Tuesday, July 10, 2012

Authorize.Net CIM integration with PHP

 here is the class code to go along with the above code.. if you really need it:

class AuthnetCIMException extends Exception {}

class AuthnetCIM

    const EXCEPTION_CURL = 10;

    private $params  = array();
    private $items   = array();
    private $success = false;
    private $error   = true;

    private $login;
    private $transkey;
    private $xml;
    private $ch;
    private $response;
    private $url;
    private $resultCode;
    private $code;
    private $text;
    private $profileId;
    private $validation;
    private $paymentProfileId;
    private $results;

    public function __construct($login, $transkey, $test = self::USE_PRODUCTION_SERVER)
        $this->login    = trim($login);
        $this->transkey = trim($transkey);
        if (empty($this->login) || empty($this->transkey))
            trigger_error('You have not configured your ' . __CLASS__ . '() login credentials properly.', E_USER_ERROR);

        $this->test = (bool) $test;
        $subdomain  = ($this->test) ? 'apitest' : 'api';
        $this->url = 'https://' . $subdomain . '.authorize.net/xml/v1/request.api';

        $this->params['customerType']     = 'individual';
        $this->params['validationMode']   = 'liveMode';
        $this->params['taxExempt']        = 'false';
        $this->params['recurringBilling'] = 'false';

    public function __destruct()
        if (isset($this->ch))

    public function __toString()
        if (!$this->params)
            return (string) $this;
        $output  = '<table summary="Authnet Results" id="authnet">' . "\n";
        $output .= '<tr>' . "\n\t\t" . '<th colspan="2"><b>Outgoing Parameters</b></th>' . "\n" . '</tr>' . "\n";
        foreach ($this->params as $key => $value)
            $output .= "\t" . '<tr>' . "\n\t\t" . '<td><b>' . $key . '</b></td>';
            $output .= '<td>' . $value . '</td>' . "\n" . '</tr>' . "\n";

        $output .= '</table>' . "\n";
        if (!empty($this->xml))
            $output .= 'XML: ';
            $output .= htmlentities($this->xml);
        return $output;

    private function process()
        $this->ch = curl_init();
        curl_setopt($this->ch, CURLOPT_URL, $this->url);
     curl_setopt($this->ch, CURLOPT_RETURNTRANSFER, 1);
     curl_setopt($this->ch, CURLOPT_HTTPHEADER, Array("Content-Type: text/xml"));
     curl_setopt($this->ch, CURLOPT_HEADER, 0);
     curl_setopt($this->ch, CURLOPT_POSTFIELDS, $this->xml);
     curl_setopt($this->ch, CURLOPT_POST, 1);
     curl_setopt($this->ch, CURLOPT_SSL_VERIFYPEER, 0);
        $this->response = curl_exec($this->ch);
            if ($this->resultCode === 'Ok')
                $this->success = true;
                $this->error   = false;
                $this->success = false;
                $this->error   = true;
            throw new AuthnetCIMException('Connection error: ' . curl_error($this->ch) . ' (' . curl_errno($this->ch) . ')', self::EXCEPTION_CURL);
 $cim = new AuthnetCIM('api-id', 'api-key', 
// Process the transaction
  $cim->setParameter('amount', $amount);
  $cim->setParameter('customerProfileId', $customerProfileId);
  $cim->setParameter('customerPaymentProfileId', $customerPaymentProfileId);
  //$cim->setParameter('customerShippingAddressId', $shipping_profile_id);
  $cim->setParameter('cardCode', $cvv);
  $cim->setLineItem('1', 'xxxx', 'xxxxxx', '1', '9.95');
  //test if transaction went through 
  if ($cim->isSuccessful())
  //should we store this approval code??----------------------
   $approval_code = $cim->getAuthCode();

public function createCustomerProfileTransaction($type = 'profileTransAuthCapture')
        $types = array('profileTransAuthCapture', 'profileTransCaptureOnly','profileTransAuthOnly');
        if (!in_array($type, $types))
            trigger_error('createCustomerProfileTransaction() parameter must be"profileTransAuthCapture", "profileTransCaptureOnly", "profileTransAuthOnly", or empty', E_USER_ERROR);

        $this->xml = '<?xml version="1.0" encoding="utf-8"?>
                      <createCustomerProfileTransactionRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
                              <name>' . $this->login . '</name>
                              <transactionKey>' . $this->transkey . '</transactionKey>
                          <refId>'. $this->params['refId'] .'</refId>
                              <' . $type . '>
                                  <amount>'. $this->params['amount'] .'</amount>';
        if (isset($this->params['taxAmount']))
            $this->xml .= '
                                       <amount>'. $this->params['taxAmount'].'</amount>
                                       <name>'. $this->params['taxName'] .'</name>
        if (isset($this->params['shipAmount']))
            $this->xml .= '
                                       <amount>'. $this->params['shipAmount'].'</amount>
                                       <name>'. $this->params['shipName'] .'</name>
        if (isset($this->params['dutyAmount']))
            $this->xml .= '
                                       <amount>'. $this->params['dutyAmount'].'</amount>
                                       <name>'. $this->params['dutyName'] .'</name>
        $this->xml .= '
                                  <lineItems>' . $this->getLineItems() . '</lineItems>
        if (isset($this->params['orderInvoiceNumber']))
            $this->xml .= '
        $this->xml .= '
                                  <taxExempt>'. $this->params['taxExempt'].'</taxExempt>
                                  <cardCode>'. $this->params['cardCode'].'</cardCode>';
        if (isset($this->params['orderInvoiceNumber']))
            $this->xml .= '
                                  <approvalCode>'. $this->params['approvalCode'].'</approvalCode>';
        $this->xml .= '
                              </' . $type . '>

IRCTC Tatkal Tickets : Individuals can now book only 2 Tatkal tickets from 10 AM to 12 noon using IRCTC

IRCTC Tatkal Tickets : Individuals can now book only 2 Tatkal tickets from 10 AM to 12 noon using IRCTC

Indian Railways Catering and Tourism Corporation (IRCTC), as a part of The Indian Railways’ move to introduce new rules in booking Tatkal train tickets, has said that Individuals will now be permitted to book only two tickets from 10 am to 12 noon. Only two tickets can be booked from one IP address between 10 AM and 12 noon.

Users will now be able to open their account to book tatkal tickets between 10 am and 12 noon only once. This will enable maximum users to access tatkal tickets. IRCTC has disabled the quick book option and cash card option between 10 AM and 12 noon.

Web service agents have been permitted to book only one Tatkal ticket per train per day through the internet only after 12 noon. To ensure its smooth run, an anti-IT fraud squad has been created to detect cases of fraud and to enhance cyberspace surveillance against possible threats to the system.

This move comes as a part of the Railways introducing new rules in booking Tatkal train tickets. Now, booking counters will now open at 10 AM instead of 8 AM, the day before the journey from the originating station.

Meanwhile, the railways has also put in place measures to make online Tatkal bookings easier. High capacity database servers have been installed and the Internet bandwidth has been increased from 344 mbps to 450 mbps.  It has also installed Captcha, a technology used to prevent automated software from cornering tatkal tickets by fraudulent means.  Agents against whom complaints are received will be blacklisted and their user-id deactivated. A list of such agents will also be put on the IRCTC website.

The Indian Railways expects e-ticket bookings to increase from 3.5 lakh per day as on date to five lakh per day in the next four months. It eventually expects the number of e-ticket bookings to increase to about eight lakh per day in the long term.

Sunday, July 1, 2012

Registration form using PHP

Here is the registration form:

<form id='register' action='register.php' method='post'
<fieldset >
<input type='hidden' name='submitted' id='submitted' value='1'/>
<label for='name' >Your Full Name*: </label>
<input type='text' name='name' id='name' maxlength="50" />
<label for='email' >Email Address*:</label>
<input type='text' name='email' id='email' maxlength="50" />
<label for='username' >UserName*:</label>
<input type='text' name='username' id='username' maxlength="50" />
<label for='password' >Password*:</label>
<input type='password' name='password' id='password' maxlength="50" />
<input type='submit' name='Submit' value='Submit' />

Form validation

At this point it is a good idea to put some form validation code in place, so we make sure that we have all the data required to create the user account. We need to check if name and email, and password are filled in and that the email is in the proper format.

We can use the free JavaScript form validation script to add form validations quickly and easily, with lesser code.

Here is a sample JavaScript validation code to be used for the sample form we created earlier:

var frmvalidator  = new Validator("register");
frmvalidator.addValidation("name","req","Please provide your name");
frmvalidator.addValidation("email","req","Please provide your email address");
frmvalidator.addValidation("email","email","Please provide a valid email address");
frmvalidator.addValidation("username","req","Please provide a username");
frmvalidator.addValidation("password","req","Please provide a password");

Handling the form submission

Now we have to handle the form data that is submitted.

Here is the sequence (see the file fg_membersite.php in the downloaded source):

function RegisterUser()
       return false;
    $formvars = array();
        return false;
        return false;
        return false;
    return true;

Saving the data in the database

Now that we gathered all the data, we need to store it into the database.
Here is how we save the form submission to the database.

function SaveToDatabase(&$formvars)
           $this->HandleError("Database login failed!");
           return false;
           return false;
           $this->HandleError("This email is already registered");
           return false;
           $this->HandleError("This UserName is already used. Please try another username");
           return false;
           $this->HandleError("Inserting to Database failed!");
           return false;
       return true;
Note that you have configured the Database login details in the membersite_config.php file. Most of the cases, you can use "localhost" for database host.
After logging in, we make sure that the table is existing.(If not, the script will create the required table).
Then we make sure that the username and email are unique. If it is not unique, we return error back to the user.

The database table structure

This is the table structure. The CreateTable() function in the fg_membersite.php file creates the table. Here is the code:

function CreateTable()
    $qry = "Create Table $this->tablename (".
            "id_user INT NOT NULL AUTO_INCREMENT ,".
            "name VARCHAR( 128 ) NOT NULL ,".
            "email VARCHAR( 64 ) NOT NULL ,".
            "phone_number VARCHAR( 16 ) NOT NULL ,".
            "username VARCHAR( 16 ) NOT NULL ,".
            "password VARCHAR( 32 ) NOT NULL ,".
            "confirmcode VARCHAR(32) ,".
            "PRIMARY KEY ( id_user )".
        $this->HandleDBError("Error creating the table \nquery was\n $qry");
        return false;
    return true;
The id_user field will contain the unique id of the user, and is also the primary key of the table. Notice that we allow 32 characters for the password field. We do this because, as an added security measure, we will store the password in the database encrypted using MD5. Please note that because MD5 is an one-way encryption method, we won't be able to recover the password in case the user forgets it.

Inserting the registration to the table

Here is the code that we use to insert data into the database. We will have all our data available in the $formvars array.

function InsertIntoDB(&$formvars)
    $confirmcode = $this->MakeConfirmationMd5($formvars['email']);
    $insert_query = 'insert into '.$this->tablename.'(
            "' . $this->SanitizeForSQL($formvars['name']) . '",
            "' . $this->SanitizeForSQL($formvars['email']) . '",
            "' . $this->SanitizeForSQL($formvars['username']) . '",
            "' . md5($formvars['password']) . '",
            "' . $confirmcode . '"
    if(!mysql_query( $insert_query ,$this->connection))
        $this->HandleDBError("Error inserting data to the table\nquery:$insert_query");
        return false;
    return true;
Notice that we use PHP function md5() to encrypt the password before inserting it into the database.
Also, we make the unique confirmation code from the user's email address.

Sending emails

Now that we have the registration in our database, we will send a confirmation email to the user. The user has to click a link in the confirmation email to complete the registration process.

function SendUserConfirmationEmail(&$formvars)
    $mailer = new PHPMailer();
    $mailer->CharSet = 'utf-8';
    $mailer->Subject = "Your registration with ".$this->sitename;
    $mailer->From = $this->GetFromAddress();
    $confirmcode = urlencode($this->MakeConfirmationMd5($formvars['email']));
    $confirm_url = $this->GetAbsoluteURLFolder().'/confirmreg.php?code='.$confirmcode;
    $mailer->Body ="Hello ".$formvars['name']."\r\n\r\n".
    "Thanks for your registration with ".$this->sitename."\r\n".
    "Please click the link below to confirm your registration.\r\n".
        $this->HandleError("Failed sending registration confirmation email.");
        return false;
    return true;