Beginning PHP and Postgre SQL E-Commerce From Novice to Professional phần 9 ppt

{// Audit$processor->CreateAudit'PsShipOk started.', 20600; // Set order shipment date $processor->SetDateShipped; // Audit $processor->CreateAudit'Order dispatched by supplier.', 20602;

When this pipeline stage finishes, processing moves straight on to PsShipGoods

PsShipGoods

This pipeline section is remarkably similar to PsCheckStock, as it sends an email to the

supplier and stops the pipeline until the supplier has confirmed that stock has shipped This

time you do need customer information, however, because the supplier needs to know where

to ship the order! Add the following code to a new file in the business folder named

// Send mail to supplier

$processor->MailSupplier('HatShop ship goods.',

$this->GetMailBody());

// Audit

$processor->CreateAudit('Ship goods e-mail sent to supplier.', 20502);

// Update order status

$processor->UpdateOrderStatus(6);

{// Audit

$processor->CreateAudit('PsShipOk started.', 20600);

// Set order shipment date

$processor->SetDateShipped();

// Audit

$processor->CreateAudit('Order dispatched by supplier.', 20602);

// Update order status

?>

When this pipeline stage finishes, processing moves straight on to PsFinalNotification

PsFinalNotification

This last pipeline section is very similar to the first because it sends an email to the customer

This time, you’re confirming that the order has shipped Add the following code to a new file inthe business folder named ps_final_notification.php:

// Send mail to customer

$processor->MailCustomer('HatShop order dispatched.',

$this->GetMailBody());

// Audit

$processor->CreateAudit('Dispatch e-mail send to customer.', 20702);

// Update order status

$processor->UpdateOrderStatus(8);

// Audit

$processor->CreateAudit('PsFinalNotification finished.', 20701);

}

It uses a familiar-looking GetMailBody method to build the body of the email:

private function GetMailBody(){

$body = 'Your order has now been dispatched! '

'The following products have been shipped:';

?>

When this pipeline section finishes, the order status is changed to 8, which represents acompleted order Further attempts to process the order using OrderProcessor will result in anexception being thrown

Testing the Pipeline

Now let’s do a simple test to make sure the code you just wrote is working as expected

Exercise: Testing the Pipeline

1 Add the following highlighted lines in the include/app_top.php file (Also feel free to remove the reference to ps_dummy.php, which is no longer required.)

require_once BUSINESS_DIR 'order_processor.php';

require_once BUSINESS_DIR 'ps_initial_notification.php';

require_once BUSINESS_DIR 'ps_check_funds.php';

require_once BUSINESS_DIR 'ps_check_stock.php';

require_once BUSINESS_DIR 'ps_stock_ok.php';

require_once BUSINESS_DIR 'ps_take_payment.php';

require_once BUSINESS_DIR 'ps_ship_goods.php';

require_once BUSINESS_DIR 'ps_ship_ok.php';

require_once BUSINESS_DIR 'ps_final_notification.php';

2 Modify the code of the GetCurrentPipelineSection method in OrderProcessor (insidebusiness/order_processor.php) as follows:

// Gets current pipeline sectionprivate function GetCurrentPipelineSection(){

switch($this->mOrderInfo['status']){

3 Open business/orders.php and modify the $mOrdersStatusOptions member of the Orders class

to manage the new order status codes Note that this change affects the old orders, which used differentstatus codes:

public static $mOrderStatusOptions = array (

'Order placed, notifying customer', // 0'Awaiting confirmation of funds', // 1'Notifying supplier-stock check', // 2'Awaiting stock confirmation', // 3'Awaiting credit card payment', // 4'Notifying supplier-shipping', // 5'Awaiting shipment confirmation', // 6'Sending final notification', // 7'Order completed', // 8'Order canceled'); // 9

4 Openpresentation/smarty_plugins/function.load_admin_order_details.php, and add thehighlighted new member to the AdminOrderDetails class:

public $mTaxCost = 0.0;

public $mOrderProcessMessage;

5 Modify the code of the init method in the AdminOrderDetails class located in presentation/

smarty_plugins/function.load_admin_order_details.php as highlighted This will handle thefunctionality necessary when the visitor clicks the Process button

if (isset ($_GET['submitProcessOrder'])){

$processor = new OrderProcessor($this->mOrderId);

try {

$processor->Process();

$this->mOrderProcessMessage = 'Order processed, status now: '

$processor->mOrderInfo['status'];

} catch (Exception $e) {

$this->mOrderProcessMessage = 'Processing error, status now: '

<form action="{"admin.php"|prepare_link:"https"}" method="get">

7 Execute the code, create a new order, and then open that order in the orders admin page In the orders

admin page, click the Process Order button

8 You should get a customer notification email (see Figure 14-1).

Figure 14-1.Customer order confirmation email

9 Check your supplier email for the stock check email (see Figure 14-2).

Figure 14-2.Stock check email

10 Continue processing in the admin order details page by clicking the Process Order button again, calling the

Process method of the OrderProcessor class for the second time

11 Check your email for the ship goods email (see Figure 14-3).

Figure 14-3.Ship goods email

12 Continue processing in the admin order details page by clicking Process and calling the Process method of

the OrderProcessor class for the third and last time

13 Check your email for the shipping confirmation email (see Figure 14-4).

Figure 14-4.Customer shipping notification email (dispatched.png)

14 Examine the new audit entries for the order as shown in Figure 14-5

Figure 14-5.Audit entries for completed order

How It Works: The Order Pipeline

We’ve covered how the order pipeline works, so now we only need to explain the new code added to

OrderProcessor We changed the code in the GetCurrentPipelineSection method, which is responsible

for selecting the pipeline section that needs to be executed

The change is simply a switch block that assigns a pipeline section to the $_mCurrentPipelineSection member:// Gets current pipeline section

private function GetCurrentPipelineSection(){

switch($this->mOrderInfo['status']){

If the order has been completed or an unknown section is requested, then you generate an exception.

The test code gives you the additional opportunity of testing this exception generation because if you run it again,

you’ll be processing an already completed order Click the Process Order button for an order that’s already

com-plete (has the status 8), and you should get an error email as shown in Figure 14-6

Figure 14-6.Order completion error email

The error message mailed to the administrator should be enough to get started on your way to finding out what

happened

Updating the Checkout Page

In the previous example, you were forced to call the OrderProcessor::Process() method three

times in a row from the order details admin page In practice, this won’t happen—it will be

called once by presentation/smarty_plugins/function.load_checkout_info.php when a

customer places an order and twice more by the supplier in presentation/smarty_plugin/

function.load_admin_order_details.php You’ll need to modify these web pages accordingly

You also need to add a reference to your new classes in index.php Follow the steps in thisexercise to have function.load_checkout_info.php work with the new order pipeline.

Exercise: Updating the Checkout Process

1 Modify the init method in the CheckoutInfo class in presentation/smarty_plugins/

function.load_checkout_info.php by adding the highlighted code:

public function init(){

// If the Place Order button was clicked, save the order to database

if ($this->_mPlaceOrder == 1){

$this->mCustomerData = Customer::Get();

$tax_id = '';

switch ($this->mCustomerData['shipping_region_id']){

$redirect_page = '';

// Create new OrderProcessor instance

$processor = new OrderProcessor($order_id);

try {

$processor->Process();

} catch (Exception $e) {

// If an error occurs, head to an error page

$redirect_page = 'index.php?OrderError';

} // On success head to an order successful page

$redirect_page = 'index.php?OrderDone';

// Redirect to index.php

$redirect_link = 'http://' getenv('SERVER_NAME');

// If HTTP_SERVER_PORT is defined and different than default

if (defined('HTTP_SERVER_PORT') && HTTP_SERVER_PORT != '80'){

// Append server port

2 Create a new file named order_done.tpl in the presentation/templates folder, and add the following code to its body:

{* order_done.tpl *}

<br />

<span class="description">Thank you for your order!</span>

<br /><br />

<strong>A confirmation email should arrive shortly.</strong>

3 If an error occurs while ordering, redirect to another page Create presentation/templates/

order_error.tpl with the following in it:

If you have an enquiry regarding this message please email

<a class="mail" href="mailto:CustomerService@example.com">

CustomerService@example.com</a>

</strong>

4 Add the following style to hatshop.css:

a.mail{color: #0000ff;

font-size: 11px;

text-decoration: underline;

}

5 Modify index.php by adding the highlighted code to load either order_done.tpl or order_error.tpl,depending on whether the order processed successfully or not:

Updating the Orders Admin Page

The basic functionality of this page is to allow suppliers and administrators to view a list oforders that need attention and advance them in the pipeline manually This is simply a case

of calling the OrderProcess::Process method as described earlier

This page could be implemented in many ways In fact, in some setups, it might be better

to implement this as a standalone application, for example, if your suppliers are in-house and

on the same network Or, it might be better to combine this approach with Web Services

To simplify things in this section, you’ll supply a single page for both administrators andsuppliers This might not be ideal in all situations because you might not want to expose allorder details and audit information to external suppliers However, for demonstration pur-poses, this reduces the amount of code you have to get through You’ll also tie in the securityfor this page with the administrator forms-based security used earlier in the book, assumingthat people with permission to edit the site data will also have permission to administerorders In a more advanced setup, you could modify this slightly, providing roles for differenttypes of users and restricting the functionality available to users in different roles

Implementing the Data Tier

We need to add a new data tier function to the hatshop database, orders_get_audit_trail, and update an existing function, orders_update_order, to take into account the new statuscodes

Using pgAdmin III, connect to the hatshop database, and use the query tool to executethis code, which creates the orders_update_order function in your hatshop database:

Update orders_update_order function

CREATE OR REPLACE FUNCTION orders_update_order(INTEGER, INTEGER,

VARCHAR(255), VARCHAR(50), VARCHAR(50))RETURNS VOID LANGUAGE plpgsql AS $$

DECLAREinOrderId ALIAS FOR $1;

inStatus ALIAS FOR $2;

inComments ALIAS FOR $3;

inAuthCode ALIAS FOR $4;

inReference ALIAS FOR $5;

currentDateShipped TIMESTAMP;

BEGINSELECT INTO currentDateShipped

shipped_onFROM orders

WHERE order_id = inOrderId;

UPDATE ordersSET status = inStatus, comments = inComments,auth_code = inAuthCode, reference = inReferenceWHERE order_id = inOrderId;

IF inStatus < 7 AND currentDateShipped IS NOT NULL THENUPDATE orders SET shipped_on = NULL WHERE order_id = inOrderId;

ELSEIF inStatus > 6 AND currentDateShipped IS NULL THENUPDATE orders SET shipped_on = NOW() WHERE order_id = inOrderId;

Create orders_get_audit_trail function

CREATE FUNCTION orders_get_audit_trail(INTEGER)

RETURNS SETOF audit LANGUAGE plpgsql AS $$

DECLAREinOrderId ALIAS FOR $1;

outAuditRow audit;

BEGINFOR outAuditRow INSELECT audit_id, order_id, created_on, message, message_numberFROM audit

WHERE order_id = inOrderIdLOOP

RETURN NEXT outAuditRow;

END LOOP;

END;

$$;

Implementing the Business Tier

You also have to add a new method to the Orders class from business/orders.php to cater tothe new data tier function added in the previous section

Add the GetAuditTrail method to the Orders class in business/orders.php, as follows:// Gets the audit table entries associated with a specific order

public static function GetAuditTrail($orderId){

// Build the SQL query

$sql = 'SELECT * FROM orders_get_audit_trail(:order_id);';

// Build the parameters array

$params = array (':order_id' => $orderId);

// Prepare the statement with PDO-specific functionality

$result = DatabaseHandler::Prepare($sql);

// Execute the query and return the resultsreturn DatabaseHandler::GetAll($result, $params);

}

Implementing the Presentation Tier

You need to update the admin_order_details componentized template, which shows thedetails of an order Earlier in the book, this componentized template also included the capa-bility to test the order process, but we’re removing this here Instead, you’ll provide thecapability for orders to be pushed along the pipeline when they are stuck at the Awaiting con-firmation of stock and Awaiting confirmation of shipment stages

Now, you can also display all the audit information for the order in another new table.Let’s look at what you’re going to achieve, as shown in Figure 14-7

You can split the orders admin page into three sections:

• In the first section, we’ll change the Process button to a confirmation button for ers

suppli-• In the second section, a table is filled with the items data from the order

• In the third section, a table shows the audit trail for the order

Figure 14-7.The new Order Details Admin page

You implement the new functionality in the next exercise

Exercise: Modifying the Order Details Admin Section

1 Remove the following lines from presentation/templates/admin_order_details.tpl:

3 In the presentation/templates/admin_order_details.tpl file, add the following highlighted code:{section name=cOrder loop=$admin_order_details->mOrderDetails}

Orders::UpdateOrder($this->mOrderId, $_GET['status'],

$_GET['comments'], $_GET['authCode'], $_GET['reference']);

if (isset ($_GET['submitProcessOrder'])){

$processor = new OrderProcessor($this->mOrderId);

$processor->Process();

}

$this->mProcessButtonText = 'Confirm Shipment for Order';

// Value which specifies whether to enable or disable edit mode

if (isset ($_GET['submitEdit']))

$this->mEditEnabled = true;

else

$this->mEditEnabled = false;

6 Load HatShop, make a new order, and then load the order details admin page to test the new changes.

How It Works: Order Details Admin

The init method found in AdminOrderDetails advances the pipeline to the next section if the Process button

is clicked; the presence of this button on the page depends on the value of the mProcessButtonText member

This value is set to “Confirm Stock” if the current pipeline section is 3 (awaiting stock confirmation), or to “Confirm

Shipment” if the current pipeline section is 6 (awaiting shipment confirmation) If the current pipeline section is not

set to 3 or 6, it means that the order has been completed successfully, and the button is not shown The

adminis-trator can always check what happened to the order by checking the audit trail that is displayed on the page

All that remains now is to check that everything is working properly To do this, use the web interface to place an

order, and then check it out via the orders details admin section You should see that the order is awaiting

confir-mation of stock, as shown earlier in Figure 14-7

Click the Confirm Stock for Order button and the order is processed Because this happens very quickly, you are

soon presented with the next stage, where the Confirm Stock for Order button is replaced by a new button named

Confirm Shipment, and the audit trail shows a new set of data

Clicking the Confirm Shipment button completes the order If you scroll down the page, you can see all audit trail

messages that have been stored in the database concerning this order

You’ve taken giant strides toward completing the HatShop e-commerce application in thischapter Now you have a fully audited, secure backbone for the application

Specifically, we’ve covered

• Modifications to the HatShop application to enable your own pipeline processing

• The basic framework for your order pipeline

• The database additions for auditing data and storing additional required data in theorders table

• The implementation of most of the order pipeline, apart from those sections that dealwith credit cards

The only thing missing that you need to add before delivering this application to the side world is credit card processing functionality, which we’ll look at in the next chapter

out-Credit Card Transactions

The last thing you need to do before launching the e-commerce site is to enable credit card

processing In this chapter, we examine how you can build this into the pipeline you created

in the previous chapter

We’ll start by looking at the theory behind credit card transactions, the sort of tions that help you achieve credit card processing, and the sort of transactions that are

organiza-possible Moving on, we’ll take two example organizations and discuss the specifics of their

transaction APIs (Application Program Interfaces, the means by which you access credit card

transaction functionality) After this, you’ll build a new class library that helps you use one of

these transaction APIs via some simple test code

Finally, you’ll integrate the API with the HatShop e-commerce application and processing pipeline

order-Credit Card Transaction Fundamentals

Banks and other financial institutions use secure networks for their transactions based on the

X.25 protocol rather than TCP/IP (Transmission Control Protocol/Internet Protocol, the

pri-mary means by which data is transmitted across the Internet) X.25 isn’t something you need

to know anything about, apart from the fact that it’s a different protocol for networking and

isn’t compatible with TCP/IP As such, X.25 networks are completely separate from the

Inter-net, and although it’s possible to get direct access to them, this isn’t likely to be a reasonable

option To do so, you might have to enter into some serious negotiation with the owner of the

network you want to use The owner will want to be completely sure that you are a reliable

customer who is capable of enforcing the necessary safeguards to prevent an attack on their

system Accordingly, the network owner won’t be handing out these licenses to just anyone

because most people can’t afford the security measures required (which include locking your

servers in a cage, sending daily backup tapes down a secure chute, having three individuals

with separate keys to access these tapes, and so on)

The alternative is to access these networks via a gateway provider This enables you toperform your side of the credit card transaction protocol over the Internet (using a secure

protocol), while relying on your chosen gateway to communicate with X.25 networks

Although there is likely to be a cost involved with this, the provider should have a deal with

financial institutions to keep costs low and pass the savings on to you (after the gateway takes

its share), so it’s likely to be much cheaper than having your own X.25 connection This

method is also likely to be cheaper than using a third party such as PayPal because you only

need the minimum functionality when you are handling your own order pipeline There is no

need, for example, to use all the order-auditing functionality offered by a company such as

PayPal because you already built all this functionality in the previous chapter 505

C H A P T E R 1 5

Working with Credit Card Payment Gateways

To work with a gateway organization, you first need to open a merchant bank account Thiscan be done at most banks, and will get you a merchant ID that you can use when signing upwith the gateway The next step is to find a suitable gateway Unfortunately, this can be a lot ofhard work!

Although it isn’t hard to find a gateway, the challenge lies in finding a competent one thatoffers services at a price and quality acceptable to you Literally hundreds of companies areeager to take a cut of your sales A quick search on the Internet for “credit card gateway” willproduce a long list The web sites of these companies are for the most part pure brochure-ware—you’ll find yourself reading through pages of text about how they are the best and mostsecure at what they do, only to end up with a form to fill in so that a customer service repre-sentative can call you to “discuss your needs.” In the long run, you can rest assured that atleast you will probably only have to go through the procedure once

You’ll probably find that most of the organizations offering this service offer similar ages However, key points to look for include the banks they do business with (your merchantbank account will have to be at one of these), the currencies they deal in, and, of course, thecosts

pack-In this chapter, we’ll look at two of the few organizations that are easy to deal with—DataCash and Authorize.net

Table 15-1 shows some of the gateway services available

Table 15-1.Gateway Services

United States URL United Kingdom URL

Authorize.net http://www.authorize.net/ Arcot http://www.arcot.com/First Data http://www.firstdata.com/ WorldPay http://www.worldpay.com/Cardservice http://cardservice.com/ DataCash http://www.datacash.com/ICVerify http://www.icverify.com/

DataCash and Authorize.net

In this chapter, we’ll demonstrate implementing credit card transactions with two online services: DataCash and Authorize.net

DataCash is a UK-based credit card gateway organization You’ll need a UK merchantbank account if you want to use it in your final application However, you don’t have to worryabout this for now: it’s very easy to get access to a rather useful test account—you don’t evenneed a merchant bank account

Authorize.net, as mentioned on its official web site at http://www.authorize.net,

“provides Internet Protocol (IP) payment gateway services that enable merchants to authorize,settle and manage credit card or electronic check transactions anytime, anywhere.” In otherwords, Authorize.net also offers the services that you need to process the credit cards yourselfwhen someone buys one of your hats

The important point to remember is that the techniques covered in this chapter apply toevery credit card gateway The specifics might change slightly if you switch to a differentorganization, but you’ll have done most of the hard work already

As you’ll see later in this chapter, both Authorize.net and DataCash let you perform testtransactions using so-called “magic” credit card numbers (supplied separately by

Authorize.net and DataCash), which will accept or decline transactions without performing

any actual financial transactions This is fantastic for development purposes because you

don’t want to use your own credit cards for testing!

■ Note The authors of this book are in no way affiliated with Authorize.net or DataCash

Understanding Credit Card Transactions

Whichever gateway you use, the basic principles of credit card transactions are the same First,the sort of transactions you’ll be dealing with in an e-commerce web site are known as Card

Not Present (CNP) transactions, which means you don’t have the credit card in front of you,

and you can’t verify the customer signature This isn’t a problem; after all you’ve probably beenperforming CNP transactions for some time now online, over the phone, by mail, and so on

It’s just something to be aware of should you see the CNP acronym

Several advanced services are offered by various gateways, including cardholder addressverification, security code checking, fraud screening, and so on Each of these adds an addi-

tional layer of complexity to your credit card processing, and we’re not covering those details

here Rather, this chapter provides a starting point from which you can add these services if

required Whether to choose these optional extra services depends on how much money is

passing through your system and the trade-off between the costs of implementing the servicesand the potential costs if something goes wrong that could have been prevented by these

extra services If you are interested in these services, the “customer service representative”

mentioned previously will be happy to explain things

You can perform several types of transactions, including

Authorization: Checks card for adequate funds and performs deduction.

Pre-authorization: Checks cards for funds and allocates them if available, but doesn’t

deduct them immediately

Fulfillment: Completes a pre-authorization transaction, deducting the funds already

allocated

Refund: Refunds a completed transaction or simply puts money on a credit card.

Again, the specifics vary, but these are the basic types

In this chapter, you’ll use the pre/fulfill model, which means you don’t take payment untiljust before you instruct your supplier to ship goods This has been hinted at previously by the

structure of the pipeline you created in the previous chapter

Working with DataCash

Now that we’ve covered the basics, let’s consider how you’ll get things working in the HatShopapplication using the DataCash system The first thing to do is to get a test account with DataCash by following these steps:

1. Go to http://www.datacash.com/

2. Head to the Support – Integration Info section of the web site

3. Enter your details and submit

4. From the email you receive, make a note of your account username and password,

as well as the additional information required for accessing the DataCash reportingsystem

Normally, the next step would be to download one of DataCash’s toolkits for easy tion However, because DataCash doesn’t provide a PHP-compatible implementation, youneed to use the XML API for performing transactions Basically, this involves sending XMLrequests to a certain URL using an SSL connection and then deciphering the XML result This

integra-is easy to do in PHP if you have the CURL (Client URL Library Functions) library installed onyour computer, and PHP is aware of it (see Appendix A)

You’ll be doing a lot of XML manipulation when communicating with DataCash becauseyou’ll need to create XML documents to send to DataCash and to extract data from XMLresponses In the following few pages, we’ll take a quick look at the XML required for the operations you’ll be performing and the responses you can expect

• A unique transaction reference number (explained later in this section)

• The amount of money to be debited

• The currency used for the transaction (USD, GBP, and so on)

• The type of transaction (the code pre for pre-authentication, and the code fulfilfor fulfillment)

• The credit card number

• The credit card expiry date

• The credit card issue date (if applicable to the type of credit card being used)

• The credit card issue number (if applicable to the type of credit card being used)

The unique transaction reference number must be a number between 6 and 12 digitslong, which you choose to uniquely identify the transaction with an order Because you can’t

use a short number, you can’t just use the order ID values you’ve been using until now for

orders However, you can use this order ID as the starting point for creating a reference

num-ber simply by adding a high numnum-ber, such as 1,000,000 You can’t duplicate the reference

number in any future transactions, so you can be sure that after a transaction is completed,

it won’t execute again, which might otherwise result in charging the customer twice This does

mean, however, that if a credit card is rejected, you might need to create a whole new order for

the customer, but that shouldn’t be a problem if required

The XML request is formatted in the following way, with the values detailed previouslyshown in bold:

<merchantreference>Unique reference number</merchantreference>

<amount currency='Currency Type'>Cash amount</amount>

</TxnDetails>

<CardTxn>

<method>pre</method>

<Card>

<pan>Credit card number</pan>

<expirydate>Credit card expiry date</expirydate>

</Card>

</CardTxn>

</Transaction>

</Request>

Response to Pre-Authentication Request

The response to a pre-authentication request includes the following information:

• A status code number indicating what happened; 1 if the transaction was successful,

or one of several other codes if something else happens For a complete list of returncodes for a DataCash server, see https://testserver.datacash.com/software/

returncodes.shtml

• A reason for the status, which is basically a string explaining the status in English

For a status of 1, this string is ACCEPTED

• An authentication code and a reference number that will be used to fulfill the transaction in the fulfillment request stage (discussed next)

• The time that the transaction was processed

• The mode of the transaction, which is TEST when using the test account.

• Confirmation of the type of credit card used

• Confirmation of the country that the credit card was issued in

• The authorization code used by the bank (for reference only)

The XML for this is formatted as follows:

<issuer>Card issuing bank</issuer>

<authcode>Bank authorization code</authcode>

</CardTxn>

</Response>

Fulfillment Request

For a fulfillment request, you need to send the following information:

• DataCash username (the DataCash Client)

• DataCash password

• The type of the transaction (for fulfillment, the code fulfil)

• The authentication code received earlier

• The reference number received earlierOptionally, you can include additional information, such as a confirmation of the amount

to be debited from the credit card, although this isn’t really necessary

This is formatted as follows:

The response to a fulfillment request includes the following information:

• A status code number indicating what happened; 1 if the transaction was successful,

or one of several other codes if something else happens Again, for a complete list of the codes, see https://testserver.datacash.com/software/returncodes.shtml

• A reason for the status, which is basically a string explaining the status in English

For a status of 1, this string is FULFILLED OK

• Two copies of the reference code for use by DataCash

• The time that the transaction was processed

• The mode of the transaction, which is TEST when using the test account

The XML for this is formatted as follows:

Exchanging XML Data with DataCash

Because the XML data you need to send to DataCash has a simple and standard structure,

we’ll build it manually in a string, without using the XML support offered by PHP 5 We will,

however, take advantage of PHP 5’s SimpleXML extension, which makes reading simple XML

data a piece of cake

Although less complex and powerful than DOMDocument, the SimpleXML extensionmakes parsing XML data easy by transforming it into a data structure you can simply iterate

through You first met the SimpleXML extension in Chapter 11

■ Note For the code that communicates with DataCash, we use the CURL library (http://curl.haxx.se/) Read Appendix A for complete installation instructions Under Linux, the process can be morecomplicated, but if you are running PHP under Windows, you just need to copy libeay32.dlland

ssleay32.dllfrom the PHP package to the System32folder of your Windows installation and uncommentthe following line in php.ini(by default, located in your Windows installation folder) by removing the lead-ing semicolon, and then restarting Apache:extension=php_curl.dll

For more details about the CURL library, check out the excellent tutorial at http://www.zend.com/pecl/tutorials/curl.php The official documentation of PHP’s CURL support is located at

http://www.php.net/curl

Exercise: Communicating with DataCash

1 Create a new file named datacash_request.php in the business folder, and add the following code to it:

<?phpclass DataCashRequest{

// DataCash Server URLprivate $_mUrl;

// Will hold the current XML document to be sent to DataCashprivate $_mXml;

// Constructor initializes the class with URL of DataCashpublic function construct($url)

{// Datacash URL

$this->_mUrl = $url;

}/* Compose the XML structure for the pre-authenticationrequest to DataCash */

public function MakeXmlPre($dataCashClient, $dataCashPassword,

$merchantReference, $amount, $currency,

$method, $cardNumber, $expiryDate,

$startDate = '', $issueNumber = ''){

$method, $authCode, $reference){

return $this->_mXml;

}