topic Re: Round Two: Trouble with Weblink in Integration and Testing

Round Two: Trouble with Weblink

AaronHildebrand — Fri, 07 Dec 2012 17:26:13 GMT

Okay, once again we got our little SIM form that's producing a connection, and lo and behold I'm getting error 102 (http://support.authorize.net/authkb/index?page=content&id=A613&actp=RSS)

Or at least I think I am...

Once again, there are no errors cropping up in the logger, but at least now I know it's hitting my site.

So as with before, the form being generated is:

<form action = 'https://secure.authorize.net/gateway/transact.dll' method = 'post'>
		<input type = 'hidden' name = 'x_fp_hash' value = '13d83174a78330de31e9e952bd4c7ec3' \>
		<input type = 'hidden' name = 'x_fp_sequence' value = '589'\>
		<input type = 'hidden' name = 'x_fp_timestamp' value = '1354900381' \>
		<input type = 'hidden' name = 'x_login' value = '00000000' \>
		<input type = 'hidden' name = 'x_tran_key' value = '00000000' \>
		<input type = 'hidden' name = 'x_amount' value = '30.00' \>
		<input type = 'hidden' name = 'x_relay_url' value = 'https://somewhere.nowhere.net/orders/[Dynamically Generated Order GUID]/payment' \>
		<input type = 'hidden' name = 'x_po_num' value = '221' \>
		<input type = 'hidden' name = 'x_relay_response' value = 'TRUE' \>
<h2>Payment Information</h2>
					<div style = 'float:left;width:250px;'>
						<label>Credit Card Number</label>
						<div id = 'CreditCardNumber'>
							<input type = 'text' size = '28' name = 'x_card_num' id = 'x_card_num'/>
						</div>
					</div>	
					<div style = 'float:left;width:70px;'>
						<label>Exp.</label>
						<div id = 'CreditCardExpiration'>
							<input type = 'text' size = '5' maxlength = '5' name = 'x_exp_date' id = 'x_exp_date'/>
						</div>
					</div>
					<div style = 'float:left;width:70px;'>
						<label>CCV</label>
						<div id = 'CCV'>
							<input type = 'text' size = '5' maxlength = '5' name = 'x_card_code' id = 'x_card_code' />
						</div>
					</div>
                        <br />
                       <input type = "submit" name="action" value = "Pay Now" />
                       <br />
                        </form>

At this point the Authorize.Net site says to not pass the Login or Trankey with the same request as the weblink, but I'm following the SIM integration as best as I can (working within the confines of existing code.) So I'm not exactly sure why it's kicking this error out.

The zeroed out fields actually have the data in them, but it's being passed via SSL back and forth, so I'm unsure as to why A.NET is having issues here.

Re: Round Two: Trouble with Weblink

RaynorC1emen7 — Fri, 07 Dec 2012 19:09:10 GMT

because you are sending param

<input type = 'hidden' name = 'x_tran_key' value = '00000000' \>

when you are not suppose to when using SIM, or DPM.

SSL help, but any web user can look at your TransactionKey by looking at the browser page source.

Re: Round Two: Trouble with Weblink

AaronHildebrand — Fri, 07 Dec 2012 19:42:22 GMT

Okay, so how the blue blazes am I supposed to pass data like that without including it in the webform that's posting?

I really hope I don't have to inject it somehow in the post statement, if it's just a straight form like this.

I mean I would love to be able to obfuscate all of those variables as behind-the-scenes stuff so that I don't have to expose them like that (if someone wily enough changes the amount to say one dollar it would really put a cramp on things)

Re: Round Two: Trouble with Weblink

RaynorC1emen7 — Fri, 07 Dec 2012 19:51:11 GMT

You don't need to pass the x_tran_key, that is what x_fp_hash is for.

Here is the minimum fields required for different transaction type

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Appendix_A.html

Re: Round Two: Trouble with Weblink

AaronHildebrand — Fri, 07 Dec 2012 20:02:05 GMT

Once again, thank you RaynorC1men7, let's see how far we get now, I know why I put them in there, I have an old implementation of a server integration that uses CURL rather than the standard libraries and it required those keys.