SECPay is the UK's largest independently owned processor of secure, real-time, online credit and
debit card transactions. Specialising in the provision of payment services for merchants on the
Internet, through Call Centres and for Mail Order Fulfilment Houses. SECPay handles the capture,
authorisation and settlement of credit and debit card payments and all the associated
electronic and physical security required.
This class file was written to automate payments using there SOAP service.
<?php
/*
* Updated 09/11/2005 - 11:55
*
* SECSOAP.class.php - This is a php based interface to the SECPAY SOAP API
* Copyright (C) 2005 Steven McCullie
*Steven@orinett.com
* http://www.orinett.co.uk
* http://www.secpay.co.uk
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
ini_set("soap.wsdl_cache_enabled", "1"); //enable WSDL cache
class SECPAYSOAP
{
// the following should be in a secured config file
//define class variables
//array $_arrSECstream;
//array $strSecAction;
var $strSecpayUrl = 'www.secpay.com/java-bin/services/SECCardService';
private $_MERCHANT_ID = 'test';
private $_VPN_PASSWORD = 'test';
private $_REMOTE_PSWD = 'test.';
public function clientCall($strSecAction,$_arrSECstream)
{
//Send SOAP request the pass result back to correct valadator
$client = new soapclient('https://'.$this->strSecpayUrl.'?wsdl',array('trace' => 1));
$strResult = $client->__soapcall($strSecAction,$_arrSECstream);
/*SOAP Debug will show full send and recived xml documents
print "<pre>\n";
print "Request: \n".htmlspecialchars($client->__getLastRequest()) ."\n";
print "Response: \n".htmlspecialchars($client->__getLastResponse())."\n";
print "</pre>";
*/
$err = is_soap_fault($strResult);
if ($err)
{
// all errors should really be passed to not echoed
echo '<h2>Constructor error</h2><pre>' . $err . '</pre>';
}else{
return($strResult);
}
}
public function SECPAYSOAP_cardVal()
{
// Places transcation with secpay and returns an array
$this->_arrSECstream['cardNumber'] = str_replace(" ","",$this->_arrSECstream['cardNumber']);
$this->_arrSECstream = $this->_streamCheck($this->_arrSECstream);
$arrPreStream = array(
// Company Details
'mid' => $this->_MERCHANT_ID,
'vpn_pswd' => $this->_VPN_PASSWORD,
// Customer Details
'trans_id' => $this->_arrSECstream['transId'],
'ip' => $this->_arrSECstream['ip'],
'name' => $this->_arrSECstream['name'],
'card_number' => $this->_arrSECstream['cardNumber'],
'amount' => $this->_arrSECstream['amount'],
'expiry_date' => $this->_arrSECstream['exp'],
'issue_number' => $this->_arrSECstream['isu'],
'start_date' => $this->_arrSECstream['start'],
// Shipping Order Details
'order' => 'item_amount='.$this->_arrSECstream['amount'].'',
'shipping' => 'name='.$this->_arrSECstream['name'].'
,company='.$this->_arrSECstream['company'].'
,addr_1='.$this->_arrSECstream['address1'].'
,addr_2='.$this->_arrSECstream['address2'].'
,city='.$this->_arrSECstream['city'].'
,state='.$this->_arrSECstream['county'].'
,post_code='.$this->_arrSECstream['postcode'].'
,tel='.$this->_arrSECstream['phoneNumber'].'
,fax='.$this->_arrSECstream['faxNumber'].'
,email='.$this->_arrSECstream['email'].'
,url='.$this->_arrSECstream['url'].'',
// Billing Order Details
'billing' => 'name='.$this->_arrSECstream['billName'].'
,company='.$this->_arrSECstream['billCompany'].'
,addr_1='.$this->_arrSECstream['billAddress1'].'
,addr_2='.$this->_arrSECstream['billAddress2'].'
,city='.$this->_arrSECstream['billCity'].'
,state='.$this->_arrSECstream['billCounty'].'
,post_code='.$this->_arrSECstream['billPostcode'].'
,tel='.$this->_arrSECstream['billPhoneNumber'].'
,fax='.$this->_arrSECstream['billFaxNumber'].'
,email='.$this->_arrSECstream['billEmail'].'
,url='.$this->_arrSECstream['billUrl'].'',
//SecPay Options (these should be move to a config file)
'options' => 'passive_fraud=true,mail_attach_merchant=false,mail_attach_customer=false,cv2='.$this->_arrSECstream['sid'].',req_cv2=true,card_type='.$this->_arrSECstream['cardType'].',int=ValCard,mail_subject=Payment Details,mail_merchants=steven@orinett.com,mail_message=Thank you for ordering ,deferred=true'
);
//Set SECPAY action
$strSecAction = 'validateCardFull';
$strResult = $this->clientCall($strSecAction,$arrPreStream);
$this->_arrSECstream = $this->_resultCheck($strResult);
}
public function SECPAYSOAP_instantTrans()
{
// This dont release stright away (need to call secpay about it)
$this->_arrSECstream['cardNumber'] = str_replace(" ","",$this->_arrSECstream['cardNumber']);
$this->_arrSECstream = $this->_streamCheck($this->_arrSECstream);
$arrPreStream = array(
// Company Details
'mid' => $this->_MERCHANT_ID,
'vpn_pswd' => $this->_VPN_PASSWORD,
// Customer Details
'trans_id' => $this->_arrSECstream['transId'],
'ip' => $this->_arrSECstream['ip'],
'name' => $this->_arrSECstream['name'],
'card_number' => $this->_arrSECstream['cardNumber'],
'amount' => $this->_arrSECstream['amount'],
'expiry_date' => $this->_arrSECstream['exp'],
'issue_number' => $this->_arrSECstream['isu'],
'start_date' => $this->_arrSECstream['start'],
// Shipping Order Details
'order' => 'item_amount='.$this->_arrSECstream['amount'].'',
'shipping' => 'name='.$this->_arrSECstream['name'].'
,company='.$this->_arrSECstream['company'].'
,addr_1='.$this->_arrSECstream['address1'].'
,addr_2='.$this->_arrSECstream['address2'].'
,city='.$this->_arrSECstream['city'].'
,state='.$this->_arrSECstream['county'].'
,post_code='.$this->_arrSECstream['postcode'].'
,tel='.$this->_arrSECstream['phoneNumber'].'
,fax='.$this->_arrSECstream['faxNumber'].'
,email='.$this->_arrSECstream['email'].'
,url='.$this->_arrSECstream['url'].'',
// Billing Order Details
'billing' => 'name='.$this->_arrSECstream['billName'].'
,company='.$this->_arrSECstream['billCompany'].'
,addr_1='.$this->_arrSECstream['billAddress1'].'
,addr_2='.$this->_arrSECstream['billAddress2'].'
,city='.$this->_arrSECstream['billCity'].'
,state='.$this->_arrSECstream['billCounty'].'
,post_code='.$this->_arrSECstream['billPostcode'].'
,tel='.$this->_arrSECstream['billPhoneNumber'].'
,fax='.$this->_arrSECstream['billFaxNumber'].'
,email='.$this->_arrSECstream['billEmail'].'
,url='.$this->_arrSECstream['billUrl'].'',
//SecPay Options (these should be move to a config file)
'options' => 'passive_fraud=true,mail_attach_merchant=false,mail_attach_customer=false,cv2='.$this->_arrSECstream['sid'].',req_cv2=true,card_type='.$this->_arrSECstream['cardType'].',
int=ValCard,mail_subject=Payment Details To Ideal Computing.co.uk,mail_merchants=onlinesales@ideal-computing.co.uk,mail_message=Thank you for ordering from Ideal Computing.co.uk,deferred=false'
);
//Set SECPAY action
$strSecAction = 'validateCardFull';
$strResult = $this->clientCall($strSecAction,$arrPreStream);
$this->_arrSECstream = $this->_resultCheck($strResult);
}
public function SECPAYSOAP_ReleaseFull()
{
// Release defered transaction function
//Send release array
$this->_arrSECstream = $this->_streamCheck($this->_arrSECstream);
$arrPreStream = array
(
'mid' => $this->_MERCHANT_ID,
'vpn_pswd' => $this->_VPN_PASSWORD,
'trans_id' => $this->_arrSECstream['transId'],
'amount' => $this->_arrSECstream['amount'],
'remote_pswd' => $this->_REMOTE_PSWD,
'options' => 'deferred=true'
);
//Set SECPAY action
$strSecAction = 'releaseCardFull';
$strResult = $this->clientCall($strSecAction,$arrPreStream);
$this->_arrSECstream = $this->_resultCheck($strResult);
}
public function SECPAYSOAP_getReport()
// Most reporting work but not all, as listed below
{
$this->_arrSECstream = $this->_streamCheck($this->_arrSECstream);
$preStream = array
(
'mid' => $this->_MERCHANT_ID,
'vpn_pswd' => $this->_VPN_PASSWORD,
'remote_pswd' =>$this->_REMOTE_PSWD,
'report_type' => $this->_arrSECstream['reportType'],
'cond_type' => $this->_arrSECstream['condType'],
'condition' => $this->_arrSECstream['condition'],
'currency' => '',
'predicate' => '',
'html' => 'false',
'showErrs' => 'true'
);
//Set SECPAY action
$strSecAction = 'getReport';
$strResult = $this->clientCall($strSecAction,$preStream);
//use switch instead this is old school now
if($this->_arrSECstream['reportType'] == 'CSV')
{
$this->_arrSECstream = $this->_reportParseCSV($strResult);
}elseif($this->_arrSECstream['reportType'] == 'CSV-Summary'){
$this->_arrSECstream = $this->_reportParseCSVSummery($strResult);
}elseif($this->_arrSECstream['reportType'] == 'CSV-Detail'){
$this->_arrSECstream = $this->_reportParseCSVDetail($strResult);
}elseif($this->_arrSECstream['reportType'] == 'CSV-Five'){
$this->_arrSECstream = $this->_reportParseCSVFive($strResult);
}elseif($this->_arrSECstream['reportType'] == 'XML-Report'){
return($strResult);
}
/*
CSV - Ok
CSV-Summary - Ok
CSV-Detail - Ok
CSV-Five - Ok
Summary - Needs Reformatting
Statment - Needs Reformatting
Origin-Statment - Needs Reformatting
XML-Report - Stright XML stream is passed to front end for processing
*/
}
public function SECPAYSOAP_repeatFull()
/*
places repeat transaction (this does not release need to talk to secpay
to see if you can repeat and release in one go)
*/
{
$this->_arrSECstream = $this->_streamCheck($this->_arrSECstream);
$arrPreStream = array
(
'mid' => $this->_MERCHANT_ID,
'vpn_pswd' => $this->_VPN_PASSWORD,
'trans_id' => $this->_arrSECstream['transId'],
'amount' => $this->_arrSECstream['amount'],
'remote_pswd' => $this->_REMOTE_PSWD,
);
//Set SECPAY action
$strSecAction = 'repeatCardFull';
$strResult = $this->clientCall($strSecAction,$arrPreStream);
$this->_arrSECstream = $this->_resultCheck($strResult);
}
/*
function RefundCard($_arrSECstream){
//Still todo
}
*/
// Validate SOAP streams functions
private function _streamCheck($array)
{
foreach ($array as $key => $value) {
//Take care of SP_chars and html_chars
$array[$key] = urlencode(HTMLSpecialChars($value));
}
return $array;
}
private function _resultCheck($string)
{
//Check returned result is a string then parse
if(is_string($string))
{
$charlist= '?';
parse_str(trim($string,$charlist),$arrResult);
return $arrResult;
}else{
//error should be passed not echoed
echo '<H1 allign=center>CRITICAL ERROR: SERVER RETURNED WRONG DATA TYPE</H1>';
exit();
}
}
private function _reportParseCSV($string)
{
//convert reports to arrays (this may not need to be done depending on application)
$array = explode("\n", $string);
$i = 1;
while($array[$i])
{
list($batch, $date, $transId, $name, $amount, $curr, $auth, $cardType, $saleRefund)= explode(',',$array[$i]);
$arrResult[$i] = array(
'batch' => $batch,
'date' => $date,
'trans_id' => $transId,
'name' => $name,
'Amount' => $amount,
'curr' => $curr,
'auth' => $auth,
'CardType' => $cardType,
'SaleRefund' => $saleRefund);
$i++;
}
return($arrResult);
}
private function _reportParseCSVSummery($string)
{
//convert reports to arrays (this may not need to be done depending on application)
$array = explode("\n", $string);
$i = 1;
while($array[$i])
{
list($batch, $date, $saleRefund, $noTrans, $totalValue) = explode(',',$array[$i]);
$arrResult[$i] = array(
'batch' => $batch,
'date' => $date,
'SaleRefund' => $saleRefund,
'noTrans' => $noTrans,
'totalValue' => $totalValue);
$i++;
}
return($arrResult);
}
private function _reportParseCSVDetail($string)
{
//convert reports to arrays (this may not need to be done depending on application)
$array = explode("\n", $string);
$i = 1;
while($array[$i]){
list($batch, $date, $transId, $name, $amount, $curr, $auth, $cardType, $saleRefund,$saleName,
$saleCompany,$saleAddr_1,$saleAddr_2,$saleCity,$saleState,$saleCountry,$salePostcode,$saleTel,
$saleFax,$saleEmail,$saleUrl,$shipName,$shipCompany,$shipAddr_1,$shipAddr_2,$shipCity,$shipState,
$shipCountry,$shipPostcode,$shipTel,$shipFax,$shipEmail,$shipUrl,$shipping,$tax,$discount,$productCode,
$itemAmount,$qty,$totalAmount,$parent)
= explode(',',$array[$i]);
$arrResult[$i] = array(
'batch' => $batch,
'date' => $date,
'trans_id' => $transId,
'name' => $name,
'Amount' => $amount,
'curr' => $curr,
'auth' => $auth,
'CardType' => $cardType,
'SaleRefund' => $saleRefund,
'saleName' => $saleName,
'saleCompany' => $salesCompany,
'saleAddr_1' => $sale_Addr_1,
'saleAddr_2' => $sale_Addr_2,
'saleCity' => $salesCity,
'saleCounty' => $saleCounty,
'salePostcode' => $salePostcode,
'saleTel' => $saleTel,
'saleFax' => $saleFax,
'saleEmail' => $saleEmail,
'saleUrl' => $saleUrl,
'shipName' => $shipName,
'shipCompany' => $shipCompany,
'shipAddr_1' => $shipAddr_1,
'shipAddr_2' => $shipAddr_2,
'shipCity' => $shipCity,
'shipState' => $shipState,
'shipCountry' => $shipCountry,
'shipPostcode' => $shipPostcode,
'shipTel' => $shipTel,
'shipFax' => $shipFax,
'shipEmail' => $shipEmail,
'shipUrl' => $shipUrl,
'shipping' => $shipping,
'tax' => $tax,
'discount' => $discount,
'productCode' => $productCode,
'itemAmount' => $itemAmount,
'qty' => $qty,
'totalAmount' => $totalAmount,
'parent' => $parent
);
$i++;
}
return($arrResult);
}
private function _reportParseCSVFive($string)
{
//convert reports to arrays (this may not need to be done depending on application)
$array = explode("\n", $string);
$i = 1;
while($array[$i]){
list($batch, $date, $transId, $name, $amount, $curr, $authCode, $cardType, $saleRefund, $cardNo, $expiry, $issue, $issuer,) = explode(',',$array[$i]);
$arrResult[$i] = array(
'batch' => $batch,
'date' => $date,
'SaleRefund' => $saleRefund,
'noTrans' => $noTrans,
'totalValue' => $totalValue);
$i++;
}
return($arrResult);
}
}
/*
// Temp error Checking code
if (is_soap_fault($result)) {
echo '<h2>Fault</h2><pre>';
print_r($result);
echo '</pre>';
} else {
// Check for errors
$err = is_soap_fault($result);
if ($err) {
// Display the error
echo '<h2>Error</h2><pre>' . $err . '</pre>';
} else {
// Display the result
echo '<h2>Result</h2><pre>';
print_r($result);
echo '</pre>';
print "<pre>\n";
print "Request :\n".htmlspecialchars($client->__getLastRequest()) ."\n";
print "Response:\n".htmlspecialchars($client->__getLastResponse())."\n";
print "</pre>"; }
}
*/
?>