cancel
Showing results for 
Search instead for 
Did you mean: 

x_trans_ID on merchant is not the same as the one originated by Authorize.net server

I’m trying to implement the DPM, using VB and .NET. The problem that I’m having is that after originating a transaction number on the merchant account and sending it to the Authorize.net, I end having two different numbers. The one originated by the merchant is different than the server x_trans_ID response value.

 

 Example: Merchant server originates a transaction ID and I send it to the Authorize.net server like x_trans_ID = 235648971, however, after credit card is charged and all transactions take place on Authorize.net server, the response that I got for the x_trans_ID is different like: 8815489745, Why? Do anybody have a clue of why this? How could I fix this?

 

Thanks    

AuthComm25
Contributor
1 ACCEPTED SOLUTION

Accepted Solutions

Ok. I see what you are trying to do.

 

No. the x_trans_id is one of the post values return to you on the relay response.

You will use that to create the your MD5 hash to compare to the x_MD5_Hash that is also return from the relay response.

View solution in original post

11 REPLIES 11

Which transaction Type did you use to capture? Should be using "Prior Authorization and Capture" if the "Authorization Only" is from authorize.net.

Or you might have to post your code so we can see what is going on.

RaynorC1emen7
Expert

Thanks a lot for your respond. Hmm, this is what I'm using: collections.Add("x_type", "AUTH_CAPTURE"). I'm going to check this part and play a little bit with this. I will notify about result later. Once again, thanks a lot. 

"AUTH_CAPTURE" create a new transaction, it doesn't use any auth_only info.

here the transaction type

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=SIM_transaction_dat...

All of this is very confuse. The following is in the manual: 

 

Prior Authorization and Capture
This transaction type completes an Authorization Only transaction that was successfully authorized through the payment gateway. It can be submitted only from the Merchant Interface, not from a SIM application.
If this transaction type is required, we recommend that the merchant process the transactions by logging in to the Merchant Interface directly or by using a desktop application that uses AIM.
 
So, if it can be submitted only from the Merchant interface, it can not be use on my website for the DPM. As matter of fact, there is not an API field for this one. As example, for the other one you may use: 
<INPUT TYPE=HIDDEN NAME=”x_type” VALUE=”AUTH_CAPTURE”> 
But there is nothing like VALUE=”PRIOR_AUTH_CAPTURE” as far as I know. I'm very confuse with all of this and the manual is not very helpful at all. I would appreciate you help on this one. Thanks

When you create a transaction on the merchant virtural terminal, you can select either "auth_only" or "auth_and_capture"

If you pick "auth_and_capture", you are done.

 

For DPM, you can only do auth_only or auth_and_capture

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Appendix%20A.html

 

 

 

If you create an auth_only transaction, search the unsettled transactions list on the merchant account and do a capture on it.

OK, I got you, I'm going to try again with your suggestions. The problem is Authorize.net and the stupid manual. They do not update things. If you check this link:

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=SIM_transaction_dat...

 

you wil see that instead of " auth_and_capture" they have  "AUTH_CAPTURE". I don't know if this make a difference or is the same, I'm going to check now and will let you know.

 

Thanks for your help

OK, after test, this is the result:

 

1) For my DPM with  collections.Add("x_type", "auth_and_capture"), transaction is not going thru and is giving me error.

 

2) With collections.Add("x_type", "AUTH_CAPTURE”"), transaction is done, etc but the x_trans_id assign by my server is different than the one returning from the Auth server.

 

What should I do now? And I do not want "auth_only", since I want to charge the cc inmediately during transactions.

 

Thanks

Question what do you mean collections.add(.....

How are you posting to authorize.net?

 

2) With collections.Add("x_type", "AUTH_CAPTURE”"), transaction is done, etc but the x_trans_id assign by my server is different than the one returning from the Auth server.

x_trans_id assign by my server what do you mean assign by your server? You don't pass in the x_trans_id, you recevied back from authorize.net

I better post the code to explain myself better. Here is everything:

 

  Dim transactionKey = "5748……………." 'This is the one for the sandbox account 
            Dim loginID = "7G2M…………."   'This is the one for the sandbox account
            
            'A sequence number is randomly generated
            Dim random As New Random
            Dim sequence = random.Next(0, 1000)

            'A time stamp is generated 
            Dim timeStamp = CInt((DateTime.UtcNow - New DateTime(1970, 1, 1)).TotalSeconds)
            
            'Generate a fingerprint
            Dim CreateFingerprint As New CCTransactionFingerprint()
            Dim fingerprint = CreateFingerprint.HMAC_MD5(transactionKey, loginID & "^" & sequence & "^" & timeStamp & "^" & TotalSalePrice & "^")
             
            'This following value generate the MD5 Hash feature value on my server to validate the Authorize.net server MD5 Hash response.             
            Dim MD5_Hash_Feature As String 'This hash feature is formed by the hash_value, the login, the transaction (ID) and the amount in dollars.
            
            Dim Hash_value = "New…." 'This value is saved on the Authorize.net server 
            'This part assign a Transaction(ID) at ramdom
            Dim TransactionID As String = sequence.ToString & timeStamp.ToString
                                    
            MD5_Hash_Feature = Hash_value.ToString & loginID.ToString & TransactionID.ToString & TotalSalePrice.ToString
            
           
            'Generate Hash from class
            Dim CreateHash As New MD5HashGenerator() 'Here we create a sample of the class
            Dim HashTransKey = CreateHash.GetHash(MD5_Hash_Feature)
             
            
            'Here several important information values are temporarily save to database in order to compare values with the ones returned from Authorize.net server
            cmd.Dispose()
            cmd.Parameters.Clear()
            con.Open()
            cmd = New SqlCommand("INSERT INTO AdProvisionalDataForCCardTrans (TUserName, TCompanyName, TTransactionID, TTransactionTotal, THashTransKey) VALUES (@UserName, @CompanyName, @TransactionID, @TransactionTotal, @HashTransKey)", con)
            cmd.Parameters.AddWithValue("@UserName", UserName)
            cmd.Parameters.AddWithValue("@CompanyName", CompanyName)
            cmd.Parameters.AddWithValue("@TransactionID", TransactionID)
            cmd.Parameters.AddWithValue("@TransactionTotal", TotalSalePrice.ToString)
            cmd.Parameters.AddWithValue("@HashTransKey", HashTransKey)
            
            cmd.ExecuteNonQuery()
            cmd.Parameters.Clear()
            con.Close()
            
            
            
            
            
            'Here we create a HTML form in the code behind to POST the information to the credit card gateway
                        
            Dim collections As New NameValueCollection()
            collections.Add("x_version", "3.1")
            collections.Add("x_login", loginID.ToString)
            collections.Add("x_fp_sequence", sequence)
            collections.Add("x_fp_timestamp", timeStamp)
            collections.Add("x_amount", TotalSalePrice.ToString)
            collections.Add("x_fp_hash", fingerprint)
             collections.Add("x_method", "CC")
            collections.Add("x_type", "auth_capture")
            collections.Add("x_relay_always", "True") 'This is only use with DPM
             collections.Add("x_card_num", CreditCardNumberTextBox.Text.ToString) 'This is only use with DPM
            collections.Add("x_exp_date", CreditCardExpirationDateTextBox.Text.ToString) 'This is only use with DPM
            collections.Add("x_card_code", CreditCardCodeTextBox.Text.ToString) 'This is only use with DPM
           
‘Here I pass the x_trans_id to the Authorize server in order for it to have the same value that I have to generate a MD5_Hash_Feature and after that get a x_MD5_Hash to compare to the one generate on my server. If I do not send the x_trans_id, they won’t be able to generate one with the same parameters as me and the x_MD5_Hask is going to be always different. Won’t be able to validate.

collections.Add("x_trans_id", TransactionID.ToString)
collections.Add("x_description", TypeOfSpaceToBuyInIssue.ToString)
 collections.Add("x_company", CompanyName.ToString)
 collections.Add("x_relay_url", 

"http://.......RelayPage.aspx") 'This is the URL for the page on my site that receive the relay massage from the credit card gateway 
            
                
 Dim remoteUrl As String = "https://test.authorize.net/gateway/transact.dll"  'This URL is only for testing purposes
  
          
         ‘Here I prepare the form and send it to the remote URL   
           
            Dim html As String = "<html><head>"
            html += "</head><body onload='document.forms[0].submit()'>"
            html += String.Format("<form name='SimForm' method='POST' action='{0}'>", remoteUrl)
            For Each key As String In collections.Keys
                html += String.Format("<input name='{0}' type='Hidden' value='{1}'>", key, collections(key))
            Next
            html += "</form></body></html>"
            Response.Clear()
            Response.ContentEncoding = Encoding.GetEncoding("ISO-8859-1")
            Response.HeaderEncoding = Encoding.GetEncoding("ISO-8859-1")
            Response.Charset = "ISO-8859-1"
            Response.Write(html)
            Response.End()
                  
           

The critical point here is,  that in my understanding I must send the x_trans_ID generate on my server side to the Auth server, in order to both have the same number to generate the MD5_Hash_Feature with this formula = Hash_value.ToString & loginID.ToString & TransactionID.ToString & TotalSalePrice.ToString. If we do not have the same transactionID value for this formula, it is obvious that our x_MD5_Hash are never going to be the same, so validating this will be always false.

 

Thanks