public ActionResult Create()
{
var orderId = new Guid(Request.Form["order_id"]);
//pull from the store
var order = MvcApplication.FindOrder(orderId);
var gate = OpenGateway();
//build the request from the Form post
var apiRequest = CheckoutFormReaders.BuildAuthAndCaptureFromPost();
//send to Auth.NET
var response = gate.Send(apiRequest);
//be sure the amount paid is the amount required
if (response.Amount < order.Price)
{
order.OrderMessage = "The amount paid for is less than the amount of the order. Something's fishy...";
MvcApplication.SaveOrder(order);
return(Redirect(Url.Action("error", "orders", new { id = orderId.ToString() })));
}
if (response.Approved)
{
order.AuthCode = response.AuthorizationCode;
order.TransactionID = response.TransactionID;
order.OrderMessage = string.Format("Thank you! Order approved: {0}", response.AuthorizationCode);
MvcApplication.SaveOrder(order);
//record the order, send to the receipt page
return(Redirect(Url.Action("details", "orders", new { id = orderId.ToString() })));
}
else
{
//error... oops. Reload the page
order.OrderMessage = response.Message;
MvcApplication.SaveOrder(order);
return(Redirect(Url.Action("error", "orders", new { id = orderId.ToString() })));
}
}
