Posted by Michael Vilain on 03/01/07 05:35

I setup credit card charging with a combination of php and perl. It's
running on a shared server, so I had to use a protected perl script with
the constants like passwords and hash keys in the script. The script is
run by CGIwrap under my account's UID rather than as the web server's
UID.

Perl seems to be suited to do SSL submissions to authorize.net, receive,
and process their reply. I had no problems getting it to work with
their excellent documentation. I didn't see away of getting PHP to do
it and the Perl CPAN modules to emulate a browser client worked without
problems.


In article <wBqFh.1482$P47.1271@newssvr22.news.prodigy.net>,
Paul Furman <paul-@-edgehill.net> wrote:

> I'm setting up credit card payment through authorize.net and they have
> the option to send a POST string back to my site once complete. I'm not
> sure how to proceed. They don't have much to read about this, their tech
> support seemed to think I've got the general idea though & said I might
> have have my hosting server set up permissions to recieve POST data that
> way.
>
> Let me paste their explanation:
> -----------
> Gateway Response API
> This section describes the response returned by the gateway when a
> transaction is submitted for processing. The gateway response to a
> transaction submitted via SIM is either a Receipt Page that is displayed
> to the consumer or a POST string to a site designated by the merchant.
> The merchant can then parse the POST string, customize a response, and
> submit it back to the gateway. The gateway will then relay the response
> to the customer�s browser.
>
> x_response_code
> Indicates the result of the transaction:
> 1 = Approved
> 2 = Declined
> 3 = Error
>
> x_trans_id
> This number identifies the transaction in the system and can be used to
> submit a modification of this transaction at a later time, such as
> voiding, crediting or capturing the transaction.
>
> x_invoice_num
> This is the merchant's supplied invoice number
>
> etc...
> --------
>
> So best I figure I'm going to get a redirect to my server And I'm
> guessing I'd use something like this:
>
> if (isset($_REQUEST['x_response_code'])) {
> //then finalize the order, subtract from inventory
> // and generate a reciept
>
> And I'm not so comfortable with the idea of setting up a page on my site
> that lets any external server send POST data & retrieve customer's order
> details. I think I'm not understanding all this. I do need to know if
> their credit card was accepted to continue processing the order on my
> end though. I don't want to update the inventory & they end up getting
> their card rejected or give up.

--
DeeDee, don't press that button! DeeDee! NO! Dee...

[Back to original message]