topic Re: Changing the amount in SIM Integration in Integration and Testing

Changing the amount in SIM Integration

bprado — Wed, 06 Jan 2010 18:30:36 GMT

Hi, im new here, and im trying to make SIM Integration with Authorize.net, first excuse my bad english!!!

everything is OK in my test using the sample code (php version), but when i try to change the defaul amount via Web, then i get a error, i read the forum about putting trim in the variable but still i getting the error.

Here i put diferent trim:

if ($_REQUEST["amount"])
{ $amount = trim($_REQUEST["amount"]); }

if( phpversion() >= '5.1.2' )
{ $fingerprint = hash_hmac("md5", $loginID . "^" . $sequence . "^" . $timeStamp . "^" . trim($amount) . "^", $transactionKey); }
else
{ $fingerprint = bin2hex(mhash(MHASH_MD5, $loginID . "^" . $sequence . "^" . $timeStamp . "^" . trim($amount) . "^", $transactionKey)); }

and i always get this msg: (99) This transaction cannot be accepted.

To enter a different amount via web i change the input field from hidden to text, like this:

echo " <INPUT type='text' name='x_amount' value='$amount' />";

Re: Changing the amount in SIM Integration

stymiee — Wed, 06 Jan 2010 19:28:51 GMT

Welcome to the community. :)

Do me a favor and post your code before you made any changes to it. It will be easier to troubleshoot it for you that way.

Re: Changing the amount in SIM Integration

bprado — Wed, 06 Jan 2010 19:57:44 GMT

thk for the answer, im using the sample code of this web site, http://developer.authorize.net/resources/files/samplecode/php_sim.zip

i only change what i put on the first post, and the only changes were adding a trim and also change "hidden" for "text" in the input field of the amount.

here is the original code:

if ($_REQUEST["amount"])
{ $amount = $_REQUEST["amount"]; }
if ($_REQUEST["description"])

if( phpversion() >= '5.1.2' )
{ $fingerprint = hash_hmac("md5", $loginID . "^" . $sequence . "^" . $timeStamp . "^" . $amount . "^", $transactionKey); }
else
{ $fingerprint = bin2hex(mhash(MHASH_MD5, $loginID . "^" . $sequence . "^" . $timeStamp . "^" . $amount . "^", $transactionKey)); }

echo " <INPUT type='hidden' name='x_amount' value='$amount' />";

if you need all the source code just reply this so i will do a copy and paste

Re: Changing the amount in SIM Integration

stymiee — Wed, 06 Jan 2010 19:58:02 GMT

The whole source code you are working with would be ideal. Thanks.

Re: Changing the amount in SIM Integration

bprado — Wed, 06 Jan 2010 20:03:09 GMT

The red color are the code that i change, and this code work if i dont change the amount field, when i enter another value in the amount field i get that error.

I add trim because i read in the forums here, that is a posible solution, but in my code dont work!

<HTML lang='en'>
<HEAD>
   <TITLE> Sample SIM Implementation </TITLE>
</HEAD>
<BODY>

$loginID       = "xxxxxxxxxxxxxxxxx";
$transactionKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
$amount        = "19.99";
$description    = "Sample Transaction";
$label            = "Submit Payment"; // The is the label on the 'submit' button
$testMode       = "false";
$url           = "https://test.authorize.net/gateway/transact.dll";

// If an amount or description were posted to this page, the defaults are overidden
if ($_REQUEST["amount"])
   { $amount = Trim($_REQUEST["amount"]); }
if ($_REQUEST["description"])
   { $description = $_REQUEST["description"]; }

// an invoice is generated using the date and time
$invoice   = date(YmdHis);
// a sequence number is randomly generated
$sequence   = rand(1, 1000);
// a timestamp is generated
$timeStamp   = time ();

// The following lines generate the SIM fingerprint. PHP versions 5.1.2 and
// newer have the necessary hmac function built in. For older versions, it
// will try to use the mhash library.
if( phpversion() >= '5.1.2' )
{   $fingerprint = hash_hmac("md5", $loginID . "^" . $sequence . "^" . $timeStamp . "^" . Trim($amount) . "^", $transactionKey); }
else
{ $fingerprint = bin2hex(mhash(MHASH_MD5, $loginID . "^" . $sequence . "^" . $timeStamp . "^" . Trim($amount) . "^", $transactionKey)); }

// Print the Amount and Description to the screen.
echo "Amount: $amount <br />";
echo "Description: $description <br />";

echo "<FORM method='post' action='$url' >";
echo "   <INPUT type='hidden' name='x_login' value='$loginID' />";
echo "   <INPUT type='text' name='x_amount' value='$amount' />";
echo "   <INPUT type='hidden' name='x_description' value='$description' />";
echo "   <INPUT type='hidden' name='x_invoice_num' value='$invoice' />";
echo "   <INPUT type='hidden' name='x_fp_sequence' value='$sequence' />";
echo "   <INPUT type='hidden' name='x_fp_timestamp' value='$timeStamp' />";
echo "   <INPUT type='hidden' name='x_fp_hash' value='$fingerprint' />";
echo "   <INPUT type='hidden' name='x_test_request' value='$testMode' />";
echo "   <INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />";
echo "   <input type='submit' value='$label' />";
echo "</FORM>";
?>

</BODY>
</HTML>

Re: Changing the amount in SIM Integration

itdevworks — Thu, 07 Jan 2010 01:25:34 GMT

I believe your problem is that you changed the amount field to be a text field and are changing it. The code which generates the hash value incorporates the amount into the hash. This all happens before the page is ever rendered to the client browser, so if you change the x_amount field to something different than what was computed into the hash value, I suspect you would get an error.

This is a common scenario and therefore a common problem. This most typically happens on "donation" type forms where the user of the website wants to be able to enter an amount. The typical way I have seen to work around this is to submit the form back to the same .php file, detect that it was a submit (via a hidden field set in javascript or something), recalculate the hash, regenerate the required form fields with the desired values, and then inject some javascript at the bottom of the page which automatically submits the form to Authorize.net as soon as the page is loaded.

if you need it, I can provide an example of this.

Re: Changing the amount in SIM Integration

stymiee — Thu, 07 Jan 2010 02:33:57 GMT

Basically what Dave is saying is you are sending the form submission to Authorize.Net with a conflicting hash and total amount. Because the form submission goes straight to Authorize.Net it never reaches any of the PHP code at the top of that file and thus a proper hash is never calculated.

Here's what Dave is trying to explain to get you started (without the JavaScript). It requires two steps. First the user submits the amount they wish to pay and then they submit a second form (just a button that contains all of the proper hidden form values) that takes them to Authorize.Net's payment page to complete the transaction.

<HTML lang='en'>
<HEAD>
    <TITLE> Sample SIM Implementation </TITLE>
</HEAD>
<BODY>
<?php
if (isset($_POST) && is_array($_POST) && count($_POST))
{
    $loginID        = "xxxxxxxxxxxxxxxxx";
    $transactionKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
    $description    = "Sample Transaction";
    $testMode       = "false";
    $amount         = (float) trim($_REQUEST["x_amount"]);
    $invoice        = date(YmdHis);
    $sequence       = rand(1, 1000);
    $timeStamp      = time();

    // The following lines generate the SIM fingerprint. PHP versions 5.1.2 and
    // newer have the necessary hmac function built in. For older versions, it
    // will try to use the mhash library.
    if( phpversion() >= '5.1.2' )
    {
        $fingerprint = hash_hmac("md5", $loginID . "^" . $sequence . "^" . $timeStamp . "^" . $amount . "^", $transactionKey);
    }
    else
    {
        $fingerprint = bin2hex(mhash(MHASH_MD5, $loginID . "^" . $sequence . "^" . $timeStamp . "^" . $amount . "^", $transactionKey));
    }
?>
    <FORM method='post' action='https://test.authorize.net/gateway/transact.dll' >
        <INPUT type='hidden' name='x_login' value='<?php echo $loginID; ?>' />
        <INPUT type='hidden' name='x_amount' value='<?php echo $amount; ?>' />
        <INPUT type='hidden' name='x_description' value='<?php echo $description; ?>' />
        <INPUT type='hidden' name='x_invoice_num' value='<?php echo $invoice; ?>' />
        <INPUT type='hidden' name='x_fp_sequence' value='<?php echo $sequence; ?>' />
        <INPUT type='hidden' name='x_fp_timestamp' value='<?php echo $timeStamp; ?>' />
        <INPUT type='hidden' name='x_fp_hash' value='<?php echo $fingerprint; ?>' />
        <INPUT type='hidden' name='x_test_request' value='<?php echo $testMode; ?>' />
        <INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />
        <input type='submit' value='Submit Payment' />
    </FORM>
<?php
}
else
{
?>
    <FORM method='post' action='<?php echo $_SERVER['PHP_SELF']; ?>'>
        Amount: <INPUT type='text' name='x_amount' value='' />
        <input type='submit' value='Enter Amount' />
    </FORM>
<?php
}
?>

</BODY>
</HTML>

This doesn't contain any JavaScript to resubmit the form but should give you an idea of what Dave is saying. If I get a chance I'll add the JavaScript to it later or maybe Dave will beat me to it. ;)

Re: Changing the amount in SIM Integration

itdevworks — Thu, 07 Jan 2010 03:23:29 GMT

Here is the full text of the .PHP template page I use for donation forms (where the amount can be entered on the page). Note that while I start from this, I end up changing and fixing things as I go, so this actual code has not been tested as-is. It may need some fixups before running without problem. In particular, you certainly need to provide the API Login and Transaciton Key for whatever account you are using.

<?php
//
// How to use this page...
// 
// NOTE: You can search for [Fixup #] (with the square brackets), where #
//       is the step number from below, to find where in the code to make
//       the changes.
//
//  1. Fill in the appropriate information under the "Site Identity
//     Constants" section below.
//
//  2. Fill in the appropriate information under the "Authorize.net
//     Credentials" below.
//
//  3. (Optional) Select to use the Live or Test server/account.
//     Default=Test.
//
//  4. Find the "How to apply your donation" section in the HTML and fix
//     up according to your needs (different options, checkboxes for
//     multi-select, etc.)
//
//  5. Find the comment "Make Description Here" below and modify the
//     following line to match the control(s) set up in step 3.
//
//  6. Test/Fix/Test/Deploy

//
// [Fixup 1] Site Identity Constants
//
$SiteOwnerName = "site-owner-name";
$PageTitle = "page-title";
$ReturnHomePage = "www.someurl.org"

//
// [Fixup 2] Authorize.net Credentials
//
// Note: The Test account credentials are for my own test account, but you
//       can replace them with your own if you have one.
//
$LiveLoginId = "";
$LiveTransactionKey = "";

$TestLoginId = "***********";
$TestTransactionKey = "****************";

//
// [Fixup 3] Choose live or test server/account
//
$UseTestAccount = true;

//
// Now set the global vars used to process the request
//
$LiveGatewayUrl = "https://secure.authorize.net/gateway/transact.dll";
$TestGatewayUrl = "https://test.authorize.net/gateway/transact.dll";

if ($UseTestAccount) {
    $loginid = $TestLoginId;
    $x_tran_key = $TestTransactionKey;
    $gateway_url = $TestGatewayUrl;
} else {
    $loginid = $LiveLoginId;
    $x_tran_key = $TestTransactionKey;
    $gateway_url = $LiveGatewayUrl;
}


//
// Other Global Vars
//
$doredirect = false;

//
// Includes
//
include ("simlib.php");

//
// did form submit??
//
if (isset($HTTP_POST_VARS["formSubmitted"])){
    $strFirstName = $HTTP_POST_VARS["x_first_name"];
    $strLastName = $HTTP_POST_VARS["x_last_name"];
    //
    // [Fixup 5] Make Description Here
    //
    $strDescription = "[ApplyTo:". trim($HTTP_POST_VARS["ApplyTo"])."] + [Country:" . trim($HTTP_POST_VARS["ForCountry"])."]";
    $amount = $HTTP_POST_VARS["x_amount"];
    if (substr($amount, 0,1) == "$") {
    $amount = substr($amount,1);
    }
    if (is_numeric($amount))
    {
        $doredirect=true;
    } else {
        $msg = "Please enter only a numeric amount.";
    }
}
?>

<?
if ($doredirect == false)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
    <title>- Donations</title>
    <meta name="description" content="<? echo $SiteOwnerName ?>">
    <meta name="resource-type" content="document">
    <meta name="revisit-after" content="14 days">
    <meta name="classification" content="consumer">
    <meta name="keywords" content="<? echo $SiteOwnerName ?>">
    <meta name="robots" content="All">
    <meta name="distribution" content="global">
    <meta name="rating" content="general">
    <meta name="copyright" content="2008">
    <meta name="web author" content="ITDevWorks, LLC: wwww.itdevworks.com">
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <style type="text/css">
    <!--
    fieldset
    {
        float: left;
        clear: left;
        width: 400px;
        margin: 0 0 0 0;
        padding: 0em 1em 1em 0;
        border: none;
    }
    
    fieldset legend
    {
        font-size: 1em;
        margin-right: 0;
        padding: 0;
        font-family: Corbel, Geneva, Arial, Helvetica, sans-serif;
        font-size: 1.5em;
        font-weight: 600;
    }
    fieldset ol
    {
        padding: 0;
        border-top: solid 1px black;
        list-style: none;
        margin-left: 10px;
        margin-top: 2px;
    }
    
    fieldset li
    {
        padding: 0 0 0 0;
        float: left;
        clear: left;
        margin: 4px 10px 0 0;
        width: 100%;
        vertical-align: top;
    }
    fieldset label
    {
        float: left;
        font-size: 1em;
        width: 60%;
        margin-top: 3px;
        text-align: left;
    }
    
    fieldset input
    {
        width: 95%;
    }
    
    fieldset select
    {
        width: 38%;
    }
    
    fieldset input.btn-submit
    {
        margin-top: 10px;
        text-align: center;
        width:250px;
    }
    
    -->
    </style>

    <script language="JavaScript">
    <!--
    function IsNumeric(sText)
    
    {
        var ValidChars = "0123456789.";
        var IsNumber=true;
        var Char;
        
        for (i = 0; i < sText.length && IsNumber == true; i++) {
            Char = sText.charAt(i); 
            if (ValidChars.indexOf(Char) == -1) {
                IsNumber = false;
            }
        }
        if (IsNumber==false) {
            alert('Please enter only a number.');
            document.getElementById("formsub").innerHTML = "";
        }
        else {
            document.getElementById("formsub").innerHTML = 
            "<input type=\"submit\" class=\"btn-submit\" value=\"Click " +
            "here for secure payment form\" /><input type=\"hidden\" " +
            "name=\"formSubmitted\" value=\"1\"/>";     
        }
    }
    
    // -->
    </script>
</head>
<html>
<body>
<p style="font-weight: bold; font-family:Arial, Helvetica, Sans-Serif; font-size: 14px;">
    <? echo "$SiteOwnerName -  $PageTitle" ?>
</p>
<? if ($msg<>"") {echo "<p color=red>$msg</p>";} ?>                         
<form method="POST" action="donate.php">
    <div style="text-align:left; font-family: Verdana; font-size:.8em;">
        <fieldset>
        <legend>
        Donation Form
        </legend>
        <ol>
            <li>
                <label for="x_first_name">
                *First name:
                </label>
                <input type="text" name="x_first_name" size="30"/>
            </li>
            <li>
                <label for="x_last_name">
                *Last name:
                </label>
                <input type="text" name="x_last_name"/>
            </li>
            <li>
                <label for="x_amount" >
                *Donation Amount: $
                </label>
                <input type="text" name="x_amount"
                    onblur="IsNumeric(this.value);"/>
            </li>
            <li>
<?
                //
                // [Fixup 4]. Change these controls as per your requirements
                // 
?>
                
                <label for="ApplyTo">
                *How to apply your donation:
                </label>
                <select name="ApplyTo" id="ApplyTo">
                    <option value="As needed" selected>As needed</option>
                    <option value="A good cause">A good cause</option>
                    <option value="Good cause 2">Good cause 2</option>
                    <option value="Good cause 3">Good cause 3</option>
                    <option value="And so on">And so on...</option>
                </select>
            </li>
            <li id="formsub">
                <input type="submit" class="btn-submit"
                    value="Click here for secure payment form" />
                <input type="hidden" name="formSubmitted" value="1"/>
            </li>
        </ol>
        </fieldset>
    </div>
</form>
<? 
} else {// DO REDIRECT
    srand(time());
    $sequence = rand(1, 1000);
    // Insert the form elements required for SIM by calling InsertFP
    $ret = getFP($loginid, $x_tran_key, $amount, $sequence);
    $fields = array(  
        'x_fp_sequence'=>$sequence,  
        'x_fp_timestamp'=>$ret[1],  
        'x_fp_hash'=>$ret[0],  
        'x_description'=>$strDescription,  
        'x_login'=>$loginid,  
        'x_show_form'=>"PAYMENT_FORM",  
        'x_first_name'=>$strFirstName,  
        'x_last_name'=>$strLastName,  
        'x_amount'=>$amount,  
        'x_header_html_payment_form'=>"<div style='font-family: Verdana; font-size: 18px; font-weight: bold;'><i>Thank You</i> from $SiteOwnerName.</div>",  
        'x_footer_html_payment_form'=>"<span style='font-style:italic; font-size:.8em;'>God Bless</span>",  
        'x_receipt_link_method'=>"LINK",  
        'x_receipt_link_text'=>"Return to $SiteOwnerName site", 
        'x_receipt_link_url'=>"http://$ReturnHomePage"
    );  
    echo "<html><head></head><body>";
    echo "<form name='myform' action='$gateway_url' method='post'>";
    foreach ($fields as $key => $value) {
        print "<input type='hidden' name='".$key."' value=\"".$value."\">";
        $fields_string .= "$key=$value";
    }
    echo "</form>";
?>
<script language="javascript" type="text/javascript">
document.myform.submit();
</script>
<?
}
?>
</body>
</html>

Re: Changing the amount in SIM Integration

bprado — Fri, 08 Jan 2010 04:54:13 GMT

wooooooooooo, this work very well!!!

Thk Dave for that great code, i used it in base to create mine code, also thk John for the help too!!!

thk all!

Re: Changing the amount in SIM Integration

slim — Mon, 11 Jan 2010 16:07:53 GMT

I'm glad you got this working. Is there any way you can post your final working code for us newbies? Where there multiple PHP code pages or just the one you worked on here? I'm a Web designer with a client who purchaed Authorize.net to make credit card payments via their Website. Thanks.

Re: Changing the amount in SIM Integration

bprado — Fri, 22 Jan 2010 17:51:17 GMT

sorry for the delay, the one here worked very well, with just some modificactions for customize purpose, if you need any help just post here

Re: Changing the amount in SIM Integration

fschechtman — Wed, 24 Mar 2010 14:24:09 GMT

Could you provide the code for asp users as well?

Re: Changing the amount in SIM Integration

stymiee — Wed, 24 Mar 2010 14:28:13 GMT

Authorize.Net has sample code in ASP.

Re: Changing the amount in SIM Integration

fschechtman — Wed, 24 Mar 2010 14:40:09 GMT

I am using the sample code but don't understand how to update the hidden field x_amount after the user clicks on the Submit button.

Re: Changing the amount in SIM Integration

sharedvision1 — Wed, 29 Jun 2011 15:20:41 GMT

You update this:

$amount = "19.99";

in the parameters area near the top of he sample code.

Re: Changing the amount in SIM Integration

hlemons — Wed, 04 Jan 2012 18:46:06 GMT

Hi guys,

I know this is an ancient topic.. when I run Dave's code I get this error:

Parse error: syntax error, unexpected T_VARIABLE in sim.php on line 45

Line 45 contains $LiveLoginId = "xxxxxxxxxxx"; where xxxxxxxxxx is my liveloginID
Line 46: $LiveTransactionKey = "xxxxxxxxxx";

Any idea of what may be going on? thanks.

Re: Changing the amount in SIM Integration

stymiee — Wed, 04 Jan 2012 18:48:50 GMT

There is a semicolon missing at the end of this line:

$ReturnHomePage = "www.someurl.org"

Just add it there and it should work

$ReturnHomePage = "www.someurl.org";

Re: Changing the amount in SIM Integration

hlemons — Wed, 04 Jan 2012 18:53:58 GMT

Gotcha, now it's throwing an error for simlib.php. What does this file do and where may I acquire it?

Warning: include(simlib.php) [function.include]: failed to open stream: No such file or directory in sim.php on line 81

Warning: include(simlib.php) [function.include]: failed to open stream: No such file or directory in sim.php on line 81

Warning: include() [function.include]: Failed opening 'simlib.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in sim.php on line 81

Thank you for your help.

Re: Changing the amount in SIM Integration

TJPride — Wed, 04 Jan 2012 19:00:07 GMT

simlib.php probably represents the path to the SIM library file in your Authorize.net PHP SDK (at least, I would hope so...) Try changing to that and see if it works.

Re: Changing the amount in SIM Integration

hlemons — Wed, 04 Jan 2012 19:32:04 GMT

Thank you for your help TJ, looks like I have it sorted out now. You guys are a lifesaver.