Question : PHP, ASP, Moneris

Hello Experts,

This post is related to creating a shopping cart and using Moneris as the payment gateway. I know that Moneris is somewhat un-popular, but I did my research and found the attached pdf.

I would like to draw your attention to p.6 specifically. As I'm not a PHP programmer, but rather an ASP programmer, would it be poosible and safe to change the code in pg.6 to resemble the following psedo code below, where I would do the following logic:

1- I would create the top set of cookies in ASP,

2- Do a Response Redirect("moneris.php") that would contain the code below

3- In finalStep.asp (last line below), use the bottom set of cookies to finilize my transaction (recipt and update db).

4- Delete both sets of cookies.

If this procedure will work and is safe, could you please advise me on the following:

1- the PHP equivalent for $varname = Request.Cookies("cookie_name"); - used below in my first set of cookies

2- the PHP equivalent for Response.Cookies("cookie_name") = $varname; - used below in my second set of cookies

3-the PHP equivalent for Response.Redirect("final.asp"); - used below at the last line

4- I'm also attaching the php class, and considering this and the code below, is this PHP5 code? The reason why I ask is as I plan to host this on GoDaddy's Shared Windows IIS7 platform, which supports PHP, but not lower nor perl or such scripting. If this is not php5, then I could get both GoDaddy's hostings - Win IIS7 and Unix to switch back and forth subdomains.

Thank you all in advance

         
           
             1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:

           
           
          <?php 
// ------ Requires the actual API file.  This can be placed anywhere as long as you indicate 
// ------ the proper path  

require "../mpgClasses.php";  

// ------ Define all the required variables.  These can be passed by whatever means you wish  

$store_id = ‘store1’; 
$api_token = ‘yesguy’; 
$crypttype = ‘7’;  

$orderid = Request.Cookies("invoice_no"); 
$amount = Request.Cookies("invoice_total"); 

$pan = Request.Cookies("creditcard_no"); 
$expirydate = Request.Cookies("creditcard_expiry"); 

// ------ step 1) create transaction hash  
$txnArray=array(‘type’=>'purchase',
          ‘order_id’=>$orderid,
          ‘cust_id’=>$customerid,
	   ‘amount’=>$amount,
           ‘pan’=>$pan,
           ‘expdate’=>$expirydate,
           ‘crypt_type’=>$crypttype
            ); 
// ------ step 2) create a transaction object passing the hash created in step 1. 
$mpgTxn = new mpgTransaction($txnArray);  

// ------ step 3) create a mpgRequest object passing the transaction object created in step 2  
$mpgRequest = new mpgRequest($mpgTxn);  

// ------ step 4) create mpgHttpsPost object which does an https post 
$mpgHttpPost  =new mpgHttpsPost($store_id,$api_token,$mpgRequest);  

// ------ step 5) get an mpgResponse object  
$mpgResponse=$mpgHttpPost->getMpgResponse();  

// ------ step 6) retrieve data using get methods.  Using these methods you can retrieve the 
// ------ appropriate variables (getResponseCode) to check if the transactions is approved 
// ------ (=>0 or <50) or declined (>49) or incomplete (NULL) 

Response.Cookies("CardType") = $mpgResponse->getCardType(); 
Response.Cookies("TransAmount") = $mpgResponse->getTransAmount(); 
Response.Cookies("TxnNumber") = $mpgResponse->getTxnNumber(); 
Response.Cookies("ReceiptId") = $mpgResponse->getReceiptId(); 
Response.Cookies("TransType") = $mpgResponse->getTransType(); 
Response.Cookies("ReferenceNum") = $mpgResponse->getReferenceNum(); 
Response.Cookies("ResponseCode") = $mpgResponse->getResponseCode(); 
Response.Cookies("ISO") = $mpgResponse->getISO(); 
Response.Cookies("Message") = $mpgResponse->getMessage(); 
Response.Cookies("AuthCode") = $mpgResponse->getAuthCode(); 
Response.Cookies("Complete") = $mpgResponse->getComplete(); 
Response.Cookies("TransDate") = $mpgResponse->getTransDate(); 
Response.Cookies("TransTime") = $mpgResponse->getTransTime(); 
Response.Cookies("Ticket") = $mpgResponse->getTicket(); 
Response.Cookies("TimedOut") = $mpgResponse->getTimedOut();

Response.Redirect(finalStep.asp")

           
         

Attachments:

temp.zip (267 KB) (File Type Details)

PHP Class & PDF Manual

Answer : PHP, ASP, Moneris

I don't think that's a good idea. You shouldn't, for security reasons, be putting order info in cookies. Moneris doesn't appear to be supported by Godaddy, they do have 6 others they support. And you need an SSL cert for encryption and those dont' work across servers with different domains. PHP and ASP session info is handled differently and isn't shared between them. And this is a difficult way to do this that almost none of us would try. And it would be difficult to support you in doing this.