I am implementing a new Payment Gateway on CS-Cart. Using the instructions in [url=“CS-Cart Documentation — CS-Cart 4.15.x documentation”]CS-Cart Documentation — CS-Cart 4.15.x documentation I have been able to create a payment script and update the MySQL cscart_payment_processors table. The application now connects successfully to the Gateway with the correct order total, merchant ID etc. The problem now is getting the response back. It’s not clear which script should be specified as the Return URL when sending the request to the Gateway (GTPay in this case). I have written the script to handle the response in the same app/payments/ gtpay_payment_script.php file and specified the same file as the return URL but it always comes up with “Access Denied†whenever control is returned from the Gateway. Here’s the script in the gtpay_payment_script.php file (I came up with this script after looking at the other payment scripts in app/payments, CS-Cart has no detailed guide on exactly what this script should do other than “send data to your payment processor server)â€):
```php
//this is supposed to handle the response from the Gateway - still working on this part
if (defined('PAYMENT_NOTIFICATION')) {
if ($mode == 'process') {
$pp_response["order_status"] = (($_REQUEST['gtpay_tranx_status_code'] == "00") ? 'P' : 'F');
if ($_REQUEST['gtpay_tranx_status_code'] == 'Z6') {
$pp_response["order_status"] = 'I';
$pp_response["reason_text"] = "Cancelled";
} elseif ($_REQUEST['gtpay_tranx_status_code'] != '00') {
$pp_response["reason_text"] = "Error";
}
if (isset($_REQUEST['gtpay_tranx_status_msg'])) {
$pp_response["reason_text"].= ": " . $_REQUEST['gtpay_tranx_status_msg'];
}
if (isset($_REQUEST['gtpay_tranx_id'])) {
$pp_response["transaction_id"] = $_REQUEST['gtpay_tranx_id'];
}
$order_id = $_REQUEST['gtpay_echo_data'];
if (fn_check_payment_script('gtpay_payment_script.php', $order_id)) {
fn_finish_payment($order_id, $pp_response, false);
fn_order_placement_routines('route', $order_id);
}
}
} else { //send payment to gateway
//get payment total amount
$amount = $order_info["total"]; //str_replace('.', ',', $order_info["total"]);
// transaction id
$_order_id = $order_id.'_'.mt_rand(11111,99999);
//specify the url
$submit_url = 'GATEWAY URL GOES HERE';
//build parameters
$post_data = array(
'gtpay_cust_id' =>'X',
'gtpay_mert_id' =>'XXX',
'gtpay_tranx_id' => $_order_id, //gtpay tranx id
'gtpay_item_name_1' => 'Numartng: Goods Purchased',
'gtpay_tranx_amt' =>$amount*100, // amount converted to gtpay kobo format
'gtpay_tranx_noti_url' => 'MY-SITE-URL/app/payments/gtpay_payment_script.php', //THIS IS REALLY WHERE THE ISSUE IS, THIS IS WHERE CONTROL SHOULD BE RETURNED TO FROM THE GATEWAY
'gtpay_no_show_cust_id' => 'no',
'gtpay_tranx_memo' => 'Numartng: Goods Purchased',
'gtpay_gway_first' => 'yes',
'gtpay_gway_name' =>'webpay',
'gtpay_echo_data' => $order_id //order id again, included as echo data to be used when control is returned
);
//print_r($post_data); die;
fn_create_payment_form($submit_url, $post_data, 'GTPay Server');
exit;
}
```
Obviously from the code, CS-Cart needs to have defined the constant BOOTSTRAP, which means this script probably shouldn’t be run directly, maybe it’s supposed to be included somewhere else, meaning my Return URL should be different. I’m sure someone must have implemented something similar so please I will appreciate your help on this. Thank you very much!