public override string CaptureOrder(Order o)
{
String result = AppLogic.ro_OK;
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
o.CaptureTXCommand = "";
o.CaptureTXResult = "";
String TransID = o.AuthorizationPNREF;
Decimal OrderTotal = o.OrderBalance;
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=CAPTURE");
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_trans_id=" + TransID);
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
String rawResponseString = "MANUAL GATEWAY SAID OK";
o.CaptureTXCommand = transactionCommand.ToString();
o.CaptureTXResult = rawResponseString;
return(result);
}
private GatewayUSAePay.USAePaySOAP.TransactionRequestObject GetProcessCardTransactionRequestObject(decimal OrderTotal, int OrderNumber, Address UseBillingAddress, string CardExtraCode, string CAVV, string ECI, string XID, Address UseShippingAddress)
{
var tranDetail = new GatewayUSAePay.USAePaySOAP.TransactionDetail();
tranDetail.Amount = Convert.ToDouble(OrderTotal);
tranDetail.AmountSpecified = tranDetail.Amount > 0 ? true : false;
tranDetail.Description = AppLogic.AppConfig("USAePay.Description");
tranDetail.Invoice = OrderNumber.ToString(CultureInfo.InvariantCulture); //truncated to 10 chars
tranDetail.OrderID = OrderNumber.ToString(CultureInfo.InvariantCulture); //64 chars
var tranCardData = GetUSAePayCreditCardData(UseBillingAddress, CardExtraCode, CAVV, ECI, XID);
var addressBilling = GetUSAePayBillingAddress(UseBillingAddress);
var addressShipping = GetUSAePayShippingAddress(UseShippingAddress);
//This object contains the data needed to run a new transaction, including sale, credit, void and authonly
var tran = new GatewayUSAePay.USAePaySOAP.TransactionRequestObject();
tran.AccountHolder = UseBillingAddress.CardName;
tran.Details = tranDetail;
tran.BillingAddress = addressBilling;
tran.ShippingAddress = addressShipping;
tran.CreditCardData = tranCardData;
tran.ClientIP = CommonLogic.CustomerIpAddress();
tran.CustomerID = UseBillingAddress.CustomerID.ToString(CultureInfo.InvariantCulture);
return(tran);
}
public void OnActionExecuting(ActionExecutingContext filterContext)
{
var customerGuid = filterContext
.HttpContext
.Request
.GetOwinContext()
.Authentication
.User
.GetCustomerGuid();
if (customerGuid == null)
{
return;
}
var ipAddress = CommonLogic.CustomerIpAddress();
DB.ExecuteSQL(
@"update Customer
set LastIPAddress = @lastIpAddress
where CustomerGUID = @customerGuid and LastIPAddress != @lastIpAddress" ,
new[] {
new SqlParameter("lastIpAddress", ipAddress),
new SqlParameter("customerGuid", customerGuid),
});
DataRetentionService.UpsertLastActivity(customerGuid);
}
public override string VoidOrder(int orderNumber)
{
var result = AppLogic.ro_OK;
DB.ExecuteSQL("update orders set VoidTXCommand=NULL, VoidTXResult=NULL where OrderNumber=" + orderNumber.ToString());
var useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
var orderTotal = System.Decimal.Zero;
var transactionState = string.Empty;
var transactionId = string.Empty;
var customerId = 0;
using (var connection = DB.dbConn())
{
connection.Open();
using (var reader = DB.GetRS(string.Format("select AuthorizationPNREF,OrderTotal,CustomerID,TransactionState from orders with (NOLOCK) where OrderNumber={0}", orderNumber), connection))
{
if (reader.Read())
{
transactionId = DB.RSField(reader, "AuthorizationPNREF");
orderTotal = DB.RSFieldDecimal(reader, "OrderTotal");
customerId = DB.RSFieldInt(reader, "CustomerID");
transactionState = DB.RSField(reader, "TransactionState");
}
}
}
var mpBalance = AppLogic.GetMicroPayBalance(customerId);
var transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=VOID");
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_trans_id=" + transactionId);
DB.ExecuteSQL("update orders set VoidTXCommand=" + DB.SQuote(transactionCommand.ToString()) + " where OrderNumber=" + orderNumber.ToString());
if (transactionId.Length == 0)
{
result = "Invalid or Empty Transaction ID";
}
else
{
var rawResponseString = string.Empty;
if (transactionState == AppLogic.ro_TXStateCaptured)
{
// restore their balance if it was captured!
DB.ExecuteSQL(string.Format("update customer set MicroPayBalance={0} where CustomerID={1}", Localization.CurrencyStringForDBWithoutExchangeRate(mpBalance + orderTotal), customerId.ToString()));
rawResponseString = string.Format("MicroPay Balance {0} => {1}", Localization.CurrencyStringForDBWithoutExchangeRate(mpBalance), Localization.CurrencyStringForDBWithoutExchangeRate(orderTotal + mpBalance));
}
else
{
rawResponseString = "MICROPAY GATEWAY SAID NO VOID ACTION NEEDED (WAS NOT IN CAPTURED STATE)";
}
DB.ExecuteSQL("update orders set VoidTXResult=" + DB.SQuote(rawResponseString) + " where OrderNumber=" + orderNumber.ToString());
}
return(result);
}
static private PlugNPayApi.PNP CreatePaymentRequest(int orderNumber, decimal orderTotal, string currencyCode, Address billingAddress)
{
// instantiate new request object
var request = new PlugNPayApi.PNP();
var details = request.Request.TransactionRequest;
var billing = details.BillDetails;
var order = details.Order;
// request details
details.TransactionID = orderNumber.ToString();
details.IPaddress = CommonLogic.CustomerIpAddress();
// billing information
billing.CardName = billingAddress.CardName;
billing.CardAddress1 = billingAddress.Address1;
billing.CardAddress2 = billingAddress.Address2;
billing.CardCity = billingAddress.City;
billing.CardState = billingAddress.State;
billing.CardZip = billingAddress.Zip;
billing.CardCountry = AppLogic.GetCountryTwoLetterISOCode(billingAddress.Country);
billing.Email = billingAddress.EMail;
// order information
order.CardAmount = Localization.CurrencyStringForGatewayWithoutExchangeRate(orderTotal);
order.Currency = currencyCode;
return(request);
}
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String AVSAddr = String.Empty;
String AVSZip = String.Empty;
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
// Generate payment request
Customer customer = new Customer(CustomerID, true);
GatewayMoneybookers.IPaymentType paymentType;
if (TransactionMode == TransactionModeEnum.auth)
{
paymentType = GatewayMoneybookers.PaymentType.Preauthorisation;
}
else
{
paymentType = GatewayMoneybookers.PaymentType.Debit;
}
string customerIpAddress = CommonLogic.CustomerIpAddress();
if (customerIpAddress == "::1")
{
customerIpAddress = "127.0.0.1";
}
else if (customerIpAddress.Contains(":"))
{
throw new Exception("The Skrill (Moneybookers) payment gateway does not support IPv6.");
}
string cardType = UseBillingAddress.CardType;
if (cardType.ToUpper() == "MASTERCARD")
{
cardType = "MASTER";
}
string result;
CustomerSession customerSession = new CustomerSession(CustomerID);
if (customerSession.SessionUSInt("Moneybookers_3DSecure_OrderNumber") == OrderNumber)
{
result = ProcessOrderThrough3DSecure(OrderNumber, CustomerID, OrderTotal, TransactionMode, UseBillingAddress, CardExtraCode, ref AuthorizationResult, ref AuthorizationCode, ref AuthorizationTransID, ref TransactionCommandOut, ref TransactionResponse, customer, paymentType, customerIpAddress, cardType, customerSession);
}
else
{
result = ProcessOrderThroughGateway(OrderNumber, CustomerID, OrderTotal, TransactionMode, UseBillingAddress, CardExtraCode, ref AuthorizationResult, ref AuthorizationCode, ref AuthorizationTransID, ref TransactionCommandOut, ref TransactionResponse, customer, paymentType, customerIpAddress, cardType);
}
return(result);
}
// if RefundAmount == 0.0M, then then ENTIRE order amount will be refunded!
public override string RefundOrder(int OriginalOrderNumber, int NewOrderNumber, decimal RefundAmount, String RefundReason, Address UseBillingAddress)
{
String result = AppLogic.ro_OK;
DB.ExecuteSQL("update orders set RefundTXCommand=NULL, RefundTXResult=NULL where OrderNumber=" + OriginalOrderNumber.ToString());
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
String TransID = String.Empty;
String Last4 = String.Empty;
Decimal OrderTotal = System.Decimal.Zero;
using (SqlConnection conn = DB.dbConn())
{
conn.Open();
using (IDataReader rs = DB.GetRS("select AuthorizationPNREF,Last4,OrderTotal from orders with (NOLOCK) where OrderNumber=" + OriginalOrderNumber.ToString(), conn))
{
if (rs.Read())
{
TransID = DB.RSField(rs, "AuthorizationPNREF");
Last4 = DB.RSField(rs, "Last4");
OrderTotal = DB.RSFieldDecimal(rs, "OrderTotal");
}
}
}
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=CREDIT");
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_trans_id=" + TransID);
if (RefundAmount == System.Decimal.Zero)
{
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
}
else
{
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(RefundAmount));
}
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_card_num=" + Last4);
DB.ExecuteSQL("update orders set RefundTXCommand=" + DB.SQuote(transactionCommand.ToString()) + " where OrderNumber=" + OriginalOrderNumber.ToString());
if (TransID.Length == 0 || TransID == "0")
{
result = "Invalid or Empty Transaction ID";
}
else if (Last4.Length == 0)
{
result = "Credit Card Number (Last4) Not Found or Empty";
}
else
{
String rawResponseString = "MANUAL GATEWAY SAID OK";
DB.ExecuteSQL("update orders set RefundTXResult=" + DB.SQuote(rawResponseString) + " where OrderNumber=" + OriginalOrderNumber.ToString());
}
return(result);
}
public override String CaptureOrder(Order o)
{
String result = AppLogic.ro_OK;
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
o.CaptureTXCommand = "";
o.CaptureTXResult = "";
String TransID = o.AuthorizationPNREF;
Decimal OrderTotal = o.OrderBalance;
String TransactionState = o.TransactionState;
int CustomerID = o.CustomerID;
Decimal mpBalance = AppLogic.GetMicroPayBalance(CustomerID);
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=CAPTURE");
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_trans_id=" + TransID);
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
o.CaptureTXCommand = transactionCommand.ToString();
if (TransID.Length == 0)
{
result = "Invalid or Empty Transaction ID";
}
else
{
String rawResponseString = String.Empty;
if (OrderTotal > mpBalance)
{
rawResponseString = "INSUFFICIENT FUNDS";
result = rawResponseString;
}
else
{
// withdrawl the funds:
DB.ExecuteSQL(String.Format("update customer set MicroPayBalance={0} where CustomerID={1}", Localization.CurrencyStringForDBWithoutExchangeRate(mpBalance - OrderTotal), CustomerID.ToString()));
rawResponseString = "MICROPAY GATEWAY SAID OK";
}
o.CaptureTXResult = rawResponseString;
}
return(result);
}
public void OnAuthorization(AuthorizationContext filterContext)
{
if (!AppLogic.AppConfigBool("IPAddress.RefuseRestrictedIPsFromSite"))
{
return;
}
var customerIpAddress = CommonLogic.CustomerIpAddress();
if (!AppLogic.IPIsRestricted(customerIpAddress))
{
return;
}
filterContext.Result = new RedirectResult("refused.htm", false);
}
public override string VoidOrder(int OrderNumber)
{
String result = AppLogic.ro_OK;
DB.ExecuteSQL("update orders set VoidTXCommand=NULL, VoidTXResult=NULL where OrderNumber=" + OrderNumber.ToString());
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
String TransID = String.Empty;
using (SqlConnection conn = DB.dbConn())
{
conn.Open();
using (IDataReader rs = DB.GetRS("select AuthorizationPNREF from Orders with (NOLOCK) where OrderNumber=" + OrderNumber.ToString(), conn))
{
if (rs.Read())
{
TransID = DB.RSField(rs, "AuthorizationPNREF");
}
}
}
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=VOID");
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_trans_id=" + TransID);
DB.ExecuteSQL("update orders set VoidTXCommand=" + DB.SQuote(transactionCommand.ToString()) + " where OrderNumber=" + OrderNumber.ToString());
if (TransID.Length == 0 || TransID == "0")
{
result = "Invalid or Empty Transaction ID";
}
else
{
String rawResponseString = "MANUAL GATEWAY SAID OK";
DB.ExecuteSQL("update orders set VoidTXResult=" + DB.SQuote(rawResponseString) + " where OrderNumber=" + OrderNumber.ToString());
}
return(result);
}
private GatewayUSAePay.USAePaySOAP.ueSecurityToken GetSecurityToken()
{
//make ueSecurityToken - wiki.usaepay.com/developer/soap-1.6/howto/csharp
var token = new GatewayUSAePay.USAePaySOAP.ueSecurityToken();
token.SourceKey = SourceKey;
token.ClientIP = CommonLogic.CustomerIpAddress();
token.PinHash = new GatewayUSAePay.USAePaySOAP.ueHash();
token.PinHash.Seed = Guid.NewGuid().ToString(); //can hardcode a number like 1234 for debug
token.PinHash.Type = "md5";
String preHashValue = String.Empty;
preHashValue = token.SourceKey + token.PinHash.Seed + Pin;
#region CalculateMD5
// step 1, calculate MD5 hash from input
// Create a new instance of the MD5CryptoServiceProvider object.
MD5 md5Hasher = MD5.Create();
// Convert the input string to a byte array and compute the hash.
byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(preHashValue));
// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();
// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2", CultureInfo.InvariantCulture));
}
#endregion
token.PinHash.HashValue = sBuilder.ToString();
return(token);
}
public static String ProcessTransaction(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, String TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = AppLogic.ro_OK;
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=" + CommonLogic.IIF(TransactionMode == AppLogic.ro_TXModeAuthOnly, "AUTH_ONLY", "AUTH_CAPTURE"));
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_description=" + HttpContext.Current.Server.UrlEncode(AppLogic.AppConfig("StoreName") + " Order " + OrderNumber.ToString()));
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
transactionCommand.Append("&x_card_num=" + UseBillingAddress.CardNumber);
if (CardExtraCode.Length != 0)
{
transactionCommand.Append("&x_card_code=" + CardExtraCode.Trim());
}
transactionCommand.Append("&x_exp_date=" + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + "/" + UseBillingAddress.CardExpirationYear);
transactionCommand.Append("&x_phone=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Phone));
transactionCommand.Append("&x_fax=");
transactionCommand.Append("&x_customer_tax_id=");
transactionCommand.Append("&x_cust_id=" + CustomerID.ToString());
transactionCommand.Append("&x_invoice_num=" + OrderNumber.ToString());
transactionCommand.Append("&x_email=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.EMail));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_first_name=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.FirstName));
transactionCommand.Append("&x_last_name=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.LastName));
transactionCommand.Append("&x_company=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Company));
transactionCommand.Append("&x_address=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Address1));
transactionCommand.Append("&x_city=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.City));
transactionCommand.Append("&x_state=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.State));
transactionCommand.Append("&x_zip=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Zip));
transactionCommand.Append("&x_country=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Country));
if (UseShippingAddress != null)
{
transactionCommand.Append("&x_ship_to_first_name=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.FirstName));
transactionCommand.Append("&x_ship_to_last_name=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.LastName));
transactionCommand.Append("&x_ship_to_company=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Company));
transactionCommand.Append("&x_ship_to_address=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Address1));
transactionCommand.Append("&x_ship_to_city=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.City));
transactionCommand.Append("&x_ship_to_state=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.State));
transactionCommand.Append("&x_ship_to_zip=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Zip));
transactionCommand.Append("&x_ship_to_country=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Country));
}
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
if (CAVV.Length != 0 || ECI.Length != 0)
{
transactionCommand.Append("&x_authentication_indicator=" + ECI);
transactionCommand.Append("&x_cardholder_authentication_value=" + CAVV);
}
//First do they have enough money?
decimal mpBalance = AppLogic.GetMicroPayBalance(CustomerID);
if (OrderTotal > mpBalance)
{
result = "INSUFFICIENT FUNDS";
AuthorizationCode = "-1";
AuthorizationResult = result;
AuthorizationTransID = CommonLogic.GetNewGUID();
AVSResult = String.Empty;
TransactionCommandOut = transactionCommand.ToString();
TransactionResponse = String.Empty;
}
else
{
// if we are capturing
if (AppLogic.TransactionMode() == AppLogic.ro_TXModeAuthCapture)
{
DB.ExecuteSQL(String.Format("update customer set MicroPayBalance={0} where CustomerID={1}", Localization.CurrencyStringForDBWithoutExchangeRate(mpBalance - OrderTotal), CustomerID.ToString()));
}
AuthorizationCode = "0";
AuthorizationResult = AppLogic.ro_OK;
AuthorizationTransID = CommonLogic.GetNewGUID();
AVSResult = AppLogic.ro_OK;
TransactionCommandOut = transactionCommand.ToString();
TransactionResponse = String.Empty;
}
return(result);
}
public override string ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = AppLogic.ro_OK;
AVSResult = string.Empty;
AuthorizationResult = string.Empty;
AuthorizationCode = string.Empty;
AuthorizationTransID = string.Empty;
TransactionCommandOut = string.Empty;
TransactionResponse = string.Empty;
if (AppLogic.AppConfigBool("ValidateCreditCardNumbers"))
{
CardType cardType = CardType.ParseFromNumber(UseBillingAddress.CardNumber.ToString());
if (cardType == null)
{
return(AppLogic.GetString("checkoutcard_process.aspx.3", Customer.Current.LocaleSetting));
}
CreditCardValidator validator = new CreditCardValidator(UseBillingAddress.CardNumber.ToString(), cardType);
bool isValidCC = validator.Validate();
if (!isValidCC)
{
return(AppLogic.GetString("checkoutcard_process.aspx.3", Customer.Current.LocaleSetting));
}
bool isValidCCExpiration = validator.CheckCCExpiration(Convert.ToInt32(UseBillingAddress.CardExpirationMonth), Convert.ToInt32(UseBillingAddress.CardExpirationYear));
if (!isValidCCExpiration)
{
return(AppLogic.GetString("checkoutcard_process.aspx.6", Customer.Current.LocaleSetting));
}
bool isValidCVV = AppLogic.AppConfigBool("CardExtraCodeIsOptional") || validator.ValidateCVV(UseBillingAddress.CardNumber.ToString(), CardExtraCode);
if (!isValidCVV)
{
return(AppLogic.GetString("checkoutcard_process.aspx.7", Customer.Current.LocaleSetting));
}
}
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=" + CommonLogic.IIF(TransactionMode == TransactionModeEnum.auth, "AUTH_ONLY", "AUTH_CAPTURE"));
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_description=" + HttpContext.Current.Server.UrlEncode(AppLogic.AppConfig("StoreName") + " Order " + OrderNumber.ToString()));
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
transactionCommand.Append("&x_card_num=" + UseBillingAddress.CardNumber);
if (CardExtraCode.Length != 0)
{
transactionCommand.Append("&x_card_code=" + CardExtraCode.Trim());
}
transactionCommand.Append("&x_exp_date=" + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + "/" + UseBillingAddress.CardExpirationYear);
transactionCommand.Append("&x_phone=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Phone));
transactionCommand.Append("&x_fax=");
transactionCommand.Append("&x_customer_tax_id=");
transactionCommand.Append("&x_cust_id=" + CustomerID.ToString());
transactionCommand.Append("&x_invoice_num=" + OrderNumber.ToString());
transactionCommand.Append("&x_email=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.EMail));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_first_name=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.FirstName));
transactionCommand.Append("&x_last_name=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.LastName));
transactionCommand.Append("&x_company=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Company));
transactionCommand.Append("&x_address=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Address1));
transactionCommand.Append("&x_city=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.City));
transactionCommand.Append("&x_state=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.State));
transactionCommand.Append("&x_zip=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Zip));
transactionCommand.Append("&x_country=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Country));
if (UseShippingAddress != null)
{
transactionCommand.Append("&x_ship_to_first_name=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.FirstName));
transactionCommand.Append("&x_ship_to_last_name=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.LastName));
transactionCommand.Append("&x_ship_to_company=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Company));
transactionCommand.Append("&x_ship_to_address=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Address1));
transactionCommand.Append("&x_ship_to_city=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.City));
transactionCommand.Append("&x_ship_to_state=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.State));
transactionCommand.Append("&x_ship_to_zip=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Zip));
transactionCommand.Append("&x_ship_to_country=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Country));
}
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
if (CAVV.Length != 0 || ECI.Length != 0)
{
transactionCommand.Append("&x_authentication_indicator=" + ECI);
transactionCommand.Append("&x_cardholder_authentication_value=" + CAVV);
}
String rawResponseString = "MANUAL GATEWAY SAID OK";
AuthorizationCode = "0";
AuthorizationResult = rawResponseString;
AuthorizationTransID = CommonLogic.GetNewGUID();
AVSResult = AppLogic.ro_OK;
TransactionCommandOut = transactionCommand.ToString();
TransactionResponse = String.Empty;
return(result);
}
public ExternalPaymentMethodContext BeginCheckout(AspDotNetStorefrontCore.ShoppingCart cart)
{
decimal amount = cart.Total(true);
GatewayMoneybookers.PaymentType paymentType = GatewayMoneybookers.PaymentType.Capture;
string customerIpAddress = CommonLogic.CustomerIpAddress();
if (customerIpAddress == "::1")
{
customerIpAddress = "127.0.0.1";
}
else if (customerIpAddress.Contains(":"))
{
throw new Exception("The Moneybookers payment gateway does not support IPv6.");
}
// Generate payment request
GatewayMoneybookers.PaymentRequestBuilder requestBuilder = new GatewayMoneybookers.PaymentRequestBuilder();
var paymentRequest = requestBuilder.BuildQuickCheckoutRequest(
GetEncryptedTransactionId(cart, amount),
cart.ThisCustomer.CustomerID,
cart.ThisCustomer.EMail,
cart.ThisCustomer.PrimaryBillingAddress.FirstName,
cart.ThisCustomer.PrimaryBillingAddress.LastName,
cart.ThisCustomer.PrimaryBillingAddress.Address1,
cart.ThisCustomer.PrimaryBillingAddress.City,
CommonLogic.IIF(String.IsNullOrEmpty(cart.ThisCustomer.PrimaryBillingAddress.State), null, cart.ThisCustomer.PrimaryBillingAddress.State),
cart.ThisCustomer.PrimaryBillingAddress.Zip,
cart.ThisCustomer.PrimaryBillingAddress.Country,
customerIpAddress,
amount);
GatewayMoneybookers.PaymentXmlTransformer <GatewayMoneybookers.VirtualAccountPaymentMethod> paymentTransformer = new GatewayMoneybookers.PaymentXmlTransformer <GatewayMoneybookers.VirtualAccountPaymentMethod>();
var paymentRequestData = paymentTransformer.TransformRequest(paymentRequest, new VirtualAccountPaymentMethodXmlTransformer());
// Submit request and get response
string paymentResponseData = null;
string result = String.Empty;
int maxAttempts = AppLogic.AppConfigUSInt("GatewayRetries") + 1;
for (int attemptCount = 0; attemptCount < maxAttempts; attemptCount++)
{
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(RequestUri);
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded;charset=UTF-8";
try
{
using (var requestStream = request.GetRequestStream())
{
using (StreamWriter requestWriter = new StreamWriter(requestStream))
{
requestWriter.Write("load={0}", Uri.EscapeDataString(paymentRequestData));
requestWriter.Close();
}
requestStream.Close();
}
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
using (var responseStream = response.GetResponseStream())
{
using (StreamReader responseReader = new StreamReader(responseStream))
{
paymentResponseData = responseReader.ReadToEnd();
responseReader.Close();
}
responseStream.Close();
}
break;
}
#if DEBUG
catch (WebException exception)
{
using (var responseStream = exception.Response.GetResponseStream())
{
using (StreamReader responseReader = new StreamReader(responseStream))
{
result = String.Format("Error calling Skrill (Moneybookers) payment gateway. {0}{1}", exception.Message, responseReader.ReadToEnd());
responseReader.Close();
}
responseStream.Close();
}
}
#endif
catch (Exception exception)
{
result = String.Format("Error calling Skrill (Moneybookers) payment gateway. {0}", exception.Message);
}
}
// Process response
if (paymentResponseData != null)
{
GatewayMoneybookers.PaymentResponse paymentResponse = paymentTransformer.TransformResponse(paymentResponseData);
result = String.Format("{0} - {1} - {2} - {3}", paymentResponse.Result, paymentResponse.Status, paymentResponse.Reason, paymentResponse.Return);
if (paymentResponse.Result.ToUpperInvariant() == "ACK")
{
return(new ExternalPaymentMethodContext(result, paymentResponse.RedirectUrl, paymentResponse.RedirectParameters));
}
else
{
if (result.Length == 0)
{
result = "Unspecified Error";
}
return(new ExternalPaymentMethodContext(result));
}
}
else
{
return(new ExternalPaymentMethodContext(result));
}
}
// if RefundAmount == 0.0M, then then ENTIRE order amount will be refunded!
public override String RefundOrder(int OriginalOrderNumber, int NewOrderNumber, decimal RefundAmount, String RefundReason, Address UseBillingAddress)
{
String result = AppLogic.ro_OK;
DB.ExecuteSQL("update orders set RefundTXCommand=NULL, RefundTXResult=NULL where OrderNumber=" + OriginalOrderNumber.ToString());
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
String TransID = String.Empty;
String Last4 = String.Empty;
int CustomerID = 0;
Decimal OrderTotal = System.Decimal.Zero;
String BillingLastName = String.Empty;
String BillingFirstName = String.Empty;
String BillingCompany = String.Empty;
String BillingAddress1 = String.Empty;
String BillingAddress2 = String.Empty;
String BillingSuite = String.Empty;
String BillingCity = String.Empty;
String BillingState = String.Empty;
String BillingZip = String.Empty;
String BillingCountry = String.Empty;
String BillingPhone = String.Empty;
String BillingEMail = String.Empty;
using (SqlConnection con = new SqlConnection(DB.GetDBConn()))
{
con.Open();
using (IDataReader rs = DB.GetRS("select * from orders with (NOLOCK) where OrderNumber=" + OriginalOrderNumber.ToString(), con))
{
if (rs.Read())
{
TransID = DB.RSField(rs, "AuthorizationPNREF");
Last4 = DB.RSField(rs, "Last4");
OrderTotal = DB.RSFieldDecimal(rs, "OrderTotal");
CustomerID = DB.RSFieldInt(rs, "CustomerID");
BillingLastName = DB.RSField(rs, "BillingLastName");
BillingFirstName = DB.RSField(rs, "BillingFirstName");
BillingCompany = DB.RSField(rs, "BillingCompany");
BillingAddress1 = DB.RSField(rs, "BillingAddress1");
BillingAddress2 = DB.RSField(rs, "BillingAddress2");
BillingSuite = DB.RSField(rs, "BillingSuite");
BillingCity = DB.RSField(rs, "BillingCity");
BillingState = DB.RSField(rs, "BillingState");
BillingZip = DB.RSField(rs, "BillingZip");
BillingCountry = DB.RSField(rs, "BillingCountry");
BillingPhone = DB.RSField(rs, "BillingPhone");
BillingEMail = DB.RSField(rs, "EMail");
}
}
}
String X_Login = AppLogic.AppConfig("eProcessingNetwork_X_LOGIN");
if (X_Login.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_Login = reg.Read("eProcessingNetwork_X_LOGIN");
reg = null;
}
String X_TranKey = AppLogic.AppConfig("eProcessingNetwork_X_TRAN_KEY");
if (X_TranKey.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_TranKey = reg.Read("eProcessingNetwork_X_TRAN_KEY");
reg = null;
}
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=CREDIT");
transactionCommand.Append("&x_login="******"&x_tran_key=" + X_TranKey);
transactionCommand.Append("&x_version=" + AppLogic.AppConfig("eProcessingNetwork_X_VERSION"));
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_method=" + AppLogic.AppConfig("eProcessingNetwork_X_METHOD"));
transactionCommand.Append("&x_delim_Data=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_DATA"));
transactionCommand.Append("&x_delim_Char=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR"));
transactionCommand.Append("&x_encap_char=" + AppLogic.AppConfig("eProcessingNetwork_X_ENCAP_CHAR"));
transactionCommand.Append("&x_relay_response=" + AppLogic.AppConfig("eProcessingNetwork_X_RELAY_RESPONSE"));
transactionCommand.Append("&x_trans_id=" + TransID);
if (RefundAmount == System.Decimal.Zero)
{
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
}
else
{
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(RefundAmount));
}
transactionCommand.Append("&x_cust_id=" + CustomerID.ToString());
transactionCommand.Append("&x_invoice_num=" + OriginalOrderNumber.ToString());
transactionCommand.Append("&x_email=" + Security.UrlEncode(BillingEMail));
transactionCommand.Append("&x_email_customer=false");
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_card_num=" + Last4);
transactionCommand.Append("&x_description=" + Security.UrlEncode(RefundReason));
transactionCommand.Append("&x_first_name=" + Security.UrlEncode(BillingFirstName));
transactionCommand.Append("&x_last_name=" + Security.UrlEncode(BillingLastName));
transactionCommand.Append("&x_company=" + Security.UrlEncode(BillingCompany));
transactionCommand.Append("&x_address=" + Security.UrlEncode(BillingAddress1));
transactionCommand.Append("&x_city=" + Security.UrlEncode(BillingCity));
transactionCommand.Append("&x_state=" + Security.UrlEncode(BillingState));
transactionCommand.Append("&x_zip=" + Security.UrlEncode(BillingZip));
transactionCommand.Append("&x_country=" + Security.UrlEncode(BillingCountry));
DB.ExecuteSQL("update orders set RefundTXCommand=" + DB.SQuote(transactionCommand.ToString().Replace(X_TranKey, "*".PadLeft(X_TranKey.Length))) + " where OrderNumber=" + OriginalOrderNumber.ToString());
if (TransID.Length == 0 || TransID == "0")
{
result = "Invalid or Empty Transaction ID";
}
else if (Last4.Length == 0)
{
result = "Credit Card Number (Last4) Not Found or Empty";
}
else
{
try
{
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
String AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("eProcessingNetwork_LIVE_SERVER"), AppLogic.AppConfig("eProcessingNetwork_TEST_SERVER"));
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
String rawResponseString = String.Empty;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
// Close and clean up the StreamReader
sr.Close();
}
myResponse.Close();
}
catch
{
rawResponseString = "0|||Error Calling eProcessing Network Payment Gateway||||||||";
}
// rawResponseString now has gateway response
String[] statusArray = rawResponseString.Split(AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR").ToCharArray());
// this seems to be a new item where auth.net is returing quotes around each parameter, so strip them out:
for (int i = statusArray.GetLowerBound(0); i <= statusArray.GetUpperBound(0); i++)
{
statusArray[i] = statusArray[i].Trim('\"');
}
String sql = String.Empty;
String replyCode = statusArray[0].Replace(":", "");
DB.ExecuteSQL("update orders set RefundTXResult=" + DB.SQuote(rawResponseString) + " where OrderNumber=" + OriginalOrderNumber.ToString());
if (replyCode == "1")
{
result = AppLogic.ro_OK;
}
else
{
result = statusArray[3];
}
}
catch
{
result = "NO RESPONSE FROM GATEWAY!";
}
}
return(result);
}
public override String RefundOrder(int OriginalOrderNumber, int NewOrderNumber, decimal RefundOrderTotal, String RefundReason, Address UseBillingAddress)
{
String result = "error";
string crypt = AppLogic.AppConfig("eSelectPlus.crypt");
DB.ExecuteSQL("update orders set RefundTXCommand=NULL, RefundTXResult=NULL where OrderNumber=" + OriginalOrderNumber.ToString());
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
String TransID = String.Empty;
String Last4 = String.Empty;
int CustomerID = 0;
Decimal OrderTotal = System.Decimal.Zero;
string authCode = string.Empty;
string theOrderTotal = string.Empty;
using (var conn = DB.dbConn())
{
conn.Open();
using (var rs = DB.GetRS("select * from orders with (NOLOCK) where OrderNumber=" + OriginalOrderNumber.ToString(), conn))
{
if (rs.Read())
{
TransID = DB.RSField(rs, "AuthorizationPNREF");
Last4 = DB.RSField(rs, "Last4");
OrderTotal = DB.RSFieldDecimal(rs, "OrderTotal");
CustomerID = DB.RSFieldInt(rs, "CustomerID");
authCode = DB.RSField(rs, "AuthorizationCode");
}
}
}
if (authCode.Contains(cryptLabel))
{
crypt = authCode.Substring(authCode.IndexOf(cryptLabel) + cryptLabel.Length, 1);
}
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=CREDIT");
transactionCommand.Append("&x_trans_id=" + TransID);
if (RefundOrderTotal == System.Decimal.Zero)
{
theOrderTotal = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal);
}
else
{
theOrderTotal = Localization.CurrencyStringForGatewayWithoutExchangeRate(RefundOrderTotal);
}
if (theOrderTotal.StartsWith("."))
{
theOrderTotal = "0" + theOrderTotal;
}
transactionCommand.Append("&x_amount=" + theOrderTotal);
transactionCommand.Append("&x_cust_id=" + CustomerID.ToString());
transactionCommand.Append("&x_invoice_num=" + OriginalOrderNumber.ToString());
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_card_num=" + Last4);
transactionCommand.Append("&x_description=" + HttpContext.Current.Server.UrlEncode(RefundReason));
esp.refundTxn reqRefund = new esp.refundTxn();
reqRefund.order_id = OriginalOrderNumber.ToString();
reqRefund.amount = theOrderTotal;
reqRefund.txn_number = TransID;
reqRefund.crypt_type = crypt;
try
{
string sResponse = sendRequest(useLiveTransactions, reqRefund);
esp.response resp = null;
if (sResponse != null)
{
resp = DeserializeResponse(sResponse);
}
if (resp != null)
{
esp.receipt respReceipt = (esp.receipt)resp.receipt[0];
StringBuilder tps = new StringBuilder("");
tps.Append("update orders set ");
tps.Append("RefundTXCommand=" + DB.SQuote(transactionCommand.ToString()) + ",");
tps.Append("RefundTXResult=" + DB.SQuote(respReceipt.Complete) + ",");
tps.Append("RefundReason=" + DB.SQuote(RefundReason.ToString()));
tps.Append(" where ordernumber=" + OriginalOrderNumber.ToString());
DB.ExecuteSQL(tps.ToString());
if (respReceipt.Complete == "true")
{
result = AppLogic.ro_OK;
}
else
{
result = respReceipt.Message;
}
}
}
catch
{
result = "failed";
}
return(result);
}
public override String VoidOrder(int OrderNumber)
{
String result = AppLogic.ro_OK;
DB.ExecuteSQL("update orders set VoidTXCommand=NULL, VoidTXResult=NULL where OrderNumber=" + OrderNumber.ToString());
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
String TransID = String.Empty;
int CustomerID = 0;
using (SqlConnection con = new SqlConnection(DB.GetDBConn()))
{
con.Open();
using (IDataReader rs = DB.GetRS("select AuthorizationPNREF,CustomerID from Orders with (NOLOCK) where OrderNumber=" + OrderNumber.ToString(), con))
{
if (rs.Read())
{
TransID = DB.RSField(rs, "AuthorizationPNREF");
CustomerID = DB.RSFieldInt(rs, "CustomerID");
}
}
}
String X_Login = AppLogic.AppConfig("eProcessingNetwork_X_LOGIN");
if (X_Login.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_Login = reg.Read("eProcessingNetwork_X_LOGIN");
reg = null;
}
String X_TranKey = AppLogic.AppConfig("eProcessingNetwork_X_TRAN_KEY");
if (X_TranKey.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_TranKey = reg.Read("eProcessingNetwork_X_TRAN_KEY");
reg = null;
}
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=VOID");
transactionCommand.Append("&x_login="******"&x_tran_key=" + X_TranKey);
transactionCommand.Append("&x_version=" + AppLogic.AppConfig("eProcessingNetwork_X_VERSION"));
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_method=" + AppLogic.AppConfig("eProcessingNetwork_X_METHOD"));
transactionCommand.Append("&x_delim_Data=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_DATA"));
transactionCommand.Append("&x_delim_Char=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR"));
transactionCommand.Append("&x_encap_char=" + AppLogic.AppConfig("eProcessingNetwork_X_ENCAP_CHAR"));
transactionCommand.Append("&x_relay_response=" + AppLogic.AppConfig("eProcessingNetwork_X_RELAY_RESPONSE"));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_trans_id=" + TransID);
DB.ExecuteSQL("update orders set VoidTXCommand=" + DB.SQuote(transactionCommand.ToString().Replace(X_TranKey, "*".PadLeft(X_TranKey.Length))) + " where OrderNumber=" + OrderNumber.ToString());
if (TransID.Length == 0 || TransID == "0")
{
result = "Invalid or Empty Transaction ID";
}
else
{
try
{
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
String AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("eProcessingNetwork_LIVE_SERVER"), AppLogic.AppConfig("eProcessingNetwork_TEST_SERVER"));
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
String rawResponseString = String.Empty;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
// Close and clean up the StreamReader
sr.Close();
}
myResponse.Close();
}
catch
{
rawResponseString = "0|||Error Calling eProcessing Network Payment Gateway||||||||";
}
// rawResponseString now has gateway response
String[] statusArray = rawResponseString.Split(AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR").ToCharArray());
// this seems to be a new item where auth.net is returing quotes around each parameter, so strip them out:
for (int i = statusArray.GetLowerBound(0); i <= statusArray.GetUpperBound(0); i++)
{
statusArray[i] = statusArray[i].Trim('\"');
}
String sql = String.Empty;
String replyCode = statusArray[0].Replace(":", "");
DB.ExecuteSQL("update orders set VoidTXResult=" + DB.SQuote(rawResponseString) + " where OrderNumber=" + OrderNumber.ToString());
if (replyCode == "1")
{
result = AppLogic.ro_OK;
}
else
{
result = statusArray[3];
}
}
catch
{
result = "NO RESPONSE FROM GATEWAY!";
}
}
return(result);
}
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = AppLogic.ro_OK;
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
String Merchant_User_Name = GetIDepositAppConfig("USERNAME");
String Clerk_Id = GetIDepositAppConfig("CLERKID");
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("Transaction_Type=" + CommonLogic.IIF(TransactionMode == TransactionModeEnum.auth, "PRE_AUTH", "SALE"));
transactionCommand.Append("&Merchant_User_Name=" + Merchant_User_Name);
transactionCommand.Append("&Comments=" + HttpContext.Current.Server.UrlEncode(AppLogic.AppConfig("StoreName") + " Order " + OrderNumber.ToString()));
transactionCommand.Append("&Charge_Amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
transactionCommand.Append("&Credit_Card_Type=" + GetCardTypeFieldValue(UseBillingAddress.CardType));
transactionCommand.Append("&Credit_Card_Number=" + UseBillingAddress.CardNumber);
if (CardExtraCode.Length != 0)
{
transactionCommand.Append("&CV_Security_Code=" + CardExtraCode.Trim());
}
transactionCommand.Append("&Credit_Card_Exp_Date=" + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + UseBillingAddress.CardExpirationYear.ToString().Substring(2, 2));
transactionCommand.Append("&Tracking_Number=" + OrderNumber.ToString());
transactionCommand.Append("&CardHolder_Name=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.CardName));
transactionCommand.Append("&AVS_Street=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Address1));
transactionCommand.Append("&AVS_Zip_Code=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Zip));
transactionCommand.Append("&Clerk_Id=" + HttpContext.Current.Server.UrlEncode(Clerk_Id));
transactionCommand.Append("&Station_Id=" + CommonLogic.CustomerIpAddress());
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
try
{
String AuthServer = GetIDepositAppConfig("URL");
String rawResponseString = String.Empty;
int MaxTries = AppLogic.AppConfigUSInt("GatewayRetries") + 1;
int CurrentTry = 0;
bool CallSuccessful = false;
do
{
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
CurrentTry++;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
sr.Close();
}
myResponse.Close();
CallSuccessful = true;
}
catch
{
CallSuccessful = false;
}
}while (!CallSuccessful && CurrentTry < MaxTries);
// rawResponseString now has gateway response
TransactionResponse = rawResponseString;
String authNum = CommonLogic.ExtractToken(rawResponseString, "<AuthorizationNumber>", "</AuthorizationNumber>");
String transactionID = CommonLogic.ExtractToken(rawResponseString, "<TransactionId>", "</TransactionId>");
String AVSStatus = CommonLogic.ExtractToken(rawResponseString, "<AVSStatus>", "</AVSStatus>");
String CVStatus = CommonLogic.ExtractToken(rawResponseString, "<CVStatus>", "</CVStatus>");
String returnCode = CommonLogic.ExtractToken(rawResponseString, "<ReturnCode>", "</ReturnCode>");
String responseStatus = CommonLogic.ExtractToken(rawResponseString, "<Status>", "</Status>");
String statusMsg = CommonLogic.ExtractToken(rawResponseString, "<StatusMessage>", "</StatusMessage>");
AuthorizationTransID = transactionID;
AuthorizationCode = authNum;
AVSResult = AVSStatus;
if (CVStatus.Length > 0 && CardExtraCode.Length != 0)
{
AVSResult += ", CV Result: " + CVStatus;
}
AuthorizationResult = responseStatus;
TransactionCommandOut = transactionCommand.ToString();
if (returnCode == "1")
{
result = AppLogic.ro_OK;
}
else if (returnCode == "0")
{
result = statusMsg;
}
else
{
result = "Error calling iDeposit.net gateway. Please retry your order in a few minutes or select another checkout payment option.";
}
}
catch
{
result = "Error calling iDeposit.net gateway. Please retry your order in a few minutes or select another checkout payment option.";
}
return(result);
}
// if RefundAmount == 0.0M, then then ENTIRE order amount will be refunded!
public override String RefundOrder(int OriginalOrderNumber, int NewOrderNumber, decimal RefundAmount, String RefundReason, Address UseBillingAddress)
{
String result = AppLogic.ro_OK;
DB.ExecuteSQL("update orders set RefundTXCommand=NULL, RefundTXResult=NULL where OrderNumber=" + OriginalOrderNumber.ToString());
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
String TransID = String.Empty;
Decimal OrderTotal = System.Decimal.Zero;
String TransactionState = String.Empty;
int CustomerID = 0;
using (SqlConnection conn = DB.dbConn())
{
conn.Open();
using (IDataReader rs = DB.GetRS("select AuthorizationPNREF,OrderTotal,TransactionState,CustomerID from orders with (NOLOCK) where OrderNumber=" + OriginalOrderNumber.ToString(), conn))
{
if (rs.Read())
{
TransID = DB.RSField(rs, "AuthorizationPNREF");
OrderTotal = DB.RSFieldDecimal(rs, "OrderTotal");
TransactionState = DB.RSField(rs, "TransactionState");
CustomerID = DB.RSFieldInt(rs, "CustomerID");
}
}
}
Decimal mpBalance = AppLogic.GetMicroPayBalance(CustomerID);
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=CREDIT");
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_trans_id=" + TransID);
if (RefundAmount == System.Decimal.Zero)
{
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
}
else
{
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(RefundAmount));
}
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
DB.ExecuteSQL("update orders set RefundTXCommand=" + DB.SQuote(transactionCommand.ToString()) + " where OrderNumber=" + OriginalOrderNumber.ToString());
if (TransID.Length == 0)
{
result = "Invalid or Empty Transaction ID";
}
else
{
String rawResponseString = String.Empty;
if (TransactionState == AppLogic.ro_TXStateCaptured)
{
// restore their balance if it was captured!
DB.ExecuteSQL(String.Format("update customer set MicroPayBalance={0} where CustomerID={1}", Localization.CurrencyStringForDBWithoutExchangeRate(mpBalance + CommonLogic.IIF(RefundAmount == System.Decimal.Zero, OrderTotal, RefundAmount)), CustomerID.ToString()));
rawResponseString = String.Format("MicroPay Balance {0} => {1}", Localization.CurrencyStringForDBWithoutExchangeRate(mpBalance), Localization.CurrencyStringForDBWithoutExchangeRate(OrderTotal + mpBalance));
}
else
{
rawResponseString = "MICROPAY GATEWAY SAID NO REFUND ACTION NEEDED (WAS NOT IN CAPTURED STATE)";
}
DB.ExecuteSQL("update orders set RefundTXResult=" + DB.SQuote(rawResponseString) + " where OrderNumber=" + OriginalOrderNumber.ToString());
}
return(result);
}
// processes card in real time:
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = "VERISIGN COM COMPONENTS NOT INSTALLED ON SERVER OR STOREFRONT NOT COMPILED WITH VERISIGN CODE TURNED ON";
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
#if VERISIGN
PFProCOMLib.PNComClass vsnGate = new PFProCOMLib.PNComClass();
int TO = AppLogic.AppConfigUSInt("Verisign_Timeout");
if (TO == 0)
{
TO = 60;
}
vsnGate.TimeOut = TO.ToString();
StringBuilder transactionCommand = new StringBuilder(4096);
String rawResponseString;
String replyCode = String.Empty;
String responseCode = String.Empty;
String authResponse = String.Empty;
String approvalCode = String.Empty;
String orderTotalString;
if (!useLiveTransactions)
{
OrderTotal = 1.0M;
}
orderTotalString = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal);
transactionCommand.Append("TRXTYPE=" + CommonLogic.IIF(TransactionMode == TransactionModeEnum.auth, "A", "S") + "&TENDER=C&ZIP=" + UseBillingAddress.Zip + "&COMMENT1=Order " + OrderNumber + "&COMMENT2=CustomerID " + CustomerID.ToString());
transactionCommand.Append("&PWD=" + AppLogic.AppConfig("Verisign_PWD"));
transactionCommand.Append("&USER="******"Verisign_USER"));
transactionCommand.Append("&VENDOR=" + AppLogic.AppConfig("Verisign_VENDOR"));
transactionCommand.Append("&PARTNER=" + AppLogic.AppConfig("Verisign_PARTNER"));
//set the amount
transactionCommand.Append("&AMT=" + orderTotalString);
transactionCommand.Append("&ACCT=" + UseBillingAddress.CardNumber);
//set the expiration date form the HTML form
transactionCommand.Append("&EXPDATE=" + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + UseBillingAddress.CardExpirationYear.Substring(2, 2));
//set the CSC code:
if (CardExtraCode.Trim().Length != 0)
{
transactionCommand.Append("&CSC2MATCH=" + CardExtraCode);
transactionCommand.Append("&CVV2=" + CardExtraCode);
}
if (UseShippingAddress != null)
{
transactionCommand.Append("&SHIPTOSTREET=" + UseShippingAddress.Address1.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&SHIPTOCITY=" + UseShippingAddress.City.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&SHIPTOSTATE=" + UseShippingAddress.State.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&SHIPTOZIP=" + UseShippingAddress.Zip.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&SHIPTOCOUNTRY=" + UseShippingAddress.Country.Replace("&", "").Replace("=", "")); //Verisign documentation says it's SHIPTOCOUNTRY but support says it's COUNTRYCODE which is the one that worked for me
transactionCommand.Append("&COUNTRYCODE=" + UseShippingAddress.Country.Replace("&", "").Replace("=", "")); //Verisign documentation says it's SHIPTOCOUNTRY but support says it's COUNTRYCODE which is the one that worked for me
}
transactionCommand.Append("&STREET=" + UseBillingAddress.Address1.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&CITY=" + UseBillingAddress.City.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&STATE=" + UseBillingAddress.State.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&ZIP=" + UseBillingAddress.Zip.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&COUNTRY=" + UseBillingAddress.Country.Replace("&", "").Replace("=", ""));
transactionCommand.Append("&CUSTIP=" + CommonLogic.CustomerIpAddress().Replace("&", "").Replace("=", "")); //cart.ThisCustomer.LastIPAddress);
transactionCommand.Append("&EMAIL=" + UseBillingAddress.EMail.Replace("&", "").Replace("=", ""));
if (CAVV.Length != 0)
{
transactionCommand.Append("&CAVV[" + CAVV.Length.ToString() + "]=" + CAVV);
transactionCommand.Append("&ECI=" + ECI);
//transactionCommand.Append("&XID=" + XID);
}
int Ctx1;
if (AppLogic.AppConfigBool("UseLiveTransactions"))
{
Ctx1 = vsnGate.CreateContext("payflow.verisign.com", 443, 30, String.Empty, 0, String.Empty, String.Empty);
}
else
{
Ctx1 = vsnGate.CreateContext("test-payflow.verisign.com", 443, 30, String.Empty, 0, String.Empty, String.Empty);
}
String curString = vsnGate.SubmitTransaction(Ctx1, transactionCommand.ToString(), transactionCommand.Length);
rawResponseString = curString;
vsnGate.DestroyContext(Ctx1);
bool AVSOK = true;
String AVSAddr = String.Empty;
String AVSZip = String.Empty;
String[] statusArray = curString.Split('&');
for (int i = statusArray.GetLowerBound(0); i <= statusArray.GetUpperBound(0); i++)
{
String[] lasKeyPair = statusArray[i].Split('=');
switch (lasKeyPair[0].ToLowerInvariant())
{
case "result":
replyCode = lasKeyPair[1];
break;
case "pnref":
responseCode = lasKeyPair[1];
break;
case "respmsg":
authResponse = lasKeyPair[1];
break;
case "authcode":
approvalCode = lasKeyPair[1];
break;
case "avsaddr":
AVSAddr = lasKeyPair[1];
break;
case "avszip":
AVSZip = lasKeyPair[1];
break;
}
}
// ok, how to handle this? Bank doesn't decline based on AVS info, so we can't either...as the card has already been charged!
// if(AppLogic.AppConfigBool("Verisign_Verify_Addresses"))
// {
// AVSOK = false;
// if(AVSAddr == "Y" || AVSZip == "Y")
// {
// AVSOK = true;
// }
// }
AuthorizationCode = approvalCode;
AuthorizationResult = rawResponseString;
AuthorizationTransID = responseCode;
AVSResult = String.Empty;
TransactionCommandOut = transactionCommand.ToString();
if (replyCode == "0" && AVSOK)
{
result = AppLogic.ro_OK;
}
else
{
result = authResponse;
if (result.Length == 0)
{
result = "Unspecified Error";
}
result = result.Replace("account", "card");
result = result.Replace("Account", "Card");
result = result.Replace("ACCOUNT", "CARD");
}
#endif
return(result);
}
public String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse, Boolean IsVaultTransaction, Customer ThisCustomer)
{
if (IsVaultTransaction && ThisCustomer == null)
{
throw new ArgumentException("Customer Object required for vault transactions.");
}
String result = AppLogic.ro_OK;
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
GatewayClient client = SecureNetController.GetGatewayClient();
TRANSACTION oT = SecureNetController.GetTransactionWithDefaults();
if (IsVaultTransaction)
{
//vault info
oT.CUSTOMERID = ThisCustomer.CustomerID.ToString();
oT.PAYMENTID = AppLogic.GetSelectedSecureNetVault(ThisCustomer);
}
else
{
//Credit Card Info
oT.CARD = new CARD();
oT.CARD.CARDCODE = CardExtraCode;
oT.CARD.CARDNUMBER = UseBillingAddress.CardNumber;
oT.CARD.EXPDATE = UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + UseBillingAddress.CardExpirationYear.ToString().Substring(2, 2); //MMYY
}
//Billing Address Info
oT.CUSTOMER_BILL = new CUSTOMER_BILL();
oT.CUSTOMER_BILL.ADDRESS = UseBillingAddress.Address1;
oT.CUSTOMER_BILL.CITY = UseBillingAddress.City;
oT.CUSTOMER_BILL.ZIP = UseBillingAddress.Zip;
oT.CUSTOMER_BILL.STATE = UseBillingAddress.State;
oT.CUSTOMER_BILL.COMPANY = UseBillingAddress.Company;
oT.CUSTOMER_BILL.COUNTRY = UseBillingAddress.Country;
oT.CUSTOMER_BILL.EMAIL = UseBillingAddress.EMail;
oT.CUSTOMER_BILL.FIRSTNAME = UseBillingAddress.FirstName;
oT.CUSTOMER_BILL.LASTNAME = UseBillingAddress.LastName;
oT.CUSTOMER_BILL.PHONE = UseBillingAddress.Phone;
//Shipping Address Info
if (UseShippingAddress != null)
{
oT.CUSTOMER_SHIP = new CUSTOMER_SHIP();
oT.CUSTOMER_SHIP.ADDRESS = UseShippingAddress.Address1;
oT.CUSTOMER_SHIP.CITY = UseShippingAddress.City;
oT.CUSTOMER_SHIP.ZIP = UseShippingAddress.Zip;
oT.CUSTOMER_SHIP.STATE = UseShippingAddress.State;
oT.CUSTOMER_SHIP.COMPANY = UseShippingAddress.Company;
oT.CUSTOMER_SHIP.COUNTRY = UseShippingAddress.Country;
oT.CUSTOMER_SHIP.FIRSTNAME = UseShippingAddress.FirstName;
oT.CUSTOMER_SHIP.LASTNAME = UseShippingAddress.LastName;
}
//todo - look into adding cartitems
//Transaction Information
oT.AMOUNT = OrderTotal;
oT.CODE = CommonLogic.IIF(AppLogic.TransactionModeIsAuthOnly(), SecureNetController.GetTypeCodeString(SecureNetTransactionTypeCode.AUTH_ONLY), SecureNetController.GetTypeCodeString(SecureNetTransactionTypeCode.AUTH_CAPTURE));
oT.METHOD = SecureNetMethod.CC.ToString();
oT.ORDERID = OrderNumber.ToString();
oT.CUSTOMERIP = CommonLogic.CustomerIpAddress();
oT.INVOICENUM = OrderNumber.ToString();
oT.INVOICEDESC = AppLogic.AppConfig("StoreName");
//pasing unused integers as zeros as defined in the securenet docs
oT.TOTAL_INSTALLMENTCOUNT = 0;
oT.OVERRIDE_FROM = 0;
oT.INSTALLMENT_SEQUENCENUM = 0;
oT.RETAIL_LANENUM = 0;
oT.CASHBACK_AMOUNT = 0;
if (IsVaultTransaction)
{
oT.TRANSACTION_SERVICE = 1;
}
else
{
oT.TRANSACTION_SERVICE = 0;
}
//MPI for 3D Secure
oT.MPI = new MPI();
if (!String.IsNullOrEmpty(ECI))
{
oT.MPI.AUTHINDICATOR = ECI;
}
if (!String.IsNullOrEmpty(CAVV))
{
oT.MPI.AUTHVALUE = CAVV;
}
GATEWAYRESPONSE oG = client.ProcessTransaction(oT);
if (oG.TRANSACTIONRESPONSE.RESPONSE_CODE == "1")
{
AuthorizationTransID = oG.TRANSACTIONRESPONSE.TRANSACTIONID.ToString();
AuthorizationCode = "Response Code: " + oG.TRANSACTIONRESPONSE.RESPONSE_CODE + ", Reason Code: " + oG.TRANSACTIONRESPONSE.RESPONSE_REASON_CODE;
if (!String.IsNullOrEmpty(oG.TRANSACTIONRESPONSE.AVS_RESULT_CODE))
{
AVSResult = oG.TRANSACTIONRESPONSE.AVS_RESULT_CODE;
}
if (!String.IsNullOrEmpty(oG.TRANSACTIONRESPONSE.CARD_CODE_RESPONSE_CODE))
{
if (AVSResult.Length > 0)
{
AVSResult += ", ";
}
AVSResult += "ExtraCode: " + oG.TRANSACTIONRESPONSE.CARD_CODE_RESPONSE_CODE;
}
//if (!String.IsNullOrEmpty(oTr.CAVV_Response_Code))
if (!String.IsNullOrEmpty(oG.TRANSACTIONRESPONSE.CAVV_RESPONSE_CODE))
{
if (AVSResult.Length > 0)
{
AVSResult += ", ";
}
AVSResult += "CAVV: " + oG.TRANSACTIONRESPONSE.CAVV_RESPONSE_CODE;
}
AuthorizationResult = oG.TRANSACTIONRESPONSE.RESPONSE_REASON_TEXT + ", Approval Code: " + oG.TRANSACTIONRESPONSE.AUTHCODE;
result = AppLogic.ro_OK;
}
else
{
AuthorizationResult = "Error: [" + oG.TRANSACTIONRESPONSE.RESPONSE_CODE + "] " + oG.TRANSACTIONRESPONSE.RESPONSE_REASON_TEXT;
result = oG.TRANSACTIONRESPONSE.RESPONSE_REASON_TEXT;
}
TransactionCommandOut = this.GetXMLSerializedObject(oT);
TransactionResponse = this.GetXMLSerializedObject(oG);
if (!IsVaultTransaction && AppLogic.SecureNetVaultIsEnabled() && result == AppLogic.ro_OK)
{
if (ThisCustomer == null)
{
ThisCustomer = new Customer(CustomerID);
}
if (ThisCustomer.SecureNetVaultMasterShouldWeStoreCreditCardInfo)
{
try
{
SecureNetVault vault = new SecureNetVault(ThisCustomer);
vault.AddCreditCardToCustomerVault(UseBillingAddress.CardName, UseBillingAddress.CardNumber, CardExtraCode, UseBillingAddress.CardType, UseBillingAddress.CardExpirationMonth, UseBillingAddress.CardExpirationYear);
}
catch { }
}
}
if (IsVaultTransaction && result == AppLogic.ro_OK)
{
AppLogic.ClearSelectedSecureNetVaultInSession(ThisCustomer);
}
return(result);
}
public override String ProcessECheck(int OrderNumber, int CustomerID, Decimal OrderTotal, Address UseBillingAddress, Address UseShippingAddress, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = AppLogic.ro_OK;
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_method=ECHECK");
transactionCommand.Append("&x_type=AUTH_CAPTURE"); // eCHECKS only support AUTH_CAPTURE
transactionCommand.Append("&x_echeck_type=WEB");
String X_TranKey = AppLogic.AppConfig("eProcessingNetwork_X_TRAN_KEY");
if (X_TranKey.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_TranKey = reg.Read("eProcessingNetwork_X_TRAN_KEY");
reg = null;
}
transactionCommand.Append("&x_login="******"eProcessingNetwork_X_LOGIN"));
transactionCommand.Append("&x_tran_key=" + X_TranKey);
transactionCommand.Append("&x_version=" + AppLogic.AppConfig("eProcessingNetwork_X_VERSION"));
transactionCommand.Append("&x_merchant_EMail=" + AppLogic.AppConfig("eProcessingNetwork_X_Email"));
transactionCommand.Append("&x_description=" + AppLogic.AppConfig("StoreName") + " Order " + OrderNumber.ToString());
transactionCommand.Append("&x_delim_Data=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_DATA"));
transactionCommand.Append("&x_delim_Char=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR"));
transactionCommand.Append("&x_encap_char=" + AppLogic.AppConfig("eProcessingNetwork_X_ENCAP_CHAR"));
transactionCommand.Append("&x_relay_response=" + AppLogic.AppConfig("eProcessingNetwork_X_RELAY_RESPONSE"));
transactionCommand.Append("&x_email_customer=" + AppLogic.AppConfig("eProcessingNetwork_X_Email_CUSTOMER"));
transactionCommand.Append("&x_recurring_billing=NO"); // for echecks
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
transactionCommand.Append("&x_bank_aba_code=" + UseBillingAddress.ECheckBankABACode);
transactionCommand.Append("&x_bank_acct_num=" + UseBillingAddress.ECheckBankAccountNumber);
transactionCommand.Append("&x_bank_acct_type=" + UseBillingAddress.ECheckBankAccountType);
transactionCommand.Append("&x_bank_name=" + UseBillingAddress.ECheckBankName);
transactionCommand.Append("&x_bank_acct_name=" + UseBillingAddress.ECheckBankAccountName);
transactionCommand.Append("&x_customer_organization_type=" + CommonLogic.IIF(UseBillingAddress.ECheckBankAccountType == "BUSINESS CHECKING", "B", "I"));
transactionCommand.Append("&x_phone=" + UseBillingAddress.Phone);
transactionCommand.Append("&x_fax=");
transactionCommand.Append("&x_customer_tax_id=");
transactionCommand.Append("&x_cust_id=" + CustomerID.ToString());
transactionCommand.Append("&x_invoice_num=" + OrderNumber.ToString());
transactionCommand.Append("&x_email=" + UseBillingAddress.EMail);
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_first_name=" + UseBillingAddress.FirstName);
transactionCommand.Append("&x_last_name=" + UseBillingAddress.LastName);
transactionCommand.Append("&x_company=" + UseBillingAddress.Company);
transactionCommand.Append("&x_address=" + UseBillingAddress.Address1);
transactionCommand.Append("&x_city=" + UseBillingAddress.City);
transactionCommand.Append("&x_state=" + UseBillingAddress.State);
transactionCommand.Append("&x_zip=" + UseBillingAddress.Zip);
transactionCommand.Append("&x_country=" + UseBillingAddress.Country);
if (UseShippingAddress != null)
{
transactionCommand.Append("&x_ship_to_first_name=" + UseShippingAddress.FirstName);
transactionCommand.Append("&x_ship_to_last_name=" + UseShippingAddress.LastName);
transactionCommand.Append("&x_ship_to_company=" + UseShippingAddress.Company);
transactionCommand.Append("&x_ship_to_address=" + UseShippingAddress.Address1);
transactionCommand.Append("&x_ship_to_city=" + UseShippingAddress.City);
transactionCommand.Append("&x_ship_to_state=" + UseShippingAddress.State);
transactionCommand.Append("&x_ship_to_zip=" + UseShippingAddress.Zip);
transactionCommand.Append("&x_ship_to_country=" + UseShippingAddress.Country);
}
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
try
{
String AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("eProcessingNetwork_LIVE_SERVER"), AppLogic.AppConfig("eProcessingNetwork_TEST_SERVER"));
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
String rawResponseString = String.Empty;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
// Close and clean up the StreamReader
sr.Close();
}
myResponse.Close();
}
catch
{
rawResponseString = "0|||Error Calling eProcessing Network Payment Gateway||||||||";
}
// rawResponseString now has gateway response
TransactionResponse = rawResponseString;
String[] statusArray = rawResponseString.Split(AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR").ToCharArray());
// this seems to be a new item where auth.net is returing quotes around each parameter, so strip them out:
for (int i = statusArray.GetLowerBound(0); i <= statusArray.GetUpperBound(0); i++)
{
statusArray[i] = statusArray[i].Trim('\"');
}
String sql = String.Empty;
String replyCode = statusArray[0].Replace(":", "");
String responseCode = statusArray[2];
String approvalCode = statusArray[4];
String authResponse = statusArray[3];
String TransID = statusArray[6];
AuthorizationCode = statusArray[4];
AuthorizationResult = rawResponseString;
AuthorizationTransID = statusArray[6];
AVSResult = statusArray[5];
TransactionCommandOut = transactionCommand.ToString().Replace(X_TranKey, "*".PadLeft(X_TranKey.Length));
if (replyCode == "1")
{
result = AppLogic.ro_OK;
}
else
{
result = authResponse;
if (result.Length == 0)
{
result = "Unspecified Error";
}
}
}
catch
{
result = "Error calling eProcessing Network gateway. Please retry your order in a few minutes or select another checkout payment option.";
}
return(result);
}
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = AppLogic.ro_OK;
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
String X_Login = AppLogic.AppConfig("eProcessingNetwork_X_LOGIN");
if (X_Login.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_Login = reg.Read("eProcessingNetwork_X_LOGIN");
reg = null;
}
String X_TranKey = AppLogic.AppConfig("eProcessingNetwork_X_TRAN_KEY");
if (X_TranKey.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_TranKey = reg.Read("eProcessingNetwork_X_TRAN_KEY");
reg = null;
}
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=" + CommonLogic.IIF(TransactionMode == TransactionModeEnum.auth, "AUTH_ONLY", "AUTH_CAPTURE"));
transactionCommand.Append("&x_login="******"&x_tran_key=" + X_TranKey);
transactionCommand.Append("&x_version=" + AppLogic.AppConfig("eProcessingNetwork_X_VERSION"));
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_merchant_email=" + Security.UrlEncode(AppLogic.AppConfig("eProcessingNetwork_X_Email")));
transactionCommand.Append("&x_description=" + Security.UrlEncode(AppLogic.AppConfig("StoreName") + " Order " + OrderNumber.ToString()));
transactionCommand.Append("&x_method=" + AppLogic.AppConfig("eProcessingNetwork_X_METHOD"));
transactionCommand.Append("&x_delim_Data=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_DATA"));
transactionCommand.Append("&x_delim_Char=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR"));
transactionCommand.Append("&x_encap_char=" + AppLogic.AppConfig("eProcessingNetwork_X_ENCAP_CHAR"));
transactionCommand.Append("&x_relay_response=" + AppLogic.AppConfig("eProcessingNetwork_X_RELAY_RESPONSE"));
transactionCommand.Append("&x_email_customer=" + AppLogic.AppConfig("eProcessingNetwork_X_Email_CUSTOMER"));
transactionCommand.Append("&x_recurring_billing=" + AppLogic.AppConfig("eProcessingNetwork_X_RECURRING_BILLING"));
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
transactionCommand.Append("&x_card_num=" + UseBillingAddress.CardNumber);
if (CardExtraCode.Length != 0)
{
transactionCommand.Append("&x_card_code=" + CardExtraCode.Trim());
}
transactionCommand.Append("&x_exp_date=" + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + "/" + UseBillingAddress.CardExpirationYear);
transactionCommand.Append("&x_phone=" + Security.UrlEncode(UseBillingAddress.Phone));
transactionCommand.Append("&x_fax=");
transactionCommand.Append("&x_customer_tax_id=");
transactionCommand.Append("&x_cust_id=" + CustomerID.ToString());
transactionCommand.Append("&x_invoice_num=" + OrderNumber.ToString());
transactionCommand.Append("&x_email=" + Security.UrlEncode(UseBillingAddress.EMail));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_first_name=" + Security.UrlEncode(UseBillingAddress.FirstName));
transactionCommand.Append("&x_last_name=" + Security.UrlEncode(UseBillingAddress.LastName));
transactionCommand.Append("&x_company=" + Security.UrlEncode(UseBillingAddress.Company));
transactionCommand.Append("&x_address=" + Security.UrlEncode(UseBillingAddress.Address1));
transactionCommand.Append("&x_city=" + Security.UrlEncode(UseBillingAddress.City));
transactionCommand.Append("&x_state=" + Security.UrlEncode(UseBillingAddress.State));
transactionCommand.Append("&x_zip=" + Security.UrlEncode(UseBillingAddress.Zip));
transactionCommand.Append("&x_country=" + Security.UrlEncode(UseBillingAddress.Country));
if (UseShippingAddress != null)
{
transactionCommand.Append("&x_ship_to_first_name=" + Security.UrlEncode(UseShippingAddress.FirstName));
transactionCommand.Append("&x_ship_to_last_name=" + Security.UrlEncode(UseShippingAddress.LastName));
transactionCommand.Append("&x_ship_to_company=" + Security.UrlEncode(UseShippingAddress.Company));
transactionCommand.Append("&x_ship_to_address=" + Security.UrlEncode(UseShippingAddress.Address1));
transactionCommand.Append("&x_ship_to_city=" + Security.UrlEncode(UseShippingAddress.City));
transactionCommand.Append("&x_ship_to_state=" + Security.UrlEncode(UseShippingAddress.State));
transactionCommand.Append("&x_ship_to_zip=" + Security.UrlEncode(UseShippingAddress.Zip));
transactionCommand.Append("&x_ship_to_country=" + Security.UrlEncode(UseShippingAddress.Country));
}
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
if (ECI.Length != 0)
{
transactionCommand.Append("&x_authentication_indicator=" + ECI);
transactionCommand.Append("&x_cardholder_authentication_value=" + CAVV);
}
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
try
{
String AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("eProcessingNetwork_LIVE_SERVER"), AppLogic.AppConfig("eProcessingNetwork_TEST_SERVER"));
String rawResponseString = String.Empty;
int MaxTries = AppLogic.AppConfigUSInt("GatewayRetries") + 1;
int CurrentTry = 0;
bool CallSuccessful = false;
do
{
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
CurrentTry++;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
sr.Close();
}
myResponse.Close();
CallSuccessful = true;
}
catch
{
CallSuccessful = false;
rawResponseString = "0|||Error Calling eProcessing Network Payment Gateway||||||||";
}
}while (!CallSuccessful && CurrentTry < MaxTries);
// rawResponseString now has gateway response
TransactionResponse = rawResponseString;
String[] statusArray = rawResponseString.Split(AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR").ToCharArray());
// this seems to be a new item where auth.net is returing quotes around each parameter, so strip them out:
for (int i = statusArray.GetLowerBound(0); i <= statusArray.GetUpperBound(0); i++)
{
statusArray[i] = statusArray[i].Trim('\"');
}
String sql = String.Empty;
String replyCode = statusArray[0].Replace(":", "");
String responseCode = statusArray[2];
String approvalCode = statusArray[4];
String authResponse = statusArray[3];
String TransID = statusArray[6];
AuthorizationCode = statusArray[4];
AuthorizationResult = rawResponseString;
AuthorizationTransID = statusArray[6];
AVSResult = statusArray[5];
TransactionCommandOut = transactionCommand.ToString().Replace(X_TranKey, "*".PadLeft(X_TranKey.Length));
if (replyCode == "1")
{
result = AppLogic.ro_OK;
}
else
{
result = authResponse;
if (result.Length == 0)
{
result = "Unspecified Error";
}
else
{
result = result.Replace("account", "card");
result = result.Replace("Account", "Card");
result = result.Replace("ACCOUNT", "CARD");
}
}
}
catch
{
result = "Error calling eProcessing Network gateway. Please retry your order in a few minutes or select another checkout payment option.";
}
return(result);
}
// processes card in real time:
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = AppLogic.ro_OK;
string countrycode = string.Empty;
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
String signedPARes = String.Empty;
CustomerSession cSession = new CustomerSession(CustomerID);
String vendorTxCode = OrderNumber.ToString() + "-" + System.Guid.NewGuid().ToString("N");
int CardTypeID = DB.GetSqlN("select CardTypeID N from CreditCardType where CardType = " + DB.SQuote(UseBillingAddress.CardType));
bool Try3DSecure = CommonLogic.IntegerIsInIntegerList(CardTypeID, AppLogic.AppConfig("3DSECURE.CreditCardTypeIDs"));
if (cSession["3Dsecure.PaRes"].Length != 0)
{
Try3DSecure = true; // If we have a PaRes, then we are doing 3D Secure, could be set up with SagePayUK.
signedPARes = cSession["3Dsecure.PaRes"];
// After grabbing it, clear out the session PaRes so it won't be re-used ever again.
cSession["3Dsecure.PaRes"] = String.Empty;
if (cSession["3DSecure.XID"].Length != 0)
{ // Reuse the original vendorTxCode
vendorTxCode = cSession["3DSecure.XID"];
cSession["3DSecure.XID"] = "";
}
}
AuthorizationTransID = vendorTxCode + "||";
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("VPSProtocol=" + ProtocolVersion);
transactionCommand.Append("&TxType=" + CommonLogic.IIF(TransactionMode == TransactionModeEnum.auth, "DEFERRED", "PAYMENT"));
transactionCommand.Append("&Vendor=" + AppLogic.AppConfig("SagePayUK.Vendor"));
transactionCommand.Append("&VendorTxCode=" + vendorTxCode);
transactionCommand.Append("&Amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
transactionCommand.Append("&Currency=" + Localization.StoreCurrency());
transactionCommand.Append("&Description=" + HttpContext.Current.Server.UrlEncode(AppLogic.AppConfig("StoreName") + " Order " + OrderNumber.ToString()));
transactionCommand.Append("&CardHolder=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.CardName));
transactionCommand.Append("&CardNumber=" + UseBillingAddress.CardNumber);
if (UseBillingAddress.CardStartDate != null && UseBillingAddress.CardStartDate.Length != 0 && UseBillingAddress.CardStartDate != "00")
{
//GFS - This was previously the way we were sending the start date over to SagePayUK, but due to format restrictions, we're now using the MMYY format.
//transactionCommand.Append("&StartDate=" + UseBillingAddress.CardStartDate);
transactionCommand.Append("&StartDate=" + UseBillingAddress.CardStartDate.Substring(0, 2) + UseBillingAddress.CardStartDate.Substring(4, 2));
}
transactionCommand.Append("&ExpiryDate=" + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + UseBillingAddress.CardExpirationYear.ToString().Substring(2, 2));
if (UseBillingAddress.CardIssueNumber.Length != 0)
{
transactionCommand.Append("&IssueNumber=" + UseBillingAddress.CardIssueNumber);
}
transactionCommand.Append("&CardType=" + FixCardType(UseBillingAddress.CardType));
if (CardExtraCode.Trim().Length != 0)
{
transactionCommand.Append("&CV2=" + CardExtraCode);
transactionCommand.Append("&ApplyAVSCV2=0"); // If AVS/CV2 enabled then check them. If rules apply, use rules.
}
transactionCommand.Append("&BillingSurname=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.LastName));
transactionCommand.Append("&BillingFirstnames=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.FirstName));
transactionCommand.Append("&BillingAddress1=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Address1));
if (UseBillingAddress.Address2.Length != 0)
{
transactionCommand.Append("&BillingAddress2=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Address2));
}
transactionCommand.Append("&BillingCity=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.City));
transactionCommand.Append("&BillingPostCode=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Zip));
countrycode = AppLogic.GetCountryTwoLetterISOCode(UseBillingAddress.Country);
transactionCommand.Append("&BillingCountry=" + HttpContext.Current.Server.UrlEncode(countrycode));
if (countrycode.Contains("US"))
{
transactionCommand.Append("&BillingState=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.State));
}
if (UseBillingAddress.Phone.Length != 0)
{
transactionCommand.Append("&BillingPhone=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Phone));
}
if (UseShippingAddress != null)
{
transactionCommand.Append("&DeliverySurname=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.LastName));
transactionCommand.Append("&DeliveryFirstnames=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.FirstName));
transactionCommand.Append("&DeliveryAddress1=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Address1));
if (UseShippingAddress.Address2.Length != 0)
{
transactionCommand.Append("&DeliveryAddress2=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Address2));
}
transactionCommand.Append("&DeliveryCity=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.City));
transactionCommand.Append("&DeliveryPostCode=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Zip));
countrycode = AppLogic.GetCountryTwoLetterISOCode(UseShippingAddress.Country);
transactionCommand.Append("&DeliveryCountry=" + HttpContext.Current.Server.UrlEncode(countrycode));
if (countrycode.Contains("US"))
{
transactionCommand.Append("&DeliveryState=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.State));
}
if (UseShippingAddress.Phone.Length != 0)
{
transactionCommand.Append("&DeliveryPhone=" + HttpContext.Current.Server.UrlEncode(UseShippingAddress.Phone));
}
}
transactionCommand.Append("&ContactNumber=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Phone));
transactionCommand.Append("&CustomerName=" + HttpContext.Current.Server.UrlEncode((UseBillingAddress.FirstName + " " + UseBillingAddress.LastName).Trim()));
transactionCommand.Append("&CustomerEMail=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.EMail));
transactionCommand.Append("&ClientIPAddress=" + CommonLogic.CustomerIpAddress());
String AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("SagePayUKURL.Live.Purchase"), AppLogic.AppConfig("SagePayUKURL.Test.Purchase"));
if (AppLogic.AppConfigBool("SagePayUK.UseSimulator"))
{
AuthServer = AppLogic.AppConfig("SagePayUKURL.Simulator.Purchase");
}
if (Try3DSecure)
{
if (signedPARes == String.Empty)
{
transactionCommand.Append("&Apply3DSecure=1"); // 1 = Force 3D-Secure checks for this transaction only (if your account is 3D-enabled) and apply rules for authorisation.
}
else
{ // we are already enrolled and coming back with a 3D Secure transaction for round two
AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("SagePayUKURL.Live.Callback"), AppLogic.AppConfig("SagePayUKURL.Test.Callback"));
if (AppLogic.AppConfigBool("SagePayUK.UseSimulator"))
{
AuthServer = AppLogic.AppConfig("SagePayUKURL.Simulator.Callback");
}
transactionCommand = new StringBuilder(4096); // start fresh
transactionCommand.Append("MD=" + cSession["3DSecure.MD"]);
transactionCommand.Append("&PARes=" + HttpContext.Current.Server.UrlEncode(signedPARes));
}
}
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
try
{
String rawResponseString = String.Empty;
int MaxTries = AppLogic.AppConfigUSInt("GatewayRetries") + 1;
int CurrentTry = 0;
bool CallSuccessful = false;
do
{
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
CurrentTry++;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
sr.Close();
}
myResponse.Close();
CallSuccessful = true;
}
catch
{
CallSuccessful = false;
}
}while (!CallSuccessful && CurrentTry < MaxTries);
result = "ERROR: Error Calling Sage Pay Payment Gateway"; // This should get overwritten below.
TransactionCommandOut = transactionCommand.ToString();
String StatusDetail = String.Empty;
String ThreeDSecureStatus = String.Empty;
String RespCAVV = String.Empty;
TransactionResponse = rawResponseString;
String[] statusArray = rawResponseString.Split(new String[1] {
"\r\n"
}, StringSplitOptions.RemoveEmptyEntries); // They use CRLF to seperate name-value pairs
for (int i = statusArray.GetLowerBound(0); i <= statusArray.GetUpperBound(0); i++)
{
String[] lasKeyPair = statusArray[i].Split(new char[] { '=' }, 2, StringSplitOptions.None);
switch (lasKeyPair[0].ToLowerInvariant())
{
case "status":
/*
* “OK??The transaction was authorised by the bank and funds have been taken from the customer.
* “MALFORMED??Input message was missing fields or badly formatted ?normally will only occur during development and vendor integration.
* “INVALID??Transaction was not registered because although the POST format was valid, some information supplied was invalid. E.g. incorrect vendor name or currency.
* “ERROR??A code-related error occurred which prevented the process from executing successfully.
* “NOTAUTHED??The transaction was not authorised by the acquiring bank. No funds could be taken from the card.
* ”REJECTED??The VSP System rejected the transaction because of the rules you have set on your account. ** NEW **
* ?DAUTH??Only returned if 3D-Authentication is available on your account AND the card and card issuer are part of the scheme. A Status of 3DAUTH only returns the StatusDetail, MD, PAReq, 3DSecureStatus and ACSURL fields. The other fields are returned with other Status codes only.
*/
if (lasKeyPair[1] == "OK")
{
result = AppLogic.ro_OK;
}
else if (lasKeyPair[1] == "3DAUTH" && !Try3DSecure)
{ //Override 3DS window if card is not applicable.
result = AppLogic.ro_OK;
}
else if (lasKeyPair[1] == "3DAUTH")
{
result = AppLogic.ro_3DSecure; // This is what triggers the 3D Secure IFRAME to be used.
}
else
{
result = lasKeyPair[1];
}
break;
case "statusdetail":
/*
* Human-readable text providing extra detail for the Status message.
* Always check StatusDetail if the Status is not OK
*/
StatusDetail = lasKeyPair[1];
break;
case "vpstxid":
/*
* SagePayUK ID to uniquely identify the Transaction on our system.
* Not present when Status is 3DAUTH.
*/
AuthorizationTransID = vendorTxCode + "|" + lasKeyPair[1];
break;
case "securitykey":
/*
* Security key which VSP uses to generate an MD5 Hash to sign the transaction.
* Not present when Status is 3DAUTH.
*/
AuthorizationTransID += "|" + lasKeyPair[1];
break;
case "txauthno":
/*
* The SagePayUK authorisation code (also called VPSAuthCode) for this transaction.
* Only present if Status is OK.
*/
AuthorizationCode = lasKeyPair[1];
break;
case "avscv2":
/*
* Response from AVS and CV2 checks. Will be one of the following: “ALL MATCH? “SECURITY CODE MATCH ONLY? “ADDRESS MATCH ONLY? “NO DATA MATCHES?or “DATA NOT CHECKED?
* Not present when Status is 3DAUTH.
*/
AVSResult = lasKeyPair[1];
break;
case "3dsecurestatus":
ThreeDSecureStatus = lasKeyPair[1];
break;
case "cavv":
/*
* The encoded result code from the 3D-Secure checks. Holds the Visa CAVV or the MasterCard UCAF depending on the card type used in the transaction.
* Only present if the 3DSecureStatus field is OK AND the Status field is OK
*/
RespCAVV = lasKeyPair[1];
break;
case "md":
/*
* A unique reference for the 3D-Authentication attempt.
* Only present if the Status field is 3DAUTH.
*/
cSession["3DSecure.MD"] = lasKeyPair[1];
break;
case "acsurl":
/*
* A fully qualified URL that points to the 3D-Authentication system at the Cardholder’s Issuing Bank.
* Only present if the Status field is 3DAUTH.
*/
cSession["3DSecure.ACSUrl"] = lasKeyPair[1];
break;
case "pareq":
/*
* A Base64 encoded, encrypted message to be passed to the Issuing Bank as part of the 3D-Authentication.
* Only present if the Status field is 3DAUTH.
*/
cSession["3DSecure.PAReq"] = lasKeyPair[1];
break;
}
}
if (RespCAVV != String.Empty)
{ // 3D Secure successful
result = AppLogic.ro_OK;
AuthorizationResult = "CAVV: " + RespCAVV;
// encode it to store in the session, it will be decoded before being saved to the database
byte[] str = System.Text.Encoding.UTF8.GetBytes(ThreeDSecureStatus + ": " + StatusDetail); //Must Fully qualify this for VB
cSession["3DSecure.LookupResult"] = Convert.ToBase64String(str);
}
else if (signedPARes != String.Empty)
{ // 3D Secure not successful since we didn't get a CAVV above.
// Depending on the SagePayUK processing rules, we might never get here.
if (result == AppLogic.ro_3DSecure || result == "OK")
{
/* Possible values for ThreeDSecureStatus:
* “NOTCHECKED?- No 3D Authentication was attempted for this transaction. Always returned if 3D-Secure is not active on your account.
* “OK??The 3D-Authentication step completed successfully. If the Status field is 3DAUTH, this means the card is part of the scheme. If the Status field is OK too, then this indicates that the authorized transaction was also 3D-authenticated and a CAVV will be returned. Liability shift occurs.
* “NOAUTH??Returned with a Status of 3DAUTH. This means the card is not in the 3D-Secure scheme.
* “CANTAUTH?- Returned with a Status of 3DAUTH. This normally means the card Issuer is not part of the scheme.
* “NOTAUTHED??The cardholder failed to authenticate themselves with their Issuing Bank.
* ”ATTEMPTONLY??The cardholder attempted to authenticate themselves but the process did not complete. A CAVV is returned anyway and liability shift occurs for Visa cards only. Check VSP Admin.
* ”MALFORMED?”INVALID?”ERROR??These statuses indicate a problem with creating or receiving the 3D-Secure data. These should not occur on the live environment.
*/
switch (ThreeDSecureStatus.ToUpperInvariant())
{
case "NOTCHECKED":
case "OK":
case "NOAUTH":
case "CANTAUTH":
case "ATTEMPTONLY":
case "NOTAUTHED":
result = AppLogic.ro_OK;
break;
default:
result = ThreeDSecureStatus + ": " + StatusDetail;
break;
}
}
// encode it to store in the session, it will be decoded before being saved to the database
byte[] str = System.Text.Encoding.UTF8.GetBytes(ThreeDSecureStatus + ": " + StatusDetail); //Have to fully qualify this for VB
cSession["3DSecure.LookupResult"] = Convert.ToBase64String(str);
}
if (result == AppLogic.ro_3DSecure)
{
cSession["3DSecure.CustomerID"] = CustomerID.ToString();
cSession["3DSecure.OrderNumber"] = OrderNumber.ToString();
cSession["3DSecure.XID"] = vendorTxCode;
return(result); // Abort processing here and customer will be presented with 3D Secure IFRAME
}
if (result != AppLogic.ro_OK)
{
switch (result.ToUpperInvariant())
{
case "ERROR":
result = "The transaction encountered an error. Please try again";
break;
case "INVALID":
result = "The card was not accepted. Please try again";
break;
case "NOTAUTHED":
result = "Your card was not authorized for that amount. Please try again";
break;
case "REJECTED":
result = "Your card was not not accepted. Please try again";
break;
default:
result += ": " + StatusDetail;
break;
}
}
else
{
if (AuthorizationResult != String.Empty)
{
AuthorizationResult += System.Environment.NewLine;
}
AuthorizationResult += StatusDetail;
}
}
catch (Exception ex)
{
result = "Error calling Sage Pay gateway. Msg=" + ex.Message;
}
return(result);
}
public override String VoidOrder(int OrderNumber)
{
String result = "error";
string crypt = AppLogic.AppConfig("eSelectPlus.crypt");
string txn_number = string.Empty;
string authCode = string.Empty;
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
DB.ExecuteSQL("update orders set VoidTXCommand=NULL, VoidTXResult=NULL where OrderNumber=" + OrderNumber.ToString());
using (var connn = DB.dbConn())
{
connn.Open();
using (var rsv = DB.GetRS("select AuthorizationPNREF, AuthorizationCode from Orders where OrderNumber=" + OrderNumber.ToString(), connn))
{
if (rsv.Read())
{
txn_number = DB.RSField(rsv, "AuthorizationPNREF");
authCode = DB.RSField(rsv, "AuthorizationCode");
}
}
}
if (authCode.Contains(cryptLabel))
{
crypt = authCode.Substring(authCode.IndexOf(cryptLabel) + cryptLabel.Length, 1);
}
esp.purchasecorrection reqCorrection = new esp.purchasecorrection();
reqCorrection.order_id = OrderNumber.ToString();
reqCorrection.txn_number = txn_number;
reqCorrection.crypt_type = crypt;
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=VOID");
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_trans_id=" + txn_number);
try
{
string sResponse = sendRequest(useLiveTransactions, reqCorrection);
esp.response resp = null;
if (sResponse != null)
{
resp = DeserializeResponse(sResponse);
}
if (resp != null)
{
esp.receipt respReceipt = (esp.receipt)resp.receipt[0];
StringBuilder tps = new StringBuilder("");
tps.Append("update orders set ");
tps.Append("VoidTXResult=" + DB.SQuote(respReceipt.Complete) + ",");
tps.Append("VoidTXCommand=" + DB.SQuote(transactionCommand.ToString()));
tps.Append(" where ordernumber=" + OrderNumber.ToString());
DB.ExecuteSQL(tps.ToString());
if (respReceipt.Complete == "true")
{
result = AppLogic.ro_OK;
}
else
{
result = respReceipt.Message;
}
}
}
catch
{
result = "failed";
}
return(result);
}
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, AspDotNetStorefrontCore.Address UseBillingAddress, String CardExtraCode, AspDotNetStorefrontCore.Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
AVSResult = "N/A";
AuthorizationResult = "N/A";
AuthorizationCode = "N/A";
AuthorizationTransID = "N/A";
TransactionCommandOut = "N/A";
TransactionResponse = String.Empty;
String signedPARes = String.Empty;
String result = AppLogic.ro_OK;
CustomerSession cSession = new CustomerSession(CustomerID);
if (cSession["3Dsecure.PaRes"].Length != 0)
{
signedPARes = cSession["3Dsecure.PaRes"];
// After grabbing it, clear out the session PaRes so it won't be re-used ever again.
cSession["3Dsecure.PaRes"] = String.Empty;
}
Configuration conf = new Configuration();
conf.KeysDirectory = AppLogic.AppConfig("CYBERSOURCE.keysDirectory");
conf.KeyFilename = AppLogic.AppConfig("CYBERSOURCE.keyFilename");
conf.MerchantID = AppLogic.AppConfig("CYBERSOURCE.merchantID");
conf.ServerURL = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("CYBERSOURCE.LiveURL"), AppLogic.AppConfig("CYBERSOURCE.TestURL"));
if (AppLogic.AppConfigBool("CYBERSOURCE.UsePIT"))
{
conf.ServerURL = AppLogic.AppConfig("CYBERSOURCE.PITURL");
}
RequestMessage request = new RequestMessage();
request.clientApplication = "AspDotNetStorefront";
request.clientApplicationVersion = AppLogic.AppConfig("StoreVersion");
request.clientApplicationUser = CustomerID.ToString();
request.merchantReferenceCode = "Order # " + OrderNumber.ToString() + " " + Localization.ToNativeDateTimeString(System.DateTime.Now);
int CardTypeID = DB.GetSqlN("select CardTypeID N from CreditCardType where CardType = " + DB.SQuote(UseBillingAddress.CardType));
bool Try3DSecure = CommonLogic.IntegerIsInIntegerList(CardTypeID, AppLogic.AppConfig("3DSECURE.CreditCardTypeIDs"));
if (Try3DSecure)
{
if (signedPARes == String.Empty)
{
request.payerAuthEnrollService = new PayerAuthEnrollService();
request.payerAuthEnrollService.run = "true";
if (AppLogic.AppConfig("CYBERSOURCE.paCountryCode") != "")
{
request.payerAuthEnrollService.countryCode = AppLogic.AppConfig("CYBERSOURCE.paCountryCode");
}
if (AppLogic.AppConfig("CYBERSOURCE.paMerchantName") != "")
{
request.payerAuthEnrollService.merchantName = AppLogic.AppConfig("CYBERSOURCE.paMerchantName");
}
if (AppLogic.AppConfig("CYBERSOURCE.paMerchantURL") != "")
{
request.payerAuthEnrollService.merchantURL = AppLogic.AppConfig("CYBERSOURCE.paMerchantURL");
}
request.payerAuthEnrollService.httpAccept = CommonLogic.ServerVariables("HTTP_ACCEPT");
request.payerAuthEnrollService.httpUserAgent = CommonLogic.ServerVariables("HTTP_USER_AGENT");
}
else
{
request.payerAuthValidateService = new PayerAuthValidateService();
request.payerAuthValidateService.signedPARes = signedPARes;
request.payerAuthValidateService.run = "true";
}
}
request.ccAuthService = new CCAuthService();
request.ccAuthService.run = "true";
if (CAVV.Trim().Length != 0)
{ // only gets set as a result of 3D Secure processing
if (GetCardTypeFieldValue(UseBillingAddress.CardType) == "002")
{ // for MasterCard
request.ccAuthService.xid = XID;
request.ccAuthService.cavv = CAVV;
}
}
request.merchantID = AppLogic.AppConfig("CYBERSOURCE.merchantID");
if (TransactionMode == TransactionModeEnum.authcapture)
{
request.ccCaptureService = new CCCaptureService();
request.ccCaptureService.run = "true";
}
BillTo billTo = new BillTo();
billTo.firstName = UseBillingAddress.FirstName;
billTo.lastName = UseBillingAddress.LastName;
billTo.company = UseBillingAddress.Company;
billTo.street1 = UseBillingAddress.Address1;
billTo.street2 = UseBillingAddress.Address2;
billTo.city = UseBillingAddress.City;
billTo.state = UseBillingAddress.State;
billTo.postalCode = UseBillingAddress.Zip;
billTo.country = AppLogic.GetCountryTwoLetterISOCode(UseBillingAddress.Country);
billTo.phoneNumber = UseBillingAddress.Phone.PadRight(6, '1');
billTo.email = CommonLogic.IIF(UseBillingAddress.EMail.Length > 2, UseBillingAddress.EMail, "*****@*****.**");
billTo.ipAddress = CommonLogic.CustomerIpAddress();
request.billTo = billTo;
if (UseShippingAddress != null)
{
ShipTo ShipTo = new ShipTo();
ShipTo.firstName = UseShippingAddress.FirstName;
ShipTo.lastName = UseShippingAddress.LastName;
ShipTo.company = UseShippingAddress.Company;
ShipTo.street1 = UseShippingAddress.Address1;
ShipTo.street2 = UseShippingAddress.Address2;
ShipTo.city = UseShippingAddress.City;
ShipTo.state = UseShippingAddress.State;
ShipTo.postalCode = UseShippingAddress.Zip;
ShipTo.country = AppLogic.GetCountryTwoLetterISOCode(UseShippingAddress.Country);
ShipTo.phoneNumber = UseShippingAddress.Phone.PadRight(6, '1');
ShipTo.email = CommonLogic.IIF(UseShippingAddress.EMail.Length > 2, UseShippingAddress.EMail, "*****@*****.**");
request.shipTo = ShipTo;
}
Card card = new Card();
card.accountNumber = UseBillingAddress.CardNumber;
if (CardExtraCode.Trim().Length != 0)
{
card.cvIndicator = "1";
card.cvNumber = CardExtraCode;
}
else
{
card.cvIndicator = "0";
}
if (!String.IsNullOrEmpty(UseBillingAddress.CardStartDate) && UseBillingAddress.CardStartDate != "00")
{
card.startMonth = UseBillingAddress.CardStartDate.Substring(0, 2);
card.startYear = UseBillingAddress.CardStartDate.Substring(4, 2);
}
if (UseBillingAddress.CardIssueNumber.Length != 0)
{
card.issueNumber = UseBillingAddress.CardIssueNumber;
}
card.expirationMonth = UseBillingAddress.CardExpirationMonth;
card.expirationYear = UseBillingAddress.CardExpirationYear;
if (Try3DSecure)
{
card.cardType = GetCardTypeFieldValue(UseBillingAddress.CardType);
if (card.cardType == "000")
{
return(" Error in configuration. Card type " + UseBillingAddress.CardType + " is not recognized by the gateway.");
}
}
request.card = card;
request.item = new Item[1];
Item the_item = new Item();
the_item.id = "0";
the_item.unitPrice = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal);
request.item[0] = the_item;
PurchaseTotals ptotal = new PurchaseTotals();
ptotal.currency = Localization.StoreCurrency(); // Currency REQUIRED
ptotal.grandTotalAmount = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal); // Not needed - can use instead of item price, I think it's better..
request.purchaseTotals = ptotal; // Neccessary
result = "ERROR: ";
try
{
ReplyMessage reply = SoapClient.RunTransaction(conf, request);
if (Try3DSecure && request.payerAuthEnrollService != null)
{
if (request.payerAuthEnrollService.run == "true")
{ // we have some data that needs stored
string LookupResult = String.Empty;
if (reply.payerAuthEnrollReply != null &&
reply.payerAuthEnrollReply.paReq != null &&
reply.payerAuthEnrollReply.paReq.Length > 0)
{ // will be null if card not enrolled
// the paReq comes back encoded, Streamline requires it to be decoded.
string sPAReq = CommonLogic.UnzipBase64DataToString(reply.payerAuthEnrollReply.paReq);
LookupResult += "paReq=" + XmlCommon.PrettyPrintXml(sPAReq) + System.Environment.NewLine;
}
if (reply.payerAuthEnrollReply != null &&
reply.payerAuthEnrollReply.proofXML != null)
{
/****************************************************************
* Store the complete proofXML whenever it is *
* returned. If you ever need to show proof of *
* enrollment checking, you will need to parse the string *
* for the information required by the card association. *
****************************************************************/
LookupResult += "proofXML data =";
LookupResult += System.Environment.NewLine + XmlCommon.PrettyPrintXml(reply.payerAuthEnrollReply.proofXML);
}
if (LookupResult != String.Empty)
{ // encode it to store in the session, it will be decoded before being saved to the database
byte[] str = Encoding.UTF8.GetBytes(LookupResult);
cSession["3DSecure.LookupResult"] = Convert.ToBase64String(str);
}
}
}
if (reply.decision == "REJECT" && reply.reasonCode == "475")
{ // card enrolled, must perform 3D Secure processing (reasonCode == 475)
cSession["3DSecure.CustomerID"] = CustomerID.ToString();
cSession["3DSecure.OrderNumber"] = OrderNumber.ToString();
cSession["3DSecure.MD"] = OrderNumber.ToString();
cSession["3DSecure.ACSUrl"] = reply.payerAuthEnrollReply.acsURL;
cSession["3DSecure.paReq"] = reply.payerAuthEnrollReply.paReq;
cSession["3DSecure.XID"] = reply.payerAuthEnrollReply.xid;
cSession.UpdateCustomerSession(null, null);
result = AppLogic.ro_3DSecure; // This is what triggers the 3D Secure IFRAME to be used.
return(result);
}
if (reply.decision == "ACCEPT" || reply.decision == "REVIEW")
{
result = AppLogic.ro_OK;
if (AppLogic.TransactionModeIsAuthCapture())
{
AVSResult = reply.ccAuthReply.avsCode;
AuthorizationResult = reply.ccCaptureReply.reasonCode;
AuthorizationCode = reply.ccAuthReply.authorizationCode;
AuthorizationTransID = reply.requestID;
}
else
{
AVSResult = reply.ccAuthReply.avsCode;
AuthorizationResult = reply.reasonCode;
AuthorizationCode = reply.ccAuthReply.authorizationCode;
AuthorizationTransID = reply.requestID;
}
if (signedPARes.Length > 0)
{
if (reply.payerAuthValidateReply != null)
{
if (reply.payerAuthValidateReply.ucafAuthenticationData != null)
{ // MasterCard SecureCode
AuthorizationResult += System.Environment.NewLine + "CAVV: " + reply.payerAuthValidateReply.ucafAuthenticationData;
AuthorizationResult += System.Environment.NewLine + "ECI: " + reply.payerAuthValidateReply.ucafCollectionIndicator;
}
else
{ // Visa VBV
AuthorizationResult += System.Environment.NewLine + "CAVV: " + reply.payerAuthValidateReply.cavv;
AuthorizationResult += System.Environment.NewLine + "ECI: " + reply.payerAuthValidateReply.eci;
}
}
AuthorizationResult += System.Environment.NewLine + "signedPARes: ";
// Streamline requires saving the decoded PARes to the database
string sPARes = CommonLogic.UnzipBase64DataToString(signedPARes);
// zap the signature since it is long and we don't need it
String t1 = "<Signature ";
String t2 = "</Signature>";
String sig = t1 + CommonLogic.ExtractToken(sPARes, t1, t2) + t2;
AuthorizationResult += System.Environment.NewLine + XmlCommon.PrettyPrintXml(sPARes.Replace(sig, ""));
}
}
else
{
result = "Your transaction was NOT approved, reason code: " + reply.reasonCode + ". ";
if (reply.reasonCode == "476" && reply.payerAuthValidateReply != null)
{
result += reply.payerAuthValidateReply.authenticationStatusMessage
+ ". Please try another payment method.";
}
else
{
result += GetReasonCodeDescription(reply.reasonCode);
if (reply.missingField != null)
{
foreach (string fieldname in reply.missingField)
{
result += "[" + fieldname + "]";
}
}
if (reply.invalidField != null)
{
foreach (string fieldname in reply.invalidField)
{
result += "[" + fieldname + "]";
}
}
}
}
}
catch (SignException se)
{
result += "Error calling Cybersource gateway. Please retry your order in a few minutes or select another checkout payment option. "
+ String.Format("Failed to sign the request with error code {0} and message {1}.", DB.SQuote(se.ErrorCode.ToString()), DB.SQuote(se.Message));
}
catch (SoapHeaderException she)
{
result += String.Format("A SOAP header exception was returned with fault code {0} and message {1}.", DB.SQuote(she.Code.ToString()), DB.SQuote(she.Message));
}
catch (SoapBodyException sbe)
{
result += String.Format("A SOAP body exception was returned with fault code {0} and message {1}.", DB.SQuote(sbe.Code.ToString()), DB.SQuote(sbe.Message));
}
catch (WebException we)
{
result += String.Format("Failed to get a response with status {0} and mmessage {1}", DB.SQuote(we.Status.ToString()), DB.SQuote(we.Message));
}
catch (Exception ex)
{
// See requirements at the top of this file.
result += "Error calling Cybersource gateway. Please retry your order in a few minutes or select another checkout payment option.";
result += " Error message: Make sure the required components for Cybersource are installed on the server. " + ex.Message;
result += " <> " + ex.ToString();
}
return(result);
}
public override String ProcessCard(int OrderNumber, int CustomerID, Decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, String CardExtraCode, Address UseShippingAddress, String CAVV, String ECI, String XID, out String AVSResult, out String AuthorizationResult, out String AuthorizationCode, out String AuthorizationTransID, out String TransactionCommandOut, out String TransactionResponse)
{
String result = AppLogic.ro_OK;
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
if (AppLogic.AppConfigBool("Ogone.Use3TierMode"))
{
// Customer enters card details on Ogone.com
AuthorizationTransID = XID;
}
else
{
// Customer entered card details on our store front
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
String Amount = Localization.CurrencyStringForGatewayWithoutExchangeRate((OrderTotal)).Replace(".", "");
String Operation = CommonLogic.IIF(TransactionMode == TransactionModeEnum.auth, "RES", "SAL");
String SignatureSeed = OrderNumber.ToString() + Amount
+ Localization.StoreCurrency() + UseBillingAddress.CardNumber
+ AppLogic.AppConfig("Ogone.PSPID") + Operation;
transactionCommand.Append("PSPID=" + AppLogic.AppConfig("Ogone.PSPID"));
transactionCommand.Append("&USERID=" + AppLogic.AppConfig("Ogone.USERID"));
transactionCommand.Append("&PSWD=" + AppLogic.AppConfig("Ogone.PSWD"));
transactionCommand.Append("&operation=" + Operation);
transactionCommand.Append("&ECI=7"); // 7 = E-commerce with SSL encryption
if (AppLogic.AppConfig("Ogone.SHASignature").Length != 0)
{
transactionCommand.Append("&SHASign=" + Ogone.Signature(SignatureSeed));
}
transactionCommand.Append("&orderID=" + OrderNumber.ToString());
transactionCommand.Append("¤cy=" + Localization.StoreCurrency());
transactionCommand.Append("&amount=" + Amount); // OrderTotal * 100 (no decimals/punctuation)
transactionCommand.Append("&CARDNO=" + UseBillingAddress.CardNumber);
if (CardExtraCode.Length != 0)
{
transactionCommand.Append("&CVC=" + CardExtraCode.Trim());
}
else if (UseBillingAddress.CardIssueNumber.Length != 0)
{
transactionCommand.Append("&CVC=" + UseBillingAddress.CardIssueNumber);
}
else if (UseBillingAddress.CardStartDate != null && UseBillingAddress.CardStartDate.Length != 0 && UseBillingAddress.CardStartDate != "00")
{
transactionCommand.Append("&CVC=" + UseBillingAddress.CardStartDate);
}
transactionCommand.Append("&ED=" + UseBillingAddress.CardExpirationMonth.PadLeft(2, '0') + "/" + UseBillingAddress.CardExpirationYear.Substring(2, 2)); // MM/YY
transactionCommand.Append("&ownertelno=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Phone));
transactionCommand.Append("&EMAIL=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.EMail));
transactionCommand.Append("&REMOTE_ADDR=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&CN=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.FirstName + " " + UseBillingAddress.LastName));
transactionCommand.Append("&Owneraddress=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Address1));
transactionCommand.Append("&ownertown=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.City));
transactionCommand.Append("&OwnerZip=" + HttpContext.Current.Server.UrlEncode(UseBillingAddress.Zip));
transactionCommand.Append("&ownercty=" + HttpContext.Current.Server.UrlEncode(AppLogic.GetCountryTwoLetterISOCode(UseBillingAddress.Country)));
transactionCommand.Append("&Withroot=Y"); // Adds a root element to our XML response. Possible values: ‘Y’ or empty.
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
try
{
String AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("Ogone.LiveServerOrder"), AppLogic.AppConfig("Ogone.TestServerOrder"));
String rawResponseString = String.Empty;
int MaxTries = AppLogic.AppConfigUSInt("GatewayRetries") + 1;
int CurrentTry = 0;
bool CallSuccessful = false;
do
{
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
CurrentTry++;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
sr.Close();
}
myResponse.Close();
CallSuccessful = true;
}
catch
{
CallSuccessful = false;
}
} while (!CallSuccessful && CurrentTry < MaxTries);
if (CallSuccessful)
{
// rawResponseString now has gateway response
TransactionResponse = rawResponseString;
XmlDocument Doc = new XmlDocument();
Doc.LoadXml(rawResponseString);
XmlNode Node = Doc.SelectSingleNode("/ogone/ncresponse");
String responseStatus = String.Empty;
String responseNCStatus = String.Empty;
String responseNCError = String.Empty;
String TransID = String.Empty;
String approvalCode = String.Empty;
String AVSCode = String.Empty;
String CVCode = String.Empty;
String ScoreCat = String.Empty;
String authResponse = String.Empty;
if (Node != null)
{
responseStatus = XmlCommon.XmlAttribute(Node, "STATUS");
responseNCStatus = XmlCommon.XmlAttribute(Node, "NCSTATUS");
TransID = XmlCommon.XmlAttribute(Node, "PAYID");
approvalCode = XmlCommon.XmlAttribute(Node, "ACCEPTANCE");
AVSCode = XmlCommon.XmlAttribute(Node, "AAVCHECK");
CVCode = XmlCommon.XmlAttribute(Node, "CVCCHECK");
authResponse = XmlCommon.XmlAttribute(Node, "NCERRORPLUS");
responseNCError = XmlCommon.XmlAttribute(Node, "NCERROR");
ScoreCat = XmlCommon.XmlAttribute(Node, "SCO_CATEGORY");
AuthorizationCode = approvalCode;
AuthorizationResult = rawResponseString;
AuthorizationTransID = TransID;
AVSResult = AVSCode;
if (CVCode.Length > 0)
{
if (AVSResult.Length != 0)
{
AVSResult += ", ";
}
AVSResult += "CV Result: " + CVCode;
}
if (ScoreCat.Length != 0)
{
if (AVSResult.Length != 0)
{
AVSResult += ", ";
}
AVSResult += "Score: " + ScoreCat;
}
TransactionCommandOut = transactionCommand.ToString().Replace("PSWD=" + AppLogic.AppConfig("Ogone.PSWD"), "PSWD=****");
if (responseNCStatus == "0")
{
result = AppLogic.ro_OK;
}
else
{
result = AppLogic.GetString("gw.ogone.ncerror." + responseNCError, UseBillingAddress.SkinID, UseBillingAddress.LocaleSetting);
if (result == "gw.ogone.ncerror." + responseNCError)
{
result = AppLogic.GetString("gw.ogone.cardfailed", UseBillingAddress.SkinID, UseBillingAddress.LocaleSetting);
}
}
}
else
{
result = AppLogic.GetString("gw.ogone.parsefailure", UseBillingAddress.SkinID, UseBillingAddress.LocaleSetting);
}
}
else
{
result = AppLogic.GetString("gw.ogone.commsfailure", UseBillingAddress.SkinID, UseBillingAddress.LocaleSetting);
}
}
catch
{
result = AppLogic.GetString("gw.ogone.exception", UseBillingAddress.SkinID, UseBillingAddress.LocaleSetting);
}
}
return(result);
}
// consult MaxMind documentation on Fraud Score Threshold Semantics. 0.0 = lowest risk. 10.0 = highest risk.
Result <MaxMindResult> GetMaxMindFraudScore(int orderNumber, Customer customer, Address billingAddress, Address shippingAddress, decimal orderAmount, string paymentMethod)
{
var maxMindResult = new MaxMindResult();
try
{
var email = !string.IsNullOrEmpty(billingAddress.EMail)
? billingAddress.EMail.Trim()
: !string.IsNullOrEmpty(customer.EMail)
? customer.EMail.Trim()
: string.Empty;
var billingEMailDomain = string.Empty;
if (email.Contains("@") && !email.EndsWith("@"))
{
billingEMailDomain = email.Substring(email.IndexOf("@") + 1);
}
string transactionType;
switch (paymentMethod.ToUpper())
{
case "CREDITCARD":
transactionType = "creditcard";
break;
case "PAYPALEXPRESS":
transactionType = "paypal";
break;
default:
transactionType = "other";
break;
}
var thisIp = customer.LastIPAddress;
if (string.IsNullOrEmpty(thisIp))
{
thisIp = CommonLogic.CustomerIpAddress();
}
var wsdl = AppLogic.AppConfig("MaxMind.SOAPURL").Trim();
var endpointAddress = new System.ServiceModel.EndpointAddress(new Uri(wsdl));
var binding = new System.ServiceModel.BasicHttpBinding();
binding.Name = "minfraudWebServiceSoap";
var cardNumber = string.Empty;
if (billingAddress.CardNumber.Length > 6)
{
cardNumber = billingAddress.CardNumber.Substring(0, 6);
}
var request = new MaxMind.minfraud_soap14RequestBody
{
accept_language = customer.LocaleSetting,
bin = cardNumber,
city = billingAddress.City,
country = billingAddress.Country,
custPhone = billingAddress.Phone,
domain = billingEMailDomain,
emailMD5 = Security.GetMD5Hash(email),
forwardedIP = CommonLogic.ServerVariables("HTTP_X_FORWARDED_FOR"),
i = thisIp,
license_key = AppLogic.AppConfig("MaxMind.LicenseKey"),
requested_type = AppLogic.AppConfig("MaxMind.ServiceType"),
order_amount = orderAmount.ToString(),
order_currency = customer.CurrencySetting,
postal = billingAddress.Zip,
region = billingAddress.State,
sessionID = SessionId, // MaxMind requires this value to identify our cart, do not change
shipAddr = shippingAddress.Address1,
shipCity = shippingAddress.City,
shipCountry = shippingAddress.Country,
shipPostal = shippingAddress.Zip,
shipRegion = shippingAddress.State,
txn_type = transactionType,
txnID = orderNumber.ToString(),
usernameMD5 = Security.GetMD5Hash(billingAddress.CardName.Trim().ToLowerInvariant())
};
MaxMind.minfraudWebServiceSoap mmind = new MaxMind.minfraudWebServiceSoapClient(binding, endpointAddress);
MaxMind.MINFRAUD rsp = mmind.minfraud_soap14(new MaxMind.minfraud_soap14Request(request)).Body.minfraud_output;
maxMindResult.FraudScore = Localization.ParseUSDecimal(rsp.riskScore);
maxMindResult.FraudDetails = SerializeMaxMindResponse(rsp);
}
catch (Exception ex)
{
maxMindResult.FraudDetails = ex.Message;
}
return(Result.Ok(maxMindResult)); // don't let maxmind exception stop the order
}
// ProcessCard() is used for Credit Card processing via Website Payments Pro,
// just like other credit card gateways.
// ProcessPaypal() is used for Express Checkout and PayPal payments.
public override string ProcessCard(int OrderNumber, int CustomerID, decimal OrderTotal, bool useLiveTransactions, TransactionModeEnum TransactionMode, Address UseBillingAddress, string CardExtraCode, Address UseShippingAddress, string CAVV, string ECI, string XID, out string AVSResult, out string AuthorizationResult, out string AuthorizationCode, out string AuthorizationTransID, out string TransactionCommandOut, out string TransactionResponse)
{
String result = AppLogic.ro_OK;
AuthorizationCode = String.Empty;
AuthorizationResult = String.Empty;
AuthorizationTransID = String.Empty;
AVSResult = String.Empty;
TransactionCommandOut = String.Empty;
TransactionResponse = String.Empty;
try
{
// the request details object contains all payment details
DoDirectPaymentRequestDetailsType RequestDetails = new DoDirectPaymentRequestDetailsType();
// define the payment action to 'Sale'
// (another option is 'Authorization', which would be followed later with a DoCapture API call)
RequestDetails.PaymentAction = (PaymentActionCodeType)CommonLogic.IIF(AppLogic.TransactionModeIsAuthOnly(), (int)PaymentActionCodeType.Authorization, (int)PaymentActionCodeType.Sale);
// define the total amount and currency for the transaction
PaymentDetailsType PaymentDetails = new PaymentDetailsType();
BasicAmountType totalAmount = new BasicAmountType();
totalAmount.Value = Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal);
totalAmount.currencyID = (CurrencyCodeType)Enum.Parse(typeof(CurrencyCodeType), AppLogic.AppConfig("Localization.StoreCurrency"), true);
PaymentDetails.OrderTotal = totalAmount;
PaymentDetails.InvoiceID = OrderNumber.ToString();
PaymentDetails.ButtonSource = PayPal.BN + "_DP_US";
PaymentDetails.OrderDescription = AppLogic.AppConfig("StoreName");
// define the credit card to be used
CreditCardDetailsType creditCard = new CreditCardDetailsType();
creditCard.CreditCardNumber = UseBillingAddress.CardNumber;
creditCard.ExpMonth = Localization.ParseUSInt(UseBillingAddress.CardExpirationMonth);
creditCard.ExpYear = Localization.ParseUSInt(UseBillingAddress.CardExpirationYear);
creditCard.ExpMonthSpecified = true;
creditCard.ExpYearSpecified = true;
creditCard.CVV2 = CardExtraCode;
if (UseBillingAddress.CardType == "AmericanExpress")
{
creditCard.CreditCardType = (CreditCardTypeType)Enum.Parse(typeof(CreditCardTypeType), "Amex", true);
}
else
{
creditCard.CreditCardType = (CreditCardTypeType)Enum.Parse(typeof(CreditCardTypeType), UseBillingAddress.CardType, true);
}
creditCard.CreditCardTypeSpecified = true;
PayerInfoType cardHolder = new PayerInfoType();
PersonNameType oPersonNameType = new PersonNameType();
oPersonNameType.FirstName = UseBillingAddress.FirstName;
oPersonNameType.LastName = UseBillingAddress.LastName;
oPersonNameType.MiddleName = String.Empty;
oPersonNameType.Salutation = String.Empty;
oPersonNameType.Suffix = String.Empty;
cardHolder.PayerName = oPersonNameType;
AddressType PayerAddress = new AddressType();
PayerAddress.Street1 = UseBillingAddress.Address1;
PayerAddress.CityName = UseBillingAddress.City;
PayerAddress.StateOrProvince = UseBillingAddress.State;
PayerAddress.PostalCode = UseBillingAddress.Zip;
PayerAddress.Country = (CountryCodeType)Enum.Parse(typeof(CountryCodeType), AppLogic.GetCountryTwoLetterISOCode(UseBillingAddress.Country), true);
PayerAddress.CountrySpecified = true;
if (UseShippingAddress != null)
{
AddressType shippingAddress = new AddressType();
shippingAddress.Name = (UseShippingAddress.FirstName + " " + UseShippingAddress.LastName).Trim();
shippingAddress.Street1 = UseShippingAddress.Address1;
shippingAddress.Street2 = UseShippingAddress.Address2 + CommonLogic.IIF(UseShippingAddress.Suite != "", " Ste " + UseShippingAddress.Suite, "");
shippingAddress.CityName = UseShippingAddress.City;
shippingAddress.StateOrProvince = UseShippingAddress.State;
shippingAddress.PostalCode = UseShippingAddress.Zip;
shippingAddress.Country = (CountryCodeType)Enum.Parse(typeof(CountryCodeType), AppLogic.GetCountryTwoLetterISOCode(UseShippingAddress.Country), true);
shippingAddress.CountrySpecified = true;
PaymentDetails.ShipToAddress = shippingAddress;
}
cardHolder.Address = PayerAddress;
creditCard.CardOwner = cardHolder;
RequestDetails.CreditCard = creditCard;
RequestDetails.PaymentDetails = PaymentDetails;
RequestDetails.IPAddress = CommonLogic.CustomerIpAddress(); // cart.ThisCustomer.LastIPAddress;
if (RequestDetails.IPAddress == "::1")
{
RequestDetails.IPAddress = "127.0.0.1";
}
// instantiate the actual request object
PaymentRequest = new DoDirectPaymentRequestType();
PaymentRequest.Version = API_VER;
PaymentRequest.DoDirectPaymentRequestDetails = RequestDetails;
DDPReq = new DoDirectPaymentReq();
DDPReq.DoDirectPaymentRequest = PaymentRequest;
DoDirectPaymentResponseType responseDetails = (DoDirectPaymentResponseType)IPayPal.DoDirectPayment(DDPReq);
//if (LogToErrorTable)
//{
// PayPalController.Log(XmlCommon.SerializeObject(DDPReq, DDPReq.GetType()), "DoDirectPayment Request");
// PayPalController.Log(XmlCommon.SerializeObject(responseDetails, responseDetails.GetType()), "DoDirectPayment Response");
//}
if (responseDetails != null && responseDetails.Ack.ToString().StartsWith("success", StringComparison.InvariantCultureIgnoreCase))
{
AuthorizationTransID = CommonLogic.IIF(TransactionMode.ToString().ToLower() == AppLogic.ro_TXModeAuthOnly.ToLower(), "AUTH=", "CAPTURE=") + responseDetails.TransactionID.ToString();
AuthorizationCode = responseDetails.CorrelationID;
AVSResult = responseDetails.AVSCode;
result = AppLogic.ro_OK;
AuthorizationResult = responseDetails.Ack.ToString() + "|AVSCode=" + responseDetails.AVSCode.ToString() + "|CVV2Code=" + responseDetails.CVV2Code.ToString();
}
else
{
if (responseDetails.Errors != null)
{
String Separator = String.Empty;
for (int ix = 0; ix < responseDetails.Errors.Length; ix++)
{
AuthorizationResult += Separator;
AuthorizationResult += responseDetails.Errors[ix].LongMessage; // record failed TX
TransactionResponse += Separator;
try
{
TransactionResponse += String.Format("|{0},{1},{2}|", responseDetails.Errors[ix].ShortMessage, responseDetails.Errors[ix].ErrorCode, responseDetails.Errors[ix].LongMessage); // record failed TX
}
catch { }
Separator = ", ";
}
}
result = AuthorizationResult;
// just store something here, as there is no other way to get data out of this gateway about the failure for logging in failed transaction table
}
}
catch
{
result = "Transaction Failed";
}
return(result);
}
public override String CaptureOrder(Order o)
{
String result = AppLogic.ro_OK;
o.CaptureTXCommand = "";
o.CaptureTXResult = "";
bool useLiveTransactions = AppLogic.AppConfigBool("UseLiveTransactions");
String TransID = o.AuthorizationPNREF;
Decimal OrderTotal = o.OrderBalance;
ASCIIEncoding encoding = new ASCIIEncoding();
StringBuilder transactionCommand = new StringBuilder(4096);
transactionCommand.Append("x_type=PRIOR_AUTH_CAPTURE");
String X_Login = AppLogic.AppConfig("eProcessingNetwork_X_LOGIN");
if (X_Login.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_Login = reg.Read("eProcessingNetwork_X_LOGIN");
reg = null;
}
String X_TranKey = AppLogic.AppConfig("eProcessingNetwork_X_TRAN_KEY");
if (X_TranKey.Trim().Equals("REGISTRY", StringComparison.InvariantCultureIgnoreCase))
{
WindowsRegistry reg = new WindowsRegistry(AppLogic.AppConfig("EncryptKey.RegistryLocation"));
X_TranKey = reg.Read("eProcessingNetwork_X_TRAN_KEY");
reg = null;
}
transactionCommand.Append("&x_login="******"&x_tran_key=" + X_TranKey);
transactionCommand.Append("&x_version=" + AppLogic.AppConfig("eProcessingNetwork_X_VERSION"));
transactionCommand.Append("&x_test_request=" + CommonLogic.IIF(useLiveTransactions, "FALSE", "TRUE"));
transactionCommand.Append("&x_method=" + AppLogic.AppConfig("eProcessingNetwork_X_METHOD"));
transactionCommand.Append("&x_delim_Data=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_DATA"));
transactionCommand.Append("&x_delim_Char=" + AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR"));
transactionCommand.Append("&x_encap_char=" + AppLogic.AppConfig("eProcessingNetwork_X_ENCAP_CHAR"));
transactionCommand.Append("&x_relay_response=" + AppLogic.AppConfig("eProcessingNetwork_X_RELAY_RESPONSE"));
transactionCommand.Append("&x_customer_ip=" + CommonLogic.CustomerIpAddress());
transactionCommand.Append("&x_trans_id=" + TransID);
if (OrderTotal != System.Decimal.Zero)
{
// amount could have changed by admin user, so capture the current Order Total from the db:
transactionCommand.Append("&x_amount=" + Localization.CurrencyStringForGatewayWithoutExchangeRate(OrderTotal));
}
o.CaptureTXCommand = transactionCommand.ToString().Replace(X_TranKey, "*".PadLeft(X_TranKey.Length));
try
{
byte[] data = encoding.GetBytes(transactionCommand.ToString());
// Prepare web request...
String AuthServer = CommonLogic.IIF(useLiveTransactions, AppLogic.AppConfig("eProcessingNetwork_LIVE_SERVER"), AppLogic.AppConfig("eProcessingNetwork_TEST_SERVER"));
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(AuthServer);
myRequest.Method = "POST";
myRequest.ContentType = "application/x-www-form-urlencoded";
myRequest.ContentLength = data.Length;
Stream newStream = myRequest.GetRequestStream();
// Send the data.
newStream.Write(data, 0, data.Length);
newStream.Close();
// get the response
WebResponse myResponse;
String rawResponseString = String.Empty;
try
{
myResponse = myRequest.GetResponse();
using (StreamReader sr = new StreamReader(myResponse.GetResponseStream()))
{
rawResponseString = sr.ReadToEnd();
// Close and clean up the StreamReader
sr.Close();
}
myResponse.Close();
}
catch
{
rawResponseString = "0|||Error Calling eProcessingNetwork Payment Gateway||||||||";
}
// rawResponseString now has gateway response
String[] statusArray = rawResponseString.Split(AppLogic.AppConfig("eProcessingNetwork_X_DELIM_CHAR").ToCharArray());
// this seems to be a new item where auth.net is returing quotes around each parameter, so strip them out:
for (int i = statusArray.GetLowerBound(0); i <= statusArray.GetUpperBound(0); i++)
{
statusArray[i] = statusArray[i].Trim('\"');
}
String sql = String.Empty;
String replyCode = statusArray[0];
o.CaptureTXResult = rawResponseString;
if (replyCode == "1")
{
result = AppLogic.ro_OK;
}
else
{
result = statusArray[3];
}
}
catch
{
result = "NO RESPONSE FROM GATEWAY!";
}
return(result);
}
