<?php
// Include the Vindicia library
ini_set('include_path', '/Applications/MAMP/htdocs/16.0');
require_once "Vindicia/Soap/Vindicia.php";
require_once "Vindicia/Soap/Const.php";
// first, parse the POST parameters and create the Account object
$session_id = $_GET['session_id'];
$websession = new WebSession();
$response = $websession->fetchByVid('', $session_id);
print_r($response);
$response_object = $response['data'];
$return_code = $response['returnCode'];
$websession = $response_object->session;
if ($return_code == "200" && $websession->apiReturn->returnCode == "200") {
// then all is good
$response = $websession->finalize();
//print the entire response for debugging if needed
//print "Printing finalize response <br />";
//print_r ($response);
print "<br />";
if ($response['returnCode'] == '200' && $response['data']->session->apiReturn->returnCode == "200") {
print "Finalize successful." . "<br />";
print "SOAP ID: " . $response['data']->return->soapId . "<br />";
print "vinAVS: " . $response['data']->session->apiReturnValues->paymentMethodUpdate->authStatus->vinAVS . "<br />";
print "authCode: " . $response['data']->session->apiReturnValues->paymentMethodUpdate->authStatus->creditCardStatus->authCode . "<br />";
print "cvnCode: " . $response['data']->session->apiReturnValues->paymentMethodUpdate->authStatus->creditCardStatus->cvnCode . "<br />";
} else {
print "Unable to finalize the websession" . "<br />";
print "returnCode: " . $response['returnCode'] . "<br />";
print "returnString: " . $response['returnString'] . "<br />";
function hoaTransactionAuthThenCapture()
{
$uniqueValue = get_unique_value();
$merchantAccountId = 'account-' . $uniqueValue;
$merchantTransactionId = 't-' . $uniqueValue;
if (fail_if_merchant_transaction_id_too_long($merchantTransactionId)) {
return;
}
$merchantPaymentMethodId = 'pm-' . $uniqueValue;
$creditCardAccount = '5454541111111111';
$paymentType = 'CreditCard';
$cvn = '111';
$exp = '201801';
$email = get_unique_value() . '@nomail.com';
$successUrl = 'http://good.com';
$errorUrl = 'http://bad.com';
$HOAmethod = 'Transaction_Auth';
$HOAurl = 'https://secure.prodtest.sj.vindicia.com/vws';
$HOAversion = '5.0';
$ipAddress = '127.0.0.1';
$name = 'John Vindicia';
$addr1 = '303 Twin Dolphin Drive';
$city = 'Redwood City';
$district = 'CA';
$postalCode = '94065';
$country = 'US';
#------------------------------------------------------------
#-Step 1-
#-Step 1- Initialize the WebSession before the PaymentMethod
#-Step 1- form is displayed to the user
#-Step 1-
#
# Create a new WebSession object
$webSession = new WebSession();
# Set the WebSession parameters
$webSession->setReturnURL($successUrl);
$webSession->setErrorURL($errorUrl);
$webSession->setIpAddress($ipAddress);
$webSession->setMethod($HOAmethod);
$webSession->setVersion($HOAversion);
#------------------------------------------------------------
# Set PrivateFormValues. These are hidden fields in the POST
# that we want to protect from hacking. If the value in the
# POST does not match the value set during initialization,
# the WebSession.finalize will fail
// $account_VID = $account->VID;
//
// $nameVals[0] = new NameValuePair();
// $nameVals[0]->setName('Account_VID');
// $nameVals[0]->setValue($account_VID); // so that we can use the existing account
$tx_id = new NameValuePair();
$tx_id->setName('vin_Transaction_merchantTransactionId');
$tx_id->setValue($merchantTransactionId);
// so that we can use the existing account
# Your ID for this user
$acct_id = new NameValuePair();
$acct_id->setName("vin_Account_merchantAccountId");
$acct_id->setValue($merchantAccountId);
# Your ID for this PaymentMethod
$paym_id = new NameValuePair();
$paym_id->setName("vin_PaymentMethod_merchantPaymentMethodId");
$paym_id->setValue($merchantPaymentMethodId);
$pmt_type = new NameValuePair();
$pmt_type->setName("vin_PaymentMethod_type");
$pmt_type->setValue($paymentType);
# Add the PrivateFormValues to the WebSession
$webSession->setPrivateFormValues(array($tx_id, $acct_id, $paym_id, $pmt_type));
#------------------------------------------------------------
# Set any parameters specific for the Method we are
# calling in the WebSession.
#
$minChargebackProbability = new NameValuePair();
$minChargebackProbability->setName("Transaction_Auth_minChargebackProbability");
$minChargebackProbability->setValue("70");
$dryRun = new NameValuePair();
$dryRun->setName("Transaction_Auth_dryRun");
$dryRun->setValue("false");
$sendEmailNotification = new NameValuePair();
$sendEmailNotification->setName("Transaction_Auth_sendEmailNotification");
$sendEmailNotification->setValue("true");
// Transaction_Auth takes in one more parameter - campaignCode
// We can collect campaign code from the payment form and set
// prior to WebSession.Finalize, or pass it in here prior to WebSession.Initialize.
$campaign = 'CampaignXYZ';
// $campaignCodeNVP = new NameValuePair();
// $campaignCodeNVP->setName("Transaction_Auth_campaignCode");
// $campaignCodeNVP->setValue($campaign);
$webSession->setMethodParamValues(array($sendEmailNotification, $minChargebackProbability, $dryRun));
# Initialize the WebSession
#
$response = $webSession->initialize();
# Check to see that the initialize succeeded
#
if ($response['returnCode'] == 200) {
# The VID of the WebSession object serves as session id
#
$vin_WebSession_vid = $response['data']->session->getVID();
} else {
print $response;
return;
}
#------------------------------------------------------------
#-Step 2-
#-Step 2- This is the payment method FORM and the HOA POST
#-Step 2-
# Fields on the checkout FORM
# User supplied input
// $post['vin_PaymentMethod_merchantPaymentMethodId'] =
// $merchantPaymentMethodId;
$post['vin_PaymentMethod_accountHolderName'] = $post['vin_PaymentMethod_billingAddress_name'] = $name;
$post['vin_PaymentMethod_billingAddress_addr1'] = $addr1;
$post['vin_PaymentMethod_billingAddress_city'] = $city;
$post['vin_PaymentMethod_billingAddress_district'] = $district;
$post['vin_PaymentMethod_billingAddress_postalCode'] = $postalCode;
$post['vin_PaymentMethod_billingAddress_country'] = $country;
$post['vin_Account_emailAddress'] = $email;
$post['vin_PaymentMethod_creditCard_account'] = $creditCardAccount;
$post['vin_PaymentMethod_creditCard_expirationDate'] = $exp;
$post['vin_PaymentMethod_nameValues_cvn'] = $cvn;
$post['vin_Transaction_transactionItems_0_sku'] = 'Item 1';
$post['vin_Transaction_transactionItems_0_name'] = 'Item 1 Description';
$post['vin_Transaction_transactionItems_0_price'] = '99';
$post['vin_Transaction_transactionItems_0_quantity'] = '1';
# Hidden fields in the checkout FORM
#
$post['vin_WebSession_vid'] = $vin_WebSession_vid;
# Copy the BillingAddress to the ShippingAddress to improve
# Chargeback dispute success. Visa will deny disputed Chargeback
# for many reasons. A missing ShippingAddress, even though there
# is nothing being shipped, is commonly one of those reasons.
# This can be done with JavaScript on the checkout form.
#
$post['vin_Account_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_name'] = $post['vin_PaymentMethod_billingAddress_name'];
$post['vin_Account_shippingAddress_addr1'] = $post['vin_PaymentMethod_billingAddress_addr1'];
$post['vin_Account_shippingAddress_city'] = $post['vin_PaymentMethod_billingAddress_city'];
$post['vin_Account_shippingAddress_district'] = $post['vin_PaymentMethod_billingAddress_district'];
$post['vin_Account_shippingAddress_county'] = $post['vin_PaymentMethod_billingAddress_county'];
$post['vin_Account_shippingAddress_postalCode'] = $post['vin_PaymentMethod_billingAddress_postalCode'];
$post['vin_Account_shippingAddress_country'] = $post['vin_PaymentMethod_billingAddress_country'];
$post['vin_Account_shippingAddress_phone'] = $post['vin_PaymentMethod_billingAddress_phone'];
// If you have a Campaign Code form value...
//$post['Transaction_Auth_campaignCode'] = $campaign;
# Create the curl command line for exec by looping through the
# $post array
#
$curlopts = "";
foreach ($post as $name => $value) {
$curlopts .= " --data-urlencode {$name}=\"{$value}\"";
}
# Do the POST
#
exec("curl -s {$curlopts} " . $HOAurl, $curlout, $curlret);
#-Step 3-----------------------------------------------------
#-Step 3-
#-Step 3- This code should be on the returnURL page
#-Step 3-
#-Step 3- Nothing has been committed until the WebSession gets
#-Step 3- finalized. This is done in the returnURL page code. For
#-Step 3- example, the returnURL is a confirmation page and when
#-Step 3- the user clicks a confirmation button the form action
#-Step 3- is a page that performs all the actual finalize steps.
#-Step 3-
#------------------------------------------------------------
# This is only necessary for this CLI implementation.
#
# Flatten the output from exec so we can search it. The response
# from a successful HOA POST should be a 302 page that contains
# our returnURL with the WebSessionVID as the query string.
#
if (php_sapi_name() == "cli") {
$curlresp = implode("\n", $curlout);
}
#
#------------------------------------------------------------
# For CLI, use the WebSessionId we stored in the POST values
# for curl. For everything else, retrieve the WebSessionId
# from the URL query string on the redirect to the returnURL
#
if (php_sapi_name() == "cli") {
$session_id = $post['vin_WebSession_vid'];
} else {
$session_id = $_GET['session_id'];
}
$campaignCode = $post['Transaction_Auth_campaignCode'];
if ($campaignCode != null) {
$fetchedWebSession = new WebSession();
$response = $fetchedWebSession->fetchByVid($session_id);
$response_object = $response['data'];
$return_code = $response['returnCode'];
$websession = $response_object->session;
if ($return_code != "200" || $websession->apiReturn->returnCode != "200") {
print $response;
}
}
$webSession = new WebSession();
$webSession->setVid($session_id);
if ($campaignCode != null) {
$campaignCodeNVP = new NameValuePair();
$campaignCodeNVP->setName("Transaction_Auth_campaignCode");
$campaignCodeNVP->setValue($campaignCode);
$webSession->setMethodParamValues(array($campaignCodeNVP));
}
$response = $webSession->finalize();
if ($response['returnCode'] != '200') {
print $response['data']->session->apiReturn->returnCode . PHP_EOL;
print $response['data']->session->apiReturn->returnString . PHP_EOL;
} else {
print "returnCode=" . $response['data']->session->apiReturn->returnCode . PHP_EOL;
print "returnString=" . $response['data']->session->apiReturn->returnString . PHP_EOL;
if ($response['data']->session->apiReturn->returnCode == "200") {
$returnTransaction = $response['data']->session->apiReturnValues->transactionAuth->transaction;
if ($returnTransaction->statusLog[0]->status == 'Authorized') {
print "Transaction approved\n";
$captureTransaction = new Transaction();
$response = $captureTransaction->capture(array($returnTransaction));
print "returnCode=" . $response['returnCode'] . PHP_EOL;
print "returnString=" . $response['returnString'] . PHP_EOL;
if ($response['returnCode'] == 200) {
$captureResults = $response['data']->results;
foreach ($captureResults as $captureResult) {
if ($captureResult->returnCode == 200) {
print "Transaction with id " . $captureResult->merchantTransactionId . " was successfully captured";
} else {
print "Transaction was not successfully captured. ReturnCode=" . $captureResult->returnCode;
}
}
} else {
print "Transactions were not successfully captured. ReturnCode=" . $response['returnCode'];
}
} else {
if ($returnTransaction->statusLog[0]->status == 'Cancelled') {
print "Transaction not approved \n";
print "Reason code is: ";
print $returnTransaction->statusLog[0]->creditCardStatus->authCode;
print "\n";
} else {
print "Error: Unexpected transaction status\n";
}
}
} else {
if ($response['data']->session->apiReturn->returnCode = "202") {
print "Transaction cannot be processed due to taxes being temporarily unavailable\n";
} else {
if ($response['data']->session->apiReturn->returnCode == "400") {
print "Transaction cannot be processed due to data validation error\n";
} else {
if ($response['data']->session->apiReturn->returnCode == "402") {
print "Transaction cannot be processed due to transaction error\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "403") {
print "Transaction cannot be processed due to high fraud potential\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "406") {
print "Transaction cannot be processed due to Chargeback risk score being higher than minChargebackProbability\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "407") {
print "Transaction cannot be processed due to Failed AVS policy evaluation\n";
} else {
if ($response['data']->session->apiReturn->returnCode = "408") {
print "Transaction cannot be processed due to Failed CVN policy evaluation\n";
} else {
print "Error while making call to Vindicia CashBox\n";
}
}
}
}
}
}
}
}
}
}
