ColdFusion 9
MS SQL Server 2012
authorize.net API
In brief: I need to populate an authorize.net payment page using information from a form that is processed in coldfusion
Details: I need to do something fairly simple -- or, I am told it is simple. =) Here are the steps the client wants to happen:
1) A user fills out and submits a conference registration form; her information is processed and is put into a data table (good -- this part works!)
2) After she submits the form, she sees the authorize.net payment page where she pays conference registration fees (this is the part I cannot get to work)
3) Client would like the authorize.net payment page to already display the information (name, address, payment amount, and so on) that the user already typed in the ColdFusion form
Apparently the cfhttp tag is used for this, so I did some reading up on it: http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-7ffc.html
So... I use CFHTTP to send an HTTP request to https://test.authorize.net/gateway/transact.dll
I downloaded some sample code from authorize.net -- it is given below.
Here is where I get confused.
1) How do I connect my conference registration page at http://nnvawi.org/register.cfm to this authorize.net code, below?
2) I would like the registrant to register at http://nnvawi.org/register.cfm, then go to the authorize.net payment page and see all of her contact information, and the conference fee that she selected, already populated in the payment fields.
Is this possible? Has anyone here done this woth ColdFusion?
Thank you for your advice.
Eric
***********
<cfsetting enablecfoutputonly="true"> <cfoutput> <!-- This sample code is designed to connect to Authorize.net using the AIM method. For API documentation or additional sample code, please visit: http://developer.authorize.net --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Sample AIM Implementation </TITLE> </HEAD> <BODY> <P> This sample code is designed to generate a post using Authorize.net's Advanced Integration Method (AIM) and display the results of this post to the screen. </P> <P> For details on how this is accomplished, please review the readme file, the comments in the sample code, and the Authorize.net AIM API documentation found at http://developer.authorize.net </P> <HR /> </cfoutput> <!--- ColdFusion's cfhttp object is specifically designed to create a post, and retrieve the results. Those results are accessed in cfhttp.filecontent ---> <!--- By default, this sample code is designed to post to our test server for developer accounts: https://test.authorize.net/gateway/transact.dll for real accounts (even in test mode), please make sure that you are\posting to: https://secure.authorize.net/gateway/transact.dll ---> <cfhttp method="Post" url="https://test.authorize.net/gateway/transact.dll"> <!--- the API Login ID and Transaction Key must be replaced with valid values ---> <cfhttpparam type="Formfield" name="x_login" value="API_LOGIN_ID"> <cfhttpparam type="Formfield" name="x_tran_key" value="TRANSACTION_KEY"> <cfhttpparam type="Formfield" name="x_delim_data" value="TRUE"> <cfhttpparam type="Formfield" name="x_delim_char" value="|"> <cfhttpparam type="Formfield" name="x_relay_response" value="FALSE"> <cfhttpparam type="Formfield" name="x_type" value="AUTH_CAPTURE"> <cfhttpparam type="Formfield" name="x_method" value="CC"> <cfhttpparam type="Formfield" name="x_card_num" value="4111111111111111"> <cfhttpparam type="Formfield" name="x_exp_date" value="0115"> <cfhttpparam type="Formfield" name="x_amount" value="19.99"> <cfhttpparam type="Formfield" name="x_description" value="Sample Transaction"> <cfhttpparam type="Formfield" name="x_first_name" value="John"> <cfhttpparam type="Formfield" name="x_last_name" value="Doe"> <cfhttpparam type="Formfield" name="x_address" value="1234 Street"> <cfhttpparam type="Formfield" name="x_state" value="WA"> <cfhttpparam type="Formfield" name="x_zip" value="98004"> <!--- Additional fields can be added here as outlined in the AIM integration guide at: http://developer.authorize.net ---> <!--- The following fields show an example of how to include line item details, they are commented out by default. <cfhttpparam type="Formfield" name="x_line_item" value="item1<|>golf balls<|><|>2<|>18.95<|>Y"> <cfhttpparam type="Formfield" name="x_line_item" value="item2<|>golf bag<|>Wilson golf carry bag, red<|>1<|>39.99<|>Y"> <cfhttpparam type="Formfield" name="x_line_item" value="item3<|>book<|>Golf for Dummies<|>1<|>21.99<|>Y"> ---> </cfhttp> <!--- Because coldfusion's ListToArray object ignores empty fields, we must put a space in all empty fields to make sure that they are not skipped ---> <cfset post_response=Replace(cfhttp.filecontent,"||","| |", "all")> <!--- the same command is run twice, because the first time it only adjusts every other empty field ---> <cfset post_response=Replace(post_response,"||","| |", "all")> <!--- now the ListToArray method can be used without skipping fields ---> <cfset response_array=ListToArray(post_response, "|")> <!--- the results are output to the screen in the form of an html numbered list. ---> <cfoutput> <OL> <cfloop index="i" from="1" to="#arrayLen(response_array)#"> <LI>#response_array[i]# </LI> </cfloop> </OL> <!--- individual elements of the array could be accessed to read certain response fields. For example, response_array[1] would return the Response Code, response_array[3] would return the Response Reason Code. For a list of response fields, please review the AIM Implementation Guide ---> </BODY> </HTML> </cfoutput>
โ07-21-2014 11:30 AM
Eric:
The big question is whether or not you are interested in showing Authorize.net's own payment page, or one of your custom design. You mentioned that you wanted a simple solution, so my opinion is that the former would be adequate for this application. In that case, you would want to check out the SIM API (http://www.authorize.net/support/SIM_guide.pdf). If you continue with AIM, you will be responsible for the payment data as it traverses your server, and you will need PCI compliance. SIM avoids a great deal of this hassle by collecting the payment data on Authorize.net's servers - your server never sees it. You can prepopulate the SIM form by POSTing the data from your register.cfm form when you make the transaction request to Authorize.net SIM.
So the flow would go like this with SIM (to answer question #1):
1. User fills out register.cfm form
2. Submit a form with POST to SIM containing the (verified) postback customer data, and the desired transaction amount. This will redirect the user to Authorize.net.
3. Authorize.net will display the form to collect payment data and charge the customer.
4. You have the option of receiving a POST from Authorize.net called the "relay response" at the completion of the transaction. This contains all of the transaction data (success/failure, auth code, etc).
With AIM:
1. User fills out register.cfm form
2. Display your form to collect payment data.
3. On postback, send CFHTTP POST to AIM with the payment data.
4. Receive transaction response from CFHTTP.
#2: Yes, this is possible with SIM (by posting the customer data with the payment form request), or with AIM (by displaying it yourself).
Before you make a final choice, you should familiarize yourself with the SIM and AIM guides (http://www.authorize.net/support/AIM_guide.pdf).
Cheers, Clayton
โ07-23-2014 10:05 AM
Dear Clayton, this is very helpful. I do not mind showing the authorize.net payment page. In fact, that is what I had in mind all along.
Your discussion of the difference between SIM and AIM is very helpful. I agree -- I should use SIM, and the procedure that you suggest:
1. User fills out register.cfm form
2. Submit a form with POST to SIM containing the (verified) postback customer data, and the desired transaction amount. This will redirect the user to Authorize.net.
3. Authorize.net will display the form to collect payment data and charge the customer.
4. You have the option of receiving a POST from Authorize.net called the "relay response" at the completion of the transaction. This contains all of the transaction data (success/failure, auth code, etc).
I read the SIM Guide that you referred me to: http://www.authorize.net/support/SIM_guide.pdf
And that was very helpful.
I need this register form to do two things:
1) display the authorize.net transaction page
2) populate the database table with the data that the user has inputted
I am going to work on that more today.
I'll come back here with my result.
I really appreciate your time.
best from Eric
โ07-29-2014 08:00 AM
Dear Clayton,
I was away on travel, and finally have a chance to return to this question. Thank you for your patience. I have been working on this problem all weekend and most of today.
I want to use the authorize.net payment page -- that is where I want the user to enter her credit card information. I do not want to have any credit card information on my server, and I don't want to deal with PCI compliance. =)
Here is what I have in mind:
1) User fills out registration form; selects desired conference fee (eg., Members Fee, 300.00), but does not enter CC info
2) User submits the registration form -- and then she sees an authorize.net payment page -- which is pre-populated with the correct fee amount based on the conference fee that she selected
3) And then she just fills out the authorize.net form, including CC information
Is that possible? I think I should use the SIM API -- do you agree?
Thank you again for your helpful advice. All best,
Eric
โ08-11-2014 12:58 PM
Hmm. I think I got it working. I adapted the SIM sample code, which is in better shape and is more concise than the AIM sample code. After some trial and error, and locating the correct API Login ID and Transaction Key, I am able to fill out a form, submit it, and view the authorize.net payment page -- where the user can fill in her payment details.
It took me a little while to figure out which API to use, and which sample code. =)
I might have some more questions about adapting a simple registration form to use with the authorize.net SIM API.
But, thank you very much for your time and help.
best from Eric
If you are curious, here is the code I used:
[code]<cfsetting enablecfoutputonly="true">
<cfoutput>
<!--
This sample code is designed to connect to Authorize.net using the SIM method.
For API documentation or additional sample code, please visit:
http://developer.authorize.net
Most of this page below (and including) this comment can be modified using any
standard html. The parts of the page that cannot be modified are noted in the
comments. This file can be renamed as long as the file extension remains .cfm
-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML lang='en'>
<HEAD>
<TITLE> Sample SIM Implementation </TITLE>
</HEAD>
<BODY>
<!-- This section generates the "Submit Payment" button using Coldfusion -->
</cfoutput>
<!--- the parameters for the payment can be configured here --->
<!--- the API Login ID and Transaction Key must be replaced with valid values --->
<cfset loginID="xxxxxxx">
<cfset transactionKey="yyyyyy">
<cfset amount="19.99">
<cfset description="Sample Transaction">
<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
<cfset testMode="false">
<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
<!--- If an amount or description were posted to this page, the defaults are overidden --->
<cfif IsDefined("FORM.amount")>
<cfset amount=FORM.amount>
</cfif>
<cfif IsDefined("FORM.description")>
<cfset description=FORM.description>
</cfif>
<!--- also check to see if the amount or description were sent using the GET method --->
<cfif IsDefined("URL.amount")>
<cfset amount=URL.amount>
</cfif>
<cfif IsDefined("URL.description")>
<cfset description=URL.description>
</cfif>
<!--- an invoice is generated using the date and time --->
<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
<!--- a sequence number is randomly generated --->
<cfset sequence=RandRange(1, 1000)>
<!--- a timestamp is generated --->
<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >
<!--- The following lines generate the SIM fingerprint --->
<cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">
<cfset fingerprint=#digest#>
<cfoutput>
<!--- Print the Amount and Description to the screen.--->
Amount: #amount# <br />
Description: #description# <br />
<!--- Create the HTML form containing necessary SIM post values --->
<FORM method='post' action='#posturl#' >
<!--- Additional fields can be added here as outlined in the SIM integration
guide at http://developer.authorize.net --->
<INPUT type='hidden' name='x_login' value='#loginID#' />
<INPUT type='hidden' name='x_amount' value='#amount#' />
<INPUT type='hidden' name='x_description' value='#description#' />
<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
<INPUT type='hidden' name='x_test_request' value='#testMode#' />
<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />
<input type='submit' value='#label#' />
</FORM>
<!-- This is the end of the code generating the "submit payment" button. -->
</BODY>
</HTML>
<!-- The last line is a necessary part of the coldfusion script -->
</cfoutput>[/code]
โ08-11-2014 04:21 PM
3 , 2 , 13 , The merchant login ID or password is invalid or the account is inactive
This is what I am getting when I use this script posted. Please help.
<cfsetting enablecfoutputonly="true"> <cfoutput> <!-- This sample code is designed to connect to Authorize.net using the AIM method. For API documentation or additional sample code, please visit: http://developer.authorize.net --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML lang='en'> <HEAD> <TITLE> Sample AIM Implementation </TITLE> </HEAD> <BODY> <P> This sample code is designed to generate a post using Authorize.net's Advanced Integration Method (AIM) and display the results of this post to the screen. </P> <P> For details on how this is accomplished, please review the readme file, the comments in the sample code, and the Authorize.net AIM API documentation found at http://developer.authorize.net </P> <HR /> </cfoutput> <!--- ColdFusion's cfhttp object is specifically designed to create a post, and retrieve the results. Those results are accessed in cfhttp.filecontent ---> <!--- By default, this sample code is designed to post to our test server for developer accounts: https://test.authorize.net/gateway/transact.dll for real accounts (even in test mode), please make sure that you are\posting to: https://secure.authorize.net/gateway/transact.dll ---> <cfhttp method="Post" url="https://test.authorize.net/gateway/transact.dll"> <!--- the API Login ID and Transaction Key must be replaced with valid values ---> <cfhttpparam type="Formfield" name="x_login" value="API_LOGIN_ID"> <cfhttpparam type="Formfield" name="x_tran_key" value="TRANSACTION_KEY"> <cfhttpparam type="Formfield" name="x_delim_data" value="TRUE"> <cfhttpparam type="Formfield" name="x_delim_char" value="|"> <cfhttpparam type="Formfield" name="x_relay_response" value="FALSE"> <cfhttpparam type="Formfield" name="x_type" value="AUTH_CAPTURE"> <cfhttpparam type="Formfield" name="x_method" value="CC"> <cfhttpparam type="Formfield" name="x_card_num" value="4111111111111111"> <cfhttpparam type="Formfield" name="x_exp_date" value="0115"> <cfhttpparam type="Formfield" name="x_amount" value="19.99"> <cfhttpparam type="Formfield" name="x_description" value="Sample Transaction"> <cfhttpparam type="Formfield" name="x_first_name" value="John"> <cfhttpparam type="Formfield" name="x_last_name" value="Doe"> <cfhttpparam type="Formfield" name="x_address" value="1234 Street"> <cfhttpparam type="Formfield" name="x_state" value="WA"> <cfhttpparam type="Formfield" name="x_zip" value="98004"> <!--- Additional fields can be added here as outlined in the AIM integration guide at: http://developer.authorize.net ---> <!--- The following fields show an example of how to include line item details, they are commented out by default. <cfhttpparam type="Formfield" name="x_line_item" value="item1<|>golf balls<|><|>2<|>18.95<|>Y"> <cfhttpparam type="Formfield" name="x_line_item" value="item2<|>golf bag<|>Wilson golf carry bag, red<|>1<|>39.99<|>Y"> <cfhttpparam type="Formfield" name="x_line_item" value="item3<|>book<|>Golf for Dummies<|>1<|>21.99<|>Y"> ---> </cfhttp> <!--- Because coldfusion's ListToArray object ignores empty fields, we must put a space in all empty fields to make sure that they are not skipped ---> <cfset post_response=Replace(cfhttp.filecontent,"||","| |", "all")> <!--- the same command is run twice, because the first time it only adjusts every other empty field ---> <cfset post_response=Replace(post_response,"||","| |", "all")> <!--- now the ListToArray method can be used without skipping fields ---> <cfset response_array=ListToArray(post_response, "|")> <!--- the results are output to the screen in the form of an html numbered list. ---> <cfoutput> <OL> <cfloop index="i" from="1" to="#arrayLen(response_array)#"> <LI>#response_array[i]# </LI> </cfloop> </OL> <!--- individual elements of the array could be accessed to read certain response fields. For example, response_array[1] would return the Response Code, response_array[3] would return the Response Reason Code. For a list of response fields, please review the AIM Implementation Guide ---> </BODY> </HTML> </cfoutput>
โ04-11-2021 12:45 PM
Assuming this isn't SPAM. You might need to change the URL for Sandbox.
Better yet, use my API CFC and get off the old AIM API.
โ04-12-2021 12:47 PM