public ActionResult Details(string id) { var orderId = new Guid(id); ViewData["order"] = MvcApplication.FindOrder(orderId); return(View()); }
public ActionResult Destroy(string id) { var orderId = new Guid(id); var order = MvcApplication.FindOrder(orderId); if (order == null) { return(Redirect("/")); } //this is a return, or a Void //just need the transaction ID var gate = OpenGateway(); //void it var request = new VoidRequest(order.TransactionID); var response = gate.Send(request); if (response.Approved) { order.AuthCode = response.AuthorizationCode; order.OrderMessage = "Your order was refunded - we've put a fresh pot on"; //reset it Session["order"] = order; } else { //error... oops. Reload the page order.OrderMessage = response.Message; } //record the order, send to the receipt page return(View()); }
public ActionResult SimResponse(FormCollection post) { var response = new SIMResponse(post); //first order of business - validate that it was Auth.net that posted this using the //MD5 Hash passed to use from Auth.net var isValid = response.Validate(ConfigurationManager.AppSettings["MerchantHash"], ConfigurationManager.AppSettings["ApiLogin"]); //if it's not valid - just send them to the home page. Don't throw - that's how //hackers figure out what's wrong :) if (!isValid) { return(Redirect("/")); } //pull the order ID from the order var orderId = new Guid(Request.Form["order_id"]); //pull the order var order = MvcApplication.FindOrder(orderId); //the URL to redirect to var redirectAction = Url.Action("details", "orders", new { id = orderId.ToString() }); var returnUrl = Url.SiteRoot() + redirectAction; if (response.Approved) { order.AuthCode = response.ToString(); order.TransactionID = response.TransactionID; order.OrderMessage = string.Format("Thank you! Order approved: {0}", response.AuthorizationCode); } else { //pin the message to the order so we can show it to the user order.OrderMessage = response.Message; redirectAction = Url.Action("error", "orders", new { id = orderId.ToString() }); returnUrl = Url.SiteRoot() + redirectAction; } //save the order somewhere MvcApplication.SaveOrder(order); //Direct Post method return(Content(CheckoutFormBuilders.Redirecter(returnUrl))); //or just return the page back to the AuthNet server if you don't want to bounce the return //MAKE SURE it has absolute URLs //return Redirect(redirectAction); }
public ActionResult Create() { var orderId = new Guid(Request.Form["order_id"]); //pull from the store var order = MvcApplication.FindOrder(orderId); var gate = OpenGateway(); //build the request from the Form post var apiRequest = CheckoutFormReaders.BuildAuthAndCaptureFromPost(); //send to Auth.NET var response = gate.Send(apiRequest); //be sure the amount paid is the amount required if (response.Amount < order.Price) { order.OrderMessage = "The amount paid for is less than the amount of the order. Something's fishy..."; MvcApplication.SaveOrder(order); return(Redirect(Url.Action("error", "orders", new { id = orderId.ToString() }))); } if (response.Approved) { order.AuthCode = response.AuthorizationCode; order.TransactionID = response.TransactionID; order.OrderMessage = string.Format("Thank you! Order approved: {0}", response.AuthorizationCode); MvcApplication.SaveOrder(order); //record the order, send to the receipt page return(Redirect(Url.Action("details", "orders", new { id = orderId.ToString() }))); } else { //error... oops. Reload the page order.OrderMessage = response.Message; MvcApplication.SaveOrder(order); return(Redirect(Url.Action("error", "orders", new { id = orderId.ToString() }))); } }