I am writing a PHP script to take credit card & customer details on my site, send these details invisibly to Worldpay's server for processing and then take action based on the response (paid, failed etc).
My problem is that I can't seem to authenticate with Worldpay when sending my XML - I've replaced MYMERCHANTCODE with the proper merchant code. This is the code I am using - it is based on Worldpay's example:
require_once 'HTTP/Request.php';
$xml='<?xml version="1.0"? encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN""http://dtd.worldpay.com/paymentService_v1.dtd">
<paymentService version="1.4" merchantCode="MYMERCHANTCODE">
<submit>
<order orderCode="T0211010">
<description>20 Tulip Bulbs from MYMERCHANT Webshops</description>
<amount value="2600" currencyCode="EUR" exponent="2"/>
<paymentDetails>
<VISA-SSL>
<cardNumber>4444333322221111</cardNumber>
<expiryDate>
<date month="09" year="2009"/>
</expiryDate>
<cardHolderName>J. Shopper</cardHolderName>
<cvc>123</cvc>
<cardAddress>
<address>
<street>47A Queensbridge Rd</street>
<postalCode>CB94BQ</postalCode>
<countryCode>GB</countryCode>
</address>
</cardAddress>
</VISA-SSL>
<session shopperIPAddress="123.123.123.123" id="0215ui8ib1" />
</paymentDetails>
<shopper>
<shopperEmailAddress>[email protected]</shopperEmailAddress>
<browser> [This example uses firefox 3.5.5 to demonstrate]
<acceptHeader>text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</acceptHeader>
<userAgentHeader>Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)</userAgentHeader>
</browser>
</shopper>
</order>
</submit>
</paymentService>';
$dest='https://secure-test.wp3.rbsworldpay.com/jsp/merchant/xml/paymentService.jsp'; //for sandbox
//$dest='https://secure.wp3.rbsworldpay.com/jsp/merchant/xml/paymentService.jsp' //for production
$req =& new HTTP_Request($dest);
$req->setMethod(HTTP_REQUEST_METHOD_POST);
$req->addHeader('Connection', 'keep-alive');
$req->addRawPostData($xml);
$req->sendRequest();
$req->getResponseBody();
echo nl2br(htmlentities($req->getResponseBody()));
When I run this, this is what is output:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
Can someone please help with this? The documentation says to add your IP address for requests to your Worldpay account, which I think I have done correctly.
Many thanks
UPDATE:
I've just realised that if I add my merchant ID & xml password before the URL, eg:
$dest='https://MERCHANTID:[email protected]/jsp/merchant/xml/paymentService.jsp';
It then authenticates, so I will answer my own question.
I realised that if I add my merchant ID & xml password before the URL, eg:
$dest='https://MERCHANTID:[email protected]/jsp/merchant/xml/paymentService.jsp';
It then authenticates. Hopefully this will save someone time as I couldn't find this in the documentation.