PHP: Credit card transaction script, used for custom app that required connection to e-gateways


$start = time();
$success_connect="";
$success_response="";
$success_outcome="";
		



$realip="";
if ($_SERVER)
{
if ($_SERVER["HTTP_X_FORWARDED_FOR"])
{
$realip = $_SERVER["HTTP_X_FORWARDED_FOR"];
}
elseif ($_SERVER["HTTP_CLIENT_IP"])
{
$realip = $_SERVER["HTTP_CLIENT_IP"];
}
else
{
$realip = $_SERVER["REMOTE_ADDR"];
}
}
else
{
if (getenv('HTTP_X_FORWARDED_FOR'))
{
$realip = getenv('HTTP_X_FORWARDED_FOR');
}
elseif	( getenv('HTTP_CLIENT_IP'))
{
$realip = getenv('HTTP_CLIENT_IP');
}
else
{
$realip = getenv('REMOTE_ADDR');
}
}
if ($realip=="") // Failed to determine client ip address, so use server ip address.
{
$realip=$_SERVER["SERVER_ADDR"];
}



$totalprice = $amountdollars . $amountcents;
$orderNumber = time() . "_" . $cclastname . "_" . $totalprice;
$length=strlen($orderNumber);
if ($length > 32) {
	$diff=$length-32;
	$orderlastname = substr($lastname,0,strlen($lastname)-$diff);
	$orderNumber = time() . "_" . $orderlastname . "_" . $totalprice;
}

$ccowner = $ccfirstname . " " . $cclastname;


//$string = "message.type=capture\n";
$string = "message.type=" . $_POST['transtype'] . "\n";
$string.= "merchant.identifier=" . MERCHANT_ID . "\n";
$string.= "merchant.password=" . MERCHANT_PASS . "\n";
$string.= "cc_owner.value=$ccowner\n";
$string.= "merchant.orderNumber=$orderNumber\n";
//$string.= "capture.amount=$totalprice\n";
$string.= $_POST['transtype'] . ".amount=$totalprice\n";
//$string.= "capture.currencyCode=AUD\n";
$string.= $_POST['transtype'] . ".currencyCode=AUD\n";
$string.= "card.PAN=$ccnumber\n";
$string.= "card.expiryMonth=" . $_POST['expmonth'] . "\n";
$string.= "card.expiryYear=" . $_POST['expyear'] . "\n";
$string.= "card.cvcNumber=$cvcnumber\n";
$string.= "eci.value=SSL\n";
$string.= "cardholder.ip=$realip\n";
$string.= "message.end\n";


//echo $string;

if (FULL_REPORTING == 1){
$message = "Report Generated: " . date("r") . "\n\n$string";
}

//echo $message;

//####  CONNECT

$port = PORT;
$fp = fsockopen ("127.0.0.1", $port, $errno, $errstr, $timeout); // First attempt to open a socket connection.
		
if (!$fp) // Unable to open socket connection - probably because the tcpdaemon was not already running in the background.
{
	$message .= "Failed to open a socket connection to the tcpdaemon. Check that it is running.\n";
	$success_connect="N";
	$success_response="N";
	$success_outcome="N";
}
else // Socket connection successful
{
	$message .= "Successful connection to the tcpdaemon.\n\n";	
	$success_connect="Y";
	fputs($fp,$string);
	socket_set_timeout($fp, $runtime); // Socket timeout period (after successful connection)
	while (!feof($fp))
		{
		$buffer = trim(fgets($fp,4096)); // reads one 4k line at a time.
		if ($buffer<>"") // only grab lines with content
		{
			list($key,$val)=explode("=",$buffer); // split the line, where the text before the '=' becomes $key, and the text after the '=' becomes $val.
			if ($key=="message.end")
			{
				$val="Y";
			}
					$array[$key] = $val;
				}
			}
			fclose($fp);
			foreach($array as $key => $val)
			{
				$message .= "$key = $val\n";
			}
		}










//#### SUCCESS


// Handle the result of the (hopefully) successful socket connection.
		
		$duration = time() - $start;

		$response = 0;
		if (count($array)==0 || $success_connect=="N")
		{
			$message .= "\nTransaction processing did NOT complete normally in $duration seconds. No data was returned from the Camtech server\n";
			$success_response="N";
			$success_outcome="N";
			$response=3; // System Error
		}
		elseif ($array["message.end"]<>"Y")
		{
			$message .= "\nTransaction processing did NOT complete normally in $duration seconds. The required 'message end' was not detected in the reply from the Camtech server\n";
			$success_response="Y";
			$success_outcome="N";
			$response=3; // System Error
		}
		else // Just because it gets this far it does not mean success - it all depends on what comes back in the response.summmaryCode.
		{
			$message .= "\nTransaction processing completed normally in $duration seconds.\n";
			$success_response="Y";
			$success_outcome="Y";
			$response=intval($array['response.summaryCode']); // Could be 0-3, where only 0 represents a 100% successful transaction.
		}
		
		if ($response<>0) // Something other than total success, ie. no monetary transaction took place.
		{
			if ($response==1)
			{
				$summary="Transaction Declined, response.summaryCode = 1\n";
			}
			elseif ($response==2)
			{
				$summary="Transaction Declined - Bad Card. Please try another card, response.summaryCode = 2\n";
			}
			elseif ($response==3)
			{
				$summary="Transaction Failed - System Error. Technical support has been notified. We apologise for the inconvenience. Please try again soon. response.summaryCode = 3\n";
			}
		}
		else // Force the response code to be a string value for the in_array function.
		{
			$response="0";
			$summary = "Transaction Approved\n";
			
			
			echo ($_POST['transtype'] == "capture")?"Transaction Approved - Credit":"Transaction Approved - Refund\n\n\n";
		}
		
		$message .= $summary;
		
		if (SEND_EMAIL_REPORT) // A tech support email address has been supplied.
		{
			$array = explode(",",trim(CAMTECH_REPORT_CODES));
			if (in_array($response,$array))
			{
				//$subject = "$summary";
				//mail(REPORT_EMAIL,$subject,$message);
				
				
				
				//###### begin mailout via SMTP class - Dave
				
				require("class.phpmailer.php");
				$mail = new PHPmailer;



				$mail->Mailer      = "smtp";
				$mail->Host        = "mail.thisdomain.com";
				$mail->SMTPAuth    = "true";
				$mail->Username    = "whatever@thisdomain.com";
				$mail->Password    = "zqwx";
				$mail->Timeout     = 20;


				$mail->ContentType = "text/plain";

				$mail->From        = "whatever@thisdomain.com";
				$mail->FromName    = "Rowena";
				$mail->AddAddress(REPORT_EMAIL, REPORT_EMAIL_NAME); //sending TO
				$mail->Subject = "$summary";
				$mail->Body = $message;





				if(!$mail->Send())
				{
   					error_handling();
   					exit;
				}
				
				
				
				
			}
		}

		if ($response<>"0") // transaction failed!
		{
        	echo $summary;
        	//exit;
		}



$message = preg_replace("/\n/", "|", $message);
$cardlength = strlen($ccnumber);
$lowercardlength = $cardlength - 4;
$backfour = substr($ccnumber, -4);

if ($lowercardlength == 9){ $newcard = "XXXXXXXXX" . $backfour; }
if ($lowercardlength == 10){ $newcard = "XXXXXXXXXX" . $backfour; }
if ($lowercardlength == 11){ $newcard = "XXXXXXXXXXX" . $backfour; }
if ($lowercardlength == 12){ $newcard = "XXXXXXXXXXXX" . $backfour; }
if ($lowercardlength == 9){ $message = preg_replace("/card\.PAN=\d{13}/", "card.PAN=$newcard", $message); }
if ($lowercardlength == 10){ $message = preg_replace("/card\.PAN=\d{14}/", "card.PAN=$newcard", $message); }
if ($lowercardlength == 11){ $message = preg_replace("/card\.PAN=\d{15}/", "card.PAN=$newcard", $message); }
if ($lowercardlength == 12){ $message = preg_replace("/card\.PAN=\d{16}/", "card.PAN=$newcard", $message); }

etc...
About this site

PHP: Credit card transaction script, used for custom app that required connection to e-gateways

click here to add a comment

Tutorials

Books

Most Popular Blog Items
