Can any body help me about how to integrate migs (MasterCard Virtual Payment Client) in a php website !
I have read the reference guide but it's unhelpful!
Can any body help me about how to integrate migs (MasterCard Virtual Payment Client) in a php website !
I have read the reference guide but it's unhelpful!
//This value submited to the MIGS PAYMENT GATEWAY
$SECURE_SECRET = $signature; //value from migs payment gateway
$accessCode = $accesscode;//value from migs payment gateway
$merchantId = $merchantid;//value from migs payment gateway
$paymentdata = array(
"vpc_AccessCode" => $accessCode,
"vpc_Amount" => ($amount*100),//our product price , must multipy by 100
"vpc_Command" => 'pay',
"vpc_Locale" => 'en',// order id
"vpc_MerchTxnRef" => random_unique_value(like session),
"vpc_Merchant" => $merchantId,
"vpc_OrderInfo" => "Some Comment",
"vpc_ReturnURL" => "htps://yoursite.com/returnpoint",//here code for db updation, return variable here
"vpc_Version" => '1'
);
$actionurl = 'https://migs.mastercard.com.au/vpcpay' . "?";
$HashData = $SECURE_SECRET;
$str = 0;
foreach ($paymentdata as $key => $value) {
// create the md5 input and URL
if (strlen($value) > 0) {
// this ensures the first paramter of the URL is preceded by the '?' char
if ($appendAmp == 0) {
$actionurl .= urlencode($key) . '=' . urlencode($value);
$str = 1;
} else {
$actionurl .= '&' . urlencode($key) . "=" . urlencode($value);
}
$HashData .= $value;
}
}
if (strlen($SECURE_SECRET) > 0){$actionurl .= "&vpc_SecureHash=" . strtoupper(md5($HashData));}
header("Location: " . $actionurl);
}
/////////////////////RETURN VALUE/////////////////////////////////
the return url will be like
https://yoursite.com/returnpoint?vpc_TransactionNo="migs_transaction_number"&vpc_MerchTxnRef="random_unique_value(we post to migs)"&vpc_TxnResponseCode=value&vpc_Message="value"
if vpc_TxnResponseCode = 0 -- success ,vpc_Message = approved -- paymet is success , All other unsuccessfull payment
You could use the Omnipay PHP Library which has support for the MIGS gateway.
An example of the off-site payment processing (3-Party) looks like this:
use Omnipay\Omnipay;
$gateway = Omnipay::create('Migs_ThreeParty');
$gateway->setMerchantId('foo');
$gateway->setMerchantAccessCode('foo');
$gateway->setSecureHash('foo');
$response = $gateway->purchase(array('amount' => '10.00', 'currency' => 'AUD'))->send();
if ($response->isRedirect()) {
// redirect to offsite payment gateway
$response->redirect();
} else {
// payment failed: display message to customer
echo $response->getMessage();
}
implementing migs payment gateway in which we need to post some details to the https://migs.mastercard.com.au/vpcpay? this url with the below datas
/*"vpc_AccessCode" the accesscode given by Migs
"vpc_Amount" Amount that is multiplied by 100
"vpc_Command" ='pay',default pay
"vpc_Locale" = 'en' // language
"vpc_MerchTxnRef" orderId // Should be Unique for each payment
"vpc_Merchant" // merchant ID
"vpc_OrderInfo" // Desc or and details of Product
"vpc_ReturnURL" // SuccessUrl
"vpc_Version" = '1'
&vpc_SecureHash = // create MD5 of all the values that are passed */
Creating Url
$SECURE_SECRET = "YEOCOEN29B0785F1FF1E3C0FA8A3FUJK";
$accessCode = '546484645';
$merchantId = '5465465288';
if($migs_testmode ==1) {
$SECURE_SECRET = "YEOCOEN29B0785F1FF1E3C0FA8A3FUJK";
$accessCode = '98989645';
$merchantId = '56456456489';
}
$amount ='10.00';
$unique_id = rand(999999,8988888888);//this is a sample random no
$postdata = array(
"vpc_AccessCode" => $accessCode,
"vpc_Amount" => ($amount*100),
"vpc_Command" => 'pay',
"vpc_Locale" => 'en',
"vpc_MerchTxnRef" => $unique_id,
"vpc_Merchant" => $merchantId,
"vpc_OrderInfo" => 'this is a product',
"vpc_ReturnURL" => "https://mywebsite.com/success.php",
"vpc_Version" => '1');
$vpcURL = 'https://migs.mastercard.com.au/vpcpay?';
$md5Hash = $SECURE_SECRET;
$appendAmp = 0;
foreach ($wpay_postdata as $key => $value) {
if (strlen($value) > 0) {
if ($appendAmp == 0) {
$vpcURL .= urlencode($key) . '=' . urlencode($value);
$appendAmp = 1;
} else {
$vpcURL .= '&' . urlencode($key) . "=" . urlencode($value);
}
$md5Hash .= $value;
}
}
if (strlen($SECURE_SECRET) > 0) {
$vpcURL .= "&vpc_SecureHash=" . strtoupper(md5($md5Hash));
}
header("Location: " . $vpcURL)
for detailed result is available here
I tried MIGS mastercard intergration in python django. I went through lot of problems. Here is my experience with integrating MIGS with My web application. I was using VPC Integration reference 3.1.21.1
While implementing Mode1 VPC: I got 400 Bad request. Which is due to Secure hash code for my case. This error occurs if user is sending wrong fields names or non sorted order.
Once I resolved Mode1 error, I used external payment selection(EPS), Where I send VPC_card and VPC_gateway additional field with Mode1 VPC parameters. I got 400 Bad request. So after long discussion with MIGS support team. We resolve it by changing vpc_card to vpc_Card and vpc_Gateway. Which was document error.
Once I able to bypass card type page. I tried to complete Mode 2 VPC implementation.So, In this case I added vpc_CardNum,vpc_vpc_CardExp,vpc_CardSecurityCode additional fields with above point request. I send GET request. It didnot work. For card details or Mode2 we have to use POST request.
For mode2 VPC, we should use POST request with HTTPS not HTTP. Self-signed certificate will be fine. So, I send HTTPS POST request with additional parameter, But It still didnot work, I got 403 forbidden error. Because, Content-type is application/json for my ajax call. So after using default POST content-type. It worked fine.
Sample code for python developer: Here in migs.config.app I am adding system variable which nothing to do with Migs. So User can ignore it.
import hashlib
import urllib, urllib2
from migs.config.app_config import *
'''
This method is for sorting the fields and creating an MD5 secure hash.
@param fields is a map of all the incoming hey-value pairs from the VPC
@param buf is the hash being returned for comparison to the incoming hash
'''
class MigsClient(object):
def __init__(self, secure_token, vpc_url, server_name):
self.secure_secret = secure_token
self.vpcURL = vpc_url
self.server_name = server_name
def hash_all_fields(self,fields):
buf = ""
# create a list and sort it
fieldNames = fields.keys();
fieldNames.sort()
# create a buffer for the md5 input and add the secure secret first
buf = buf + self.secure_secret
for key in fieldNames:
print key,fields[key]
buf = buf + fields[key]
# iterate through the list and add the remaining field values
# create the md5 hash and UTF-8 encode it
try:
m = hashlib.md5()
m.update(buf)
ba = m.hexdigest()
ba = ba.upper()
return ba
except Exception,e:
import traceback
traceback.print_exc()
def setup(self, fields,additional_fields=None):
#The Page does a redirect to the Virtual Payment Client
#retrieve all the parameters into a hash map
# no need to send the vpc url, EnableAVSdata and submit button to the vpc
'''
Retrieve the order page URL from the incoming order page and add it to
the hash map. This is only here to give the user the easy ability to go
back to the Order page. This would not be required in a production system
NB. Other merchant application fields can be added in the same manner
'''
'''
Create MD5 secure hash and insert it into the hash map if it was created
created. Remember if self.secure_secret = "" it will not be created
'''
if self.secure_secret:
secureHash = self.hash_all_fields(fields);
fields["vpc_SecureHash"] = secureHash;
# Create a redirection URL
buf = self.vpcURL+'?';
if not additional_fields:
buf = buf + urllib.urlencode(fields)
else:
buf = buf + urllib.urlencode(fields)+"&"+urllib.urlencode(additional_fields)
return buf
#return fields["vpc_ReturnURL"], buf
def post_setup(self,fields, additional_fields=None):
try:
if self.secure_secret:
secureHash = self.hash_all_fields(fields);
fields["vpc_SecureHash"] = secureHash;
return self.vpcURL,fields
except:
import traceback
traceback.print_exc()
Above is sample code which user can use to sort and create Get request and POST request and post dictionary.