https://community.developer.cybersource.com/t5/Integration-and-Testing/Proper-http-flow-using-legacy-AIM-API/m-p/55188#M30116 <P>I have a simlar problem as the person in this thread.</P><P>&nbsp;</P><P><A href="https://community.developer.authorize.net/t5/Integration-and-Testing/HTTP-GET-vs-HTTP-POST/m-p/54868#M29825" target="_blank">https://community.developer.authorize.net/t5/Integration-and-Testing/HTTP-GET-vs-HTTP-POST/m-p/54868#M29825</A></P><P>&nbsp;</P><P>And i've been greatful for the help I &nbsp;recently received on forming requests with aim.</P><P>&nbsp;</P><P>However the final issue is making sure the site sends the correct HTTP Method when processing a transaction.</P><P>&nbsp;</P><P>I want to describe the flow of how my site processes a payment so I can better understand where I'm making the mistake. (the server uses a LAMP stack)</P><P>&nbsp;</P><P>My site sells a product let's call it productX for discussion sake. There are n types of productX</P><P>productX1, productX2, ProductX3 ... productXn</P><P>&nbsp;</P><P>for each one there's a static html page. The static html page contains a form. The form contains hidden feilds which are used to send prefiled data via POST to a PHP file "pay.php" so the the particular version of ProductX &nbsp;can be prefilled with the correct price and description&nbsp;and other attributes. Since there's only one pay page, we use prefilled data to make sure we're selling the customer the correct product.</P><P>&nbsp;</P><P>This php pay page generates html content. The html generated contains another form that has been which by now has been prefilled with data.&nbsp;</P><P>&nbsp;</P><P>The user fills this form with additonal creditcard and other billing info and finally this page posts to itself via HTTP POST and uses the additional data to execute a transaction using transact.dll</P><P>&nbsp;</P><P>if this is all confusing see below</P><P>&nbsp;</P><P>[productX3.html ] &nbsp;---HTTP post ---&gt; &nbsp;[pay.php] ---HTTP post ---&gt; pay.php (a funtion in pay.php runs&nbsp;</P><P>&nbsp;</P><P>$sPaymentURL = "<A href="https://secure.authorize.net/gateway/transact.dll" target="_blank" rel="nofollow noopener noreferrer">https://secure.authorize.net/gateway/transact.dll</A>?" . $sParams;</P><P>$ResponseText = file_get_contents($sPaymentURL);</P><P>&nbsp;</P><P><SPAN>$sParams itself is a concatenation of many vars</SPAN></P><P>&nbsp;</P><P><SPAN>see here for more detail&nbsp;<A href="https://community.developer.authorize.net/t5/Integration-and-Testing/Posting-to-authorize-using-the-transact-dll-method-directly/m-p/55091" target="_blank">https://community.developer.authorize.net/t5/Integration-and-Testing/Posting-to-authorize-using-the-transact-dll-method-directly/m-p/55091</A></SPAN></P><P>&nbsp;</P><P>My main question is should the form have an action to transact.dll directly or should the form action be a php page uses the AIM api to post to transact.dll?</P><P>&nbsp;</P><P>I understand that this may be a confusing post but i tried to explain as much as I could.</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 11 Jul 2016 22:13:55 GMT Alix 2016-07-11T22:13:55Z https://community.developer.cybersource.com/t5/Integration-and-Testing/Proper-http-flow-using-legacy-AIM-API/m-p/55188#M30116 <P>I have a simlar problem as the person in this thread.</P><P>&nbsp;</P><P><A href="https://community.developer.authorize.net/t5/Integration-and-Testing/HTTP-GET-vs-HTTP-POST/m-p/54868#M29825" target="_blank">https://community.developer.authorize.net/t5/Integration-and-Testing/HTTP-GET-vs-HTTP-POST/m-p/54868#M29825</A></P><P>&nbsp;</P><P>And i've been greatful for the help I &nbsp;recently received on forming requests with aim.</P><P>&nbsp;</P><P>However the final issue is making sure the site sends the correct HTTP Method when processing a transaction.</P><P>&nbsp;</P><P>I want to describe the flow of how my site processes a payment so I can better understand where I'm making the mistake. (the server uses a LAMP stack)</P><P>&nbsp;</P><P>My site sells a product let's call it productX for discussion sake. There are n types of productX</P><P>productX1, productX2, ProductX3 ... productXn</P><P>&nbsp;</P><P>for each one there's a static html page. The static html page contains a form. The form contains hidden feilds which are used to send prefiled data via POST to a PHP file "pay.php" so the the particular version of ProductX &nbsp;can be prefilled with the correct price and description&nbsp;and other attributes. Since there's only one pay page, we use prefilled data to make sure we're selling the customer the correct product.</P><P>&nbsp;</P><P>This php pay page generates html content. The html generated contains another form that has been which by now has been prefilled with data.&nbsp;</P><P>&nbsp;</P><P>The user fills this form with additonal creditcard and other billing info and finally this page posts to itself via HTTP POST and uses the additional data to execute a transaction using transact.dll</P><P>&nbsp;</P><P>if this is all confusing see below</P><P>&nbsp;</P><P>[productX3.html ] &nbsp;---HTTP post ---&gt; &nbsp;[pay.php] ---HTTP post ---&gt; pay.php (a funtion in pay.php runs&nbsp;</P><P>&nbsp;</P><P>$sPaymentURL = "<A href="https://secure.authorize.net/gateway/transact.dll" target="_blank" rel="nofollow noopener noreferrer">https://secure.authorize.net/gateway/transact.dll</A>?" . $sParams;</P><P>$ResponseText = file_get_contents($sPaymentURL);</P><P>&nbsp;</P><P><SPAN>$sParams itself is a concatenation of many vars</SPAN></P><P>&nbsp;</P><P><SPAN>see here for more detail&nbsp;<A href="https://community.developer.authorize.net/t5/Integration-and-Testing/Posting-to-authorize-using-the-transact-dll-method-directly/m-p/55091" target="_blank">https://community.developer.authorize.net/t5/Integration-and-Testing/Posting-to-authorize-using-the-transact-dll-method-directly/m-p/55091</A></SPAN></P><P>&nbsp;</P><P>My main question is should the form have an action to transact.dll directly or should the form action be a php page uses the AIM api to post to transact.dll?</P><P>&nbsp;</P><P>I understand that this may be a confusing post but i tried to explain as much as I could.</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 11 Jul 2016 22:13:55 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Proper-http-flow-using-legacy-AIM-API/m-p/55188#M30116 Alix 2016-07-11T22:13:55Z https://community.developer.cybersource.com/t5/Integration-and-Testing/Proper-http-flow-using-legacy-AIM-API/m-p/55189#M30117 <P>The user fills this form with additonal creditcard and other billing info and finally this page posts to itself via HTTP POST and uses the additional data to execute a transaction using transact.dll</P><P>&nbsp;</P><P>If the creditcard hit your server, you need to check PCI compliance and it need https</P> Mon, 11 Jul 2016 22:18:47 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Proper-http-flow-using-legacy-AIM-API/m-p/55189#M30117 RaynorC1emen7 2016-07-11T22:18:47Z