I am attempting to connect to a foreign server to do credit card processing.

I'm posting to a bank we'll call "epay.bank.com" and to a script we'll call "/link/authorizepd.asp".

When I post, I get a long, long delay and then no data. The bank is providing no support, and their sample PHP code is PHP3 (and wrong).

Can anyone see a problem with my code?

Thanks in advance.

function Authorize($host, $usepath, $postdata="") {
# open socket to filehandle
	$timeout=120;
	$fp = pfsockopen($host, 443, $errno, $errstr, $timeout);
	if( !$fp ) {
    	print "$errstr ($errno)<br>\n";
	} else {
		fputs( $fp, "POST $usepath HTTP/1.1\r\n" );
		fputs( $fp, "User-Agent: AGENT/0.007\r\n" );
		fputs( $fp, "Accept: */*\r\n" );
		fputs( $fp, "Accept: www/source\r\n" );
		fputs( $fp, "Accept: text/html\r\n" );
		fputs( $fp, "Accept: text/plain\r\n" );

	$strlength = strlen($postdata);
	fputs( $fp, "Content-type: application/x-www-form-urlencoded\r\n" );
	fputs( $fp, "Content-length: ".$strlength."\r\n\r\n" );
	fputs( $fp, $postdata."\r\n" );
	fputs( $fp, "\r\n" );
	$output = "";
	while( !feof( $fp ) ) {
		$output .= fgets( $fp, 1024 );
	}
	fclose( $fp );
}
return $output;
//print_r($output);
}


$data = "";
$data.= "ePayAccountNum=5555555555";
$data.= "&password=foobar01";
$data.= "&customerNum=$customerId";
$data.= "&orderNum=$orderId";
$data.= "&transactionAmount=$_POST[totalcart]";
$data.= "&cardHolderZip=$row_bill[zip]";
$data.= "&cardAccountNum=$cardnum";
$data.= "&expirationDate=$carddate";
$Response = Authorize("epay.bank.com","/link/authorizepd.asp", urlencode($data));

$responseArray = split("|", $Response);
print_r($responseArray);

I should add that if I just go to the URL: https://epay.bank.com/link/authorizepd.asp (which, by the way, I'm making up for purposes of this post--that's not the real URL), I get an array back with pipes and numbers. Adding [url]https://[/url] to the host, however produces an error.

    instead of using
    https://
    try using
    ssl://

    to precede the host domain address

    also, are you sure you are supposed to be using http 1.1 ?

    you may need to use 1.0

    and you need a persistant socket? pfsockopen() vs fsockopen() .....

    im not all that familiar w/ this but they are just some things i thought id throw out, maybe it might help.

      6 months later

      Did you ever get this to work?

      Ironically, I have the same exact code, and I couldn't agree more at how messed up it is.

        Ok, I switched it to ssl:// as recommended got this error

        HTTP/1.1 400 Bad Request Content-Type: text/html Date: Mon, 20 Jun 2005 03:54:56 GMT Connection: close Content-Length: 39

        Then changed it to 1.0 vs 1.1 and received the pipe delimited string.

        dang.

        Thanks for the help.

          I did get it working. The one line of code I needed was this:

          $host = '[bank domain name]';
          $port = '[bank's port]';

          $fp = fsockopen('ssl://'.$host, $port, $errno, $errstr, $timeout = 120);

          $errno and $errstr were fields passed back from the bank.

          As it turned out, the bank I was dealing with sent me old, out of date code that simply would not, could not work. They also had given me a bunch of wrong information. So, I did get it to work eventually, but I pretty much had to throw out what the bank had given me.

            Sounds like we have the same misinformation, if not the same bank.

            Sad.

              As it turned out, the bank I was dealing with sent me old, out of date code that simply would not, could not work. They also had given me a bunch of wrong information. So, I did get it to work eventually, but I pretty much had to throw out what the bank had given me. [/B]

              Glad you got it sorted out.

              (hints at forum signature)

                a year later

                I am using the same code but receive the errors below. Any ideas?

                Warning: fgets(): SSL: fatal protocol error in ...... on line 31

                Warning: split(): REG_EMPTY in /...... on line 74

                  Are you using the same code from, potentially, the same bank? Can you put in more of your code (leaving out the bank info) so that we can see what the full code looks like?

                    Here is the code. Could it be a server configuration issue?

                    <?
function ePayAuthorize( $host, $usepath, $postdata = "" ) {
	# open socket to filehandle
	$port = 443;
	$timeout = 120;
	$fp = pfsockopen("ssl://".$host, $port , $errno, $errstr, $timeout);

# user-agent name
$ua = "yourUserAgent/1.0";

//echo $postdata;
if( !$fp ) {
	echo $errstr.$errno;
	echo $fp;
}else {
	fputs( $fp, "POST $usepath HTTP/1.0\r\n");
	fputs( $fp, "User-Agent: ".$ua."\r\n");
	fputs( $fp, "Accept: */*\r\n" );
	fputs( $fp, "Accept: www/source\r\n" );
	fputs( $fp, "Accept: text/html\r\n" );
	fputs( $fp, "Accept: text/plain\r\n" );

                           $strlength = strlen($postdata);
	fputs( $fp, "Content-type: application/x-www-form-urlencoded\r\n" );
	fputs( $fp, "Content-length: ".$strlength."\r\n\r\n" );
	fputs( $fp, $postdata."\r\n" );
	fputs( $fp, "\r\n" );
	$output = "";
	while( !feof( $fp ) ) {
		$output .= fgets( $fp, 1024 );
	}
	fclose( $fp );
}
return $output;
}

//To call ePayAuthorize() do the following:
// rack up the field data be submitted to ePay
// note: your data will probably come from a database record

$fieldData = "";
$fieldData .= "ePayAccountNum=$accnum";
$fieldData .= "&password=$pass";
$fieldData .= "&TestTransaction=Y"; //Not required, for testing only
$fieldData .= "&Ecommerce=Y"; //Not required, default is Y
$fieldData .= "&customerNum=15"; //Not required, merchant assigned
$fieldData .= "&orderNum=1"; //merchant assigned
$fieldData .= "&transactionAmount=0.01"; //Min 4, decimal required
$fieldData .= "&cardHolderZip=$zip"; //Required for AVS verification 4-9 digits numeric
$fieldData .= "&transactionCode=30"; //epay transaction code 30=authorization, 32=authorize/settle
$fieldData .= "&cardAccountNum=$testnumber"; //CC num
$fieldData .= "&expirationDate=$testexpiredate"; //CC expire num
$ePayResponse = ePayAuthorize( "epaysecure1.transfirst.com","/elink/authpd.asp", urlencode( $fieldData ));


// at this point it is recommended that you store the full ePayResponse in a log file or database
// parse the pipe delimited response string

$responseArray = split( "|", $ePayResponse );

// put into variables for easy reference...
// These are the fields you will want to store in the order database to settle, credit or resolve any exceptions..

$CreditCardNum = $responseArray[5];
$ExpirationDate = $responseArray[6];
$DollarAmount = $responseArray[7];
$tranDate = $responseArray[8];
$tranTime = $responseArray[9];
$Status = $responseArray[10];
$RefNum = $responseArray[13];
$AuthCode = $responseArray[14];
$ACICode = $responseArray[16];
$TID = $responseArray[17];
$ValidCode = $responseArray[18];
$AVS = $responseArray[21];
$CVV2Code = $responseArray[23];

echo $CreditCardNum;
echo $ExpirationDate;// = $responseArray(6);
echo $DollarAmount;// = $responseArray(7);
echo $tranDate;// = $responseArray(8);
echo $tranTime;// = $responseArray(9);
echo $Status;// = $responseArray(10);
echo $RefNum;// = $responseArray(13);
echo $AuthCode;// = $responseArray(14);
echo $ACICode;// = $responseArray(16);
echo $TID;// = $responseArray(17);
echo $ValidCode;// = $responseArray(18);
echo $AVS;// = $responseArray(21);
echo $CVV2Code;// = $responseArray(23);

?>

                      Can this thread be unresolved or would I need to start a new thread? timbr8ks any ideas why I would be gettting this error?

                        Here's the code I ended up with for these guys:

                        
<?php
$host = "epaysecure.transfirst.com"; 
$port = 443; 
$path = "/dpilink/authpd.asp"; 

$ePayAccountNum = "[REMOVED]";
$epass = "[REMOVED]";

//you will need to setup an array of fields to post with 
//then create the post string 
$formdata = array( 
	"ePayAccountNum" 	=> "$ePayAccountNum",
	"password" 			=> "$epass",
	"customerNum" 		=> "$shid",
	"orderNum" 			=> "$cart_id",
	"cardHolderName"	=>	"$bill_name",
	"cardHolderPhone"	=>	"$bill_phone",
	"transactionAmount" => "$cartTotal",
	"cardHolderZip" 	=> "$billZip",
	"transactionCode"	 => "32",
	"cardAccountNum" 	=> "$num",
	"expirationDate" 	=> "$cdate"
);

//build the post string 
foreach($formdata AS $key => $val){ 
   $poststring .= urlencode($key) . "=" . urlencode($val) . "&"; 
  } 
// strip off trailing ampersand 
$poststring = substr($poststring, 0, -1); 

//echo $poststring; exit;  // just display the string being submitted, then quit

$fp = fsockopen('ssl://'.$host, $port, $errno, $errstr, $timeout = 120); 

if(!$fp){ 
 //error tell us 
 echo "$errstr ($errno)\n"; 

}else{ 

  //send the server request 
  fputs( $fp, "POST $path HTTP/1.1\r\n"); 
  fputs( $fp, "Host: $host\r\n"); 
  fputs( $fp, "Content-type: application/x-www-form-urlencoded\r\n" );
  fputs( $fp, "Content-length: ".strlen($poststring)."\r\n"); 
  fputs( $fp, "Connection: close\r\n\r\n"); 
  fputs( $fp, $poststring."\r\n\r\n"); 

  //loop through the response from the server 
  while(!feof($fp)) { 
	@$Response 	= fgets($fp, 1024); 
  }
  	// echo $Response."<br>"; // exit;  // just display the full array returning, then quit

$responseArray = explode("|", $Response);
// print_r($responseArray);

$CreditCardNum  = $responseArray[5]; // echo "<br>credit card: $CreditCardNum<br>";
$ExpirationDate = $responseArray[6]; // echo "expiration date: $ExpirationDate<br>";
$DollarAmount   = $responseArray[7]; // echo "amount: $DollarAmount<br>";
$tranDate       = $responseArray[8]; // echo "tranDate: $tranDate<br>";
$tranTime       = $responseArray[9]; // echo "trantime: $tranTime<br>";
$Status         = $responseArray[10]; // echo "status: $Status<br>";
$RefNum         = $responseArray[13]; // echo "refnum: $RefNum<br>";
$AuthCode       = $responseArray[14]; // echo "authcode: $AuthCode<br>";
$ACICode        = $responseArray[16]; // echo  "ACIC: $ACICode<br>";
$TID            = $responseArray[17]; // echo "TID: $TID<br>";
$ValidCode      = $responseArray[18]; // echo "ValidCode: $ValidCode<br>";
$AVS            = $responseArray[21]; // echo "AVS: $AVS<br>";
$CVV2Code       = $responseArray[23]; // echo  "CVV2:  $CVV2Code<br>"; 

switch ($Status) {
	case '00':
		$authret = "APPROVED";
		break;
	case '05':
		$authret = "Your card was declined.";
		break;
	case '14':
		$authret = "Invalid card number";
		break;
	case '15':
		$authret = "Invalid card issuer";
		break;
	case '51':
		$authret = "Your card was declined for insufficient funds";
		break;
	case '54':
		$authret = "Your card has expired";
		break;
	case '94':
		$authret = "Duplicate transaction request";
		break;
	case '96':
		$authret = "System error.  Please try again later.";
		break;
	default:
		$authret = "Your transaction could not be processed.";
		break;			
}

  //close fp - we are done with it 
  fclose($fp); 
} 

?>
                          Write a Reply...