Hosted Payment Page with Preload.

This worked for me for data Preload and receiving ticket in QA Region using PHP. I got this form somewhere in Internet and just made some tweaks.
----------------------------------------------------------------------------------------------------------

<?php

//Setup data to send to Moneris
$store_id = "<Your Test Store ID>";
$hpp_key = "<Your HPP Key> ";
$charge_total = "100.00";

$url ="esqa.moneris.com/.../index.php"; //QA Url
$dataToSend = "ps_store_id=$store_id&hpp_key=$hpp_key&charge_total=$charge_total&hpp_preload=";

//send transaction to Moneris via an HTTPS Post using php Curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $dataToSend);
curl_setopt($ch, CURLOPT_TIMEOUT, $gArray['CLIENT_TIMEOUT']);
curl_setopt($ch, CURLOPT_USERAGENT, $gArray['API_VERSION']);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

$response = curl_exec($ch);
curl_close($ch);
echo "Raw Response : " . $response . "<br/>";
if(!$response){
$response="Error preloading page";
}else{
$xmlString = new SimpleXMLElement($response);

$ticket = $xmlString -> ticket;
$order_id = $xmlString -> order_id;
$response_code = $xmlString -> response_code;

echo "Data recieved : <BR/>";
echo "Ticket : " . $ticket . "<br/>";
echo "Order ID : " . $order_id . "<br/>";
echo "Response Code : " . $response_code . "<br/>";

if($response_code <50)
{
echo "OK: Data successfully loaded <BR/> <br/>";
echo'<FORM METHOD="POST" ACTION="esqa.moneris.com/.../index.php">';
echo'<INPUT TYPE="HIDDEN" NAME="hpp_id" VALUE="'.$store_id.'">';
echo'<INPUT TYPE="hidden" NAME="hpp_preload" >';
echo'<INPUT TYPE="hidden" NAME="ticket" VALUE="'.$ticket.'">';
echo'<INPUT TYPE="SUBMIT" NAME="SUBMIT" VALUE="Click to proceed to Secure Page">';
echo'</FORM>';
}
else{
echo "Error: Data was not successfully loaded <br>";
}

}

?>

----------------------------------------------------------------------------------------------------------------------------------

- Sheron

In reply to sheron:

Hi ATU1, just keep in mind that since you are in US gateway, you will have to post to the US URL (e.g. esplusqa.moneris.com/.../index.php for QA environment). And the parameters for US gateway are a little different for example the fields should look something like this:

hpp_id=TB6PVqa002
hpp_key=hpF5RUTUZB1X
order_no=moneris20180308008
amount=0.01
hpp_preload=0

In reply to RR_Moneris:

Thank you but still having problems getting the Return XML. I turned on the header and I am receiving a header response, just no data.
Here is my Test Code

$gArray=array
(
'API_VERSION' =>"curl/7.29.0",
'CLIENT_TIMEOUT' => '60'
);
$TotalOrder = "1.00"; // PASS
$url="esplusqa.moneris.com/.../index.php";
$TesthppID = 'TB6PVqa002';
$TesthppKEY = 'hpF5RUTUZB1X';
$StoreID = 'monusqa002';
$headers = ['Content-Type' => 'application/x-www-form-urlencoded', 'charset' => 'utf-8'];

// Create the URL Data String and Load the Monaris Parameters
$DataToSend = 'hpp_id=' . $TesthppID . '&hpp_key=' .$TesthppKEY;

$DataToSend = $DataToSend . '&order_no=moneris20180308008';
$DataToSend = $DataToSend . '&amount=' . $strTotalOrder . '&hpp_preload=0';

echo '$DataToSend: ' . $DataToSend . '<br>';
echo '$url:' . $url . '<br>';


//send transaction to Moneris via an HTTPS post using PHP CURL
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_HEADER, 1);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_POSTFIELDS,$dataToSend);
curl_setopt($ch,CURLOPT_TIMEOUT,$gArray['CLIENT_TIMEOUT']);
curl_setopt($ch,CURLOPT_USERAGENT,$gArray['API_VERSION']);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,FALSE); //Change this to TRUE when moving your code to production

$response=curl_exec($ch);
curl_close($ch);


echo $response;


************************************************
Here is the output and response (header enabled)

$DataToSend: hpp_id=TB6PVqa002&hpp_key=hpF5RUTUZB1X&order_no=moneris20180308008&amount=&hpp_preload=0
$url:esplusqa.moneris.com/.../index.php
HTTP/1.1 200 OK Date: Fri, 09 Mar 2018 03:43:26 GMT X-Powered-By: PHP/5.5.11 X-UA-Compatible: IE=Edge Content-Length: 36 Content-Type: text/html; charset=UTF-8 Set-Cookie: TS01d02998=01649737b10dfb5961026b48fbe3f489f123f0d7bda86260c1ca5081d9c15108a37542ba01; Path=/ Set-Cookie: TS01d02998_28=01e24a44e584914736c29d21fef3612584a91341ce31fcb82675d23e8863b860fd88ea96411a02ee99ed4e2baf605a06d5b8056a78; Path=/ Source: - POST-esplusqa.moneris.com

****************

I just don't see what I am doing wrong
I know its getting data from the server, because it sent the header?
What should you set the USERAGENT to ?

Any help greatly appreciated.

In reply to ATU1:

Ok, I found the stupid mistake as soon as I hit reply

corrected
curl_setopt($ch,CURLOPT_POSTFIELDS,$DataToSend);

Now I am getting this response (Header Off)

TB6PVqa002 hppxmAxzvnZvoQoA0tkS 1

This doesn't look like XML

In reply to ATU1:

Ah, I forgot, looking at this with a browser

source shows
<response>
<hpp_id>TB6PVqa002</hpp_id>
<ticket>hppxmAxzvnZvoQoA0tkS</ticket>
<order_id></order_id>
<response_code>1</response_code>
</response>

So its working! Wohoo! Praise the Lord!
I knew it was something stupid, copying code from different places.

In reply to ATU1:

FInal Test code USA version
Notice API shows order_no, this is wrong order_id is what works
Thanks to Sheron and Renaud BIG HELP



$gArray=array
(
'API_VERSION' =>"curl/7.29.0",
'CLIENT_TIMEOUT' => '60'
);
$TotalOrder = "1.00"; // PASS
$url="esplusqa.moneris.com/.../index.php";
$TesthppID = 'TB6PVqa002';
$TesthppKEY = 'hpF5RUTUZB1X';
$StoreID = 'monusqa002';
$order_id = 'MyOrderNo0001';
$headers = ['Content-Type' => 'application/x-www-form-urlencoded', 'charset' => 'utf-8'];

// Create the URL Data String and Load the Monaris Parameters
$DataToSend = 'hpp_id=' . $TesthppID . '&hpp_key=' .$TesthppKEY;

$DataToSend = $DataToSend . '&order_id=' . $order_id;
$DataToSend = $DataToSend . '&amount=' . $strTotalOrder . '&hpp_preload=0';

echo '$DataToSend: ' . $DataToSend . '<br>';
echo '$url:' . $url . '<br>';


//send transaction to Moneris via an HTTPS post using PHP CURL
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_HEADER, 0);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_POSTFIELDS,$DataToSend);
curl_setopt($ch,CURLOPT_TIMEOUT,$gArray['CLIENT_TIMEOUT']);
curl_setopt($ch,CURLOPT_USERAGENT,$gArray['API_VERSION']);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,FALSE); //Change this to TRUE when moving your code to production

$response=curl_exec($ch);
curl_close($ch);


//echo $response;

if(!$response)
{
$response="Error preloading page";
}
else
{
$xmlString = new SimpleXMLElement($response);
$ticket = $xmlString -> ticket;
$order_id = $xmlString -> order_id;
$response_code = $xmlString -> response_code;

echo "Data recieved : <br/>";
echo "Ticket : " . $ticket . "<br/>";
echo "Order ID : " . $order_id . "<br/>";
echo "Response Code : " . $response_code . "<br/>";
}
if($response_code <50)
{
echo "OK: Data successfully loaded <br/> <br/>";
echo'<FORM METHOD="POST" ACTION=' .$url .'>';
echo'<INPUT TYPE="HIDDEN" NAME="hpp_id" VALUE="'.$TesthppID.'">';
echo'<INPUT TYPE="hidden" NAME="hpp_preload" >';
echo'<INPUT TYPE="hidden" NAME="ticket" VALUE="'.$ticket.'">';
echo'<INPUT TYPE="SUBMIT" NAME="SUBMIT" VALUE="Click to proceed to Secure Page">';
echo'</FORM>';
}

In reply to ATU1:

Hi ATU1, glad to hear you got it working :) Just one detail though, technically it is order_no you should be using. There's an issue with what is being returned for the data preload... but the HPP expects order_no... Just look at what the HPP is displaying to see what I mean when you use order_id versus order_no.

In reply to sheron:

The code above does not work for me. The response is always a single whitespace character (" "). Even posting ps_store_id=XXXXXXXXXX&hpp_key=XXXXXXXXXXXX&charge_total=0.01&hpp_preload= to esqa.moneris.com/.../index.php using Postman returns a http 500 with following response headers:

Connection: close
Content-Length: 1
Content-Type: text/html
Date: Tue, 27 Mar 2018 06:15:26 GMT
X-Powered-By: PHP/5.5.11
X-UA-Compatible: IE=Edge

What could be wrong?

In reply to Coho:

is your PHP installation supporting TLS 1.1 or 1.2? Last week we cut off support for TLS 1.0, so if that is all your PHP installation supports, that would explain it. Make sure that you specify TLS support in your CURL options. e.g.: curl_setopt($ch, CURLOPT_SSLVERSION, 6); And make sure that you have a version of CURL that supports TLS 1.2.

In reply to Coho:

Ok, that's right the referrer URLs will check against data preload as well. Thanks for letting us know.

In reply to RR_Moneris:

Hi!

Hope you can help me,

Output:

Raw Response : hpp1533957646V2hT8qLdQsDne90A7 mhp18221232046p09 1
Data received :
Ticket : hpp1533957646V2hT8qLdQsDne90A7
Order ID : mhp18221232046p09
Response Code : 1
OK: Data successfully loaded

- when click to proceed to secure page button is clicked, output is:

"Unable to proceed with transaction. Your card has not been charged. Please try again."

-code below copied form sheron-

<?php

//Setup data to send to Moneris
$ps_store_id = "Our store id";
$hpp_key = "our hpp key";
$charge_total = "amount";

$url ="esqa.moneris.com/.../index.php"; //QA Url
$dataToSend = "ps_store_id=$store_id&hpp_key=$hpp_key&charge_total=$charge_total&hpp_preload=";

//send transaction to Moneris via an HTTPS Post using php Curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $dataToSend);
curl_setopt($ch, CURLOPT_TIMEOUT, $gArray['CLIENT_TIMEOUT']);
curl_setopt($ch, CURLOPT_USERAGENT, $gArray['API_VERSION']);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

$response = curl_exec($ch);

curl_close($ch);

//verify that a response was received from Moneris
echo "Raw Response : " . $response . "<br/>";

if(!$response)
{
$response="Error preloading page";
}
else
{
// parse the XML response
$xmlString = new SimpleXMLElement($response);

$ticket = $xmlString -> ticket;
$order_id = $xmlString -> order_id;
$response_code = $xmlString -> response_code;

echo "Data received : <BR/>";
echo "Ticket : " . $ticket . "<br/>";
echo "Order ID : " . $order_id . "<br/>";
echo "Response Code : " . $response_code . "<br/>";

if($response_code <50)
{
echo "OK: Data successfully loaded <BR/> <br/>";
echo'<FORM METHOD="POST" ACTION="esqa.moneris.com/.../index.php">';
echo'<INPUT TYPE="HIDDEN" NAME="hpp_id" VALUE="'.$store_id.'">';
echo'<INPUT TYPE="hidden" NAME="hpp_preload" >';
echo'<INPUT TYPE="hidden" NAME="ticket" VALUE="'.$ticket.'">';
echo'<INPUT TYPE="SUBMIT" NAME="SUBMIT" VALUE="Click to proceed to Secure Page">';
echo'</FORM>';
}
else{
echo "Error: Data was not successfully loaded <br>";
}

}

?>

---------------------

Error Log File:

[12-Aug-2018 15:57:23 UTC] PHP Notice: Undefined variable: store_id in /home/luvcnd2013/public_html/payment/preload.php on line 9
[12-Aug-2018 15:57:23 UTC] PHP Notice: Undefined variable: gArray in /home/luvcnd2013/public_html/payment/preload.php on line 18
[12-Aug-2018 15:57:23 UTC] PHP Notice: Undefined variable: gArray in /home/luvcnd2013/public_html/payment/preload.php on line 19
[12-Aug-2018 15:57:24 UTC] PHP Notice: Undefined variable: store_id in /home/luvcnd2013/public_html/payment/preload.php on line 51

In reply to flashroiem:

Hi,
If you are getting a ticket, and a response code of 1 that means your data preload was successful. When you are sending your client to our hosted paypage, what are you posting exactly?

In reply to RR_Moneris:

client is send to a customer information page with the following texfields below:

First Name:
Last Name:
Address:
City:
Province:
Postal:
Email:
Phone:

then after filling up required fields, when client click to pay button, it will be redirected to preload.php

In reply to flashroiem:

After getting your ticket, when forwarding your client to our page, these are the fields that should be posted to us:

<FORM METHOD="POST" ACTION="esqa.moneris.com/.../index.php">
<INPUT TYPE="HIDDEN" NAME="hpp_id" VALUE="**********"><br>
<INPUT TYPE="HIDDEN" NAME="hpp_preload" ><br>
<INPUT TYPE="HIDDEN" NAME="ticket" VALUE="hppR7qoUAfuATFPjQa4k"><br>
<INPUT TYPE="SUBMIT" NAME="SUBMIT" VALUE="Click to proceed to Secure Page">
</FORM>