cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

Converting from Simple Checkout to Accept Hosted in Wordpress

I have read through all the documentation at Authorize.net to implement Accept Hosted, and all the related threads I could find in this community. Being a novice as a programmer, I'm quite confused and still don't know how to convert my payment buttons in WordPress from Simple Checkout to Accept Hosted.

 

I have three payment buttons on my web page: https://pokerdawgs.net/upcoming-events/#registertampa

Two are for fixed amounts ($65 and $85), and one is for a variable donation amount as selected by the donor (to Special Olympics Florida). 

 

I don't need to capture any customer/donor information into a database. All I need is an email notification of the payment from Authorize.net with name and amount, like what I get currently with Simple Checkout.

 

Here is the coding I currently have in my WordPress page for one of the fixed amount buttons (added to the WordPress page through WordPress Code Editor):

<form action="https://Simplecheckout.authorize.net/payment/CatalogPayment.aspx" method="post" name="PrePage"><span style="color: #ff0000; font-size: medium;"> <input name="LinkId" type="hidden" value="*****"> <input alt="Register for Tampa Bay Charity Tournament w/add-on" height="75" name="I1" src="http://pokerdawgs.net/wp-content/uploads/registerhere85.jpg" type="image" width="150"> <strong>&nbsp; </strong></span><span style="color: #ff0000; font-size: medium;"><strong>$65.00 Entry + $20.00 Charity Add-on, for 10,000 units.</strong>
<strong>(Add-on funds donated to charities.)</strong>
</span></form>


The other two payment buttons are simliar, just different 'value' to correspond to my Simple Checkout settings in Authorize.net.

 

If someone could give me an exact example of the code I need to replace my existing code in the WordPress page for the buttons, and any additional steps I need to do to convert to Accept Hosted, it would be GREATLY appreciated. Please be simple and explicit in the explanation and assume that I know nothing about coding, file locations, etc.

pokerxanadu
Contributor
1 ACCEPTED SOLUTION

Accepted Solutions
โ€œare you saying this is not secureโ€

No web application is secure. Security is measured in degrees. There are more secure and less secure apps, but there is no such thing as an app that is secure.

Where this comes into play in ecommerce is you have the PCI DSS (stands for Payment Card Industry Data Security Standards). They expect you to follow a security protocol they see as appropriate for the level of risk your app poses to cardholder data if compromised. The requirements for an outsourced payment are not hard to fulfill and are of a small number. The cardholder data never touches your app.

The protocol for apps where the cardholder data is entered on a webpage served from the merchants server is intensive and expensive. This is something to dodge unless you have a lot of revenue.

If youโ€™re amazon . com and you do hundreds of billions in gross revenue, the added security costs are a nonissue because the benefit of having your own payment form that you completely customize, storing cc data for one click orders, etc only has to bump up your sales a tiny percentage to cover the cost and then some. I have no idea what their compliance costs are but Iโ€™m sure theyโ€™re massive.

For merchants who are smaller, Iโ€™ve roughed out about $16 k a year to implement a good, compliant protocol. I know developers who have clients on SAQ D scope integrations who do it for about 1/4th of that. The issue is that for small merchants on SAQ D they are not audited unless someone complains. They simply audit themselves, so no real way to say what they are doing is sufficient. Doing it my way Iโ€™d say $16k is a good benchmark.

What you probably donโ€™t realize is that there are endless attempts to hack your website. I have clients who get 300 visitors a month, small businesses, and there will sometimes be dozens or scores of attempts to hack the site in a single day. People will sit there and try 50 times in a row. And those are only the attempts that are capable of being tracked. Most of these attacks are crude and have no prayer, but still it shows you what youโ€™re up against as even a tiny merchant or business. I am sure you become a bigger target when people find out youโ€™ve got your own payment form.

IMO there is no point in any merchant doing less than $200k net income doing anything other than a hosted payment form. For what you are doing, simple checkout is perfect.

View solution in original post

24 REPLIES 24

I found a free WordPress addon to use for now. It's working fine and I've been able to customize it. I just don't know if this is written in one of the APIs that is being retired. Does someone know? Here is the code:

 

<?php
/**
 *
 * @since             1.0.1
 * @package           WP_Service_Payment_Form_With_Authorize.net
 * 
 * @wordpress-plugin
 * Plugin Name:       WP Service Payment Form With Authorize.net
 * Plugin URI:        https://github.com/shivprakash210/wp-service-payment-form-with-authorizenet
 * Description:       WP Service Payment Form With Authorize.net allows to accept payments from credit/debit cards using Authorize.net Gateway with captcha.
 * Version:           1.2.1
 * Author:            Shiv Prakash Tiwari
 * Author URI:        https://github.com/shivprakash210/
 * License:           GPL-2.0+
 * License URI:       http://www.gnu.org/licenses/gpl-2.0.txt
 * Text Domain:       wpspf_with_authorize.net
 * Domain Path:       /languages/
 */

// Exit if accessed directly
defined( 'ABSPATH' ) || die( 'Wordpress Error! Opening plugin file directly' );

define( 'PLUGIN_PATH', plugins_url( __FILE__ ) );

/************************************************** 
* Activation function
***************************************************/
function wpspf_on_activation()
{
    if ( ! current_user_can( 'activate_plugins' ) )
        return;
    $plugin = isset( $_REQUEST['plugin'] ) ? $_REQUEST['plugin'] : '';
    global $wpdb;
    require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
    
    check_admin_referer( "activate-plugin_{$plugin}" );     
}

/**************************************************
* Deactivation function
***************************************************/
function wpspf_on_deactivation()
{
    if ( ! current_user_can( 'activate_plugins' ) )
        return;
    $plugin = isset( $_REQUEST['plugin'] ) ? $_REQUEST['plugin'] : '';
    global $wpdb;   
    require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
    
    check_admin_referer( "deactivate-plugin_{$plugin}" );  
    
}

/**************************************************
* Uninstall function
***************************************************/
function wpspf_on_uninstall()
{
    if ( ! current_user_can( 'activate_plugins' ) )
        return;
    check_admin_referer( 'bulk-plugins' );
    if ( __FILE__ != WP_UNINSTALL_PLUGIN )
        return;
}

/**************************************************
* Register activation, deactivation and unistall hook
***************************************************/
register_activation_hook(   __FILE__, 'wpspf_on_activation' );
register_deactivation_hook( __FILE__, 'wpspf_on_deactivation' );
register_uninstall_hook(    __FILE__, 'wpspf_on_uninstall' );


add_action('admin_menu', 'wpspf_plugin_create_menu');

function wpspf_plugin_create_menu() {
    add_menu_page('Service Payment', 'Service Payment', 'administrator', __FILE__, 'wpspf_plugin_settings_page'  );
    add_action( 'admin_init', 'register_wpspf_plugin_settings' );
}

function register_wpspf_plugin_settings() {
    //register our settings
    register_setting( 'wpspf-plugin-settings-group', 'wpspfnet_enable' );
    register_setting( 'wpspf-plugin-settings-group', 'wpspf_apiloginid' );
    register_setting( 'wpspf-plugin-settings-group', 'wpspf_transactionkey' );
    register_setting( 'wpspf-plugin-settings-group', 'wpspf_transactionmode' );
}

function wpspf_plugin_settings_page() {
    
    if(isset($_POST['submit']) && wp_verify_nonce($_REQUEST['wpspf_nonce'], 'wpspf_nonce_action')){
        $wpspfnet_enable        = intval($_POST['wpspfnet_enable']);
        $wpspf_apiloginid       = sanitize_text_field($_POST['wpspf_apiloginid']);
        $wpspf_transactionkey   = sanitize_text_field($_POST['wpspf_transactionkey']);
        $wpspf_transactionmode  = intval($_POST['wpspf_transactionmode']);
        $wpspf_paymentheading   = sanitize_text_field($_POST['wpspf_paymentheading']);
        $wpspf_servicetype      = sanitize_text_field($_POST['wpspf_servicetype']);
        
        $wpspf_sitekey       = trim($_POST['wpspf_sitekey']);
        $wpspf_secretekey    = trim($_POST['wpspf_secretekey']);
        
        $wpspfnet_enable_servicetype = intval($_POST['wpspfnet_enable_servicetype']);
        
        $deprecated = null;
        $autoload = 'no';
        
        if ( get_option( 'wpspf_sitekey' ) !== false ) {

            update_option( 'wpspf_sitekey', $wpspf_sitekey );

        } else {
             
            add_option( 'wpspf_sitekey', $wpspf_sitekey , $deprecated, $autoload );
        }
        
            
        if ( get_option( 'wpspf_secretekey' ) !== false ) {

            update_option( 'wpspf_secretekey', $wpspf_secretekey );

        } else {
             
            add_option( 'wpspf_secretekey', $wpspf_secretekey , $deprecated, $autoload );
        }
            
        if ( get_option( 'wpspfnet_enable_servicetype' ) !== false ) {

            update_option( 'wpspfnet_enable_servicetype', $wpspfnet_enable_servicetype );

        } else {
             
            add_option( 'wpspfnet_enable_servicetype', $wpspfnet_enable_servicetype , $deprecated, $autoload );
        }
        
            
        if ( get_option( 'wpspf_servicetype' ) !== false ) {

            update_option( 'wpspf_servicetype', $wpspf_servicetype );

        } else {
             
            add_option( 'wpspf_servicetype', $wpspf_servicetype , $deprecated, $autoload );
        }
        
            
        if ( get_option( 'wpspf_paymentheading' ) !== false ) {

            update_option( 'wpspf_paymentheading', $wpspf_paymentheading );

        } else {
             
            add_option( 'wpspf_paymentheading', $wpspf_paymentheading , $deprecated, $autoload );
        }
        
        
        if ( get_option( 'wpspfnet_enable' ) !== false ) {

            update_option( 'wpspfnet_enable', $wpspfnet_enable );

        } else {
             
            add_option( 'wpspfnet_enable', $wpspfnet_enable , $deprecated, $autoload );
        }
        
        if ( get_option( 'wpspf_transactionmode' ) !== false ) {

            update_option( 'wpspf_transactionmode', $wpspf_transactionmode );

        } else {
             $deprecated = null;
             $autoload = 'no';
            add_option( 'wpspf_transactionmode', $wpspf_transactionmode , $deprecated, $autoload );
        }
        
        if ( get_option( 'wpspf_apiloginid' ) !== false ) {

            update_option( 'wpspf_apiloginid', $wpspf_apiloginid );

        } else {
             $deprecated = null;
             $autoload = 'no';
            add_option( 'wpspf_apiloginid', $wpspf_apiloginid , $deprecated, $autoload );
        }
        
        if ( get_option( 'wpspf_transactionkey' ) !== false ) {

            update_option( 'wpspf_transactionkey', $wpspf_transactionkey );

        } else {
             $deprecated = null;
             $autoload = 'no';
            add_option( 'wpspf_transactionkey', $wpspf_transactionkey , $deprecated, $autoload );
        }
    }
     
?>
<div class="wrap">
<h3><?php echo esc_html_e( 'WP Service Payment Form With Authorize.net Plugin For Wordpress', 'wpspf_with_authorize.net' ); ?></h3>
<p><?php echo esc_html_e( 'Please use "[wpspf-paymentform]" shortcode for payment form.', 'wpspf_with_authorize.net' ); ?></p>
<form method="post" action="">
    <table class="form-table">
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Payment Heading', 'wpspf_with_authorize.net' ); ?></th>
        <td><input type="text" style="width:100%;" name="wpspf_paymentheading" value="<?php echo esc_attr(get_option( 'wpspf_paymentheading' )); ?>" required="required" /></td>
        </tr>
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Enable/Disable', 'wpspf_with_authorize.net' ); ?></th>
        <td><input type="checkbox" name="wpspfnet_enable_servicetype" value="1" <?php if ( trim(get_option( 'wpspfnet_enable_servicetype' ))==1 ){ echo 'checked'; } ?> /><?php esc_html_e( 'Check to show service type on front end', 'wpspf_with_authorize.net' ); ?></td>
        </tr>
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Service type', 'wpspf_with_authorize.net' ); ?></th>
        <td><textarea name="wpspf_servicetype" style="width:100%;" required="required" placeholder="seperate service type by | e.g. type one | type two | type three"><?php echo esc_html_e(get_option( 'wpspf_servicetype' )); ?></textarea></td>
        </tr>
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Enable/Disable', 'wpspf_with_authorize.net' ); ?></th>
        <td><input type="checkbox" name="wpspfnet_enable" value="1" <?php if ( trim(get_option( 'wpspfnet_enable' ))==1 ){ echo 'checked'; } ?> /><?php echo esc_html_e( 'Enable Authorize.Net', 'wpspf_with_authorize.net' ); ?></td>
        </tr>
         
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'API Login ID', 'wpspf_with_authorize.net' ); ?></th>
        <td><input type="text" name="wpspf_apiloginid" value="<?php echo esc_attr( get_option('wpspf_apiloginid') ); ?>" required="required" /></td>
        </tr>
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Transaction Key', 'wpspf_with_authorize.net' ); ?></th>
        <td><input type="text" name="wpspf_transactionkey" value="<?php echo esc_attr( get_option('wpspf_transactionkey') ); ?>" required="required" /></td>
        </tr>   
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Transaction Mode', 'wpspf_with_authorize.net' ); ?></th>
        <td><input type="checkbox" name="wpspf_transactionmode" value="1" <?php if ( trim(get_option( 'wpspf_transactionmode' ))==1 ){ echo 'checked'; } ?> /><?php echo esc_html_e( 'Enable Authorize.Net sandbox (Live Mode if Unchecked)', 'wpspf_with_authorize.net' ); ?>
        <?php wp_nonce_field('wpspf_nonce_action', 'wpspf_nonce'); ?>   
        </td>
        </tr>
        
        <tr valign="top">
        <th scope="row" colspan="2"><h1><?php echo esc_html_e( 'Google reCAPTCHA Details'); ?></h1></th>
        </tr>
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Site key'); ?></th>
        <td><input type="text" style="width:100%;" name="wpspf_sitekey" value="<?php echo get_option( 'wpspf_sitekey' ); ?>" required="required" /></td>
        </tr>
        
        <tr valign="top">
        <th scope="row"><?php echo esc_html_e( 'Secret key'); ?></th>
        <td><input type="text" style="width:100%;" name="wpspf_secretekey" value="<?php echo get_option( 'wpspf_secretekey' ); ?>" required="required" /></td>
        </tr>
        
    </table>
    
    <p class="submit"><input name="submit" id="submit" class="button button-primary" value="Save Changes" type="submit"></p>

</form>
</div>
<?php }


function wpspf_paymentform(){
    if(!isset($_GET['action'])){
    $publickey = get_option( 'wpspf_sitekey' );
    $privatekey = get_option( 'wpspf_secretekey' );
    # the response from reCAPTCHA
    $resp = null;
    //check for form submit         
    if(isset($_POST['wpspf_payment']) && wp_verify_nonce($_REQUEST['wpspf_billpay_nonce'], 'wpspf_nonce_billpay_action')){
        //check for google captcha
        if(isset($_POST['spGoogleCaptchaRes']) && trim($_POST['spGoogleCaptchaRes'])!='' && $_POST['spGoogleCaptchaRes']==$_POST['g-recaptcha-response']){
                    // Testing, is it a real transaction
                    $environment = ( intval(get_option( 'wpspf_transactionmode' ))==1 ) ? 'TRUE' : 'FALSE';


                    // Decide which URL to post to
                    $environment_url = ( "FALSE" == $environment ) 
                                       ? 'https://secure.authorize.net/gateway/transact.dll'
                                       : 'https://test.authorize.net/gateway/transact.dll';

                    if(isset($_POST['wpspf_authorizenet_card-number']) && $_POST['wpspf_authorizenet_card-number']!=''){
                            $wpspf_card_number = sanitize_text_field(str_replace( array(' ', '-' ), '', $_POST['wpspf_authorizenet_card-number'] ));
                    }else{ $wpspf_card_number =''; }

                    if(isset($_POST['wpspf_authorizenet_card-cvc']) && $_POST['wpspf_authorizenet_card-cvc']!=''){
                            $wpspf_cvc = intval($_POST['wpspf_authorizenet_card-cvc']);
                    }else{ $wpspf_cvc =''; }

                    if(isset($_POST['wpspf_authorizenet_card-expiry'])){
                        $x_exp_date = str_replace( array( '/', ' '), '', sanitize_text_field($_POST['wpspf_authorizenet_card-expiry'] ));
                    }else{
                        $x_exp_date='';
                    }


                    $payload = array(
                        // Authorize.net Credentials and API Info
                        "x_tran_key"            => esc_attr( get_option('wpspf_transactionkey') ),
                        "x_login"               => esc_attr( get_option('wpspf_apiloginid')),
                        "x_version"             => "3.1",

                        // Order total
                        "x_amount"              => floatval($_POST['payment_amount']),

                        // Credit Card Information              
                        "x_card_num"            => $wpspf_card_number,              

                        "x_card_code"           => $wpspf_cvc,

                        "x_exp_date"            => $x_exp_date,

                        "x_type"                => 'AUTH_CAPTURE',
                        "x_invoice_num"         => str_replace( "#", "", sanitize_text_field($_POST['invoice_number'])),
                        "x_test_request"        => $environment,
                        "x_delim_char"          => '|',
                        "x_encap_char"          => '',
                        "x_delim_data"          => "TRUE",
                        "x_relay_response"      => "FALSE",
                        "x_method"              => "CC",

                        // Billing Information
                        "x_first_name"          => sanitize_text_field($_POST['customer_first_name']),
                        "x_last_name"           => sanitize_text_field($_POST['customer_last_name']),
                        "x_address"             => (isset($_POST['service_address'])) ? sanitize_text_field($_POST['service_address']) : '',
                        "x_city"                => sanitize_text_field($_POST['service_city']),
                        "x_state"               => sanitize_text_field($_POST['service_state']),
                        "x_zip"                 => sanitize_text_field($_POST['service_zipcode']),
                        "x_country"             => sanitize_text_field($_POST['service_country']),
                        "x_phone"               => sanitize_text_field($_POST['customer_phone']),
                        "x_email"               => sanitize_text_field($_POST['customer_email']),
                        "x_description"         => sanitize_text_field($_POST['servicetype']),

                        // Shipping Information
                        "x_ship_to_first_name"  => sanitize_text_field($_POST['customer_first_name']),
                        "x_ship_to_last_name"   => sanitize_text_field($_POST['customer_last_name']),
                        "x_ship_to_company"     => '',
                        "x_ship_to_address"     => (isset($_POST['service_address'])) ? sanitize_text_field($_POST['service_address']) : '',
                        "x_ship_to_city"        => sanitize_text_field($_POST['service_city']),
                        "x_ship_to_country"     => sanitize_text_field($_POST['service_country']),
                        "x_ship_to_state"       => sanitize_text_field($_POST['service_state']),
                        "x_ship_to_zip"         => sanitize_text_field($_POST['service_zipcode']),

                        // Some Customer Information
                        "x_cust_id"             => mt_rand(),
                        "x_customer_ip"         => $_SERVER['REMOTE_ADDR'],

                    );

                    // Send this payload to Authorize.net for processing
                    $response = wp_remote_post( $environment_url, array(
                        'method'    => 'POST',
                        'body'      => http_build_query( $payload ),
                        'timeout'   => 90,
                        'sslverify' => false,
                    ) );

                    if ( is_wp_error( $response ) ) 
                        throw new Exception( esc_html_e( 'We are currently experiencing problems trying to connect to this payment gateway. Sorry for the inconvenience.', 'wpspf_with_authorize.net' ) );

                    if ( empty( $response['body'] ) )
                        throw new Exception( esc_html_e( 'Authorize.net\'s Response was empty.', 'wpspf_with_authorize.net' ) );

                    // Retrieve the body's resopnse if no errors found
                    $response_body = wp_remote_retrieve_body( $response );

                    // Parse the response into something we can read
                    foreach ( preg_split( "/\r?\n/", $response_body ) as $line ) {
                        $resp = explode( "|", $line );
                    }


                    // Get the values we need
                    $r['response_code']             = $resp[0];
                    $r['response_sub_code']         = $resp[1];
                    $r['response_reason_code']      = $resp[2];
                    $r['response_reason_text']      = $resp[3];

                    // Test the code to know if the transaction went through or not.
                    // 1 or 4 means the transaction was a success
                    if ( ( $r['response_code'] == 1 ) || ( $r['response_code'] == 4 ) ) {
                        // Payment has been successful
                        $customername = sanitize_text_field($_POST['customer_name']);
                        $servicetype = sanitize_text_field($_POST['servicetype']);
                        echo  '<div class="success">Thanks! '.$customername.',  Your payment has been successfully completed for service "'.$servicetype.'"</div>';         
                    } else {
                        // Transaction was not succesful            
                        $error = $r['response_reason_text'];
                        echo  '<div class="error">'.$error.'</div>';
                    }
                }else{
                    echo  '<div class="error">Invalid captcha. Please try again.</div>';        
                } 
            }                   
        
        ?>
        <style>
            .wc-credit-card-form{ width:100%;}
            .form-field{ width: 100%; padding: 5px; }
            .success{ padding: 10px;border: 1px solid rgb(6, 149, 6);color: rgb(24, 180, 24);}
            .error{ padding: 10px;border: 1px solid #ed0a0a;;color: #ed0a0a;;}
            .wc-credit-card-form th {
                    width: 260px;
             }
            .required {
                color: #ed0a0a;
            }
         </style>
        <div class="payment_box payment_method_authorizenet_lightweight">
        <form method="post" id="wpspf_form" onsubmit="return wpspfCheckGrecaptcha();" name="payment" action="">
            <h4><?php echo esc_attr( get_option('wpspf_paymentheading') ); ?></h4>

        <table id="wc-authorizenet_lightweight-cc-form" class="wc-credit-card-form wc-payment-form">
            <tr>
                <th><?php echo esc_html_e( 'First Name', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="customer_first_name" id="customer_first_name" placeholder="First Name" class="form-field" value="<?php if(isset($_POST['customer_first_name'])){ echo $_POST['customer_first_name']; }?>" required="required"></td>
            </tr>
            <tr>
                <th> <?php echo esc_html_e( 'Last Name', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="customer_last_name" id="customer_last_name" placeholder="Last Name" class="form-field" value="<?php if(isset($_POST['customer_last_name'])){ echo $_POST['customer_last_name']; }?>" required="required"></td>
            </tr>

            <?php if( intval(get_option( 'wpspfnet_enable_servicetype' ))==1 ){ 
            $wpspf_servicetypes = esc_attr( get_option('wpspf_servicetype') );
            if($wpspf_servicetypes!=''){   $wpspf_servicetypes = explode('|',$wpspf_servicetypes); }
               if(!empty($wpspf_servicetypes)){
            ?>
            <tr>
                <th>  <?php echo esc_html_e( 'Donation Type', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><select name="servicetype" id="servicetype"required="required" class="form-field">
                    <option value="">Select any one</option>
                    <?php 
                          foreach($wpspf_servicetypes as $wpspf_servicetype){
                    ?>
                    <option value="<?php echo $wpspf_servicetype;?>"><?php echo $wpspf_servicetype;?></option>
                    <?php }  ?>
                    </select></td>
            </tr>
            <?php } } ?>
            <tr>
                <td></td>
		<th><?php echo esc_html_e( 'Enter dollar amount below from your Donation Type selection above:', 'wpspf_with_authorize.net' ); ?></th>
               
            </tr>            <tr>
                <th><?php echo esc_html_e( 'Payment Amount ', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="payment_amount" id="payment_amount" placeholder="Payment Amount" class="form-field" value="<?php if(isset($_POST['payment_amount'])){ echo $_POST['payment_amount']; }?>" required="required"></td>
            </tr>
            <tr>
                <th><?php echo esc_html_e( 'Street Address', 'wpspf_with_authorize.net' ); ?> <span class="required">*</span></th>
                <td><input type="text" name="service_address" id="service_address" placeholder="Address" class="form-field" value="<?php if(isset($_POST['service_address'])){ echo $_POST['service_address']; }?>" required="required"></td>
            </tr>
            <tr>
                <th> <?php echo esc_html_e( 'City', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="service_city" id="service_city" placeholder="City" class="form-field" value="<?php if(isset($_POST['service_city'])){ echo $_POST['service_city']; }?>" required="required"></td>
            </tr>
            <tr>
                <th> <?php echo esc_html_e( 'State', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="service_state" id="service_state" placeholder="State" class="form-field" value="<?php if(isset($_POST['service_state'])){ echo $_POST['service_state']; }?>" required="required"></td>
            </tr>
            <tr>
                <th> <?php echo esc_html_e( 'Zip Code', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="service_zipcode" id="service_zipcode" placeholder="Zip Code" class="form-field" value="<?php if(isset($_POST['service_zipcode'])){ echo $_POST['service_zipcode']; }?>" required="required"></td>
            </tr>

            <tr>
                <th> <?php echo esc_html_e( 'Phone', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="customer_phone" id="customer_phone" placeholder="Phone" class="form-field" value="<?php if(isset($_POST['customer_phone'])){ echo $_POST['customer_phone']; }?>" required="required"></td>
            </tr>
            <tr>
                <th> <?php echo esc_html_e( 'Email', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input type="text" name="customer_email" id="customer_email" placeholder="Email" class="form-field" value="<?php if(isset($_POST['customer_email'])){ echo $_POST['customer_email']; }?>" required="required"></td>
            </tr>
            
  
            <tr>
                <th>  <?php echo esc_html_e( 'Payment Methodโ€', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><select name="paymentmethod" id="paymentmethod" required="required" class="form-field">
                    <option value="">Select any one</option>
                    <option value="VISA">VISA</option>
                    <option value="MasterCard">MasterCard</option>
                    <option value="AMEX">AMEX</option>
                    <option value="Discover">Discover</option>
                    </select>
                </td>
                </tr>
            
            <tr>
                <th> <?php  echo esc_html_e( 'Credit Card Number', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input id="authorizenet_lightweight-card-number" value="<?php if(isset($_POST['wpspf_authorizenet_card-number'])){ echo $_POST['wpspf_authorizenet_card-number']; }?>" class="form-field"   maxlength="20" autocomplete="off" placeholder="โ€ขโ€ขโ€ขโ€ข โ€ขโ€ขโ€ขโ€ข โ€ขโ€ขโ€ขโ€ข โ€ขโ€ขโ€ขโ€ข" name="wpspf_authorizenet_card-number" type="text" required="required"></td>
            </tr>
            <tr>
                <th> <?php echo esc_html_e( 'Expiration Dateโ€ (MM/YY)', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
                <td><input id="authorizenet_lightweight-card-expiry" class="form-field" maxlength="5"  autocomplete="off" placeholder="MM / YY" name="wpspf_authorizenet_card-expiry" value="<?php if(isset($_POST['wpspf_authorizenet_card-expiry'])){ echo $_POST['wpspf_authorizenet_card-expiry']; }?>" type="text" required="required"></td>
            </tr>
            <tr>
            <th> <?php echo esc_html_e( 'Security Codeโ€', 'wpspf_with_authorize.net' ); ?><span class="required">*</span></th>
            <td><input id="authorizenet_lightweight-card-cvc" class="form-field" autocomplete="off" placeholder="CVC" name="wpspf_authorizenet_card-cvc" value="<?php if(isset($_POST['wpspf_authorizenet_card-cvc'])){ echo $_POST['wpspf_authorizenet_card-cvc']; }?>" type="text" required="required"></td>
            </tr>
            
            <tr>
                <td><input type="hidden" id="spGoogleCaptchaRes" name="spGoogleCaptchaRes" value="" required="required"></td>
                <td>
                    <div id="spGoogleCaptcha"></div>    
                </td>
            </tr>
            
            <tr><td></td><td style="text-align:right;padding: 10px;">
                <IMG src="//payments.intuit.com/payments/landing_pages/LB/default.jsp?c=VMAD&l=H&s=2&b=FFFFFF" width="235" height="35" border=0 alt="Credit Card Logos" /> 
                </td></tr>
            <tr id="wpspf_submit_btn" style="display: none">    <td></td>       
            <td>
                <?php wp_nonce_field('wpspf_nonce_billpay_action', 'wpspf_billpay_nonce'); ?>
                <input type="submit" name="wpspf_payment" class="btn button form-field" value="Submit Your Donation"></td></tr>
            </table>
        </form>
        <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
        <script type="text/javascript">
            function wpspfCheckGrecaptcha(){
                var spGoogleCaptchaRes = jQuery('#spGoogleCaptchaRes').val();
                if(spGoogleCaptchaRes==''){
                    return false;
                }else{
                    return true;
                }                
            }
      var verifyCallback = function(token) {
        jQuery('#wpspf_submit_btn').show();
        jQuery('#spGoogleCaptchaRes').val(token);
      };

      var expiredCallback = function() {
        jQuery('#wpspf_submit_btn').hide();
        var tokenBlank = '';
        jQuery('#spGoogleCaptchaRes').val(tokenBlank);
      };
      
      var captchaTheme = 'light';
      var sitekey = '<?php echo $publickey; ?>';
      var onloadCallback = function() {        
        grecaptcha.render('spGoogleCaptcha', {
          'sitekey' : sitekey,
          'callback' : verifyCallback,
          'expired-callback' : expiredCallback,
          'theme' : captchaTheme
        });
      };
    </script>
        <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
        async defer>
    </script>
<script>
    jQuery(document).ready(function(){ 
        jQuery('#authorizenet_lightweight-card-number').on('keyup', function() {
          var foo = jQuery(this).val().split(" ").join(""); 
          if (foo.length > 0) {
            foo = foo.match(new RegExp('.{1,4}', 'g')).join(" ");
          }
          jQuery(this).val(foo);
        });
        
        jQuery('#authorizenet_lightweight-card-expiry').on('keyup', function() {
          var foo = jQuery(this).val().split("/").join(""); 
            
          if (foo.length > 0) {
            foo = foo.match(new RegExp('.{1,2}', 'g')).join("/");
          }
          jQuery(this).val(foo);
        });
    });
</script>
</div>
<?php
}
}
add_shortcode('wpspf-paymentform','wpspf_paymentform');
?>
pokerxanadu
Contributor

Hi pokerxanadu

 

I'm not all that familiar with the WP plug-in you have chosen, however it appears to be using a mixture of API methods. The AIM POST method is being used it appears, but it also uses terminology related to Authorize.Net API (that which is found and documented in the API Reference Guide). The AIM POST method is a deprecated API and would suggest that you use Authorize.Net API over AIM as a result. 

 

If the plug-in you have chosen doesn't provide details on what API methods it is using and you are not sure, I would suggest reaching out to the developer of the plug-in for clarification as needed.

 

I hope this information is helpful to you. 

 

Regards,

Elaine

Thanks, Elaine. Unfortunately, the plugin developer isn't available so I have to try to do it myself.

 

To use the Authorize.net API, which code example in the online reference guide should I be looking to use? Is it the PHP example under "Charging a Credit Card"? Which part of my plugin code that I posted is the AIM POST method that I need to replace with the Authorize.net API?

Hi pokerxanadu

 

I really couldn't comment on another software's plug-in functionality. I would only be guessing. Have you tried the Word Press forums? That would be my recommendation. 

 

Regards,

Elaine

Hi Elaine,

 

Could you at least answer this:

 

To use the Authorize.net API, which code example in the online reference guide should I be looking to use for compatability with WordPress? Is it the PHP example under "Charging a Credit Card"? 

 

Thanks,

 

Martin

 

@pokerxanadu

You would want the getAnAcceptPaymentPage. I think that is what it is called. You are in for one heck of an exercise. Iโ€™ve done this type of work on CMS before and I would expect to spend minimum 100 hours on this, if I were you.

The accept hosted form is called using a token. You make an API call that gets you a token. Then you submit a form (meaning the user does with a button or your website does with JavaScript, automatically) to auth.net with the token value. There will be a redirect. The customer completes the purchase. Sounds like you might be good as soon as the customer pays, with no more data needed from auth.net. If that isnโ€™t the case, you will have to set up a webhooks endpoint with a server side programming script. Your merchant interface on the auth.net login will have all the info, it is just that your website wonโ€™t know the difference without a webhooks endpoint set up and working.

The thing that makes this hard is the massive CMS infrastructure. It is very hard to figure out what content is driven by what script. I fixed a plugin like this for another CMS. The plugin developer told the client what the client wanted was impossible, one day before I had working code and a fully working app. I ended up having to do everything outside of the CMS as if the CMS infrastructure didnโ€™t exist.

I strongly advise you to stay far, far away from the chargeCreditCard script, if you are on Wordpress or if your site makes less than $200k net income. That is an SAQ D scope integration and PCI expects you to follow a security protocol that is literally 65+ pages of bullet points. If someone reports to MasterCard that they think their info was compromised through your site, whether true or not, if you get audited they will check you against this ultra expensive to implement ream of bullet points and if you donโ€™t comply, they will find you $200 to $400 for each order you have processed.

That script is for larger merchants who can handle the overhead and get enough benefit out of having their own checkout form to justify the cost. The costs include hiring specially trained and certified people to scan and pen test your site, which I would say you would be very lucky to get for $4,000 per year, and thatโ€™s just a handful of the endless bulletpoints for that method. Short story - stay away.

Iโ€™ve just given you a mountain of very hard to digest info. For you I say do it. This will be something that will have you ready to pull your hair out but you will learn something in the process. At the end of it you will be very happy with what youโ€™ve accomplished.

@Renaissance Thanks for the detailed reply! Seems this is way too big a project for me. I'm not a programmer by trade. I volunteer to do the website for a small non-proft.

 

The sales/donation through the website run about 10K per year, with the large majority of that going towards goods given in exchange (auction items, door prizes, etc.). Spending a chunk of money for a developer to write the necessary code is just not affordable for the organization. It is unfortunate that Authorize.net is retiring the very simple solution of Simple Checkout, which requires insertion of just one line of code for our needed transactions. I guess I'll just hold out for as long as Authorize.net continues to make Simple Checkout or AIM API available, and look for another service provider that can provide a similar simple solution in the meantime.

 

 

By the way, the reason I am looking to switch from Simple Checkout to an API solution is that Trent F. at Authorize.net Customer Support wrote this to me in a support case I submitted:

 

"I would highly recommend considering other integration methods as we are updating our system in the future and Simple Checkout will not be available at that time. Here are some links on different integration methods..."

 

Looking now at other service providers like Square and Stripe, I see they all offer payment buttons comparable to Simple Checkout. And I see that Authorize.net itself still promotes Simple Checkout as a solution on their website. So maybe Trent steered me in the wrong direction! Is it true or not that Authorize.net is retiring Simple Checkout in the near future?

@pokerxanadu 

 

Not sure but that doesn't sound right. @ElaineM would be the one to answer that. I do not think I have seen anything at all about simple checkout being deprecated, and if it were they would probably replace it with a new product that works the same.  Note that even when integrations are deprecated they still work for years before being retired. SIM has been deprecated for years and there are  still a zillion of those up and running. I wouldn't worry if I were you.