Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 360
  • Last Modified:

using API general information

I am working with a processing company to handle credit card transactions.  

I need to setup a function on the pubic facing website to update information based on transactions that have happened.  I'm not messing with CC info or anything security related but rather just the number of people that have paid into a certain fund designation.

The company has an API and I have some knowledge of programming but this is new to me.

Am I getting in over my head to accomplish this?

Here is the API function that I think I need to use.
$params = 'MerchUserName=merchusername';
$params .= '&MerchPassword=merchpassword';
$params .= '&MerchKey=0A1B2C3D-4E5F-6G7H-8I9J-KLMNPQRSTUVW';
$params .= '&Action=DesignationsSearchByGUID';
$params .= '&DesignationGUID=7EB4439E-C986-4381-9087-EC410C9F8017';

/* PHP 5.0.0 requires a libcurl version 7.10.5 or greater.  (http://curl.haxx.se/)*/
$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL,'https://www.egsnetwork.com/post/post_responder_v2.php');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);

// The SimpleXML extension requires PHP 5
$xml = new SimpleXMLElement($response);
if($xml->Status->ErrorCode < 0)
	echo ($xml->Status->Description);

Open in new window


My problem is that I am wondering if there is something I need to setup to make the connection to the API, then I'm guessing I;ll need to parse the XML to display the results.

Can you point me in the right direction?
0
axessJosh
Asked:
axessJosh
1 Solution
 
Ray PaseurCommented:
I have an article about APIs here:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12239-Introduction-to-Application-Programming-Interfaces.html

You may want a little more sturdy cURL setup, in case there is anything wrong with the API that your script posts to... This shows how to test for success and get cURL error information.  You may also want to use some exploratory commands like var_dump() as you're becoming familiar with the API.

<?php // RAY_curl_post_example.php
error_reporting(E_ALL);


// DEMONSTRATE HOW TO USE CURL POST TO START AN ASYNCHRONOUS PROCESS


function curl_post($url, $post_array=array(), $timeout=2, $error_report=FALSE)
{
    // PREPARE THE POST STRING
    $post_string = NULL;
    foreach ($post_array as $key => $val)
    {
        $post_string .= $key . '=' . urlencode($val) . '&';
    }
    $post_string = rtrim($post_string, '&');

    // PREPARE THE CURL CALL
    $curl = curl_init();
    curl_setopt( $curl, CURLOPT_URL,            $url         );
    curl_setopt( $curl, CURLOPT_HEADER,         FALSE        );
    curl_setopt( $curl, CURLOPT_POST,           TRUE         );
    curl_setopt( $curl, CURLOPT_POSTFIELDS,     $post_string );
    curl_setopt( $curl, CURLOPT_TIMEOUT,        $timeout     );
    curl_setopt( $curl, CURLOPT_RETURNTRANSFER, TRUE         );

    // EXECUTE THE CURL CALL
    $htm = curl_exec($curl);
    $err = curl_errno($curl);
    $inf = curl_getinfo($curl);

    // ON FAILURE
    if (!$htm)
    {
        // PROCESS ERRORS HERE
        if ($error_report)
        {
            echo "CURL FAIL: $url TIMEOUT=$timeout, CURL_ERRNO=$err";
            echo "<pre>\n";
            var_dump($inf);
            echo "</pre>\n";
        }
        curl_close($curl);
        return FALSE;
    }

    // ON SUCCESS
    curl_close($curl);
    return $htm;
}


// USAGE EXAMPLE CREATES ASSOCIATIVE ARRAY OF KEY=>VALUE PAIRS
$args["name"]  = 'Ray';
$args["email"] = 'Ray.Paseur@Gmail.com';

// ACTIVATE THIS TO SEE THE ARRAY OF ARGS
// var_dump($args);

// SET THE URL
$url = "http://LAPRBass.com/RAY_bounce_post.php";

// CALL CURL TO POST THE DATA
$htm = curl_post($url, $args, 3, TRUE);

// SHOW WHAT CAME BACK, IF ANYTHING
if ($htm)
{
    echo "<pre>";
    echo htmlentities($htm);
}
else
{
    echo "NO RESPONSE YET FROM $url -- MAYBE BECAUSE IT IS RUNNING ASYNCHRONOUSLY";
}

Open in new window

Afterthought... Any comment that says something like "requires PHP5" should be considered a code smell (or maybe a comment smell) and looked at very, very carefully.  This sort of statement implies that the code is very, very old.  In fact, it may have been written before many of the PHP security flaws were recognized, and it may contain these flaws.  I would want to seek assurances from the original author that the code has been kept up-to-date over the last decade!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now