Welcome to WebmasterWorld Guest from 54.196.244.186

Forum Moderators: buckworks

Message Too Old, No Replies

Can anyone help me set up a site to use Authorize.net?

I've setup PayPal but this is quite different!

     
10:01 am on Jun 8, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Oct 8, 2003
posts:503
votes: 3


Just set up an account with authorize.net. I am trying to figure out how to get it working. Too bad they stopped the web link method. I am now using the SIM guide method. I am using asp but I can't get the link to download sim.asp, md5.asp, SIMData.asp, SIMlib.asp. Also what will I require to get the payment page up and running. Can anyone please explain me in detail how to get started as I have no idea on using authorize.net I have implemented paypal before but it was very simple.
12:07 am on June 9, 2004 (gmt 0)

Full Member

10+ Year Member

joined:May 29, 2003
posts:202
votes: 0


Log in to your authorize.net account, click on "Help" from the links on the left side, then "Sample Simple Integration Methods (SIM) Scripts" at the bottom of the page and download the samples - they're all .ZIP files. They can be modified slightly to work with your web site and away you go.
1:22 pm on June 10, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Apr 16, 2004
posts:395
votes: 0


does anyone have a live demo of what SIM looks like in action? :)
2:27 pm on June 10, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2003
posts:1418
votes: 0


Don't use SIM, Use AIM (Advanced Integration Method). Much better way to send/receive data. Your web server's back-end will determine how you do this, if you're on a Windows server I can post some ASP code that will do the trick for you. I wrote a function a long time ago to simplify this, where all you have to do is call the function and get a True or False for whether it was approved or not.

If isCardValid(CardNumber,ExpDate,etc...) = True Then
' transaction approved
else
' transaction declined
End If

Let me know, I've been using Authorize.Net since 1997. If you're not using a Windows NT or 2000 server, if you want I can post the code anyway and maybe you can figure out how to duplicate it for your own back-end? I'm sending the data to them using the Microsoft XMLHTTP Object (which makes an HTTP POST and receives a comma-delimited string in return).

(I know you said you were using ASP but I need to make sure that you're using it on a WINDOWS server, that Linux ASP emulator crap doesn't work with components)

5:31 pm on June 10, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:May 16, 2003
posts:592
votes: 0


They have a pdf manual on how to do it with the AIM method, it includes some code samplesa in asp and php, if my memory is correct.
10:50 pm on June 10, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 12, 2003
posts:772
votes: 0


Digitalv,

Is that http or https with XMLHTTP?

The aim pdf says it needs https, so if XMLHTTP will handle https, I would be a very happy camper.

Plumsauce

11:50 pm on June 10, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2003
posts:1418
votes: 0


Yep, it's 100% HTTPS ... Unfortunately I'm at home now though, I will send you the code tomorrow when I get to the office.
5:46 am on June 11, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Oct 8, 2003
posts:503
votes: 3


I am using Windows Server. I have enabled Weblink method is that good enough. I find it is quiet simple and easy to integrate. Are there any shortcomings to it? Is it ok to use weblink in the long run.
3:06 pm on June 11, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2003
posts:1418
votes: 0


I am using Windows Server. I have enabled Weblink method is that good enough. I find it is quiet simple and easy to integrate. Are there any shortcomings to it? Is it ok to use weblink in the long run.

I wouldn't - people can see your Authorize.Net username by viewing the source of the page. Not to mention they can tell you're using Authorize.Net. Plus there is no back-end functionality for updating scripts, etc... you're having Authorize.Net's servers do everything and relying on an e-mail receipt from them to determine whether an order came through or not. Do you log in and verify every order? Authorize.Net has been using a standard e-mail message for a while, occasionally I get fake ones that don't match up to an actual order in the system. If I relied on their merchant email receipt, I could have lost some serious cash over the years :(

Code coming up in next post ...

3:23 pm on June 11, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2003
posts:1418
votes: 0


Ok, I don't know how well this will paste but we'll see. One other thing, it's important to make sure you strip out any "&" signs in the fields that you are submitting. You can do this after you request the variable from the form by using replace(variablename,"&","")

AUTH_NET_LOGIN = YOURLOGIN
AUTH_NET_PASSWORD = YOURPASSWORD
AMOUNT_TO_CHARGE = 25
INVOICE_NUMBER = 123456

CUST_ID= "1"
FIRST_NAME= "Joe"
LAST_NAME= "Blow"
CARD_NUMBER = "4111111111111111"
EXP_DATE = "0505"
ADDRESS= "123 4th Street"
ZIPCODE= "12345"
DESCRIPTION= "A description of whatever was purchased"

posturl = "https://secure.authorize.net/gateway/transact.dll"

xmlrequest = xmlrequest & "x_Version=3.1"
xmlrequest = xmlrequest & "&x_Delim_Data=True"
xmlrequest = xmlrequest & "&x_Login=" & AUTH_NET_LOGIN
xmlrequest = xmlrequest & "&x_Password=" & AUTH_NET_PASSWORD
xmlrequest = xmlrequest & "&x_Type=AUTH_CAPTURE"

xmlrequest = xmlrequest & "&x_Email_Merchant=True"
xmlrequest = xmlrequest & "&x_Email_Customer=False"
xmlrequest = xmlrequest & "&x_Test_Request=False"

xmlrequest = xmlrequest & "&x_Amount=" & AMOUNT_TO_CHARGE
xmlrequest = xmlrequest & "&x_Invoice_Num=" & INVOICE_NUMBER
xmlrequest = xmlrequest & "&x_Cust_id=" & CUST_ID
xmlrequest = xmlrequest & "&x_First_Name=" & FIRST_NAME
xmlrequest = xmlrequest & "&x_Last_Name=" & LAST_NAME
xmlrequest = xmlrequest & "&x_Card_Num=" & CARD_NUMBER
xmlrequest = xmlrequest & "&x_Exp_Date=" & EXP_DATE
xmlrequest = xmlrequest & "&x_Address=" & ADDRESS
xmlrequest = xmlrequest & "&x_Zip=" & ZIPCODE
xmlrequest = xmlrequest & "&x_Description=" & DESCRIPTION

Set xml = Server.CreateObject("MSXML2.ServerXMLHTTP")
xml.open "post", posturl, false
xml.SetRequestHeader "Content-Type", "application/x-www-form-urlencoded"
xml.send xmlrequest

While (xml.readyState <> 4) AND (attempt < 50001)
xml.waitForResponse(1000)
attempt = (attempt + 1)
Wend

If xml.ReadyState <> 4 Then
call ErrorAlert("Time out waiting for remote server")
response.end
End If

' Get the response from Authorize.net
ResultHTML = xml.ResponseText

' Split the response into multiple strings
tResults = Split(ResultHTML,",")
responseCode = tResults(0)
responseReason = tResults(3)
AuthNetTransactionID = tResults(6)
Set xml = nothing

The "responseCode" string will be a 1, 2, or 3 - 1 is approved, 2 is declined, and 3 is error. responseReason will be the text associated with the failure, and AuthNetTransactionID is the unique ID authorize.net assigns to each successful transaction. In test mode this will be a zero.

Using this code you can request information from the visitor, shoot it over to Authorize.Net, and figure out their response while the user is still waiting at YOUR site. This is cool when you want to do stuff like send the user to a specific page based on whether they're approced or not, etc. Great for software purchases - if approved you can set a session variable or cookie that allows them access to the download area, sends them an e-mail with the file, etc. Pretty much limitless possibilties.

Set X_TEST_REQUEST to True and play with it in test mode for a little while. If there are any errors let me know, I re-wrote this from scratch this morning as I discovered my function had a lot more custom SQL code in it than I wanted to post here :P

[edited by: DaveAtIFG at 6:29 pm (utc) on June 11, 2004]
[edit reason] Corrected "posturl" string [/edit]

4:10 pm on June 11, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2003
posts:1418
votes: 0


One error in my post - URL should be https:// not http:// in the PostURL string. Whoops :p
11:35 pm on June 11, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 12, 2003
posts:772
votes: 0



Digitalv,

Thank you. I am sure that a lot of readers will benefit from your generosity, including myself of course.

Did you know that the current pdf does not even explicitly mention that the transaction is a POST operation? I had to find that out by searching the net because at first I thought it was a pure socket connection. Nice to have example code that illustrates the core operating requirements and mechanism.

Best Regards,

Plumsauce

6:39 am on June 12, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Oct 8, 2003
posts:503
votes: 3


Thanks a lot DigitalV. So now I will will have to get a SSL certificate for my server I guess. Can you explain me the procedure for that. I am thinking of getting from geotrust.
3:37 pm on June 12, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 15, 2003
posts:1418
votes: 0


Are you running your own server? Or are you hosting somewhere else? If you are with a hosting company, they may have a shared certificate you can use or they can generate a CSR for you and email it to you, which you can then upload to the provider of your choice. If you're running your own server you will need to generate yourself.

As far as providers go, I've never used anyone but Thawte and Verisign. They provide the same functions (they're even the same company now) but the Thawte certificates are at $199 whereas Verisign are around $350 I think. I've never used GeoTrust so I can't give a recommendation for or against them, but I would say stay away from those $50 a year "budget" certs. I just have this thing about never buying the least expensive product. I've seen too many internet companies go out of business because they under-sold their product, and having a reliable SSL issuer is more important to me than saving $150 a year.

(By the way, GeoTrust isn't a budget certificate company I'm just saying I don't know anything about them - perhaps someone else on the board does)

7:28 am on June 18, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:June 6, 2003
posts:162
votes: 0


When I was first reading this thread, I'd asked my tech friend what it would take to set up an AIM connection on our server. It turned out to be more of a production than I'd thought. In fact, she took it on as her latest obsession and has been working almost non-stop between her day job and this. Information about setting up the connection turned out to be surprisingly hard to find and she never did find an available example for Apache.

Due to the lack of available resources about it, and since she was already putting so much time into it, she decided to set it up as a free download with plenty of comments and versatility to help others who must be running into similar problems. I'd checked with her previously about posting about it here, since I'm sure others will find it to be useful.

Earlier tonight, she let me know that the code has been released and ready for me to integrate into my site. She's calling it pANT (php Authorize Net webapp Thingamee) and set up a development site for it at www.digitalsorceress.com/pant/

I'm hoping, given that it's a free contribution and entirely on-topic, that this isn't against the TOS for me to post. However, if it is I'll be happy to remove the URL and just let those interested know by sticky mail.

2:10 pm on June 18, 2004 (gmt 0)

New User

10+ Year Member

joined:June 16, 2004
posts:21
votes: 0


Sunshyn:: heh I do tend to get obsessive when I'm "in the zone"

Okay, so I know the original post asked about windows, but if you have a PHP site and can compile/install curl, I've just started an open source (GPL) project to help with the hard bits.

It's not meant to be a 100% ready-to-use application, but if you know some PHP and can either install or compile SSL-enabled curl on your site, it gets you most of the way there. My original intent was to just get Sunshyn a workable set of functions that she could use in her merchant terminal, but somewhere, due to sleep deprivation, and massive amounts of caffiene, It's sort of morphed into my first Open-Source GPL'ed project.

it's called pANT (php Authorize Net webapp Thingamee) ... did I mention sleep deprivation? *grin*

snipped URLs

** After reading the site terms of usage, I too am not sure if it was entirely appropriate for me to post the links and such. No offense was intended, and if it's deemed inappropriate, I'll gladly edit it out.

[edited by: DaveAtIFG at 6:45 pm (utc) on July 20, 2004]

5:39 pm on June 18, 2004 (gmt 0)

Full Member

10+ Year Member

joined:July 7, 2003
posts:213
votes: 0


One reason I love Cold Fusion is because there is simply a tag written that does all of that for me. Just one nice simple tag. Its beautiful.
6:11 pm on June 18, 2004 (gmt 0)

New User

10+ Year Member

joined:June 16, 2004
posts:21
votes: 0


JonR28:: I used to do a lot of Cold Fusion... This single tag you refer to... it is a custom tag or extension, or is it part of the core language?

(I haven't touched CF since version 4.5 and never did Ecommerse apps with it)

(I could probably make pANT function just like that tag - just one function call

$result = cf_like_auth_net_request($_POST);

2:19 pm on June 21, 2004 (gmt 0)

Full Member

10+ Year Member

joined:July 7, 2003
posts:213
votes: 0


custom tag I believe released by Authorize.net. Back when it was Verisign it was even easier. Cold Fusion has free custom tags for everything though. I use it for my ecommerce site and it works great.
3:18 pm on July 20, 2004 (gmt 0)

Full Member

10+ Year Member

joined:Mar 17, 2004
posts:301
votes: 0


digitaltv, that ASP code you posted was a lifesaver! It works great. I had been struggling with AIM for days. Thank you, thank you, thank you!
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members