• 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!

TOPIC: RSForm Pro and Auhtorize.net code sample!

RSForm Pro and Auhtorize.net code sample! 13 years 3 months ago #16124

  • lica
  • lica's Avatar
  • OFFLINE
  • Fresh Boarder
  • Posts: 1
This link has been very helpful in customizing an RSForm Pro online payment using Authorize.net:

http://www.winworld.com/blog/25-joomla/256-processing-credit-card-payments-with-rs-form-pro.html
I had to modify a couple of things to get it to work and this is what I did:

I had to go into libraries/phpmailer/phpmailer.php

and change:
if(isset($this->language[$key])) {
		return $this->language[$key];
	} else {
		return 'Language string failed to load: ' . $key;
	}
to (basically, comment out):
/* if(isset($this->language[$key])) {
		return $this->language[$key];
	} else {
		return 'Language string failed to load: ' . $key;
	} */
 

And I also changed this:
if($response_array[0] != '1'){
$error = $response_array[3];
$msg = str_replace('(TESTMODE)','',$error);
jimport( 'joomla.application.component.controller' );
 global $mainframe;
if(isset($_SESSION['failed_transaction'])) unset($_SESSION['failed_transaction']);
if(isset($_SESSION['failed_transaction_count'])) unset($_SESSION['failed_transaction_count']);
 
$_SESSION['failed_transaction_count'] =0;
$_SESSION['failed_transaction'] = 'Transaction failed! Error: '.$msg;
$redirecturl = JRoute::_('index.php?option=com_rsform&formId=5&Itemid=99999');
$mainframe -> redirect($redirecturl,'error');
return;
}else{
//lets wipe ANY ccnum that hasn't been wiped! 
$db =& JFactory::getDBO();
$query = "update `jos_rsform_submission_values` set `FieldValue` = concat('***&#**&#***-',substr(`FieldValue`,13)) where `FieldName` = 'ccnum' and `FieldValue` NOT LIKE '%****%' ";
$db->setQuery($query);
$result = $db->query();
}

to (took out global $mainframe):
 
if($response_array[0] != '1'){
$error = $response_array[3];
$msg = str_replace('(TESTMODE)','',$error);
jimport( 'joomla.application.component.controller' );
 
$app =& JFactory::getApplication();
 
if(isset($_SESSION['failed_transaction'])) unset($_SESSION['failed_transaction']);
if(isset($_SESSION['failed_transaction_count'])) unset($_SESSION['failed_transaction_count']);
 
$_SESSION['failed_transaction_count'] =0;
$_SESSION['failed_transaction'] = 'Transaction failed! Error: '.$msg;
$redirecturl = JRoute::_('index.php?option=com_rsform&formId=9&Itemid=99999');
$app->redirect( $redirecturl,'error' );
return;
}else{
//lets wipe ANY ccnum that hasn't been wiped! 
$db =& JFactory::getDBO();
$query = "update `jos_rsform_submission_values` set `FieldValue` = concat('****-****-****-',substr(`FieldValue`,13)) where `FieldName` = 'ccnum' and `FieldValue` NOT LIKE '%****%' ";
$db->setQuery($query);
$result = $db->query();
}
Last Edit: 13 years 3 months ago by lica.
The administrator has disabled public write access.

Re: RSForm Pro and Auhtorize.net code sample! 12 years 10 months ago #17671

  • jlahm
  • jlahm's Avatar
  • OFFLINE
  • Fresh Boarder
  • Posts: 10
  • Thank you received: 1
I used this basic code and it worked quickly.

However, there are two issues that really need to be highlighted:
  • If you have other fields on your form that are marked as required, make sure you test in this code to make sure they are there. If not, the provided code will go ahead and charge the card even though there is an error on the form, causing it to not be processed by RSForm and instead the form is redisplayed.

  • A more serious error, I believe, is that the check on the success of the credit card transaction occurs in the "after form has been processed" stage. If there is an error with the card, the code above will take you back to the form with the error displayed. However, because the test is done in this third stage, the RSForm database has already been updated and any emails have been sent to the admin and user. Moving the check for a problem with the credit card to "on form process" stage will let it be processed correctly.

Jim
Last Edit: 12 years 10 months ago by jlahm.
The administrator has disabled public write access.
The following user(s) said Thank You: jason.doyle

Re: RSForm Pro and Auhtorize.net code sample! 12 years 4 months ago #20788

jlahm wrote:
I used this basic code and it worked quickly.

However, there are two issues that really need to be highlighted:
  • If you have other fields on your form that are marked as required, make sure you test in this code to make sure they are there. If not, the provided code will go ahead and charge the card even though there is an error on the form, causing it to not be processed by RSForm and instead the form is redisplayed.

  • A more serious error, I believe, is that the check on the success of the credit card transaction occurs in the "after form has been processed" stage. If there is an error with the card, the code above will take you back to the form with the error displayed. However, because the test is done in this third stage, the RSForm database has already been updated and any emails have been sent to the admin and user. Moving the check for a problem with the credit card to "on form process" stage will let it be processed correctly.

Jim

I agree with Jim. These 2 flaws render this payment solution useless for a production environment. I played around with it and could not come up with a sound solution to the problem. Does ANYONE know how to accomplish proper integration of Authorize.net into latest Rs Form Pro?
I already contacted support to no avail. Any help from this forum would be much appreciated.

Thanks, Bjorn
The administrator has disabled public write access.

Re: RSForm Pro and Auhtorize.net code sample! 12 years 3 months ago #21307

To add to Jim's concerns, this method stores credit card numbers in the database and then wipes them after the transaction. While not permanently storing the cc is good, it's still not PCI compliant. It should pass it to Authorize.net without ever logging it to the database.
The administrator has disabled public write access.

RSForm Pro and Auhtorize.net code sample! 11 years 11 months ago #22983

My issue with this method is that because it is handling the error after the form is processed it wipes all fields when it redirects back to the form. I figured out a way to fix this and in the process I believe I solved both of the other issues.

I discovered here that you can invalidate a field in the on form process so basically once we get the response from authorize.net I check the error and then invalidate whatever field is associated with the error. If there is no error I then obfuscate the CC Number (as it has been processed but not saved to the DB).

The awesome part of invalidating a field is two fold, 1) You can actually highlight whatever field caused the error and 2) It doesn't call a redirect or refresh the page so all of the fields are still filled out.

I deleted both the On Form Display and the After Form Has Been Processed code. All you need is the On Form Process which I have added below.

Unfortunately you are causing an invalid form error and not a credit card error. I found a workaround where I basically hijack the built in error form and replace it with the credit card string. Here are the steps to do it:

1) Click on Properties/Form Info and click "Edit the Error Message". Switch to HTML view and add an ID tag = "FormError". Then after the error message add in a call to a javascript function: changeError(), here is the code:

(You have to set TinyMCE to allow the <script> tag for this to work)

<p id="FormError" class="formRed">Please complete all required fields!</p>
<script type="text/javascript">// <![CDATA[
changeError();
// ]]></script>

2) Click on Properties/CSS and Javascript and add this code to the Javascript section:
<script type="text/javascript">
 
var errorMsg = "Missing Required Field!";
 
function changeError() {
	document.getElementById("FormError").innerHTML =  errorMsg;
}
 
</script>

3) Click on Properties/PHP Scripts and add this code to the On Form Process:
if(!empty($_POST['form']['cc_number']) && !empty($_POST['form']['exp_month']) && !empty($_POST['form']['exp_year']) && !empty($_POST['form']['cc_amount']) && !empty($_POST['form']['cc_first']) && !empty($_POST['form']['cc_last'])){
 
/* $post_url = "https://secure.authorize.net/gateway/transact.dll"; */
$post_url = "https://test.authorize.net/gateway/transact.dll";
$post_values = array(
 
	// the API Login ID and Transaction Key must be replaced with 
        //valid values
 
	"x_login"		=> "xxxxxxxx",
	"x_tran_key"		=> "xxxxxxxxxx",
 
	"x_version"		=> "3.1",
	"x_delim_data"		=> "TRUE",
	"x_delim_char"		=> "|",
	"x_relay_response"	=> "FALSE",
 
	"x_type"		=> "AUTH_CAPTURE",
	"x_method"		=> "CC",
	"x_card_num"		=> $_POST['form']['cc_number'],
	"x_exp_date"		=> substr($_POST['form']['exp_month'][0], 0, 2).substr($_POST['form']['exp_year'][0], 2, 2),
 
	"x_amount"		=> str_replace( array('$',',') ,
                                   '' , $_POST['form']['cc_amount']),
	"x_description"		=> "USA Application Deposit",
 
	"x_first_name"		=> $_POST['form']['cc_first'],
	"x_last_name"		=> $_POST['form']['cc_last']
 
);
$post_string = "";
foreach( $post_values as $key => $value )
	{ $post_string .= "$key=" . urlencode( $value ) . "&"; }
$post_string = rtrim( $post_string, "& " );
 
$request = curl_init($post_url); // initiate curl object curl_setopt($request, CURLOPT_HEADER, 0); /
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($request, CURLOPT_POSTFIELDS, $post_string); 
curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); 
$post_response = curl_exec($request); 
curl_close ($request); // close curl object
 
 
$response_array = explode($post_values["x_delim_char"],$post_response);
 
/*
Response Codes from Authorize.net Key - $response_array[0]
1 - Approved
2 - Declined
3 - There has been an error processing this transaction
4 - Transaction being held for review
 
Response Codes and Reason text - Code: $response_array[2] - Text: $response_array[3]
1 - This transaction has been approved
2 - This transaction has been declined
3 - This transaction has been declined
4 - This transaction has been declined
5 - A valid amount is required
6 - The credit card number is invalid
7 - credit card expiration date is invalid
8 - The credit card has expired 
*/
 
$_POST['form']['cc_number']="***********".substr($_POST['form']['cc_number'],12,4);
 
	/* If card is declined or there is an error*/
	if($response_array[0] == 2 || $response_array[0] == 3){
 
		/* If the error message is related to the Credit Card Number then invalidate the number and change error message*/
		if($response_array[2] == 2 || $response_array[2] == 3 || $response_array[2] == 4 || $response_array[2] == 6){
			$invalid[] = RSFormProHelper::getComponentId("cc_number");
			echo'<script type="text/javascript">errorMsg = "'.$response_array[3].'";</script>';
		}
 
		/* If the error message is related to the Expiration Dates*/
		if($response_array[2] == 7 || $response_array[2] == 8){
			$invalid[] = RSFormProHelper::getComponentId("exp_month");
			$invalid[] = RSFormProHelper::getComponentId("exp_year");
			echo'<script type="text/javascript">errorMsg = "'.$response_array[3].'";</script>';
		}
 
	}
 
}

This will replace the standard Error message with the Credit Card error and it will highlight whatever field you invalidate. In my form I have a set amount that is readonly so I know I will never get error number 5 but you could write additional parameters to deal with whatever you want (or invalidate whatever you want based on the error).

Kyle
The administrator has disabled public write access.
The following user(s) said Thank You: seal305, meschesm

RSForm Pro and Auhtorize.net code sample! 11 years 11 months ago #23556

Where does the user go once the payment has gone though? Do they basically seemlessly follow the flow of the form after the transaction is complete?

Is there a relay response URL or is it the URL of the form?

Please sort of outline the scenario as well as what you need to enter into the Control Panel at Authorize.net or FirstData or wherever.

Thanks for your posts. you are very good at what you do!
The administrator has disabled public write access.

RSForm Pro and Auhtorize.net code sample! 11 years 6 months ago #25435

  • seal305
  • seal305's Avatar
  • OFFLINE
  • Junior Boarder
  • Posts: 20
  • Thank you received: 1
You can still just setup the default thank you page at the end.

The code above is for AIM integration which is always (I think) x_relay_response=false. With AIM, you're receiving the "response" right there and you can use it how you please. The transaction information is in $response_array after the curl code. For instance getting the transaction code back from Auth.net like this:
 
    $_POST['form']['trans_id'] = $response_array[6];
 

Between these lines of code, would work:
    $_POST['form']['cc_number']="***********".substr($_POST['form']['cc_number'],12,4);
 
	/* If card is declined or there is an error*/
	if($response_array[0] == 2 || $response_array[0] == 3){

List of transaction variables:
developer.authorize.net/guides/DPM/wwhel...=Trans_response.html

With SIM integration, Relay Response it useful because you are just posting the purchase information to Authorize.net which then collects the CC info. If you want to do something after that you use Relay Response and they send the transaction information to that url.


Reference:
AIM Integration - developer.authorize.net/api/aim/
SIM Integration - developer.authorize.net/api/simplecheckout/
The administrator has disabled public write access.
  • 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!