Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Putting Authorize.net transaction page into an iframe

Posted on 2005-03-04
Medium Priority
Last Modified: 2013-12-12
Hi all!
2 co-workers and I have been trying for several hours to place authorize.net's transaction page into an iFrame (when the site directs the browser to do so) so that it looks more like it is part of our site and not part of authorize's (professionalism).  The problem we are getting is that the iFrame is not holding (or sending) the proper variables from authorize.net after the iFrame is directed back to our site.  After the transaction is complete, it should return a receipt page (it does when we do not try to iFrame it) but through the iFrame the receipt is not returned.  If you guys need pages, urls or code don't hesitate to ask.

EDIT:  We implimented Authorize net's SIM.
Question by:Ander5

Expert Comment

ID: 13461920
Are you sure you are checking for the return in the right place? Sounds to me like you are looking for the return in the parent page(page containing the iframe) when in actuality the results are returned to the child page(page within the iframe).


Author Comment

ID: 13461956
The child page(page within the iframe) does not recieve the information from authorize.net. It should be showing a digital receipt, but no information is passed.
LVL 11

Expert Comment

ID: 13464305
Using frames is not recommended for payment gateways. Is the form on your site or authorize's?
We've used authorize before and were able to use our own form. Are you using curl or just a html form to post the cc info?
If you try to print_r the post data upon return, does it appear in the parent frame, or is it just lost?
This receipt page; I presume that is on authorize's site then, correct?
In that case, I guess you wouldn't be sent any post data, so nevermind about that.
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.


Author Comment

ID: 13464551
The form is on our site, it passes required info to authorize.  Can you please explain what 'Curl' is?  Several people have asked and they didn't explain what it was when I asked them.  Everything but the page that the customer fills the cc information out on (transact.dll) is on our page.

This may be easier than solving my issue, do you know how to do a custom form that collects the customer's data then submits that to authorize net?  I believe authorize calls this AIM, we did SIM to save time.  Let me know if I need to provide you with more information or anything.

Thanks in advance!
LVL 11

Expert Comment

ID: 13464638
>>do you know how to do a custom form that collects the customer's data then submits that to authorize net?

Have you read the guide? -->http://www.authorizenet.com/support/SIM_guide.pdf
I think it will be able to answer most of your questions, especially about setting up the form and the appropriate field names.

And curl is great! It allows you to easily use an array of protocols to transfer data. So, for example, instead of having to use a form to send the user's data to authorize, which will also send them away, you have the cc form post back to itself, compile the info and make a post request to https://../transact.dll. Then it will send data back telling you if the transaction was approved or not, among other things of course, and the user never leaves your page; just their data.
Good tutorial-->http://www.hudzilla.org/phpbook/read.php/15_10_2

And now that I've done a little more searching, zend comes through as always and has a class that would do all that for you.
I wish I would've search for this previously. :) -->http://www.zend.com/codex.php?id=1194&single=1
Although, that says it's for AIM. I'm not sure if curl will work w/ SIM because here's a sample authnet SIM script that uses a form instead-->http://www.scsystem.com/authorizenet.htm

If you have the time, I would definitely do as much on your own site for, as you said, profesionalism.
Good luck.
LVL 11

Accepted Solution

matt_mcswain earned 2000 total points
ID: 13464671
Looking through the manual, it appears you must use a form w/ SIM to post the data, but instead of a receipt page you can use  Relay Response and specify a x_relay_url form field, which is on your site, then the api will post back to that location.
That'd probably be more transparent, so I'd go w/ that.

Author Comment

ID: 13464724
Awesome, tomorrow when I get working on this again I will test these methods out and let you know which is best!

Thanks so much for finding this information...my team and I literally spent 6 hours looking for help/ideas for this!
LVL 10

Expert Comment

by:Kshitij Ahuja
ID: 15658940
No comment has been added to this question in more than 21 days,so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
[Accept matt_mcswain's comment]

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Kshitij Ahuja
EE Cleanup Volunteer

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was initially published on Monitis Blog, you can read it here . When it comes to deciding which approach to website performance monitoring is best for your business, unfortunately, like so many options in life . . . it depends. In th…
WooCommerce is becoming the most powerful e-commerce plugin for Wordpress. And why not. The platform comprises of numerous core plugins that may come in handy, powerful options to make your website development task much easier.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question