I've been asked to assist upgrading a SagePay custom payment implementation from protocol v2.22 to protocol v3.0.
I'm trying to follow the instructions on this page: https://www.sagepay.co.uk/support/12/36/upgrading-from-2-22-to-3-00-a-brief-overview
The first problem I have is that nowhere in the existing code is there a 'Crypt' field. In fact the 'data' is sent using CURL over SSL with these lines (and others):
// Set the URL
curl_setopt ($curlSession, CURLOPT_URL, $url);
// No headers, please
curl_setopt ($curlSession, CURLOPT_HEADER, 0);
// It's a POST request
curl_setopt ($curlSession, CURLOPT_POST, 1);
// Set the fields for the POST
curl_setopt ($curlSession, CURLOPT_POSTFIELDS, $data);
// Return it direct, don't print it out
curl_setopt($curlSession, CURLOPT_RETURNTRANSFER,1);
// This connection will timeout in 60 seconds
curl_setopt($curlSession, CURLOPT_TIMEOUT,60);
//The next two lines must be present for the kit to work with newer version of cURL
//You should remove them if you have any problems in earluer version of cURL
curl_setopt($curlSession, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curlSession, CURLOPT_SSL_VERIFYHOST, 1);
Do I perhaps simply need to change this:
$ProtocolVersion = "2.22";
To this:
$ProtocolVersion = "3.0";
And add the new mandatory fields. And the job is done?
Thank you!
If there is no crypt field in your existing code, it's likely that you aren't using the Form protocol at all, so changing the encoding from XOR to AES encryption isn't a bother for you.
2.22 to 3.00 is a bigger jump than 2.23 - 3.00, so the main change you will need to make in migrating from 2.22 to 3.00 is splitting the address fields into BillingAddress1, BillingAddress2 etc. There are some extra features you can get by submitting some of the non-mandatory fields, but that will be up to you.
Also note that Sage Pay return some extra stuff in the responses, so it will be worth making sure you can handle that (or make use of it!).