoBills were updated. AutoBills which are both expired and Suspended cannot be updated.\n";
} else {
if ($apiReturnCode == "400") {
print "One of the following:\n• Invalid Payment Method Type. (You cannot change the Payment Method Type on an existing Payment Method.)\n• No PaymentMethod specified in arguments.\n• Data validation error Failed to create Payment-Type-Specific Payment Record: Credit Card conversion failed: Credit Card failed Luhn check.\n";
} else {
if ($apiReturnCode == "402") {
print "One of the following:\n• PaymentMethod failed validation.\n• Error attempting to authorize card.\n• Unable to authorize card.\n";
} else {
if ($apiReturnCode = "404") {
print "No match found error-description.\n Returned if CashBox cannot find an account that matches the input in the Vindicia database.\n";
} else {
if ($apiReturnCode = "407") {
print "Transaction cannot be processed due to Failed AVS policy evaluation\n";
} else {
if ($apiReturnCode = "408") {
print "Transaction cannot be processed due to Failed CVN policy evaluation\n";
} else {
if ($apiReturnCode = "409") {
print "AutoBill creation failed: due to AVS and CVV Check Failed\n";
} else {
if ($apiReturnCode = "410") {
print "AutoBill creation failed: due to AVS and CVV Check not being able to be performed\n";
} else {
print "Error while making call to Vindicia CashBox\n";
}
}
}
}
}
}
}
}
}
}
return array('apiReturnCode' => $apiReturnCode, 'validated' => $validated);
}
function hoaAutoBill()
{
# Set the data members from the arg values
#
$uniqueValue = get_unique_value();
$merchantAutoBillId = 'ab-' . $uniqueValue;
$merchantAccountId = 'account-' . $uniqueValue;
$merchantPaymentMethodId = 'pm-' . $uniqueValue;
$merchantProductId = 'Video';
$merchantBillingPlanId = 'OneMonthSubOneMonthRecurring';
$creditCardAccount = '5454541111111111';
$paymentType = 'CreditCard';
$cvn = '111';
$exp = '201501';
$email = get_unique_value() . '@nomail.com';
$successUrl = 'http://good.com';
$errorUrl = 'http://bad.com';
$HOAmethod = 'AutoBill_Update';
$HOAurl = 'https://secure.prodtest.sj.vindicia.com/vws';
$HOAversion = '5.0';
$ipAddress = '127.0.0.1';
$name = 'John Vindicia';
$addr1 = '303 Twin Dolphin Drive';
$city = 'Redwood City';
$district = 'CA';
$postalCode = '94065';
$country = 'US';
#------------------------------------------------------------
#-Step 1-
#-Step 1- Initialize the WebSession before the PaymentMethod
#-Step 1- form is displayed to the user
#-Step 1-
#
# Create a new WebSession object
$webSession = new WebSession();
# Set the WebSession parameters
$webSession->setReturnURL($successUrl);
$webSession->setErrorURL($errorUrl);
$webSession->setIpAddress($ipAddress);
$webSession->setMethod($HOAmethod);
$webSession->setVersion($HOAversion);
#------------------------------------------------------------
# Set PrivateFormValues. These are hidden fields in the POST
# that we want to protect from hacking. If the value in the
# POST does not match the value set during initialization,
# the WebSession.finalize will fail
# Your ID for this AutoBill
$ab_id = new NameValuePair();
$ab_id->setName("vin_AutoBill_merchantAutoBillId");
$ab_id->setValue($merchantAutoBillId);
# Your ID for this user
$acct_id = new NameValuePair();
$acct_id->setName("vin_Account_merchantAccountId");
$acct_id->setValue($merchantAccountId);
# Permissible values for the Product that is going to be purchased
// $prod_id = new NameValuePair();
// $prod_id->setName("vin_Product_merchantProductId");
// $prod_id->setValue($merchantProductId);
# Permissible values for the Product that is going to be purchased
$prod_id = new NameValuePair();
$prod_id->setName("vin_AutoBill_items_0_Product_merchantProductId");
$prod_id->setValue($merchantProductId);
# Permissible values for BillingPlan to be used
$plan_id = new NameValuePair();
$plan_id->setName("vin_BillingPlan_merchantBillingPlanId");
$plan_id->setValue($merchantBillingPlanId);
# Your ID for this PaymentMethod
$paym_id = new NameValuePair();
$paym_id->setName("vin_PaymentMethod_merchantPaymentMethodId");
$paym_id->setValue($merchantPaymentMethodId);
$pmt_type = new NameValuePair();
$pmt_type->setName("vin_PaymentMethod_type");
$pmt_type->setValue($paymentType);
# Add the PrivateFormValues to the WebSession
$webSession->setPrivateFormValues(array($ab_id, $acct_id, $prod_id, $plan_id, $paym_id, $pmt_type));
#------------------------------------------------------------
# Set any parameters specific for the Method we are
# calling in the WebSession.
#
$validate = new NameValuePair();
$validate->setName("AutoBill_Update_validatePaymentMethod");
// $validate->setName("AutoBill_Update_validate");
$validate->setValue("true");
$minChargebackProbability = new NameValuePair();
$minChargebackProbability->setName("AutoBill_Update_minChargebackProbability");
// Value of 100 turns off fraud checking.
$minChargebackProbability->setValue("100");
$ignoreCvnPolicy = new NameValuePair();
$ignoreCvnPolicy->setName("AutoBill_Update_ignoreCvnPolicy");
$ignoreCvnPolicy->setValue("false");
$ignoreAvsPolicy = new NameValuePair();
$ignoreAvsPolicy->setName("AutoBill_Update_ignoreAvsPolicy");
$ignoreAvsPolicy->setValue("false");
$dryRun = new NameValuePair();
$dryRun->setName("AutoBill_Update_dryRun");
$dryRun->setValue("false");
// AutoBill_Update takes in one more parameter - campaignCode
// We will collect campaign code from the payment form
$webSession->setMethodParamValues(array($validate, $minChargebackProbability, $ignoreCvnPolicy, $ignoreAvsPolicy, $dryRun));
# Initialize the WebSession
#
$response = $webSession->initialize();
# Check to see that the initialize succeeded
#
if ($response['returnCode'] == 200) {
# The VID of the WebSession object serves as session id
#
$vin_WebSession_vid = $response['data']->session->getVID();
} else {
print $response;
return;
}
#------------------------------------------------------------
#-Step 2-
#-Step 2- This is the payment method FORM and the HOA POST
#-Step 2-
# TODO: Parameterize these from $_POST or $argv
# Fields on the checkout FORM
# User supplied input
// $post['vin_PaymentMethod_merchantPaymentMethodId'] =
// $merchantPaymentMethodId;
$post['vin_PaymentMethod_accountHolderName'] = $post['vin_PaymentMethod_billingAddress_name'] = $name;
$post['vin_PaymentMethod_billingAddress_addr1'] = $addr1;
$post['vin_PaymentMethod_billingAddress_city'] = $city;
$post['vin_PaymentMethod_billingAddress_district'] = $district;
$post['vin_PaymentMethod_billingAddress_postalCode'] = $postalCode;
$post['vin_PaymentMethod_billingAddress_country'] = $country;
$post['vin_Account_emailAddress'] = $email;
$post['vin_PaymentMethod_creditCard_account'] = $creditCardAccount;
$post['vin_PaymentMethod_creditCard_expirationDate'] = $exp;
$post['vin_PaymentMethod_nameValues_cvn'] = $cvn;
# Hidden fields in the checkout FORM
#
$post['vin_WebSession_vid'] = $vin_WebSession_vid;
// If you have a Campaign Code form value...
//$post['AutoBill_Update_campaignCode'] = 'XYZ';
# Copy the BillingAddress to the ShippingAddress to improve
# Chargeback dispute success. Visa will deny disputed Chargeback
# for many reasons. A missing ShippingAddress, even though there
# is nothing being shipped, is commonly one of those reasons.
# This can be done with JavaScript on the checkout form.
#
$post['vin_Account_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_addr1'] = $post['vin_PaymentMethod_billingAddress_addr1'];
$post['vin_Account_shippingAddress_city'] = $post['vin_PaymentMethod_billingAddress_city'];
$post['vin_Account_shippingAddress_district'] = $post['vin_PaymentMethod_billingAddress_district'];
$post['vin_Account_shippingAddress_county'] = $post['vin_PaymentMethod_billingAddress_county'];
$post['vin_Account_shippingAddress_postalCode'] = $post['vin_PaymentMethod_billingAddress_postalCode'];
$post['vin_Account_shippingAddress_country'] = $post['vin_PaymentMethod_billingAddress_country'];
$post['vin_Account_shippingAddress_phone'] = $post['vin_PaymentMethod_billingAddress_phone'];
# Create the curl command line for exec by looping through the
# $post array
#
$curlopts = "";
foreach ($post as $name => $value) {
$curlopts .= " --data-urlencode {$name}=\"{$value}\"";
}
# Do the POST
#
exec("curl -s {$curlopts} " . $HOAurl, $curlout, $curlret);
#-Step 3-----------------------------------------------------
#-Step 3-
#-Step 3- This code should be on the returnURL page
#-Step 3-
#-Step 3- Nothing has been committed until the WebSession gets
#-Step 3- finalized. This is done in the returnURL page code. For
#-Step 3- example, the returnURL is a confirmation page and when
#-Step 3- the user clicks a confirmation button the form action
#-Step 3- is a page that performs all the actual finalize steps.
#-Step 3-
#------------------------------------------------------------
# This is only necessary for this CLI implementation.
#
# Flatten the output from exec so we can search it. The response
# from a successful HOA POST should be a 302 page that contains
# our returnURL with the WebSessionVID as the query string.
#
if (php_sapi_name() == "cli") {
$curlresp = implode("\n", $curlout);
}
#
#------------------------------------------------------------
# For CLI, use the WebSessionId we stored in the POST values
# for curl. For everything else, retrieve the WebSessionId
# from the URL query string on the redirect to the returnURL
#
if (php_sapi_name() == "cli") {
$session_id = $post['vin_WebSession_vid'];
} else {
$session_id = $_GET['session_id'];
}
$webSession = new WebSession();
$webSession->setVid($session_id);
$response = $webSession->finalize();
if ($response['returnCode'] != '200') {
print $response;
}
# Note, finalize almost always returns a 200 returnCode. The real
# test for success of the underlying API call is inspection of
# the apiReturn and apiReturnValues objects
# Parse out the return object from the method call
#
$apiReturnValues = $response['data']->session->apiReturnValues;
# Check the returnCode of the method called.
# See Returns for update method of AutoBill object in the API
# Reference for possible returnCodes.
#
if ($response['data']->session->apiReturn->returnCode != "200") {
//408 - AutoBill creation failed: CVV check failed
//407 - AutoBill creation failed: AVS Check Failed
//409 - AutoBill creation failed: AVS and CVV Check Failed
//410 - AutoBill creation failed: AVS and CVV check could not be performed
//402 - AutoBill creation failed: Card authorization failed
//400 - AutoBill creation failed
print $apiReturnValues;
}
print 'success';
print $response['data']->session->apiReturn->soapId . " AutoBill >" . $merchantAutoBillId . "< created for Account >" . $merchantAccountId . "< using PaymentMethod >" . $merchantPaymentMethodId . "< AuthCode->" . $response['data']->session->apiReturnValues->autoBillUpdate->authStatus->creditCardStatus->getAuthCode() . "< AVS->" . $response['data']->session->apiReturnValues->autoBillUpdate->authStatus->creditCardStatus->getAvsCode() . "< CVN->" . $response['data']->session->apiReturnValues->autoBillUpdate->authStatus->creditCardStatus->getCvnCode() . "<";
}
function hoaTransactionAuthThenCapture()
{
$uniqueValue = get_unique_value();
$merchantAccountId = 'account-' . $uniqueValue;
$merchantTransactionId = 't-' . $uniqueValue;
if (fail_if_merchant_transaction_id_too_long($merchantTransactionId)) {
return;
}
$merchantPaymentMethodId = 'pm-' . $uniqueValue;
$creditCardAccount = '5454541111111111';
$paymentType = 'CreditCard';
$cvn = '111';
$exp = '201801';
$email = get_unique_value() . '@nomail.com';
$successUrl = 'http://good.com';
$errorUrl = 'http://bad.com';
$HOAmethod = 'Transaction_Auth';
$HOAurl = 'https://secure.prodtest.sj.vindicia.com/vws';
$HOAversion = '5.0';
$ipAddress = '127.0.0.1';
$name = 'John Vindicia';
$addr1 = '303 Twin Dolphin Drive';
$city = 'Redwood City';
$district = 'CA';
$postalCode = '94065';
$country = 'US';
#------------------------------------------------------------
#-Step 1-
#-Step 1- Initialize the WebSession before the PaymentMethod
#-Step 1- form is displayed to the user
#-Step 1-
#
# Create a new WebSession object
$webSession = new WebSession();
# Set the WebSession parameters
$webSession->setReturnURL($successUrl);
$webSession->setErrorURL($errorUrl);
$webSession->setIpAddress($ipAddress);
$webSession->setMethod($HOAmethod);
$webSession->setVersion($HOAversion);
#------------------------------------------------------------
# Set PrivateFormValues. These are hidden fields in the POST
# that we want to protect from hacking. If the value in the
# POST does not match the value set during initialization,
# the WebSession.finalize will fail
// $account_VID = $account->VID;
//
// $nameVals[0] = new NameValuePair();
// $nameVals[0]->setName('Account_VID');
// $nameVals[0]->setValue($account_VID); // so that we can use the existing account
$tx_id = new NameValuePair();
$tx_id->setName('vin_Transaction_merchantTransactionId');
$tx_id->setValue($merchantTransactionId);
// so that we can use the existing account
# Your ID for this user
$acct_id = new NameValuePair();
$acct_id->setName("vin_Account_merchantAccountId");
$acct_id->setValue($merchantAccountId);
# Your ID for this PaymentMethod
$paym_id = new NameValuePair();
$paym_id->setName("vin_PaymentMethod_merchantPaymentMethodId");
$paym_id->setValue($merchantPaymentMethodId);
$pmt_type = new NameValuePair();
$pmt_type->setName("vin_PaymentMethod_type");
$pmt_type->setValue($paymentType);
# Add the PrivateFormValues to the WebSession
$webSession->setPrivateFormValues(array($tx_id, $acct_id, $paym_id, $pmt_type));
#------------------------------------------------------------
# Set any parameters specific for the Method we are
# calling in the WebSession.
#
$minChargebackProbability = new NameValuePair();
$minChargebackProbability->setName("Transaction_Auth_minChargebackProbability");
$minChargebackProbability->setValue("70");
$dryRun = new NameValuePair();
$dryRun->setName("Transaction_Auth_dryRun");
$dryRun->setValue("false");
$sendEmailNotification = new NameValuePair();
$sendEmailNotification->setName("Transaction_Auth_sendEmailNotification");
$sendEmailNotification->setValue("true");
// Transaction_Auth takes in one more parameter - campaignCode
// We can collect campaign code from the payment form and set
// prior to WebSession.Finalize, or pass it in here prior to WebSession.Initialize.
$campaign = 'CampaignXYZ';
// $campaignCodeNVP = new NameValuePair();
// $campaignCodeNVP->setName("Transaction_Auth_campaignCode");
// $campaignCodeNVP->setValue($campaign);
$webSession->setMethodParamValues(array($sendEmailNotification, $minChargebackProbability, $dryRun));
# Initialize the WebSession
#
$response = $webSession->initialize();
# Check to see that the initialize succeeded
#
if ($response['returnCode'] == 200) {
# The VID of the WebSession object serves as session id
#
$vin_WebSession_vid = $response['data']->session->getVID();
} else {
print $response;
return;
}
#------------------------------------------------------------
#-Step 2-
#-Step 2- This is the payment method FORM and the HOA POST
#-Step 2-
# Fields on the checkout FORM
# User supplied input
// $post['vin_PaymentMethod_merchantPaymentMethodId'] =
// $merchantPaymentMethodId;
$post['vin_PaymentMethod_accountHolderName'] = $post['vin_PaymentMethod_billingAddress_name'] = $name;
$post['vin_PaymentMethod_billingAddress_addr1'] = $addr1;
$post['vin_PaymentMethod_billingAddress_city'] = $city;
$post['vin_PaymentMethod_billingAddress_district'] = $district;
$post['vin_PaymentMethod_billingAddress_postalCode'] = $postalCode;
$post['vin_PaymentMethod_billingAddress_country'] = $country;
$post['vin_Account_emailAddress'] = $email;
$post['vin_PaymentMethod_creditCard_account'] = $creditCardAccount;
$post['vin_PaymentMethod_creditCard_expirationDate'] = $exp;
$post['vin_PaymentMethod_nameValues_cvn'] = $cvn;
$post['vin_Transaction_transactionItems_0_sku'] = 'Item 1';
$post['vin_Transaction_transactionItems_0_name'] = 'Item 1 Description';
$post['vin_Transaction_transactionItems_0_price'] = '99';
$post['vin_Transaction_transactionItems_0_quantity'] = '1';
# Hidden fields in the checkout FORM
#
$post['vin_WebSession_vid'] = $vin_WebSession_vid;
# Copy the BillingAddress to the ShippingAddress to improve
# Chargeback dispute success. Visa will deny disputed Chargeback
# for many reasons. A missing ShippingAddress, even though there
# is nothing being shipped, is commonly one of those reasons.
# This can be done with JavaScript on the checkout form.
#
$post['vin_Account_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_addr1'] = $post['vin_PaymentMethod_billingAddress_addr1'];
$post['vin_Account_shippingAddress_city'] = $post['vin_PaymentMethod_billingAddress_city'];
$post['vin_Account_shippingAddress_district'] = $post['vin_PaymentMethod_billingAddress_district'];
$post['vin_Account_shippingAddress_county'] = $post['vin_PaymentMethod_billingAddress_county'];
$post['vin_Account_shippingAddress_postalCode'] = $post['vin_PaymentMethod_billingAddress_postalCode'];
$post['vin_Account_shippingAddress_country'] = $post['vin_PaymentMethod_billingAddress_country'];
$post['vin_Account_shippingAddress_phone'] = $post['vin_PaymentMethod_billingAddress_phone'];
// If you have a Campaign Code form value...
//$post['Transaction_Auth_campaignCode'] = $campaign;
# Create the curl command line for exec by looping through the
# $post array
#
$curlopts = "";
foreach ($post as $name => $value) {
$curlopts .= " --data-urlencode {$name}=\"{$value}\"";
}
# Do the POST
#
exec("curl -s {$curlopts} " . $HOAurl, $curlout, $curlret);
#-Step 3-----------------------------------------------------
#-Step 3-
#-Step 3- This code should be on the returnURL page
#-Step 3-
#-Step 3- Nothing has been committed until the WebSession gets
#-Step 3- finalized. This is done in the returnURL page code. For
#-Step 3- example, the returnURL is a confirmation page and when
#-Step 3- the user clicks a confirmation button the form action
#-Step 3- is a page that performs all the actual finalize steps.
#-Step 3-
#------------------------------------------------------------
# This is only necessary for this CLI implementation.
#
# Flatten the output from exec so we can search it. The response
# from a successful HOA POST should be a 302 page that contains
# our returnURL with the WebSessionVID as the query string.
#
if (php_sapi_name() == "cli") {
$curlresp = implode("\n", $curlout);
}
#
#------------------------------------------------------------
# For CLI, use the WebSessionId we stored in the POST values
# for curl. For everything else, retrieve the WebSessionId
# from the URL query string on the redirect to the returnURL
#
if (php_sapi_name() == "cli") {
$session_id = $post['vin_WebSession_vid'];
} else {
$session_id = $_GET['session_id'];
}
$campaignCode = $post['Transaction_Auth_campaignCode'];
if ($campaignCode != null) {
$fetchedWebSession = new WebSession();
$response = $fetchedWebSession->fetchByVid($session_id);
$response_object = $response['data'];
$return_code = $response['returnCode'];
$websession = $response_object->session;
if ($return_code != "200" || $websession->apiReturn->returnCode != "200") {
print $response;
}
}
$webSession = new WebSession();
$webSession->setVid($session_id);
if ($campaignCode != null) {
$campaignCodeNVP = new NameValuePair();
$campaignCodeNVP->setName("Transaction_Auth_campaignCode");
$campaignCodeNVP->setValue($campaignCode);
$webSession->setMethodParamValues(array($campaignCodeNVP));
}
$response = $webSession->finalize();
if ($response['returnCode'] != '200') {
print $response['data']->session->apiReturn->returnCode . PHP_EOL;
print $response['data']->session->apiReturn->returnString . PHP_EOL;
} else {
print "returnCode=" . $response['data']->session->apiReturn->returnCode . PHP_EOL;
print "returnString=" . $response['data']->session->apiReturn->returnString . PHP_EOL;
if ($response['data']->session->apiReturn->returnCode == "200") {
$returnTransaction = $response['data']->session->apiReturnValues->transactionAuth->transaction;
if ($returnTransaction->statusLog[0]->status == 'Authorized') {
print "Transaction approved\n";
$captureTransaction = new Transaction();
$response = $captureTransaction->capture(array($returnTransaction));
print "returnCode=" . $response['returnCode'] . PHP_EOL;
print "returnString=" . $response['returnString'] . PHP_EOL;
if ($response['returnCode'] == 200) {
$captureResults = $response['data']->results;
foreach ($captureResults as $captureResult) {
if ($captureResult->returnCode == 200) {
print "Transaction with id " . $captureResult->merchantTransactionId . " was successfully captured";
} else {
print "Transaction was not successfully captured. ReturnCode=" . $captureResult->returnCode;
}
}
} else {
print "Transactions were not successfully captured. ReturnCode=" . $response['returnCode'];
}
} else {
if ($returnTransaction->statusLog[0]->status == 'Cancelled') {
print "Transaction not approved \n";
print "Reason code is: ";
print $returnTransaction->statusLog[0]->creditCardStatus->authCode;
print "\n";
} else {
print "Error: Unexpected transaction status\n";
}
}
} else {
if ($response['data']->session->apiReturn->returnCode = "202") {
print "Transaction cannot be processed due to taxes being temporarily unavailable\n";
} else {
if ($response['data']->session->apiReturn->returnCode == "400") {
print "Transaction cannot be processed due to data validation error\n";
} else {
if ($response['data']->session->apiReturn->returnCode == "402") {
print "Transaction cannot be processed due to transaction error\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "403") {
print "Transaction cannot be processed due to high fraud potential\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "406") {
print "Transaction cannot be processed due to Chargeback risk score being higher than minChargebackProbability\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "407") {
print "Transaction cannot be processed due to Failed AVS policy evaluation\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "408") {
print "Transaction cannot be processed due to Failed CVN policy evaluation\n";
} else {
print "Error while making call to Vindicia CashBox\n";
}
}
}
}
}
}
}
}
}
}
$nvp8->setValue(1);
$nvp9 = new NameValuePair();
$nvp9->setName('PaymentMethod_Update_sourceIp');
$nvp9->setValue(IP_ADDRESS);
$nvp10 = new NameValuePair();
$nvp10->setName('PaymentMethod_Update_replaceOnAllChildAutoBills');
$nvp10->setValue(1);
$nvp11 = new NameValuePair();
$nvp11->setName('PaymentMethod_Update_ignoreAvsPolicy');
$nvp11->setValue(0);
$nvp12 = new NameValuePair();
$nvp12->setName('PaymentMethod_Update_ignoreCvnPolicy');
$nvp12->setValue(0);
$websession->setMethodParamValues(array($nvp6, $nvp7, $nvp8, $nvp9, $nvp10, $nvp11, $nvp12));
// now, create the session and generate it's session ID
$rc = $websession->initialize();
// print_r($rc);
$response_object = $rc['data'];
$return_code = $rc['returnCode'];
$return_object = $response_object->session;
$session_id = $return_object->VID;
?>
Merchant PM ID is <?php
echo $merchantPmId;
?>
<br>
Please enter your payment details in the following form: