cancel
Showing results for 
Search instead for 
Did you mean: 

Is this a hash issue?

Hi,

I'd like to preface everything I say with this: I'm a complete newbie at Authorize.net (and know enough PHP to get myself in trouble), and that I've checked the forums and the appropriate API manual (SIM). Thus far, when testing out the PHP sample code for SIM, I've been getting the infamous Error 13 message. I'm definitely entering the correct API Login and Transaction Key for my "Card Not Present" test account, and I've been sure to use the URL for Authorize.net's testing server. Using the Data Validation tool, I've found that what is being passed to the server is this:

 

x_test_requestfalse
x_amount<?php echo $amount?>
x_login<?php echo $api_login_id?>
x_fp_sequence<?php echo $fp_sequence?>
x_version3.1
x_show_formpayment_form
x_methodcc
x_fp_timestamp<?php echo $fp_timestamp?>
x_fp_hash<?php echo $fingerprint?>


Given this code:

 

<?php
require_once 'anet_php_sdk\AuthorizeNet.php'; // Include the SDK you downloaded in Step 2
$api_login_id = 'GFXXXXXXXXXX';
$transaction_key = '7XXXXXXXXXXXX';
$amount = "5.99";
$fp_timestamp = time();
$fp_sequence = "123" . time(); // Enter an invoice or other unique number.
$fingerprint = AuthorizeNetSIM_Form::getFingerprint($api_login_id,
$transaction_key, $amount, $fp_sequence, $fp_timestamp)
?>


<form method='post' action="https://test.authorize.net/gateway/transact.dll"/>
<input type='hidden' name="x_login" value="<?php echo $api_login_id?>" />
<input type='hidden' name="x_fp_hash" value="<?php echo $fingerprint?>" />
<input type='hidden' name="x_amount" value="<?php echo $amount?>" />
<input type='hidden' name="x_fp_timestamp" value="<?php echo $fp_timestamp?>" />
<input type='hidden' name="x_fp_sequence" value="<?php echo $fp_sequence?>" />
<input type='hidden' name="x_version" value="3.1">
<input type='hidden' name="x_show_form" value="payment_form">
<input type='hidden' name="x_test_request" value="false" />
<input type='hidden' name="x_method" value="cc">
<input type='submit' value="Click here for the secure payment form">
</form>

 

would I be correct in thinking that the issue has to do with the hash function, and that the best way to rectify this would be to download and install the latest PHP hash codes (my host uses PHP v4.4.9, if that helps)?

Guthy28
Member
4 REPLIES 4

The error 13 can only be caused by the login being submitted not being valid on the server that it is posting to.  I do not see anything wrong with the code that you are using, but for some reason the login is not reaching the server with the submission.  I would recommend checking your API Login ID one more time and if you are absolutely certain that it is correct, try using our data validation tool instead of posting it to the server.  Most likely, this will show you that we are not receiving the API login ID in the post as we should.

Trevor
Administrator Administrator
Administrator

The reason the login is not reaching the gateway is because for some reason your server is not parsing the <?php tags in your hidden form fields. You can see by the post response that instead of the containging value of the variable being passed, the entire echo string is being passed.

 

Let me ask you this, when you are viewing the page where the form exists, (where you click the submit button) do you see this code on the screen of your web browser:

<?php
require_once 'anet_php_sdk\AuthorizeNet.php'; // Include the SDK you downloaded in Step 2
$api_login_id = 'GFXXXXXXXXXX';
$transaction_key = '7XXXXXXXXXXXX';
$amount = "5.99";
$fp_timestamp = time();
$fp_sequence = "123" . time(); // Enter an invoice or other unique number.
$fingerprint = AuthorizeNetSIM_Form::getFingerprint($api_login_id,
$transaction_key, $amount, $fp_sequence, $fp_timestamp)
?>

 

 

Because if you do, then your server is not set to parse .php files, or you did not name your php file with a .php extension.

""The error 13 can only be caused by the login being submitted not being valid on the server that it is posting to.  I do not see anything wrong with the code that you are using, but for some reason the login is not reaching the server with the submission.  I would recommend checking your API Login ID one more time and if you are absolutely certain that it is correct, try using our data validation tool instead of posting it to the server.  Most likely, this will show you that we are not receiving the API login ID in the post as we should.""

 

Not to be nit-picky or anything but as a moderator / rep of auth.net this was a horrible repsonse to his question. It is painfully obvious what the problem is, just by looking at what he posted.. just saying I would have thought the expertise level of someone as a mod in the integration forum would have been a bit higher...

PS:

 

You do not thave semi-colons in your echo lines for the form inject code. As far as I know you need those... I always put them, for example:

 

<input type='hidden' name="x_login" value="<?php echo $api_login_id?>" />

should actually be:

<input type='hidden' name="x_login" value="<?php echo $api_login_id; ?>" />

Likely you will get parse errors once you get your PHP parser working on this if you do not fix those.