Securepay Direct Post Integration php

                                  Securepay Direct Post Integration

•  Setup an Account in Securepay

•  Get Securepay merchant Id

•  After submitting the payment details validate all the details if found valid store the values in a temp table except card no ,cvc, exp date of card

•  After saving the details, we need a form posting to redirect to the Securepay Payment gateway for that we create a sample php page with form variables and submit the form using a javascript

The form sample php page 

<?php

$EPS_MERCHANTID = "ABC0010";

$transctionPwd = "testpwd";//(Supplied By Securepay)

$EPS_TXNTYPE = "0";

$EPS_REFERENCEID =rand(8500,58966565);

$EPS_AMOUNT ="1.25";

$EPS_TIMESTAMP = date("YmdHis");

$signature = $EPS_MERCHANTID."|".$transctionPwd."|".$EPS_TXNTYPE."|".$EPS_REFERENCEID."|".$EPS_AMOUNT."|".$EPS_TIMESTAMP;

$fingerprint = sha1($signature);

?>

<!--<form method="post" action="https://api.securepay.com.au/live/directpost/authorise"> --> // for live Payments

<form method="post" action="https://api.securepay.com.au/test/directpost/authorise">

<input type="hidden" name="EPS_MERCHANT" value="ABC0010">

<input type="hidden" name="EPS_TXNTYPE" value="0">

<input type="hidden" name="EPS_REFERENCEID" value="<?php echo $EPS_REFERENCEID;?>">

<input type="hidden" name="EPS_AMOUNT" value="<?php echo $EPS_AMOUNT;?>">

<input type="hidden" name="EPS_TIMESTAMP" value="<?php echo $EPS_TIMESTAMP;?>">

<input type="hidden" name="EPS_FINGERPRINT" value="<?php echo $fingerprint;?>">

<input type="hidden" name="EPS_RESULTURL" value="https://www.resulturl.com/sucess.php">

<input type="text" name="EPS_CARDNUMBER" value="Card Number">

<input type="text" name="EPS_EXPIRYMONTH" value="Card Exp Month">

<input type="text" name="EPS_EXPIRYYEAR" value="Card Exp Year">

<input type="text" name="EPS_CCV" value="Card cvc">

<input type="hidden" name="EPS_IP" value="<?php echo $_SERVER['SERVER_ADDR'];?>">

<input type="hidden" name="EPS_FIRSTNAME" value="John">

<input type="hidden" name="EPS_LASTNAME" value="Smith">

<input type="hidden" name="EPS_ZIPCODE" value="2345">

<input type="hidden" name="EPS_TOWN" value="perth">

<input type="hidden" name="EPS_BILLINGCOUNTRY" value="US">

<input type="hidden" name="EPS_DELIVERYCOUNTRY" value="US">

<input type="hidden" name="EPS_EMAILADDRESS" value="john@email.com">

<input type="hidden" name="EPS_CURRENCY" value="USD">

<input type="hidden" name="EPS_CALLBACKURL" value="http://www.resulturl.com/callback_result.php">

</form>

After the successful Transaction

we will be redirected to the result url with a some aditional variables as post

the Post values contains

• summarycode

    1 = Approved
    2 = Declined by the bank
    3 = Declined for any other reason

• refid

    the value of EPS_REFERENCEID

• txnid

    The bank transaction ID.

• fingerprint 

 $sig = $merchantid ."|". $transactionpassword."|".$referenceId."|".$amount."|".$timestamp."|".$summarycode

$fingerprintnew = sha1($sig);
if (fingerprint == $fingerprintnew)
then no fraud happened