Sagepay Form (Protx)

doddles · July 31, 2009, 12:00am

I’m trying to integrate Sagepay Form (Protx) as a payment method.

The problem I’m having is that I’m getting an error message when testing the payment method. It says my vendor TX code is too long.

Does anyone know how I can correct this?

nevsie · July 31, 2009, 12:00am

have you resolved yet? i have a number of cs-carts running the sagepay/protx form environment and there have been no problems like yours…

I did however come across a couple of other bugs - repay facility in CS being one.

Where is the error occuring, in the testing environment end of Sagepay/protx? if so confirm your TX code is right - check for spaces, cases, etc.

If still no luck, i step through the protx form script, add a php end line, so i can check the values being populated into form before it is sent to protx, and then if they are correct you can be sure the problem is the sage/protx end.

doddles · August 1, 2009, 12:00am

[quote name=‘nevsie’]have you resolved yet? i have a number of cs-carts running the sagepay/protx form environment and there have been no problems like yours…

I did however come across a couple of other bugs - repay facility in CS being one.

Where is the error occuring, in the testing environment end of Sagepay/protx? if so confirm your TX code is right - check for spaces, cases, etc.

If still no luck, i step through the protx form script, add a php end line, so i can check the values being populated into form before it is sent to protx, and then if they are correct you can be sure the problem is the sage/protx end.[/QUOTE]

I’m not an expert at coding or php, but I can tell you that the problem is currently with the testing environment of Sagepay. What I’m not sure about is exactly what my TX code should be, so I can’t actually tell if it’s right or not??

doddles · August 1, 2009, 12:00am

I think I’ve found the line of code that relates to the Vendor TX Code. Here it is:

$post_encrypted = “VendorTxCode=” . $processor_data[“params”][“order_prefix”] . (($order_info[‘repaid’]) ? ($order_id .‘_’. $order_info[‘repaid’]) : $order_id) . “&”;

Does anyone know what may be wrong with it?

In fact, here is the whole file:

//
// $Id: protx_form.php 5000 2008-03-27 09:43:46Z imac $
//

if ( !defined('IN_CSCART') ) { die('Access denied'); }

if (defined('PAYMENT_NOTIFICATION')) {
// Get the password
$payment_id = db_get_field("SELECT $db_tables[orders].payment_id FROM $db_tables[orders] WHERE $db_tables[orders].order_id='$order_id'");
$processor_data = fn_get_payment_method_data($payment_id);

$result = "&".simpleXor(base64Decode($_REQUEST['crypt']), $processor_data["params"]["password"])."&";

preg_match("/Status=(.+)&/U", $result, $a);
if(trim($a[1]) == "OK") {
$pp_response['order_status'] = ($processor_data["params"]["transaction_type"] == 'PAYMENT') ? 'P' : 'O';
preg_match("/TxAuthNo=(.+)&/U", $result, $authno);
$pp_response["reason_text"] = "AuthNo: ".$authno[1];
preg_match("/VPSTxID={(.+)}/U", $result, $transaction_id);
$pp_response["transaction_id"] = @$transaction_id[1];
} else {
$pp_response['order_status'] = 'F';
preg_match("/StatusDetail=(.+)&/U", $result, $stat);
$pp_response["reason_text"] = "Status: ".trim($stat[1])." (".trim($a[1]).") ";
}
preg_match("/AVSCV2=(.*)&/U", $result, $avs);
if(!empty($avs[1])) {
$pp_response['descr_avs'] = $avs[1];
}
include PAYMENT_FILES_DIR . 'payment_cc_complete.php';
fn_order_placement_routines($order_id, @$notify_user);

}
else
{
global $http_location, $b_order, $_total_back;

$post_address = ($processor_data['params']['testmode'] != "N") ? "https://test.sagepay.com/gateway/service/vspform-register.vsp" : "https://live.sagepay.com/gateway/service/vspform-register.vsp";

$post["VPSProtocol"] = "2.22";
$post["TxType"] = $processor_data["params"]["transaction_type"];
$post["Vendor"] = htmlspecialchars($processor_data["params"]["vendor"]);

$post_encrypted = "VendorTxCode=" . $processor_data["params"]["order_prefix"] . (($order_info['repaid']) ? ($order_id .'_'. $order_info['repaid']) : $order_id) . "&";
$post_encrypted .= "Amount=".$order["total"]."&";
$post_encrypted .= "Currency=".$processor_data["params"]["currency"]."&";
$post_encrypted .= "Description=Payment for Order".$order_id."&";
$post_encrypted .= "SuccessURL="."$http_location/$index_script?$target_name=payment_notification&payment=protx_form&$mode_name=notify&order_id=$order_id"."&";
$post_encrypted .= "FailureURL="."$http_location/$index_script?$target_name=payment_notification&payment=protx_form&$mode_name=notify&order_id=$order_id"."&";
$post_encrypted .= "CustomerEMail=".$order_info['email']."&";
$post_encrypted .= "VendorEmail=".$settings['Company']['company_orders_department']."&";
$post_encrypted .= "CustomerName=".$order_info['firstname']." ".$order_info['lastname']."&";
$post_encrypted .= "ContactNumber=".$order_info['phone']."&";
$post_encrypted .= "ContactFax=".$order_info['fax']."&";

// Billing address
$billing_address = array();
$billing_address[] = $order_info["b_address"];
$billing_address[] = $order_info["b_address_2"];
$billing_address[] = $order_info["b_city"];
if (!empty($order_info["b_state"])) {
$billing_address[] = $order_info['b_state']."(".$order_info['b_state_descr'].")";
}
$billing_address[] = $order_info['b_country']."(".$order_info['b_country_descr'].")";
$post_encrypted .= "BillingAddress=".implode(" ", $billing_address)."&";
$post_encrypted .= "BillingPostCode=".$order_info["b_zipcode"]."&";

// Shipping Address
$ship_address = array();
$ship_address[] = $order_info["s_address"];
$ship_address[] = @$order_info["s_address_2"];
$ship_address[] = $order_info["s_city"];
if (!empty($order_info["s_state"])) {
$ship_address[] = $order_info['s_state']."(".$order_info['s_state_descr'].")";
}
$ship_address[] = $order_info['s_country']."(".$order_info['s_country_descr'].")";
$post_encrypted .= "DeliveryAddress=".implode(" ", $ship_address)."&";
$post_encrypted .= "DeliveryPostCode=".$order_info["s_zipcode"]."&";

// Form Ordered products
$strings = 0;
$products_string = '';
if (!empty($order_info['items']) && is_array($order_info['items'])) {
$strings += count($order_info['items']);
}
if (!empty($order_info['gift_certificates']) && is_array($order_info['gift_certificates'])) {
$strings += count($order_info['gift_certificates']);
}

if (!empty($order_info['items'])) {
foreach ($order_info['items'] as $v) {
// $v['discount'] = empty($v['discount']) ? 0 : $v['discount'];
$products_string .= ":".str_replace(":", " ", $v['product']).":".$v['amount'].":".fn_format_price(($v['subtotal'] - fn_external_discounts($v)) / $v['amount']).":::".fn_format_price($v['subtotal'] - fn_external_discounts($v));
}
}
if (!empty($order_info['gift_certificates'])) {
foreach ($order_info['gift_certificates'] as $v) {
$v['amount'] = (!empty($v['extra']['exclude_from_calculate'])) ? 0 : $v['amount'];
$products_string .= ":".str_replace(":", " ", $v['gift_cert_code']).":1:".fn_format_price($v['amount']).":::".fn_format_price($v['amount']);
}
}
if (floatval($order_info['payment_surcharge'])) {
$products_string .= ":Payment surcharge:---:---:---:---:".fn_format_price($order_info['payment_surcharge']);
$strings ++;
}
if (fn_order_shipping_cost($order_info)) {
$products_string .= ":Shipping cost:---:---:---:---:".fn_order_shipping_cost($order_info);
$strings ++;
}

$post_encrypted .= "Basket=".$strings.$products_string;

$post["Crypt"] = base64_encode(simpleXor($post_encrypted, $processor_data["params"]["password"]));
$post["Crypt"] = htmlspecialchars($post["Crypt"]);

$msg = fn_get_lang_var('text_cc_processor_connection');
$msg = str_replace('[processor]', 'Sagepay Server', $msg);

echo <<

{$msg}

EOT;
}

exit;

//
// ---------------- Additional functions ------------
//
function simpleXor($InString, $Key) {
$KeyList = array();
$output = "";

for($i = 0; $i < strlen($Key); $i++){
$KeyList[$i] = ord(substr($Key, $i, 1));
}
for($i = 0; $i < strlen($InString); $i++) {
$output.= chr(ord(substr($InString, $i, 1)) ^ ($KeyList[$i % strlen($Key)]));
}

return $output;
}

function base64Decode($scrambled) {
// Initialise output variable
$output = "";

// Fix plus to space conversion issue
$scrambled = str_replace(" ","+",$scrambled);

// Do encoding
$output = base64_decode($scrambled);

// Return the result
return $output;
}
?>

nevsie · August 1, 2009, 12:00am

i think this might be similar to the repay problem i had, i am just checking my code… But are you testing via a failed order and choosing to repay? or is this happening on new fresh orders as well?

Vendor TX Code is basically your order_id which is generated by cs-cart (number) but it is prefixed with a variable you add when setting up the payment provider in the admin area. It might be that the prefix you are adding is too large? i normally generate a prefix based on 2-3 characters, no more.

i’ll check my chat with CS for the repaid/repay problem and see if that relates and post again shortly.

nevsie · August 1, 2009, 12:00am

no the prepay problem was relate to this line:

```php

$post_encrypted .= “Amount=”.$order[“total”].“&”;

```

it should be

```php

$post_encrypted .= “Amount=”.$order_info[“total”].“&”;

```

so my advice would be to check the order prefix length in payment methods - protx - configure. and try removing or reducing this…

doddles · August 1, 2009, 12:00am

Thanks Nevsie

I changed the code you suggested and totally deleted the order prefix in the payment methods page and so far so good.

Now I can get on with setting up Sage Pay properly.

Thanks again