Help - Processing credit cards...

**Bigjohn** · February 3rd, 2008, 12:37 PM

My wife now has a merchant account. Pay-Pal and Ebay are jerking sellers around so much that we took the plunge.

The merchant account has web-services capability, but they recommend that rather than using hidden fields in a form (something I could maybe hack together) that you should have this data "server side".

I can figure out how to make it work on her website with Virtuemart - they have a billion payment gateway plugins.

But what the Wife want's to do... if ultimately possible...

Grab the data from her closed fleabay auctions.
Generate an Email that contains a link to her payment page. Ideally that link will contain the info from the auction (at least the auction number and the $$) and auto populate the payment page.

Customer will fill in the rest of the cc info, shipping info, etc. and submit. This will then be processed via her merchant account.

Anyone up to the challenge of helping with this? I'm familiar with API work -- I do project management at my job -- but the coding is over my head....

Might even be able to pay a little... not right away but after the script is in play and she can sell a few things.

Please, Surmunity... will one of you RISE to the challenge?

**Bigjohn** · February 6th, 2008, 12:01 AM

Anyone? Please help?

H · February 6th, 2008, 1:10 PM

Are the E-Bay auctions still publically accessible or are they behind closed doors? If they're openly available, it should be pretty easy to scrape them.

So you scrape them, toss the auctions into a database or static files after they've been cleaned up. Now you can hopefully grab relevant data to stick into an e-mail. I'm kind of wondering who the e-mail is being sent to... is this after someone clicks buy on a page or to people through E-Bay? Anyways, you have the price information and a payment processing link.

User clicks on link, takes them to a page awaiting the usual billing information. Now using the API through calls on the server (this can be tricky with some PHP configurations), you verify the billing information and finalize the purchase. Probably sending out an e-mail to both the purchaser and your wife confirming the purchase. Probably a later e-mail when said item is shipped along with a tracking URL.

---

Before I even think about the more technical implementation, is this what you're wanting? I just want to make sure I understand what you're looking for.

Another question, what merchant is she going to be using?

**Mark** · February 6th, 2008, 4:35 PM

I've done something along those lines with surpasshosting.com/secureorder.php. Basically, you just need to come up with a 2 way encryption method. I found this before on google. (so don't flame for stealing code

Code:

        function aesEncrypt($data, $password, $compress) {
                srand((double) microtime() * 1000000);  //for sake of MCRYPT_RAND
                $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
                $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $password, $data, MCRYPT_MODE_ECB, $iv);
                $encoded = base64_encode($iv) . "|" . base64_encode($encrypted);
                if ($compress) $encoded = base64_encode(gzcompress($encoded, 9));
                return $encoded;
        }
        function aesDecrypt($encrypted, $password, $compressed) {
                if ($compressed) $encrypted = gzuncompress(base64_decode($encrypted));
                if ($encrypted === false) return false;
                $parts = explode("|", $encrypted);
                if (sizeof($parts) != 2) return false;
                $iv = base64_decode($parts[0]);
                $encrypted = base64_decode($parts[1]);
                $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $password, $encrypted, MCRYPT_MODE_ECB, $iv);
                return $decrypted;
        }

Use the encrypt function to encrypt a parsable string like: "auctionid=1111|total=234.56"
Take that and encrypt it and append it to the url like:

https://bigjohn.com/payment.php?data...ydufkhfhhjfhkd

Where data is the encrypted payment details. Now store that in a session variable once the person first visits the page. Once you have posted CC info from customer, descrypt $_SESSION['data'], then explode("|",$data) and use your newly decoded array

February 3rd, 2008, 12:37 PM	#1 (permalink)
Bigjohn minor deity Super #1 Joined in Apr 2004 Lives in Georgia Hosted on XEON 7,394 posts Gave thanks: 28 Thanked 94 times	Help - Processing credit cards... My wife now has a merchant account. Pay-Pal and Ebay are jerking sellers around so much that we took the plunge. The merchant account has web-services capability, but they recommend that rather than using hidden fields in a form (something I could maybe hack together) that you should have this data "server side". I can figure out how to make it work on her website with Virtuemart - they have a billion payment gateway plugins. But what the Wife want's to do... if ultimately possible... Grab the data from her closed fleabay auctions. Generate an Email that contains a link to her payment page. Ideally that link will contain the info from the auction (at least the auction number and the $$) and auto populate the payment page. Customer will fill in the rest of the cc info, shipping info, etc. and submit. This will then be processed via her merchant account. Anyone up to the challenge of helping with this? I'm familiar with API work -- I do project management at my job -- but the coding is over my head.... Might even be able to pay a little... not right away but after the script is in play and she can sell a few things. Please, Surmunity... will one of you RISE to the challenge? __________________ Proud to be a Surmunity Mod! XEON PASS60 PASS61 Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -*ON WEB* - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does!

February 6th, 2008, 12:01 AM	#2 (permalink)
Bigjohn minor deity Super #1 Joined in Apr 2004 Lives in Georgia Hosted on XEON 7,394 posts Gave thanks: 28 Thanked 94 times	Anyone? Please help? __________________ Proud to be a Surmunity Mod! XEON PASS60 PASS61 Make a fundamental difference! My Sites: Curious about Brewing Beer? Join the community! >>>>> Some Change is GOOD! Keep your paycheck! Support the Fair Tax Get into an Art museum Victorian London It's your brain -*ON WEB* - mybrainhost.com (under development) What SHOULD Government do? Much Less than it Does!

February 6th, 2008, 4:35 PM	#4 (permalink)
Mark Surpass Developer Excelling Contributor Joined in Jan 2004 Lives in Florida Hosted on decc.surpasshosting.com 511 posts Gave thanks: 20 Thanked 78 times	I've done something along those lines with surpasshosting.com/secureorder.php. Basically, you just need to come up with a 2 way encryption method. I found this before on google. (so don't flame for stealing code Code: function aesEncrypt($data, $password, $compress) { srand((double) microtime() * 1000000); //for sake of MCRYPT_RAND $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND); $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $password, $data, MCRYPT_MODE_ECB, $iv); $encoded = base64_encode($iv) . "\|" . base64_encode($encrypted); if ($compress) $encoded = base64_encode(gzcompress($encoded, 9)); return $encoded; } function aesDecrypt($encrypted, $password, $compressed) { if ($compressed) $encrypted = gzuncompress(base64_decode($encrypted)); if ($encrypted === false) return false; $parts = explode("\|", $encrypted); if (sizeof($parts) != 2) return false; $iv = base64_decode($parts[0]); $encrypted = base64_decode($parts[1]); $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $password, $encrypted, MCRYPT_MODE_ECB, $iv); return $decrypted; } Use the encrypt function to encrypt a parsable string like: "auctionid=1111\|total=234.56" Take that and encrypt it and append it to the url like: https://bigjohn.com/payment.php?data...ydufkhfhhjfhkd Where data is the encrypted payment details. Now store that in a session variable once the person first visits the page. Once you have posted CC info from customer, descrypt $_SESSION['data'], then explode("\|",$data) and use your newly decoded array __________________ Mark Surpass Hosting Developer sɹnoʎ uɐɥʇ ɹǝʇʇǝq sı bıs ʎɯ

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

February 6th, 2008, 1:10 PM	#3 (permalink)
H after g, before i Resident. Joined in Jul 2004 Lives in N,BC,CA 8,086 posts Gave thanks: 48 Thanked 131 times	Are the E-Bay auctions still publically accessible or are they behind closed doors? If they're openly available, it should be pretty easy to scrape them. So you scrape them, toss the auctions into a database or static files after they've been cleaned up. Now you can hopefully grab relevant data to stick into an e-mail. I'm kind of wondering who the e-mail is being sent to... is this after someone clicks buy on a page or to people through E-Bay? Anyways, you have the price information and a payment processing link. User clicks on link, takes them to a page awaiting the usual billing information. Now using the API through calls on the server (this can be tricky with some PHP configurations), you verify the billing information and finalize the purchase. Probably sending out an e-mail to both the purchaser and your wife confirming the purchase. Probably a later e-mail when said item is shipped along with a tracking URL. --- Before I even think about the more technical implementation, is this what you're wanting? I just want to make sure I understand what you're looking for. Another question, what merchant is she going to be using?

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)