Reply
Expert
Posts: 4,525
Registered: ‎03-08-2010

Re: I'am new to this, need help integrating DPM to my asp.net vb website

So are you still getting 97 error? or it is working?

Contributor
Posts: 45
Registered: ‎02-17-2015

Re: I'am new to this, need help integrating DPM to my asp.net vb website

Well, no really, there is not errors anymore. I was able to do some transactions using the form on their server and interact with the sandbox. However, if you remember my first post, this is just the beginning since this is SIM. I need now to change everything to DPM. So, I do have a couple questions about DPM:

 

1) I have to design a form for payment and host it on my site, correct?

2) Since my client never leave my site, when the form is post to the authorize.net site it does charge the card and will I get a response from their server whether or not this took place? This is important because depending on the response I will show a receipt, send email and add some data to the database. If this is the case, one of the problem that I will be facing is asking my code to wait for the transaction to take place, wait for the response and incorporate the response at the same point where the code execution in my server stopped or is waiting for the response.  

 

Thanks for your help 

Expert
Posts: 4,525
Registered: ‎03-08-2010

Re: I'am new to this, need help integrating DPM to my asp.net vb website

1)correct

2)look at the see how it works

http://developer.authorize.net/api/dpm/

Contributor
Posts: 45
Registered: ‎02-04-2015

Re: I'am new to this, need help integrating DPM to my asp.net vb website

The clients *do* leave your sit using DPM, just momentarily. The hope is that it will be so fast, they won't noticed the URL in the address bar changing before they get back. In practice though, I think they will nearly always see the URL flipping to Authorize.Net and then back to your site.

 

TBH, unless you have a really compelling reason to create your own payment form on your local site, SIM would be the easiest to implement. I have no idea if the concept of users "leaving your site" to pay has a detrimental effect or not. For me, I find it more reassuring that I *am* sent to Authorize.Net, or PayPal or whatever gateway the site uses. But as my colleagues keep telling me, I am *seldom* the user these things are really aimed at.

 

-- Jason

Contributor
Posts: 45
Registered: ‎02-17-2015

Re: I'am new to this, need help integrating DPM to my asp.net vb website

Thanks to both of you RaynorC1emen7 and jasonjudge for your help up to this point. At this time I’m considering what jasonjudge said in his last post about implementing SIM rather than the others methods for several reasons. Since I’m considering this, I have several questions:

 

  1. - Since some code must execute on my server after the credit card is charged on the authorize.net server, I must implement a page that received the message from authorize.net. How does this page should look? Should I code this page in pure html and transfer the data to my asp.net pages? How the data are sent back to my server receiving page? May I request then like this: Request.QueryString("XXX_XXXX")) or what?
  2. - If any of you have a page that receives data from the authorize.net server as an example, I would appreciate a lot if you post the code as an example.

Thanks   

Contributor
Posts: 45
Registered: ‎02-04-2015

Re: I'am new to this, need help integrating DPM to my asp.net vb website

I tend to use OmniPay for the gateways, since I get involved in a number of different ones. I've extended the AuthorizeNet driver for OmniPay to support DPM, but it also caters for SIM and AIM:

 

https://github.com/academe/omnipay-authorizenet/tree/dpm_support

 

I can tell you, it is not straight-forward due to some lacking documentation, but I'm working on improving that.

 

The basics of your "relay" handler (the callback page) will be:

 

  1. Check the MD5 hash along with the shared secret to ensure you are getting the callback from Authorize.Net and not someone pretending to be.
  2. Get your transaction id from the POSTed data. This is the ID that your system created for the transaction, and you placed into the original payment page (either your DPM page or POSTed to the Authorize.Net payment page).
  3. Use your transaction ID to look up the transaction in your database. You will had had to save the transaction at the start, before sending the user to Authorize.Net
  4. Check that the amount being authorized matches what you expected.
  5. Probably log all the details that have been sent to you, for later debugging.
  6. After checking the final result of the authorization (approved/rejected/on hold/error), send a HTML page back to Authorize.Net, which will be passed on to the end user, and contains code to send the user to the final destination page.

I have seen gateways that ignore all the validation steps and just send the user to the final page which depends on whether payment was successful or not, without any validation checking or saving of the transaction in the database. They are pretty insecure IMO; your application cannot assume the transaction worked just based on where the user was sent to, unless you create a third hash token to go in the URL that your application can check when the user gets there.

 

That is all kind of high level, but that's mainly because I have not got any code to show you that will be useful, at least not at this stage.

Contributor
Posts: 45
Registered: ‎02-17-2015

Re: I'am new to this, need help integrating DPM to my asp.net vb website

[ Edited ]

Hello Jason and thanks for your help.

 

May you please post a code sample of a replay page with all the steps that you listed in your last post? Thanks