Introduction:
This
document details the process to integrate Webtropy Proforma with
SwiftCD XML-based ordering system. You
must obtain a SwiftCD CustomerID, and have already submitted Label
artwork and CD content before you can use the system. All
relevant source code is included in the appendices of this document.
Implementation:
Credit
and debit card transactions are handled through Proforma using a
standard HTML form, which submits data to a secure page, namely
https://www.secure-ssl-server.net/webtropy/secure/creditcard.asp.
The simplest form of payment enabled
web-page is one which contains a form described thus
<form
method="GET"
action=”https://www.secure-ssl-server.net/webtropy/secure/creditcard.asp”>
Contained in the body of the form
would be input boxes of type either “hidden”, or “text” with
the name attributes as shown below. The form would be closed thus:
<input
type=”submit” value=”Pay now.”>
</form>
| cardNo |
The
credit card number embossed on the front of the card |
| cardCVV
|
The card
verification value, usually printed on the rear of the card |
| cardIssueNo
|
The issue number,
usually at the bottom of the card |
| CardName
|
The card holder’s
name |
| address
|
The billing address
of the card holder |
| amount
|
The amount to debit
the card |
| postcode
|
The postcode of the
card holder |
| tel
|
Optional, the
telephone number of the card holder |
| email
|
Optional, the email
address of the card holder |
| CardStartMonth
|
Optional, the
starting month of the card , (1-12) |
|
cardStartYear
|
Optional, the
starting year of the card, (2000 – 2010) |
| cardExpMonth
|
The
expiry date, month of the card (1-12)
|
| cardExpYear |
The
expiry date, Year of the card (2000-2010)
|
| countryName
|
The card holder’s
nationality, as selected from the countries collection |
| currency
|
The transaction
currency (GBP, EUR, or USD) |
| benificiaryPaymentByCheque
|
Boolean, Whether the
payee should be paid by bank transfer or cheque. However, BOTH
forms of identification are required |
| benificiaryName
|
The name of the
payee |
| benificiaryAddress
|
The postal address
of the payee |
| benificiaryBankAddress
|
The address of the
payee’s bank (for inter-bank transfers) |
| benificiaryBankAccount
|
The bank account
held by the payee (for
inter-bank transfers) |
| benificiaryBankSortCode
|
The bank sort /
swift code held by the payee
(for inter-bank transfers) |
| RedirectSuccess |
The URL to forward
the user to, when a transaction has succeeded |
| RedirectFailure |
The URL to forward
the user to, when a transaction has failed |
By
correctly using the “RedirectSuccess” field, it is possible to
automatically process an order with SwiftCD once a purchase has been
made. To facilitate this, a page has been written to simplify this
process.
By
setting “RedirectSuccess” to
“https://www.secure-ssl-server.net/webtropy/secure/swiftCD.aspx?…”,
in the form, by means of
<input
type=”hidden” name=”RedirectSuccess” value=”https://www.secure-ssl-server.net/webtropy/secure/swiftCD.aspx?…”>
An
order will be placed with SwiftCD once the payment has been made.
Repayment will be made as usual to the beneficiary according to the
terms as stated on www.webtropy.com,
and it is the beneficiary’s responsibility to repay SwiftCD for
services rendered.
In
the above example, you will note the “?..” denoting further
parameters to be passed to the page. These parameters are identical to
those used by the SwiftCD booking system, as detailed on http://www.swiftcd.com/faq/xml-spec.html
only the parameters are sent in standard URL encoding, not XML.
An
example call would be:
https://www.secure-ssl-server.net/webtropy/secure/swiftCD.
aspx?CreateDt=12/1/2001+5:00pm&BatchId=100&SubmitterId=
VendorIdentification&ContactInfo=cust@vendor.com&Test=
Y&CustomerId=NEWC&TransactionDate=9/5/2001+10:00am&
TrackingId=20010307-860-1&LabelId=1&PackageId=1&Quantity=
1&RegKeyTitle=Unlock+Code&RegKey=12345&RegFileName=
regkey.txt&RegFileContent=1ansrinta0-6iae0y52345&ProductId=
123456&Title=Shareware+CD&Method=1&FirstName=Joe&LastName=
Consumer&Company=ABC+Corporation&Addr1=2295+Customer+
Way&Addr2=Suite+100&City=NoWhere&State=GA&Country=US&Zip
=30155&Email=email@thenet.com&Phone=(800)+555-6699
Source
code (C#)
<%@
Page Language="C#" Debug="true" LCID=6153 %>
<%@ Import Namespace="System.IO"
%>
<%@ Import Namespace="System.Data"
%>
<%@ Import Namespace="System.Net"
%>
<%@ Import Namespace="System.Data.OleDb"
%>
<script language="C#"
runat="server">
Public void Page_Load(Object sender, EventArgs E)
{
string CreateDt = "12/1/2001 5:00pm";
string BatchId = "100";
string SubmitterId = "VendorIdentification";
string ContactInfo = "cust@vendor.com";
string Test = "Y";
string CustomerId = "NEWC";
string TransactionDate = "9/5/2001 10:00am";
string TrackingId = "20010307-860-1";
string LabelId = "1";
string PackageId = "1";
string Quantity = "1";
string RegKeyTitle = "Unlock Code";
string RegKey = "12345";
string RegFileName = "regkey.txt";
string RegFileContent = "1ansrinta0-6iae0y52345";
string ProductId = "123456";
string Title = "Shareware CD";
string Method = "1";
string FirstName = "Joe";
string LastName = "Consumer";
string Company = "ABC Corporation";
string Addr1 = "2295 Customer Way";
string Addr2 = "Suite 100";
string City = "NoWhere";
string State = "GA";
string Country = "US";
string Zip = "30155";
string Email = "email@thenet.com";
string Phone = "(800) 555-6699";
if (Request.QueryString["CreateDt"]!=null) { CreateDt=
Request.QueryString["CreateDt"].ToString(); }
if (Request.QueryString["BatchId"]!=null) { BatchId =
Request.QueryString["BatchId"].ToString(); }
if (Request.QueryString["SubmitterId"]!=null) {
SubmitterId = Request.QueryString["SubmitterId"].ToString();
}
if (Request.QueryString["ContactInfo"]!=null) {
ContactInfo = Request.QueryString["ContactInfo"].ToString();
}
if (Request.QueryString["Test"]!=null) { Test =
Request.QueryString["Test"].ToString(); }
if (Request.QueryString["CustomerId"]!=null) {
CustomerId = Request.QueryString["CustomerId"].ToString(); }
if (Request.QueryString["TransactionDate"]!=null) {
TransactionDate =
Request.QueryString["TransactionDate"].ToString(); }
if (Request.QueryString["TrackingId"]!=null) {
TrackingId = Request.QueryString["TrackingId"].ToString(); }
if (Request.QueryString["LabelId"]!=null) { LabelId =
Request.QueryString["LabelId"].ToString(); }
if (Request.QueryString["PackageId"]!=null) {
PackageId = Request.QueryString["PackageId"].ToString(); }
if (Request.QueryString["Quantity"]!=null) { Quantity
= Request.QueryString["Quantity"].ToString(); }
if (Request.QueryString["RegKeyTitle"]!=null) {
RegKeyTitle = Request.QueryString["RegKeyTitle"].ToString();
}
if (Request.QueryString["RegKey"]!=null) { RegKey =
Request.QueryString["RegKey"].ToString(); }
if (Request.QueryString["RegFileName"]!=null) {
RegFileName = Request.QueryString["RegFileName"].ToString();
}
if (Request.QueryString["RegFileContent"]!=null) {
RegFileContent =
Request.QueryString["RegFileContent"].ToString(); }
if (Request.QueryString["ProductId"]!=null) {
ProductId = Request.QueryString["ProductId"].ToString(); }
if (Request.QueryString["Title"]!=null) { ProductId =
Request.QueryString["Title"].ToString(); }
if (Request.QueryString["Method"]!=null) { Method =
Request.QueryString["Method"].ToString(); }
if (Request.QueryString["FirstName"]!=null) {
FirstName = Request.QueryString["FirstName"].ToString(); }
if (Request.QueryString["LastName"]!=null) { LastName
= Request.QueryString["LastName"].ToString(); }
if (Request.QueryString["Company"]!=null) { Company =
Request.QueryString["Company"].ToString(); }
if (Request.QueryString["Addr1"]!=null) { Addr1 =
Request.QueryString["Addr1"].ToString(); }
if (Request.QueryString["Addr2"]!=null) { Addr2 =
Request.QueryString["Addr2"].ToString(); }
if (Request.QueryString["City"]!=null) { City =
Request.QueryString["City"].ToString(); }
if (Request.QueryString["State"]!=null) { State =
Request.QueryString["State"].ToString(); }
if (Request.QueryString["Country"]!=null) { Country =
Request.QueryString["Country"].ToString(); }
if (Request.QueryString["Zip"]!=null) { Zip =
Request.QueryString["Zip"].ToString(); }
if (Request.QueryString["Email"]!=null) { Email =
Request.QueryString["Email"].ToString(); }
if (Request.QueryString["Phone"]!=null) { Phone =
Request.QueryString["Phone"].ToString(); }
string xml;
xml = "<?xml version=\"1.0\"
encoding=\"iso-8859-1\"?>";
xml += "<SwiftCDOrders CreateDt=\""+ CreateDt
+"\" BatchId=\""
xml += BatchId +"\"
SubmitterId=\""+SubmitterId+"\""
xml += "ContactInfo=\""+ContactInfo+"\">";
xml += "<Order
Test=\""+Test+"\">";
xml +=
"<CustomerId>"+CustomerId+"</CustomerId>";
xml += "<TransactionDate>"+TransactionDate+"</TransactionDate>";
xml += "<Items>";
xml += "<CD>";
xml +=
"<TrackingId>"+TrackingId+"</TrackingId>";
xml +=
"<LabelId>"+LabelId+"</LabelId>";
xml +=
"<PackageId>"+PackageId+"</PackageId>";
xml +=
"<Quantity>"+Quantity+"</Quantity>";
xml +=
"<RegKeyTitle>"+RegKeyTitle+"</RegKeyTitle>";
xml +=
"<RegKey>"+RegKey+"</RegKey>";
xml +=
"<RegFileName>"+RegFileName+"</RegFileName>";
xml +=
"<RegFileContent>"+RegFileContent+"</RegFileContent>";
xml += "<Content>";
xml += "<Product>";
xml +=
"<ProductId>"+ProductId+"</ProductId>";
xml +=
"<Title>"+Title+"</Title>";
xml += "</Product>";
xml += "</Content>";
xml += "</CD>";
xml += "</Items>";
xml += "<Shipping>";
xml +=
"<Method>"+Method+"</Method>";
xml += "<FirstName>"+FirstName+"Joe</FirstName>";
xml += "<LastName>"+LastName+"</LastName>";
xml +=
"<Company>"+Company+"</Company>";
xml +=
"<Addr1>"+Addr1+"</Addr1>";
xml +=
"<Addr2>"+Addr2+"</Addr2>";
xml += "<City>"+City+"</City>";
xml +=
"<State>"+State+"</State>";
xml +=
"<Country>"+Country+"</Country>";
xml += "<Zip>"+Zip+"</Zip>";
xml +=
"<Email>"+Email+"</Email>";
xml +=
"<Phone>"+Phone+"</Phone>";
xml += "</Shipping>";
xml += "</Order>";
xml += "</SwiftCDOrders>";
Response.Write(
getHTTP("http://orders.swiftcd.com/Orders/SubmitOrders.asp",xml)
);
}
public
string getHTTP(string szURL,string szPost)
{
HttpWebRequest httprequest;
HttpWebResponse httpresponse;
StreamReader bodyreader;
string bodytext =
"";
Stream responsestream;
Stream requestStream;
httprequest = (HttpWebRequest) WebRequest.Create(szURL);
httprequest.Method = "POST";
httprequest.ContentType = "application/x-www-form-urlencoded";
httprequest.ContentLength = szPost.Length;
requestStream = httprequest.GetRequestStream();
requestStream.Write(Encoding.ASCII.GetBytes(szPost),0,szPost.Length);
requestStream.Close();
httpresponse = (HttpWebResponse) httprequest.GetResponse();
responsestream = httpresponse.GetResponseStream();
bodyreader = new StreamReader(responsestream);
bodytext = bodyreader.ReadToEnd();
return bodytext;
}
</script>
