Solved

using API general information

Posted on 2013-11-15
1
304 Views
Last Modified: 2013-12-04
I am working with a processing company to handle credit card transactions.  

I need to setup a function on the pubic facing website to update information based on transactions that have happened.  I'm not messing with CC info or anything security related but rather just the number of people that have paid into a certain fund designation.

The company has an API and I have some knowledge of programming but this is new to me.

Am I getting in over my head to accomplish this?

Here is the API function that I think I need to use.
$params = 'MerchUserName=merchusername';
$params .= '&MerchPassword=merchpassword';
$params .= '&MerchKey=0A1B2C3D-4E5F-6G7H-8I9J-KLMNPQRSTUVW';
$params .= '&Action=DesignationsSearchByGUID';
$params .= '&DesignationGUID=7EB4439E-C986-4381-9087-EC410C9F8017';

/* PHP 5.0.0 requires a libcurl version 7.10.5 or greater.  (http://curl.haxx.se/)*/
$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL,'https://www.egsnetwork.com/post/post_responder_v2.php');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);

// The SimpleXML extension requires PHP 5
$xml = new SimpleXMLElement($response);
if($xml->Status->ErrorCode < 0)
	echo ($xml->Status->Description);

Open in new window


My problem is that I am wondering if there is something I need to setup to make the connection to the API, then I'm guessing I;ll need to parse the XML to display the results.

Can you point me in the right direction?
0
Comment
Question by:axessJosh
1 Comment
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
Comment Utility
I have an article about APIs here:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12239-Introduction-to-Application-Programming-Interfaces.html

You may want a little more sturdy cURL setup, in case there is anything wrong with the API that your script posts to... This shows how to test for success and get cURL error information.  You may also want to use some exploratory commands like var_dump() as you're becoming familiar with the API.

<?php // RAY_curl_post_example.php
error_reporting(E_ALL);


// DEMONSTRATE HOW TO USE CURL POST TO START AN ASYNCHRONOUS PROCESS


function curl_post($url, $post_array=array(), $timeout=2, $error_report=FALSE)
{
    // PREPARE THE POST STRING
    $post_string = NULL;
    foreach ($post_array as $key => $val)
    {
        $post_string .= $key . '=' . urlencode($val) . '&';
    }
    $post_string = rtrim($post_string, '&');

    // PREPARE THE CURL CALL
    $curl = curl_init();
    curl_setopt( $curl, CURLOPT_URL,            $url         );
    curl_setopt( $curl, CURLOPT_HEADER,         FALSE        );
    curl_setopt( $curl, CURLOPT_POST,           TRUE         );
    curl_setopt( $curl, CURLOPT_POSTFIELDS,     $post_string );
    curl_setopt( $curl, CURLOPT_TIMEOUT,        $timeout     );
    curl_setopt( $curl, CURLOPT_RETURNTRANSFER, TRUE         );

    // EXECUTE THE CURL CALL
    $htm = curl_exec($curl);
    $err = curl_errno($curl);
    $inf = curl_getinfo($curl);

    // ON FAILURE
    if (!$htm)
    {
        // PROCESS ERRORS HERE
        if ($error_report)
        {
            echo "CURL FAIL: $url TIMEOUT=$timeout, CURL_ERRNO=$err";
            echo "<pre>\n";
            var_dump($inf);
            echo "</pre>\n";
        }
        curl_close($curl);
        return FALSE;
    }

    // ON SUCCESS
    curl_close($curl);
    return $htm;
}


// USAGE EXAMPLE CREATES ASSOCIATIVE ARRAY OF KEY=>VALUE PAIRS
$args["name"]  = 'Ray';
$args["email"] = 'Ray.Paseur@Gmail.com';

// ACTIVATE THIS TO SEE THE ARRAY OF ARGS
// var_dump($args);

// SET THE URL
$url = "http://LAPRBass.com/RAY_bounce_post.php";

// CALL CURL TO POST THE DATA
$htm = curl_post($url, $args, 3, TRUE);

// SHOW WHAT CAME BACK, IF ANYTHING
if ($htm)
{
    echo "<pre>";
    echo htmlentities($htm);
}
else
{
    echo "NO RESPONSE YET FROM $url -- MAYBE BECAUSE IT IS RUNNING ASYNCHRONOUSLY";
}

Open in new window

Afterthought... Any comment that says something like "requires PHP5" should be considered a code smell (or maybe a comment smell) and looked at very, very carefully.  This sort of statement implies that the code is very, very old.  In fact, it may have been written before many of the PHP security flaws were recognized, and it may contain these flaws.  I would want to seek assurances from the original author that the code has been kept up-to-date over the last decade!
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article discusses four methods for overlaying images in a container on a web page
Any business that wants to seriously grow needs to keep the needs and desires of an international audience of their websites in mind. Making a website friendly to international users isn’t prohibitively expensive and can provide an incredible return…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now