[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 199
  • Last Modified:

Display form field values in authorize.net payment page

ColdFusion 9
Registration Form URL: http://nnvawi.org/RegisterConference.cfm

Almost done with this application.

I am trying to populate an authorize.net payment page with values entered into a registration form at http://nnvawi.org/RegisterConference.cfm.

The Authorize.net API specifies x_first_name for "first name" and x_last_name for "last name". So I use CFSET, and I set up hidden input fields to correctly populate x_first_name and x_last_name. Like so:

<cfset FirstName="form.FirstName">
<cfset LastName="form.LastName">

<INPUT type="hidden" name="x_first_name" value="#FirstName#" />
<INPUT type="hidden" name="x_last_name" value="#LastName#" />

The problem: when I submit the form, the values I get in the authorize.net payment page are the literal: form.FirstName and form.LastName.

Probably I am missing something simple and obvious. How can I set up my form to populate the authorize.net payment page?

Also wondering how I can derive a value for variable #amount# from the Conference Fees radio buttons .. and display the selected fee in the authorize.net payment page ... but that might be another, larger question.

Thank you as always for any advice.  In the meantime I am studying the authorize.net API and examples.

Eric

<!-----
Name:        RegisterConference.cfm
Author:      EB / _agx_
Description: 1) process information for conference registrants; 2) populate authorize.net payment page with data entered in this registration form
Created:     July 2014
Revised: August 2014
ColdFusion Version 9
MS SQL Server 2012
----->


<!--- authorize.net stuff--->
<!--- the parameters for the payment amount can be configured here --->
<!--- the API Login ID and Transaction Key must be replaced with valid values --->
<cfset loginID="xxxxxxxxxxx">
<cfset transactionKey="yyyyyyyyyyyy">
<cfset amount="value derived from Conference Fees radio buttons">
<cfset description="Nursing Network on Violence Against Women International Conference Registration">
<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
<cfset testMode="false">

<cfset posturl="https://secure.authorize.net/gateway/transact.dll">

<!--- If an amount or description were posted to this page, the defaults are overidden --->
<cfif IsDefined("FORM.amount")>
  <cfset amount=FORM.amount>
</cfif>
<cfif IsDefined("FORM.description")>
  <cfset description=FORM.description>
</cfif>
<!--- also check to see if the amount or description were sent using the GET method --->
<cfif IsDefined("URL.amount")>
  <cfset amount=URL.amount>
</cfif>
<cfif IsDefined("URL.description")>
  <cfset description=URL.description>
</cfif>

<!--- an invoice is generated using the date and time --->
<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>

<!--- a sequence number is randomly generated --->
<cfset sequence=RandRange(1, 1000)>

<!--- a timestamp is generated --->

<!--- cfset timestamp, per _agx_ --->
<cfset utcTimeNow = dateConvert("local2Utc", now())>
<cfset timestamp = int(utcTimeNow.getTime()/1000)>

<!--- The following lines generate the SIM fingerprint --->

<cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">

<cfset fingerprint=#digest#>



<!--- /authorize.net stuff --->


<!--- now, set up the conference registration form --->

<!--- set a default value "" for RegisterID in scope URL --->
<cfparam name="url.RegisterID" default="">

<!--- define the RegisterID in scope FORM, then set form.RegisterID equal to the RegisterID passed in the URL --->
<cfparam name="form.RegisterID" default="#url.RegisterID#">

<!--- set default values for other user-editable fields --->
<cfparam name="form.Title" default="">
<cfparam name="form.FirstName" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.LastName" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.Organization" default="">
<cfparam name="form.Address" default="">
<cfparam name="form.City" default="">
<cfparam name="form.State" default="">
<cfparam name="form.ZIP" default="">
<cfparam name="form.Country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.UserEmail" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">


     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeType" default="">
                                          
<!--- in user-editable fields, set up protection against XSS  --->
    <cfloop collection="#FORM#" item="field">
      <cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
    </cfloop>



		   
<!---- begin CFTRY; catch errors ---->
<cftry>  
 
<!---- populate cftry with error message ---->
<cfset variables.error = ""> 
 
<!--- BEGIN: Save action --->

<!--- begin form.doSave --->

<cfif IsDefined("FORM.doSave")>


<cftransaction>



<!--- query to insert new record into registration table --->
			<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
				 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,FirstName
,MiddleInitial
,LastName
,Credentials
,Organization
,Address
,City
,State
,ZIP
,Country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,UserEmail
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FirstName,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.LastName,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Organization,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.City,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.State,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.ZIP,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.UserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
					</cfquery>
        

    </cftransaction>
        
                   
<!--- use the result attribute value (newRegistrant) to set form field value --->
      <cfset form.RegisterID = newRegistrant.IDENTITYCOL>


             
<!--- END: Save action --->

<!--- END form.doSave --->
                    </cfif>
       
<!--- END queries to update or insert database records ---> 
        
<!--- this CFCATCH will trap errors -- the ones you threw or just regular database issues --->
            <cfcatch type="Any">
                 <cfset variables.error = cfcatch.message>
                 <cfrethrow>
            </cfcatch>

<!--- END CFTRY --->  
			</cftry>
       


<!--- BEGIN CFOUTPUTONLY --->  
       
<cfsetting enablecfoutputonly="true">
<cfoutput>
       
<cfinclude template="/SiteHeader.cfm">


<!--- if there an error, display error in readable form --->

<cfif len(variables.error)> 
	  <cfoutput>
	    <div class="errorbox">#variables.error#</div>
	    </cfoutput>
   
   <br />

             <div class="center">
               <input type="button" value="Go Back" onclick="history.go(-1)" />
</div>
             
             <cfabort>
</cfif>




<!--- form begins here --->
<form method="post" action="#posturl#" name="ebwebworkForm" class="ebwebworkForm">


<!--- set values for first name and last name --->
<cfset LastName="form.LastName">
<cfset FirstName="form.FirstName">
                
 <INPUT type="hidden" name="x_login" value="#loginID#" />
	<INPUT type="hidden" name="x_amount" value="#amount#" />
	<INPUT type="hidden" name="x_description" value="#description#" />
	<INPUT type="hidden" name="x_invoice_num" value="#invoice#" />
	<INPUT type="hidden" name="x_fp_sequence" value="#sequence#" />
	<INPUT type="hidden" name="x_fp_timestamp" value="#timeStamp#" />
	<INPUT type="hidden" name="x_fp_hash" value="#fingerprint#" />
	<INPUT type="hidden" name="x_test_request" value="#testMode#" />
	<INPUT type="hidden" name="x_show_form" value="PAYMENT_FORM" />
  	<INPUT type="hidden" name="x_first_name" value="#FirstName#" />
   	<INPUT type="hidden" name="x_last_name" value="#LastName#" />
 
 <!--- Embed RegisterID (PK) to assign a value to it --->
 <cfoutput>
<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
   </cfoutput>





  <ul>
        <li>
<legend><h2>Converence Registration</h2></legend>
      </li>
      
                              
<li>
  <label for="FirstName"><h3>First Name:</h3></label>


<input type="text" name="FirstName" placeholder="First Name" value="" maxlength="255" tabindex="2" size="70" required="yes" />
        <span class="form_hint">Enter First Name</span> 
        
             
</li>


<li>
  <label for="LastName"><h3>Last Name:</h3></label>


<input type="text" name="LastName" placeholder="Last Name" value="" maxlength="255" tabindex="4" size="70" required="yes" />
        <span class="form_hint">Enter Last Name</span> 
         
               
</li>


   
   
   .... more form fields .....


<h2>Conference Fees</h2>




<cfquery name="getConferenceTypes" datasource="#application.datasource#"> 
    SELECT ConferenceFeeTypeID, ConferenceFeeTitle, Fee
    FROM #REQUEST.conferenceFeeTable#
</cfquery>

<table width="40%" summary="Conference Fee Schedule for NNVAWI Conference, April 9 - 11, 2015">
  <caption>
    <h3>Conference Fees</h3>
  </caption>

<cfloop query="getConferenceTypes">
<cfoutput>
      <tr>
    <td>#getConferenceTypes.ConferenceFeeTitle#</td>
    <td>#getConferenceTypes.Fee#</td>
	<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
</cfoutput>
</cfloop>                
</table>



    <li>
<div class="submitButton">
   <cfoutput>  
   <button name="doSave" type="submit" class="green" tabindex="19">Register for #REQUEST.companyName# Conference</button>
   </cfoutput>
</div>  
</li>
    
    
    </ul>

</form>

<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>

        <cfinclude template="/SiteFooter.cfm">
        
</cfoutput>        <!--- END CFOUTPUTONLY --->  
        

Open in new window

0
Eric Bourland
Asked:
Eric Bourland
  • 42
  • 35
6 Solutions
 
_agx_Commented:
Hi Eric,

Just wrap those fields in <cfoutput> tags and you'll get the values of the variables, instead of the literal names.

As far as "amount", I wouldn't store it in the form. Malicious users could always modify the FORM values and post a lesser amount than the real fee.  Instead use the selected conferenceTypeID value to look up the amount when the form is submitted. Just be sure to halt processing if the conferenceTypeID is bogus or missing.

     <!--- when form is submitted --->
     <cfquery name="getConferenceAmount" .... > 
         SELECT TheFeeColumn 
         FROM    TheConferencTypeTable 
         WHERE  ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#" ...etc ....>
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The conference id is invalid, so throw an error / halt processing....
     </cfif>

     <!--- Otherwise, it's a valid id so store the amount and keep processing --->
     <cfset amount = getConferenceAmount.TheFeeColumn>
 
     ... continue processing .....

Open in new window

0
 
Eric BourlandAuthor Commented:
Hmmm. You mean like this:

<!--- form begins here --->
<form method="post" action="#posturl#" name="ebwebworkForm" class="ebwebworkForm">

<cfset LastName="form.LastName">
<cfset FirstName="form.FirstName">
               
        <cfoutput><INPUT type="hidden" name="x_first_name" value="#FirstName#" /></cfoutput>
         <cfoutput><INPUT type="hidden" name="x_last_name" value="#LastName#" /></cfoutput>

I still get the literal: form.FirstName and form.LastName in the output in the authorize.net page.

Thought: I think this is happening because the action of the form is no longer a ColdFusion action, but rather #posturl# .. which is the authorize.net transaction page:

<cfset posturl="https://secure.authorize.net/gateway/transact.dll">

(Another task for a later question .... this form no longer performs the DoSave action that inserts data into my database table; rather, the action of the form goes straight to the authorize.net transaction page .... and that might be the cause of the FirstName and LastName problem too ... since ColdFusion does not have a chance to work on the data submitted with the form. I am not sure if that makes sense or if I have a grasp of the situation.)
0
 
_agx_Commented:
> <cfset LastName="form.LastName">
> <cfset FirstName="form.FirstName">

Since you omitted the # signs around #form.LastName#, you're actually setting the value to the literal characters "form.LastName".  Though I'm not sure sure you even those cfset statements... Depends on the source of "LastName" and "FirstName".  Are you getting the values from a form submit - db query -...?

> this form no longer performs the DoSave action

Yes.  Obviously a form POST can only have one target, meaning you can post to your page - their page - but not both.  If you want to save the information in your db first, you either need to

- submit the details via ajax first - then submit the form data to their page  OR possibly
- do a regular form submit to your page. Populate the same values in hidden fields, and auto-submit via ajax to their page.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
Eric BourlandAuthor Commented:
>>>>Since you omitted the # signs around #form.LastName#, you're actually setting the value to the literal characters "form.LastName".  Though I'm not sure sure you even those cfset statements... Depends on the source of "LastName" and "FirstName".  Are you getting the values from a form submit - db query -...?

I understand.

To simplify things I am working on only LastName now.

When I do this:

<!--- form begins here --->
<form method="post" action="#posturl#" name="ebwebworkForm" class="ebwebworkForm">

<cfset LastName="#form.LastName#">
                
 <INPUT type="hidden" name="x_login" value="#loginID#" />
	<INPUT type="hidden" name="x_amount" value="#amount#" />
	<INPUT type="hidden" name="x_description" value="#description#" />
	<INPUT type="hidden" name="x_invoice_num" value="#invoice#" />
	<INPUT type="hidden" name="x_fp_sequence" value="#sequence#" />
	<INPUT type="hidden" name="x_fp_timestamp" value="#timeStamp#" />
	<INPUT type="hidden" name="x_fp_hash" value="#fingerprint#" />
	<INPUT type="hidden" name="x_test_request" value="#testMode#" />
	<INPUT type="hidden" name="x_show_form" value="PAYMENT_FORM" />

    <cfoutput><INPUT type="hidden" name="x_last_name" value="#LastName#" /></cfoutput>

Open in new window


... and submit the form, the Last Name field in the authorize payment page is... empty.

I wonder if authorize.net is doing something to edit or change ColdFusion output.

I really appreciate your help. I know you have got a lot going on, and deadlines of your own to meet.

Hope you are well. Thanks again.

Eric
0
 
Eric BourlandAuthor Commented:
Dear _agx_

I made progress on this.

<p>Enter Last Name: <INPUT type="text" NAME="x_last_name" value="" /></p>

<INPUT type='hidden' name='x_login' value='#loginID#' />
	<INPUT type='hidden' name='x_amount' value='#amount#' />
	<INPUT type='hidden' name='x_description' value='#description#' />
	<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
	<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
	<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
	<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
	<INPUT type='hidden' name='x_test_request' value='#testMode#' />
	<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />
	<input type='submit' value='#label#' />
</FORM>
<!-- This is the end of the code generating the "submit payment" button.    -->

Open in new window


I just need to rename my form fields to match those expected by authorize.net.

I'll come back here later with more results. Hope you are great. =)

Eric
0
 
_agx_Commented:
Sorry it's been non-stop today.

Ohh... duh! That makes total sense. Since you're now posting directly to their form, the form field names must match theirs for the values to be pre-populated.
0
 
Eric BourlandAuthor Commented:
Dear _agx_,

Making progress.

I used your recommendation to stop people from entering an invalid registration fee amount:

     <!--- set valid amount for variable "amount"; confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid id so store the amount and keep processing --->
     <cfset amount = getConferenceAmount.amount>

Open in new window


That makes sense to me.

But now I am having trouble assigning value #amount# to name #x-amount# the way authorize.net expects:

<INPUT type="hidden" name="x_amount" value="#amount#" />

Open in new window


I use this code to loop through the different fee amounts:

<cfquery name="getConferenceTypes" datasource="#application.datasource#"> 
    SELECT ConferenceFeeTypeID, ConferenceFeeTitle, amount
    FROM #REQUEST.conferenceFeeTable#
</cfquery>

<table width="40%" summary="Conference Fee Schedule for NNVAWI Conference, April 9 - 11, 2015">
  <caption>
    <h3>Conference Fees</h3>
  </caption>

<cfloop query="getConferenceTypes">
<cfoutput>
      <tr>
    <td>#getConferenceTypes.ConferenceFeeTitle#</td>
    <td>#getConferenceTypes.amount#</td>
	<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
</cfoutput>
</cfloop>                

Open in new window


That works perfectly.

After that, I have:

     <!--- set valid amount for variable "amount"; confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid id so store the amount and keep processing --->
     <cfset amount = getConferenceAmount.amount>
     
     <!--- input the x-amount value for authorize.net--->

<INPUT type="hidden" name="x_amount" value="#amount#" />

Open in new window


It seems like that should work. But at the moment I get this error:

 Variable AMOUNT is undefined.
 
The error occurred in C:/websites/www.nnvawi.org/RegisterConference.cfm: line 221
Called from C:/websites/www.nnvawi.org/RegisterConference.cfm: line 177
Called from C:/websites/www.nnvawi.org/RegisterConference.cfm: line 1

219 : 
220 : <!--- The following lines generate the SIM fingerprint --->
221 : <cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">
222 : 
223 : <cfset fingerprint=#digest#>

Open in new window


Because, higher up in the code on line 221, the fingerprint wants a value for variable #amount#. Here is the code that authorize.net uses:

(Sorry to bombard you with code excerpts.)

<!--- authorize.net stuff--->
<!--- the parameters for the payment amount can be configured here --->
<!--- the API Login ID and Transaction Key must be replaced with valid values --->
<cfset loginID="86G3UkHsuB">
<cfset transactionKey="5K35n45wRF4m8ST8">
<cfset description="Nursing Network on Violence Against Women International Conference Registration">
<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
<cfset testMode="false">

<cfset posturl="https://secure.authorize.net/gateway/transact.dll">


<!--- an invoice is generated using the date and time --->
<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>

<!--- a sequence number is randomly generated --->
<cfset sequence=RandRange(1, 1000)>

<!--- a timestamp is generated --->
<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

<!--- The following lines generate the SIM fingerprint --->
<cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">

<cfset fingerprint=#digest#>

<!--- /authorize.net stuff --->

Open in new window


So, I am not sure:

1) how to arrange these blocks of code so that variable #amount# is defined where it needs to be
2) how to make sure that authorize.net receives a valid value for field x-amount

Thank you again for your patience. I know you have a lot going on. =)

Eric
0
 
_agx_Commented:
To be honest, I'm having a little trouble figuring out the intended "flow" of the current form. I thought it was going to be posting to authorize.net directly (rather than self-posting - the way it was before). So I'm not sure I see where the <cf_hmac> stuff fits in. I understand it's purpose, but I guess I'm just not seeing how you're trying to fit all the "form" pieces fit together.

1. Can you summarize what you expect to happen with this form?
2. Any chance you could post the complete <form> code, so I could see the whole picture?
0
 
_agx_Commented:
BTW - I'm sure you've got a schedule to keep too. So if you ever need a prompt answer, and I'm tied up, feel free to open a new question and delete the old one. I wouldn't be at all offended by that.  While I certainly enjoy participating in your threads, I know you've got deadlines to meet too :) and I don't want to hold you back from getting an answer from whomever is available.
0
 
Eric BourlandAuthor Commented:
Of course. To both.

1) User fills out registration form; clicks submit; sees the authorize.net payment page with all of her information (name, address, so on) and the correct fee amount already populated in the payment page. That is my goal. I am almost there -- the remaining field to send to authorize.net is "x-amount", which we have named "amount" in the registration form.

2) Here is the entire form. But -- it is long; a lot of code. You've got things to do. I would feel pretty bad if you spent a lot (more) time on this. Please let me know if this becomes a burden. I am deeply grateful. Here is the form:

<!-----
Name:        RegisterConference.cfm
Author:      EB / _agx_
Description: 1) process information for conference registrants; 2) populate authorize.net payment page with data entered in this registration form
Created:     July 2014
Revised: August 2014
ColdFusion Version 9
MS SQL Server 2012
----->

<!--- set up the conference registration form --->

<!--- set a default value "" for RegisterID in scope URL --->
<cfparam name="url.RegisterID" default="">

<!--- define the RegisterID in scope FORM, then set form.RegisterID equal to the RegisterID passed in the URL --->
<cfparam name="form.RegisterID" default="#url.RegisterID#">

<!--- set default values for other user-editable fields --->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">


     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeType" default="">
     <cfparam name="form.ConferenceFeeTypeID" default="">
                                          
<!--- in user-editable fields, set up protection against XSS  --->
    <cfloop collection="#FORM#" item="field">
      <cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
    </cfloop>



		   
<!---- begin CFTRY; catch errors ---->
<cftry>  
 
<!---- populate cftry with error message ---->
<cfset variables.error = ""> 
 
<!--- BEGIN: Save action --->

<!--- begin form.doSave --->

<cfif IsDefined("FORM.doSave")>


 <!--- in this query select NOTHING from table #request.RegisterTable#, and simply check if x_email exists --->
 
 <cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <CFQUERYPARAM CFSQLTYPE="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">

  </cfquery>

  
   <!--- if x_email exists, display error; refuse record insert --->
   
	<cfif CheckUserEmail.recordcount GT 0>
		   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
           
	</cfif>


<cftransaction>



<!--- query to insert new record into registration table --->
			<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
				 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,Credentials
,x_company
,x_address
,x_city
,x_state
,x_zip
,x_country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,x_email
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_company,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_city,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_state,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_zip,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_email,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
					</cfquery>
        

   <cfmail
      from="#form.x_email#"
<!---to="melissa.sutherland@bc.edu"--->
to="eric@ebwebwork.com"
      subject="New #REQUEST.companyName# conference registration ready for your review as of #DateFormat(Now())#, #TimeFormat(Now())#"
      SpoolEnable="Yes">Greetings, #REQUEST.companyName#. There is a new #REQUEST.companyName# conference registration ready for your review. Please check the #REQUEST.companyName# registration control panel.</cfmail>

    </cftransaction>
        
                   
<!--- use the result attribute value (newRegistrant) to set form field value --->
      <cfset form.RegisterID = newRegistrant.IDENTITYCOL>


             
<!--- END: Save action --->

<!--- END form.doSave --->
                    </cfif>
       
<!--- END queries to update or insert database records ---> 
        
<!--- this CFCATCH will trap errors -- the ones you threw or just regular database issues --->
            <cfcatch type="Any">
                 <cfset variables.error = cfcatch.message>
                 <cfrethrow>
            </cfcatch>

<!--- END CFTRY --->  
			</cftry>
       


<!--- BEGIN CFOUTPUTONLY --->  
       
<cfsetting enablecfoutputonly="true">
<cfoutput>
       
<cfinclude template="/SiteHeader.cfm">


<!--- if there an error, display error in readable form --->

<cfif len(variables.error)> 
	  <cfoutput>
	    <div class="errorbox">#variables.error#</div>
	    </cfoutput>
   
   <br />

             <div class="center">
               <input type="button" value="Go Back" onclick="history.go(-1)" />
</div>
             
             <cfabort>
</cfif>


<!--- authorize.net stuff--->
<!--- the parameters for the payment amount can be configured here --->
<!--- the API Login ID and Transaction Key must be replaced with valid values --->
<cfset loginID="xxxxxx">
<cfset transactionKey="yyyyyyy">
<cfset description="Nursing Network on Violence Against Women International Conference Registration">
<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
<cfset testMode="false">

<cfset posturl="https://secure.authorize.net/gateway/transact.dll">


<!--- an invoice is generated using the date and time --->
<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>

<!--- a sequence number is randomly generated --->
<cfset sequence=RandRange(1, 1000)>

<!--- a timestamp is generated --->
<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

<!--- The following lines generate the SIM fingerprint --->
<cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">

<cfset fingerprint=#digest#>

<!--- /authorize.net stuff --->



<!--- form begins here --->
<form method="post" action="#posturl#" name="ebwebworkForm" class="ebwebworkForm">

<INPUT type='hidden' name='x_login' value='#loginID#' />
	<INPUT type='hidden' name='x_description' value='#description#' />
	<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
	<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
	<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
	<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
	<INPUT type='hidden' name='x_test_request' value='#testMode#' />
	<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />

 
 <!--- Embed RegisterID (PK) to assign a value to it --->
 <cfoutput>
<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
   </cfoutput>





  <ul>
        <li>
<legend><h2>Converence Registration</h2></legend>
      </li>
      

<p><span class="red"><i class="icon-asterisk"></i></span> <em>indicates a required field.</em></p>

<li>
  <label for="Title"><h3>Title (Ms., Mr., Dr. etc.):</h3></label>



<input type="text" name="Title" placeholder="Title" value="" maxlength="255" tabindex="1" size="70" autofocus="true" />
               
</li>
                              
<li>
  <label for="x_first_name"><h3>First Name:</h3></label>


<input type="text" name="x_first_name" placeholder="First Name" value="" maxlength="255" tabindex="2" size="70" required="yes" />
        <span class="form_hint">Enter First Name</span> 
        
             
</li>


<li>
  <label for="MiddleInitial"><h3>Middle Initial:</h3></label>


<input type="text" name="MiddleInitial" placeholder="MI" value="" maxlength="5" tabindex="3" size="1" />
</li>



<li>
  <label for="x_last_name"><h3>Last Name:</h3></label>


<input type="text" name="x_last_name" placeholder="Last Name" value="" maxlength="255" tabindex="4" size="70" required="yes" />
        <span class="form_hint">Enter Last Name</span> 
         
               
</li>

<li>
  <label for="Credentials"><h3>Credentials:</h3></label>


<input type="text" name="Credentials" placeholder="Credentials (e.g. RN, MSN, PhD, MD)" value="" maxlength="255" tabindex="5" size="70" required="yes" />
        <span class="form_hint">Credentials (e.g. RN, MSN, PhD, MD)</span> 
               
</li>


<li>
  <label for="x_company"><h3>Current Position and Organization:</h3></label>


<input type="text" name="x_company" placeholder="Current Position and Organization" value="" maxlength="255" tabindex="6" size="70" required="yes" />
        <span class="form_hint">Enter Current Position and Organization</span> 
               
</li>


    
 
 
  <li>
  <label for="x_address"><h3>Address:</h3></label>


<input type="text" name="x_address" placeholder="Please enter your address" value="" maxlength="255" tabindex="7" size="70" required="yes" />
        <span class="form_hint">Please enter your mailing address</span> 
               
</li>
    

  <li>
  <label for="x_city"><h3>City:</h3></label>


<input type="text" name="x_city" placeholder="Please enter your city" value="" maxlength="255" tabindex="8" size="70" required="yes" />
        <span class="form_hint">Please enter your city</span> 
               
</li>

         
         
           <li>
  <label for="x_state"><h3>State or Province:</h3></label>


<input type="text" name="x_state" placeholder="Please enter your State or Province" value="" maxlength="255" tabindex="9" size="70" required="yes" />
        <span class="form_hint">Please enter your State or Province</span> 
               
</li>                     
                         
           <li>
  <label for="x_zip"><h3>ZIP or Postal Code:</h3></label>


<input type="text" name="x_zip" placeholder="Please enter your ZIP or Postal Code" value="" maxlength="255" tabindex="10" size="70" required="yes" />
        <span class="form_hint">Please enter your ZIP or Postal Code</span> 
               
</li>  
           <li>
  <label for="x_country"><h3>Country:</h3></label>


<input type="text" name="x_country" placeholder="Please enter your country" value="" maxlength="255" tabindex="11" size="70" required="yes" />
        <span class="form_hint">Please enter your country</span> 
               
</li>  
           <li>
  <label for="TelephoneHome"><h3>Home Telephone:</h3></label>


<input type="text" name="TelephoneHome" placeholder="Please enter your home telephone number" value="" maxlength="25" tabindex="12" size="70" />
        <span class="form_hint">Please enter your home telephone number.</span> 
               
</li>     


           <li>
  <label for="TelephoneWork"><h3>Work Telephone:</h3></label>


<input type="text" name="TelephoneWork" placeholder="Please enter your work telephone number" value="" maxlength="25" tabindex="13" size="70" />
        <span class="form_hint">Please enter your work telephone number.</span> 
               
</li>     

           <li>
  <label for="TelephoneMobile"><h3>Mobile Telephone:</h3></label>


<input type="text" name="TelephoneMobile" placeholder="Please enter your mobile telephone number" value="" maxlength="25" tabindex="14" size="70" />
        <span class="form_hint">Please enter your mobile telephone number.</span> 
               
</li>     



           <li>
  <label for="FAX"><h3>FAX:</h3></label>


<input type="text" name="FAX" placeholder="Please enter your FAX number" value="" maxlength="25" tabindex="15" size="70" />
        <span class="form_hint">Please enter your FAX number.</span> 
               
</li>     
<li>
  <label for="x_email"><h3>Email Address:</h3></label>


<input type="text" name="x_email" placeholder="Important: Please enter your valid email address." value="" maxlength="128" tabindex="16" size="70" required="yes" />
        <span class="form_hint">Enter email address</span> 
               
</li>


           <li>
  <label for="AltUserEmail"><h3>Alternate email address:</h3></label>


<input type="text" name="AltUserEmail" placeholder="Please enter an alternate email address" value="" maxlength="128" tabindex="17" size="70" />
              
</li>                   
      
      <li>
  <label for="SpecialRequirements"><h3>Special Requirements -- dietary, mobility, etc.:</h3></label>


<input type="text" name="SpecialRequirements" placeholder="Important: Please enter special requirements, if any." value="" maxlength="255" tabindex="18" size="70" />
               
</li>


<h2>Conference Fees</h2>

<p>There are two ways to take advantage of lower fees for NNVAWI members.</p>


<p><i class="icon-check green"></i> If you are a member in good standing, select the member rate.</p>

<p><i class="icon-check green"></i> To join NNVAWI (or renew your membership) when you register for the conference, select the 'Join/Renew and Register' rate.</p>



<h2>Payment Options</h2>

<p><em>All fees are payable in U.S. Funds.</em></p>


<cfquery name="getConferenceTypes" datasource="#application.datasource#"> 
    SELECT ConferenceFeeTypeID, ConferenceFeeTitle, amount
    FROM #REQUEST.conferenceFeeTable#
</cfquery>

<table width="40%" summary="Conference Fee Schedule for NNVAWI Conference, April 9 - 11, 2015">
  <caption>
    <h3>Conference Fees</h3>
  </caption>

<cfloop query="getConferenceTypes">
<cfoutput>
      <tr>
    <td>#getConferenceTypes.ConferenceFeeTitle#</td>
    <td>#getConferenceTypes.amount#</td>
	<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
</cfoutput>
</cfloop>                
</table>




     <!--- set valid amount for variable "amount"; confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid id so store the amount and keep processing --->
     <cfset amount = getConferenceAmount.amount>
     
     <!--- input the x-amount value for authorize.net--->

<INPUT type="hidden" name="x_amount" value="#amount#" />

<p><strong>Full Registration Fee Includes:</strong><br /> 
Continental breakfast, snacks and lunch each day; entry to conference sessions, Thursday evening Opening Reception.</p>  
<p><strong>One-Day Fee Includes:</strong><br />
Continental breakfast, snacks and lunch on the day of registration, and entrance to conference sessions scheduled on that day.</p>

    <li>
<div class="submitButton">
   <cfoutput>  
   <button name="doSave" type="submit" class="green" tabindex="19">Register for #REQUEST.companyName# Conference</button>
   </cfoutput>
</div>  
</li>
    
    
    </ul>
    
    


</form>

<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>

        <cfinclude template="/SiteFooter.cfm">
        
</cfoutput>        <!--- END CFOUTPUTONLY --->  
        

Open in new window

0
 
_agx_Commented:
Thanks. Perfect.

Hm... I don't see how you can do this in one step.  The reason being you seem to need the dollar "amount" charged in order to calculate the "fingerprint".  However, you don't know the amount to charge until after the user fills out the form.  That's why you're getting the "amount is not defined..." error. It's kind of a chicken and the egg scenario.

I'd have to look over the specific API to understand what they're expecting.
0
 
Eric BourlandAuthor Commented:
>>>>The reason being you seem to need the dollar "amount" charged in order to calculate the "fingerprint".

I agree. This has been what I have puzzled over.

I wonder if we can do this in two step:

Step 1: submit data to a Confirmation page -- "You entered this data; please confirm before proceeding; click Submit to submit this information to Authorize.net payment page"; also in this step, if possible; submit data to table "NNVAWIRegister" in MS SQL 2012 (I need this to happen anyway)

Step 2: The Confirmation page is step 2, and it contains all the authorize.net stuff, and a submit button to submit to authorize.net:

<!--- authorize.net stuff--->
<!--- the parameters for the payment amount can be configured here --->
<!--- the API Login ID and Transaction Key must be replaced with valid values --->
<cfset loginID="xxxxxx">
<cfset transactionKey="yyyyyyyyyy">
<cfset description="Nursing Network on Violence Against Women International Conference Registration">
<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
<cfset testMode="false">

<cfset posturl="https://secure.authorize.net/gateway/transact.dll">


<!--- an invoice is generated using the date and time --->
<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>

<!--- a sequence number is randomly generated --->
<cfset sequence=RandRange(1, 1000)>

<!--- a timestamp is generated --->
<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

<!--- The following lines generate the SIM fingerprint --->
<cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">

<cfset fingerprint=#digest#>

<!--- /authorize.net stuff --->

Open in new window


Would that work?
0
 
_agx_Commented:
Yes, exactly!
0
 
Eric BourlandAuthor Commented:
OK. I'll set this up tonight and get back to you tomorrow. Thank you!

Progress....

Have a great evening.

Eric
0
 
Eric BourlandAuthor Commented:
Hmmm. I am not sure how to split this up into two pages. This seems simple and obvious, but I am so used to doing this on a single page.

The action of the first form needs to populate table "NNVAWIRegister" in MS SQL 2012 with the values in the form, and also set up the variables to submit to authorize.

What should the action of the form be?

Thanks again. Sorry about this very basic question. =)

E

<!-----
Name:        RegisterConference.cfm (page 1 of two-part submission to authorize.net)
Author:      EB / _agx_
Description: 1) process information for conference registrants; 2) populate authorize.net payment page with data entered in this registration form
Created:     July 2014
Revised: August 2014
ColdFusion Version 9
MS SQL Server 2012
----->

<!--- set up the conference registration form --->

<!--- set a default value "" for RegisterID in scope URL --->
<cfparam name="url.RegisterID" default="">

<!--- define the RegisterID in scope FORM, then set form.RegisterID equal to the RegisterID passed in the URL --->
<cfparam name="form.RegisterID" default="#url.RegisterID#">

<!--- set default values for other user-editable fields --->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">

     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeType" default="">
     <cfparam name="form.ConferenceFeeTypeID" default="">
                                          
<!--- in user-editable fields, set up protection against XSS  --->
    <cfloop collection="#FORM#" item="field">
      <cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
    </cfloop>



		   
<!---- begin CFTRY; catch errors ---->
<cftry>  
 
<!---- populate cftry with error message ---->
<cfset variables.error = ""> 
 
<!--- BEGIN: Save action --->

<!--- begin form.doSave --->

<cfif IsDefined("FORM.doSave")>


 <!--- in this query select NOTHING from table #request.RegisterTable#, and simply check if x_email exists --->
 
 <cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <CFQUERYPARAM CFSQLTYPE="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">

  </cfquery>


<!--- query to insert new record into registration table --->
			<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
				 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,ConferenceFeeType
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">
)         
					</cfquery>
        
        
                   
<!--- use the result attribute value (newRegistrant) to set form field value --->
      <cfset form.RegisterID = newRegistrant.IDENTITYCOL>


             
<!--- END: Save action --->

<!--- END form.doSave --->
                    </cfif>
       
<!--- END queries to update or insert database records ---> 
        
<!--- this CFCATCH will trap errors -- the ones you threw or just regular database issues --->
            <cfcatch type="Any">
                 <cfset variables.error = cfcatch.message>
                 <cfrethrow>
            </cfcatch>

<!--- END CFTRY --->  
			</cftry>
       


<!--- BEGIN CFOUTPUTONLY --->  
       
<cfsetting enablecfoutputonly="true">
<cfoutput>
       
<cfinclude template="/SiteHeader.cfm">


<!--- if there an error, display error in readable form --->

<cfif len(variables.error)> 
	  <cfoutput>
	    <div class="errorbox">#variables.error#</div>
	    </cfoutput>
   
   <br />

             <div class="center">
               <input type="button" value="Go Back" onclick="history.go(-1)" />
</div>
             
             <cfabort>
</cfif>



<!--- form begins here --->
<form method="post" action="#posturl#" name="ebwebworkForm" class="ebwebworkForm">


 <!--- Embed RegisterID (PK) to assign a value to it --->
 <cfoutput>
<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
   </cfoutput>





  <ul>
        <li>
<legend><h2>Converence Registration</h2></legend>
      </li>
      

<p><span class="red"><i class="icon-asterisk"></i></span> <em>indicates a required field.</em></p>

<li>
  <label for="Title"><h3>Title (Ms., Mr., Dr. etc.):</h3></label>



<input type="text" name="Title" placeholder="Title" value="" maxlength="255" tabindex="1" size="70" autofocus="true" />
               
</li>
                              
<li>
  <label for="x_first_name"><h3>First Name:</h3></label>


<input type="text" name="x_first_name" placeholder="First Name" value="" maxlength="255" tabindex="2" size="70" required="yes" />
        <span class="form_hint">Enter First Name</span> 
        
             
</li>


<li>
  <label for="MiddleInitial"><h3>Middle Initial:</h3></label>


<input type="text" name="MiddleInitial" placeholder="MI" value="" maxlength="5" tabindex="3" size="1" />
</li>



<li>
  <label for="x_last_name"><h3>Last Name:</h3></label>


<input type="text" name="x_last_name" placeholder="Last Name" value="" maxlength="255" tabindex="4" size="70" required="yes" />
        <span class="form_hint">Enter Last Name</span> 
         
               
</li>


<h2>Payment Options</h2>

<p><em>All fees are payable in U.S. Funds.</em></p>


<cfquery name="getConferenceTypes" datasource="#application.datasource#"> 
    SELECT ConferenceFeeTypeID, ConferenceFeeTitle, amount
    FROM #REQUEST.conferenceFeeTable#
</cfquery>

<table width="40%" summary="Conference Fee Schedule for NNVAWI Conference, April 9 - 11, 2015">
  <caption>
    <h3>Conference Fees</h3>
  </caption>

<cfloop query="getConferenceTypes">
<cfoutput>
      <tr>
    <td>#getConferenceTypes.ConferenceFeeTitle#</td>
    <td>#getConferenceTypes.amount#</td>
	<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
</cfoutput>
</cfloop>                
</table>




     <!--- set valid amount for variable "amount"; confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid id so store the amount and keep processing --->
     <cfset amount = getConferenceAmount.amount>
     


    <li>
<div class="submitButton">
   <cfoutput>  
   <button name="doSave" type="submit" class="green" tabindex="19">Register for #REQUEST.companyName# Conference</button>
   </cfoutput>
</div>  
</li>
    
    
    </ul>
    
    


</form>

        <cfinclude template="/SiteFooter.cfm">
        
</cfoutput>        <!--- END CFOUTPUTONLY --->  
        

Open in new window

0
 
_agx_Commented:
> I am so used to doing this on a single page.

Well there's pros and cons to each method. Multiple page usually means more duplication, but single page is often harder to debug once you move beyond simple forms.

Anyway, here's an ugly scaled down example of multi-page. Your current form would be mostly the same. Just remove the code for grabbing the "amount" and generating the fingerprint (you'll do that on the confirmation page instead). Then point the form to your confirmationPage instead of the authorize.net site.

<!--- default parameters--->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
...

<cfoutput>
<form method="post" action="confirmationPage.cfm" name="ebwebworkForm" class="ebwebworkForm">
	
	<!--- note: typo --->
	<legend><h2>Conference Registration</h2></legend>
    <br/>Title ...
    <input type="text" name="Title" placeholder="Title" value="" maxlength="255" tabindex="1" size="70" autofocus="true" />
	<br/>First name ...
    <input type="text" name="x_first_name" placeholder="First Name" value="" maxlength="255" tabindex="2" size="70" required="yes" />
	<br/>Last name...
   <input type="text" name="x_last_name" placeholder="Last Name" value="" maxlength="255" tabindex="4" size="70" required="yes" />

	<h2>Payment Options</h2>

	<cfloop query="getConferenceTypes">
    <tr>
    	<td>#getConferenceTypes.ConferenceFeeTitle#</td>
	    <td>#getConferenceTypes.amount#</td>
		<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
	</cfloop>                
     <!--- 
		Note - don't need to set amount here... it will be done on confirmation page instead
		
		... removed code      
		<INPUT type="hidden" name="x_amount" value="#amount#" />
	--->


    <button name="doSave" type="submit" class="green" tabindex="19">Register for #REQUEST.companyName# Conference</button>
	</cfoutput>
</form>

Open in new window


On the confirm page, once you validate, insert the registration to the db. Then generate the fingerprint and display the details. Clicking the "proceed"  button will send that information to authorize.net. Though you could also auto-submit the form with javascript.

(You might also consider using ajax instead lieu of the multiple page approach).


<!--- 
	Assign defaults 
--->
	<cfparam name="form.Title" default="">
	<cfparam name="form.x_first_name" default="">
	etc ....
                                          
<!---
	Validate Conference
--->
<!---
	<cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
		SELECT amount
	    FROM #REQUEST.conferenceFeeTable# 
		<!--- always use a cfsqltype --->
	    WHERE ConferenceFeeTypeID = <cfqueryparam value="#val(FORM.ConferenceFeeTypeID)#" cfsqltype="cf_sql_integer">
	</cfquery>

	<!--- Error: selected conference wasn't found ....--->
	<cfif getConferenceAmount.recordCount eq 0>
		<cfthrow message="Invalid conference selected">
	</cfif>
	
	<!--- Otherwise, it's a valid. Store the amount and keep processing --->
	<cfset verified_amount = getConferenceAmount.amount>
--->	


<!--- 
	XSS protection and validation
--->
	<cfif anyErrorsWereFound>
		<cfabort showError="Show error message ....">
	</cfif>

<!--- 
	If success, save details to database 
--->
	<cftry>  
		Run insert cfquery into #REQUEST.RegisterTable# here ...
		
		<!--- grab registration ID --->
	    <cfset form.RegisterID = newRegistrant.IDENTITYCOL>
	
		<cfcatch type="Any">
	    	do your error handling here 
	        <cfrethrow>
		</cfcatch>
	</cftry>
       


<!--- 
	Generate Authorize.net fingerprint
--->
	<cfset loginID="xxxxxx">
	<cfset transactionKey="yyyyyyy">
	<cfset description="Nursing Network on Violence Against Women International Conference Registration">
	<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
	<cfset testMode="false">
	<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
	<!--- an invoice is generated using the date and time --->
	<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
	<!--- a sequence number is randomly generated --->
	<cfset sequence=RandRange(1, 1000)>
	<!--- a timestamp is generated --->
	<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

	<!--- The following lines generate the SIM fingerprint --->
	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
	<cfset fingerprint=digest>


<!--- 
	Display confirmation form.
--->
<cfoutput>
<form method="post" action="https://secure.authorize.net/gateway/transact.dll" name="ebwebworkForm" class="ebwebworkForm">
	
	<INPUT type='hidden' name='x_login' value='#loginID#' />
	<INPUT type='hidden' name='x_description' value='#description#' />
	<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
	<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
	<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
	<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
	<INPUT type='hidden' name='x_test_request' value='#testMode#' />
	<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />

 	
	<!--- Embed RegisterID (PK) to assign a value to it --->
	<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
	<INPUT type="hidden" name="x_amount" value="#verified_amount#" />

	<!--- Embed all other values as hidden fields --->
	<h2>Continue to Authorize.net</h2> 
	Clicking submit will redirect you to Authorize.net where you can finalize your payment:<br/>
	
	First Name: #form.x_first_name# <br/>
    <input type="hidden" name="x_first_name" value="#form.x_first_name#"/>
	Last Name: #form.x_last_name# <br/>
    <input type="hidden" name="x_last_name" value="#form.x_last_name#" />
	... etc... 
     

   <button name="proceed" type="submit">Proceed to Authorize.net</button>

</form>
</cfoutput>

Open in new window

0
 
Eric BourlandAuthor Commented:
Got it. Working on this.

Thanks for the typo catch. =) Everybody needs an editor.

Hope your day is going great. E
0
 
_agx_Commented:
> Everybody needs an editor.

Haha. Me more than most ;-)  

I obviously omitted a LOT of the actual code from the sample pages (xss stuff, field validation, etc..) so that needs to be added back in of course.
0
 
Eric BourlandAuthor Commented:
I made a lot of progress, but have a couple of questions. =)

I have two pages now:

Step 1: RegisterConference.cfm
Step 2: ConfirmationPage.cfm

And I see how they are working together. I have not tested them yet, but they make sense to me. I think my main question is, do I need to repeat things from Step 1, in Step 2?

For example -- should I have these in both Steps 1 and 2?

     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeType" default="">
     <cfparam name="form.ConferenceFeeTypeID" default="">



<!--- in user-editable fields, set up protection against XSS  --->
    <cfloop collection="#FORM#" item="field">
      <cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
    </cfloop>


 <!--- in this query select NOTHING from table #request.RegisterTable#, and simply check if x_email exists --->
 
 <cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <CFQUERYPARAM CFSQLTYPE="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">

  </cfquery>

  
   <!--- if x_email exists, display error; refuse record insert --->
   
	<cfif CheckUserEmail.recordcount GT 0>
		   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
           
	</cfif>


<!--- if there an error, display error in readable form --->

<cfif len(variables.error)> 
	  <cfoutput>
	    <div class="errorbox">#variables.error#</div>
	    </cfoutput>
   
   <br />

             <div class="center">
               <input type="button" value="Go Back" onclick="history.go(-1)" />
</div>
             
             <cfabort>
</cfif>

Open in new window



It seems like I need those only in Step 1, RegisterConference.cfm?

Here's the code I created based on your code. Sorry to drop all of this on you. Thank you as always. I hope your day is going smoothly.

Eric

RegisterConference.cfm --- this is pretty basic; a typical registration page, with action ConfirmationPage.cfm:

<!-----
Name:        RegisterConference.cfm
Author:      EB / _agx_
Description: first step of registration process: 1) User enters data in registration form and sees confirmation page; 2) in confirmation page: populate MSSQL data table with data entered in this registration form; and: 3) populate authorize.net payment page with this same data
Created:     July 2014
Revised: August 2014
ColdFusion Version 9
MS SQL Server 2012
----->

<!--- set up parameters for conference registration form --->

<!--- set a default value "" for RegisterID in scope URL --->
<cfparam name="url.RegisterID" default="">

<!--- define the RegisterID in scope FORM, then set form.RegisterID equal to the RegisterID passed in the URL --->
<cfparam name="form.RegisterID" default="#url.RegisterID#">

<!--- set default values for other user-editable fields --->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">


     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeType" default="">
     <cfparam name="form.ConferenceFeeTypeID" default="">
                                          
<!--- in user-editable fields, set up protection against XSS  --->
    <cfloop collection="#FORM#" item="field">
      <cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
    </cfloop>



		   
<!---- begin CFTRY; catch errors ---->
<cftry>  
 
<!---- populate cftry with error message ---->
<cfset variables.error = ""> 
 
<!--- BEGIN: Save action --->

<!--- begin form.doSave --->

<cfif IsDefined("FORM.doSave")>


 <!--- in this query select NOTHING from table #request.RegisterTable#, and simply check if x_email exists --->
 
 <cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <CFQUERYPARAM CFSQLTYPE="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">

  </cfquery>

  
   <!--- if x_email exists, display error; refuse record insert --->
   
	<cfif CheckUserEmail.recordcount GT 0>
		   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
           
	</cfif>


<cftransaction>



<!--- query to insert new record into registration table --->
			<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
				 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,Credentials
,x_company
,x_address
,x_city
,x_state
,x_zip
,x_country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,x_email
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_company,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_city,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_state,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_zip,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_email,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
					</cfquery>
        
<!--- Notify NNVAWI that a conference registration has been submitted --->
<!---   <cfmail
      from="#form.x_email#"
to="melissa.sutherland@bc.edu"
to="eric@ebwebwork.com"
      subject="New #REQUEST.companyName# conference registration ready for your review as of #DateFormat(Now())#, #TimeFormat(Now())#"
      SpoolEnable="Yes">Greetings, #REQUEST.companyName#. There is a new #REQUEST.companyName# conference registration ready for your review. Please check the #REQUEST.companyName# registration control panel.</cfmail>--->

    </cftransaction>
        
                   
<!--- use the result attribute value (newRegistrant) to set form field value --->
      <cfset form.RegisterID = newRegistrant.IDENTITYCOL>


             
<!--- END: Save action --->

<!--- END form.doSave --->
                    </cfif>
       
<!--- END queries to update or insert database records ---> 
        
<!--- this CFCATCH will trap errors -- the ones you threw or just regular database issues --->
            <cfcatch type="Any">
                 <cfset variables.error = cfcatch.message>
                 <cfrethrow>
            </cfcatch>

<!--- END CFTRY --->  
			</cftry>
       


<!--- BEGIN CFOUTPUTONLY --->  
       
<cfsetting enablecfoutputonly="true">
<cfoutput>
       
<cfinclude template="/SiteHeader.cfm">


<!--- if there an error, display error in readable form --->

<cfif len(variables.error)> 
	  <cfoutput>
	    <div class="errorbox">#variables.error#</div>
	    </cfoutput>
   
   <br />

             <div class="center">
               <input type="button" value="Go Back" onclick="history.go(-1)" />
</div>
             
             <cfabort>
</cfif>





<!--- form begins here; form action is step two: confirmerationPage.cfm --->
<form method="post" action="confirmationPage.cfm" name="ebwebworkForm" class="ebwebworkForm">

 
 <!--- Embed RegisterID (PK) to assign a value to it --->
 <cfoutput>
<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
   </cfoutput>


  <ul>
        <li>
<legend><h2>Conference Registration</h2></legend>
      </li>
      

<p><span class="red"><i class="icon-asterisk"></i></span> <em>indicates a required field.</em></p>

<li>
  <label for="Title"><h3>Title (Ms., Mr., Dr. etc.):</h3></label>



<input type="text" name="Title" placeholder="Title" value="" maxlength="255" tabindex="1" size="70" autofocus="true" />
               
</li>
                              
<li>
  <label for="x_first_name"><h3>First Name:</h3></label>


<input type="text" name="x_first_name" placeholder="First Name" value="" maxlength="255" tabindex="2" size="70" required="yes" />
        <span class="form_hint">Enter First Name</span> 
        
             
</li>


<li>
  <label for="MiddleInitial"><h3>Middle Initial:</h3></label>


<input type="text" name="MiddleInitial" placeholder="MI" value="" maxlength="5" tabindex="3" size="1" />
</li>



<li>
  <label for="x_last_name"><h3>Last Name:</h3></label>


<input type="text" name="x_last_name" placeholder="Last Name" value="" maxlength="255" tabindex="4" size="70" required="yes" />
        <span class="form_hint">Enter Last Name</span> 
         
               
</li>

<li>
  <label for="Credentials"><h3>Credentials:</h3></label>


<input type="text" name="Credentials" placeholder="Credentials (e.g. RN, MSN, PhD, MD)" value="" maxlength="255" tabindex="5" size="70" required="yes" />
        <span class="form_hint">Credentials (e.g. RN, MSN, PhD, MD)</span> 
               
</li>


<li>
  <label for="x_company"><h3>Current Position and Organization:</h3></label>


<input type="text" name="x_company" placeholder="Current Position and Organization" value="" maxlength="255" tabindex="6" size="70" required="yes" />
        <span class="form_hint">Enter Current Position and Organization</span> 
               
</li>


 
  <li>
  <label for="x_address"><h3>Address:</h3></label>


<input type="text" name="x_address" placeholder="Please enter your address" value="" maxlength="255" tabindex="7" size="70" required="yes" />
        <span class="form_hint">Please enter your mailing address</span> 
               
</li>
    

  <li>
  <label for="x_city"><h3>City:</h3></label>


<input type="text" name="x_city" placeholder="Please enter your city" value="" maxlength="255" tabindex="8" size="70" required="yes" />
        <span class="form_hint">Please enter your city</span> 
               
</li>

         
         
           <li>
  <label for="x_state"><h3>State or Province:</h3></label>


<input type="text" name="x_state" placeholder="Please enter your State or Province" value="" maxlength="255" tabindex="9" size="70" required="yes" />
        <span class="form_hint">Please enter your State or Province</span> 
               
</li>                     
                         
           <li>
  <label for="x_zip"><h3>ZIP or Postal Code:</h3></label>


<input type="text" name="x_zip" placeholder="Please enter your ZIP or Postal Code" value="" maxlength="255" tabindex="10" size="70" required="yes" />
        <span class="form_hint">Please enter your ZIP or Postal Code</span> 
               
</li>  
           <li>
  <label for="x_country"><h3>Country:</h3></label>


<input type="text" name="x_country" placeholder="Please enter your country" value="" maxlength="255" tabindex="11" size="70" required="yes" />
        <span class="form_hint">Please enter your country</span> 
               
</li>  
           <li>
  <label for="TelephoneHome"><h3>Home Telephone:</h3></label>


<input type="text" name="TelephoneHome" placeholder="Please enter your home telephone number" value="" maxlength="25" tabindex="12" size="70" />
        <span class="form_hint">Please enter your home telephone number.</span> 
               
</li>     


           <li>
  <label for="TelephoneWork"><h3>Work Telephone:</h3></label>


<input type="text" name="TelephoneWork" placeholder="Please enter your work telephone number" value="" maxlength="25" tabindex="13" size="70" />
        <span class="form_hint">Please enter your work telephone number.</span> 
               
</li>     

           <li>
  <label for="TelephoneMobile"><h3>Mobile Telephone:</h3></label>


<input type="text" name="TelephoneMobile" placeholder="Please enter your mobile telephone number" value="" maxlength="25" tabindex="14" size="70" />
        <span class="form_hint">Please enter your mobile telephone number.</span> 
               
</li>     



           <li>
  <label for="FAX"><h3>FAX:</h3></label>


<input type="text" name="FAX" placeholder="Please enter your FAX number" value="" maxlength="25" tabindex="15" size="70" />
        <span class="form_hint">Please enter your FAX number.</span> 
               
</li>     
<li>
  <label for="x_email"><h3>Email Address:</h3></label>


<input type="text" name="x_email" placeholder="Important: Please enter your valid email address." value="" maxlength="128" tabindex="16" size="70" required="yes" />
        <span class="form_hint">Enter email address</span> 
               
</li>


           <li>
  <label for="AltUserEmail"><h3>Alternate email address:</h3></label>


<input type="text" name="AltUserEmail" placeholder="Please enter an alternate email address" value="" maxlength="128" tabindex="17" size="70" />
              
</li>                   
      
      <li>
  <label for="SpecialRequirements"><h3>Special Requirements -- dietary, mobility, etc.:</h3></label>


<input type="text" name="SpecialRequirements" placeholder="Important: Please enter special requirements, if any." value="" maxlength="255" tabindex="18" size="70" />
               
</li>


<h2>Conference Fees</h2>

<p>There are two ways to take advantage of lower fees for NNVAWI members.</p>


<p><i class="icon-check green"></i> If you are a member in good standing, select the member rate.</p>

<p><i class="icon-check green"></i> To join NNVAWI (or renew your membership) when you register for the conference, select the 'Join/Renew and Register' rate.</p>



<h2>Payment Options</h2>

<p><em>All fees are payable in U.S. Funds.</em></p>


<cfquery name="getConferenceTypes" datasource="#application.datasource#"> 
    SELECT ConferenceFeeTypeID, ConferenceFeeTitle, amount
    FROM #REQUEST.conferenceFeeTable#
</cfquery>

<table width="40%" summary="Conference Fee Schedule for NNVAWI Conference, April 9 - 11, 2015">
  <caption>
    <h3>Conference Fees</h3>
  </caption>

<cfloop query="getConferenceTypes">
<cfoutput>
      <tr>
    <td>#getConferenceTypes.ConferenceFeeTitle#</td>
    <td>#getConferenceTypes.amount#</td>
	<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
</cfoutput>
</cfloop>                
</table>

     <!--- set valid amount for variable "amount"; this will confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>
     

<p><strong>Full Registration Fee Includes:</strong><br /> 
Continental breakfast, snacks and lunch each day; entry to conference sessions, Thursday evening Opening Reception.</p>  
<p><strong>One-Day Fee Includes:</strong><br />
Continental breakfast, snacks and lunch on the day of registration, and entrance to conference sessions scheduled on that day.</p>

    <li>
<div class="submitButton">
   <cfoutput>  
   <button name="doSave" type="submit" class="green" tabindex="19">Register for #REQUEST.companyName# Conference</button>
   </cfoutput>
</div>  
</li>
    
    
    </ul>
    
    


</form>

<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>

        <cfinclude template="/SiteFooter.cfm">
        
</cfoutput>        <!--- END CFOUTPUTONLY --->  
        

Open in new window



ConfirmationPage.cfm:


<!-----
Name:        ConfirmationPage.cfm
Author:      EB / _agx_
Description: second step of registration process: 1) User enters data in registration form and sees confirmation page; 2) in confirmation page: populate MSSQL data table with data entered in this registration form; and: 3) populate authorize.net payment page with this same data
Created:     July 2014
Revised: August 2014
ColdFusion Version 9
MS SQL Server 2012
----->

<!--- set up parameters for conference registration form --->

<!--- set a default value "" for RegisterID in scope URL --->
<cfparam name="url.RegisterID" default="">

<!--- define the RegisterID in scope FORM, then set form.RegisterID equal to the RegisterID passed in the URL --->
<cfparam name="form.RegisterID" default="#url.RegisterID#">

<!--- set default values for other user-editable fields --->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">


     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeType" default="">
     <cfparam name="form.ConferenceFeeTypeID" default="">



<!--- in user-editable fields, set up protection against XSS  --->
    <cfloop collection="#FORM#" item="field">
      <cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
    </cfloop>


     <!--- set valid amount for variable "amount"; this will confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>
	   
<!---- begin CFTRY; catch errors ---->
<cftry>  
 
<!---- populate cftry with error message ---->
<cfset variables.error = ""> 
 
<!--- BEGIN: Save action --->

<!--- begin form.doSave --->

<cfif IsDefined("FORM.doSave")>


 <!--- in this query select NOTHING from table #request.RegisterTable#, and simply check if x_email exists --->
 
 <cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <CFQUERYPARAM CFSQLTYPE="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">

  </cfquery>

  
   <!--- if x_email exists, display error; refuse record insert --->
   
	<cfif CheckUserEmail.recordcount GT 0>
		   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
           
	</cfif>


<cftransaction>



<!--- query to insert new record into registration table --->
			<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
				 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,Credentials
,x_company
,x_address
,x_city
,x_state
,x_zip
,x_country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,x_email
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_company,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_city,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_state,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_zip,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_email,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
					</cfquery>
        

<!--- Notify NNVAWI that a conference registration has been submitted --->
<!---   <cfmail
      from="#form.x_email#"
to="melissa.sutherland@bc.edu"
to="eric@ebwebwork.com"
      subject="New #REQUEST.companyName# conference registration ready for your review as of #DateFormat(Now())#, #TimeFormat(Now())#"
      SpoolEnable="Yes">Greetings, #REQUEST.companyName#. There is a new #REQUEST.companyName# conference registration ready for your review. Please check the #REQUEST.companyName# registration control panel.</cfmail>--->

    </cftransaction>
        
                   
<!--- use the result attribute value (newRegistrant) to set form field value --->
      <cfset form.RegisterID = newRegistrant.IDENTITYCOL>


             
<!--- END: Save action --->

<!--- END form.doSave --->
                    </cfif>
       
<!--- END queries to update or insert database records ---> 
        
<!--- this CFCATCH will trap errors -- the ones you threw or just regular database issues --->
            <cfcatch type="Any">
                 <cfset variables.error = cfcatch.message>
                 <cfrethrow>
            </cfcatch>

<!--- END CFTRY --->  
			</cftry>
            
            




<!--- 
	Generate Authorize.net fingerprint
--->
	<cfset loginID="xxxxxx">
	<cfset transactionKey="yyyyyyy">
	<cfset description="Nursing Network on Violence Against Women International Conference Registration">
	<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
	<cfset testMode="false">
	<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
	<!--- an invoice is generated using the date and time --->
	<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
	<!--- a sequence number is randomly generated --->
	<cfset sequence=RandRange(1, 1000)>
	<!--- a timestamp is generated --->
	<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

	<!--- The following lines generate the SIM fingerprint --->
	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
	<cfset fingerprint=digest>


<!--- 
	Display confirmation form.
--->

<!--- BEGIN CFOUTPUTONLY --->  
       
<cfsetting enablecfoutputonly="true">
<cfoutput>
       
<cfinclude template="/SiteHeader.cfm">


<!--- if there an error, display error in readable form --->

<cfif len(variables.error)> 
	  <cfoutput>
	    <div class="errorbox">#variables.error#</div>
	    </cfoutput>
   
   <br />

             <div class="center">
               <input type="button" value="Go Back" onclick="history.go(-1)" />
</div>
             
             <cfabort>
</cfif>

	<h2>Continue to Authorize.net</h2> 
    
	<p><strong>Clicking submit will redirect you to Authorize.net where you can finalize your payment.</strong></p>
    
    <p>You entered the following information:</p>
    
    

<form method="post" action="https://secure.authorize.net/gateway/transact.dll" name="ebwebworkForm" class="ebwebworkForm">
	
	<INPUT type='hidden' name='x_login' value='#loginID#' />
	<INPUT type='hidden' name='x_description' value='#description#' />
	<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
	<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
	<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
	<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
	<INPUT type='hidden' name='x_test_request' value='#testMode#' />
	<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />

 	
	<!--- Embed RegisterID (PK) to assign a value to it --->
	<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
	<INPUT type="hidden" name="x_amount" value="#verified_amount#" />

	<!--- Embed all other values as hidden fields --->

	
    Title: #form.Title# <br/>
    
	First Name: #form.x_first_name# <br/>
    <input type="hidden" name="x_first_name" value="#form.x_first_name#"/>
    
	Last Name: #form.x_last_name# <br/>
    <input type="hidden" name="x_last_name" value="#form.x_last_name#" />

	Middle Initial: #form.MiddleInitial# <br/>

	Credentials: #form.Credentials# <br/>
    
    Organization: #form.x_company# <br/>
    <input type="hidden" name="x_company" value="#form.x_company#" />
    
    Address: #form.x_address# <br/>
    <input type="hidden" name="x_address" value="#form.x_address#" />

    City: #form.x_city# <br/>
    <input type="hidden" name="x_city" value="#form.x_city#" />    

    State: #form.x_state# <br/>
    <input type="hidden" name="x_state" value="#form.x_state#" />    
    
    ZIP or Postal Code: #form.x_zip# <br/>
    <input type="hidden" name="x_zip" value="#form.x_zip#" />

    Country: #form.x_country# <br/>
    <input type="hidden" name="x_country" value="#form.x_country#" />

	TelephoneHome: #form.TelephoneHome# <br/>

	TelephoneWork: #form.TelephoneWork# <br/>

	TelephoneMobile: #form.TelephoneMobile# <br/>

    Email: #form.x_email# <br/>
    <input type="hidden" name="x_email" value="#form.x_email#" />
	SpecialRequirements: #form.SpecialRequirements#


     

   <button name="proceed" type="submit">Proceed to Authorize.net</button>

</form>
<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>

        <cfinclude template="/SiteFooter.cfm">
        
</cfoutput>        <!--- END CFOUTPUTONLY --->  
                                          

Open in new window

0
 
_agx_Commented:
> do I need to repeat things from Step 1, in Step 2

No, because RegisterConference.cfm just displays an empty form. None of the #form# variables even exist on that page, so there's no need to set defaults, validate, etc....   It should all be done on the action page, ie ConfirmationPage.cfm

Don't forget to remove all of the references, including the entire cftry/cfcatch - DoSave block, and:

 <!--- You're not saving to the db on this page anymore, so the ID won't exist --->
 <cfoutput>
<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
   </cfoutput>

Open in new window


This should be done on the confirmation page.

     <!--- set valid amount for variable "amount"; this will confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>

Open in new window

0
 
_agx_Commented:
<!--- in this query select NOTHING from table #request.RegisterTable#, and simply check if x_email exists --->
 
 <cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <CFQUERYPARAM CFSQLTYPE="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">
  </cfquery>

<!--- if x_email exists, display error; refuse record insert --->
   
      <cfif CheckUserEmail.recordcount GT 0>
               <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
           
      </cfif>


Hm.. one thing to think about is duplicate registration handling.  Since you're no longer submitting and registering all in one step, if someone goes to Authorize.net - then decides they wan to register later,  that logic won't let them. It will say they're already registered.
0
 
Eric BourlandAuthor Commented:
Got it -- I will set up these changes. Working on that now.

>>> if someone goes to Authorize.net - then decides they wan to register later,  that logic won't let them. It will say they're already registered.

Yeah.

Hmm. I am thinking about this. Good point.
0
 
Eric BourlandAuthor Commented:
So, Step 1, the blank form, does not need any cfparams at all? And none of the protection against XSS? It's just this?

<!-----
Name:        RegisterConference.cfm
Author:      EB / _agx_
Description: first step of registration process: 1) User enters data in registration form and sees confirmation page; 2) in confirmation page: populate MSSQL data table with data entered in this registration form; and: 3) populate authorize.net payment page with this same data
Created:     July 2014
Revised: August 2014
ColdFusion Version 9
MS SQL Server 2012
----->

       
<cfinclude template="/SiteHeader.cfm">


<!--- form begins here; form action is step two: confirmerationPage.cfm --->
<form method="post" action="confirmationPage.cfm" name="ebwebworkForm" class="ebwebworkForm">

 

  <ul>
        <li>
<legend><h2>Conference Registration</h2></legend>
      </li>
      

<p><span class="red"><i class="icon-asterisk"></i></span> <em>indicates a required field.</em></p>

<li>
  <label for="Title"><h3>Title (Ms., Mr., Dr. etc.):</h3></label>



<input type="text" name="Title" placeholder="Title" value="" maxlength="255" tabindex="1" size="70" autofocus="true" />
               
</li>
                              
<li>
  <label for="x_first_name"><h3>First Name:</h3></label>


<input type="text" name="x_first_name" placeholder="First Name" value="" maxlength="255" tabindex="2" size="70" required="yes" />
        <span class="form_hint">Enter First Name</span> 
        
             
</li>


<li>
  <label for="MiddleInitial"><h3>Middle Initial:</h3></label>


<input type="text" name="MiddleInitial" placeholder="MI" value="" maxlength="5" tabindex="3" size="1" />
</li>



<li>
  <label for="x_last_name"><h3>Last Name:</h3></label>


<input type="text" name="x_last_name" placeholder="Last Name" value="" maxlength="255" tabindex="4" size="70" required="yes" />
        <span class="form_hint">Enter Last Name</span> 
         
               
</li>

<li>
  <label for="Credentials"><h3>Credentials:</h3></label>


<input type="text" name="Credentials" placeholder="Credentials (e.g. RN, MSN, PhD, MD)" value="" maxlength="255" tabindex="5" size="70" required="yes" />
        <span class="form_hint">Credentials (e.g. RN, MSN, PhD, MD)</span> 
               
</li>


<li>
  <label for="x_company"><h3>Current Position and Organization:</h3></label>


<input type="text" name="x_company" placeholder="Current Position and Organization" value="" maxlength="255" tabindex="6" size="70" required="yes" />
        <span class="form_hint">Enter Current Position and Organization</span> 
               
</li>


 
  <li>
  <label for="x_address"><h3>Address:</h3></label>


<input type="text" name="x_address" placeholder="Please enter your address" value="" maxlength="255" tabindex="7" size="70" required="yes" />
        <span class="form_hint">Please enter your mailing address</span> 
               
</li>
    

  <li>
  <label for="x_city"><h3>City:</h3></label>


<input type="text" name="x_city" placeholder="Please enter your city" value="" maxlength="255" tabindex="8" size="70" required="yes" />
        <span class="form_hint">Please enter your city</span> 
               
</li>

         
         
           <li>
  <label for="x_state"><h3>State or Province:</h3></label>


<input type="text" name="x_state" placeholder="Please enter your State or Province" value="" maxlength="255" tabindex="9" size="70" required="yes" />
        <span class="form_hint">Please enter your State or Province</span> 
               
</li>                     
                         
           <li>
  <label for="x_zip"><h3>ZIP or Postal Code:</h3></label>


<input type="text" name="x_zip" placeholder="Please enter your ZIP or Postal Code" value="" maxlength="255" tabindex="10" size="70" required="yes" />
        <span class="form_hint">Please enter your ZIP or Postal Code</span> 
               
</li>  
           <li>
  <label for="x_country"><h3>Country:</h3></label>


<input type="text" name="x_country" placeholder="Please enter your country" value="" maxlength="255" tabindex="11" size="70" required="yes" />
        <span class="form_hint">Please enter your country</span> 
               
</li>  
           <li>
  <label for="TelephoneHome"><h3>Home Telephone:</h3></label>


<input type="text" name="TelephoneHome" placeholder="Please enter your home telephone number" value="" maxlength="25" tabindex="12" size="70" />
        <span class="form_hint">Please enter your home telephone number.</span> 
               
</li>     


           <li>
  <label for="TelephoneWork"><h3>Work Telephone:</h3></label>


<input type="text" name="TelephoneWork" placeholder="Please enter your work telephone number" value="" maxlength="25" tabindex="13" size="70" />
        <span class="form_hint">Please enter your work telephone number.</span> 
               
</li>     

           <li>
  <label for="TelephoneMobile"><h3>Mobile Telephone:</h3></label>


<input type="text" name="TelephoneMobile" placeholder="Please enter your mobile telephone number" value="" maxlength="25" tabindex="14" size="70" />
        <span class="form_hint">Please enter your mobile telephone number.</span> 
               
</li>     



           <li>
  <label for="FAX"><h3>FAX:</h3></label>


<input type="text" name="FAX" placeholder="Please enter your FAX number" value="" maxlength="25" tabindex="15" size="70" />
        <span class="form_hint">Please enter your FAX number.</span> 
               
</li>     
<li>
  <label for="x_email"><h3>Email Address:</h3></label>


<input type="text" name="x_email" placeholder="Important: Please enter your valid email address." value="" maxlength="128" tabindex="16" size="70" required="yes" />
        <span class="form_hint">Enter email address</span> 
               
</li>


           <li>
  <label for="AltUserEmail"><h3>Alternate email address:</h3></label>


<input type="text" name="AltUserEmail" placeholder="Please enter an alternate email address" value="" maxlength="128" tabindex="17" size="70" />
              
</li>                   
      
      <li>
  <label for="SpecialRequirements"><h3>Special Requirements -- dietary, mobility, etc.:</h3></label>


<input type="text" name="SpecialRequirements" placeholder="Important: Please enter special requirements, if any." value="" maxlength="255" tabindex="18" size="70" />
               
</li>


<h2>Conference Fees</h2>

<p>There are two ways to take advantage of lower fees for NNVAWI members.</p>


<p><i class="icon-check green"></i> If you are a member in good standing, select the member rate.</p>

<p><i class="icon-check green"></i> To join NNVAWI (or renew your membership) when you register for the conference, select the 'Join/Renew and Register' rate.</p>



<h2>Payment Options</h2>

<p><em>All fees are payable in U.S. Funds.</em></p>


<cfquery name="getConferenceTypes" datasource="#application.datasource#"> 
    SELECT ConferenceFeeTypeID, ConferenceFeeTitle, amount
    FROM #REQUEST.conferenceFeeTable#
</cfquery>

<table width="40%" summary="Conference Fee Schedule for NNVAWI Conference, April 9 - 11, 2015">
  <caption>
    <h3>Conference Fees</h3>
  </caption>

<cfloop query="getConferenceTypes">
<cfoutput>
      <tr>
    <td>#getConferenceTypes.ConferenceFeeTitle#</td>
    <td>#getConferenceTypes.amount#</td>
	<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
</cfoutput>
</cfloop>                
</table>

     <!--- set valid amount for variable "amount"; this will confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>
     

<p><strong>Full Registration Fee Includes:</strong><br /> 
Continental breakfast, snacks and lunch each day; entry to conference sessions, Thursday evening Opening Reception.</p>  
<p><strong>One-Day Fee Includes:</strong><br />
Continental breakfast, snacks and lunch on the day of registration, and entrance to conference sessions scheduled on that day.</p>

    <li>
<div class="submitButton">
   <cfoutput>  
   <button name="doSave" type="submit" class="green" tabindex="19">Register for #REQUEST.companyName# Conference</button>
   </cfoutput>
</div>  
</li>
    
    
    </ul>
    
    


</form>

<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>

        <cfinclude template="/SiteFooter.cfm">
        
        

Open in new window

0
 
Eric BourlandAuthor Commented:
I think it is working the way you suggested. I find that I need this cfparam

     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeTypeID" default="">

in Step 1 ... or else I get error:

Element CONFERENCEFEETYPEID is undefined in FORM.

because in step 1 I still have:
     <!--- set valid amount for variable "amount"; this will confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>

Open in new window


... though I am not sure I need it there. I am trying out a few things. This is very cool. =) E
0
 
Eric BourlandAuthor Commented:
It's working really well. =)

Your solution is perfect and makes lots of sense. This is great. I am smiling hugely. This task has been a pretty big stressor.

I have a question about the #amount# variable.

#amount# is stored in column "amount" which has datatype money. I notice that the value of amount is displayed to six significant figures: 200.0000

Authorize.net abbreviates 200.0000 to 200.00.

Is there a format somewhere I can apply to display the amount, on the web page, as 200.00?

Should I use the money datatype for this column? Or smallmoney?

I need to research this stuff. I'll go do so now.

It's working great. =)

Eric
0
 
_agx_Commented:
> the value of amount is displayed to six significant figures

Try decimalFormat(). I think that should do it.


     > because in step 1 I still have:

No, you can get rid of both of those.  Like I mentioned earlier, they belong on the confirmation page.

http://www.experts-exchange.com/Programming/Languages/Scripting/Cold_Fusion_Markup_Language/Q_28499538.html#a40276769
0
 
_agx_Commented:
> This task has been a pretty big stressor.

Yep, completely understandable :)
0
 
Eric BourlandAuthor Commented:
_agx_,

Really grateful for your help. I will close out this question tomorrow, and show the application to the client. Take care and have a great evening.

Eric
0
 
_agx_Commented:
Take your time, I'm just stopping by to chat in between tasks :)

You too!
0
 
Eric BourlandAuthor Commented:
Good morning, _agx_

Or is it afternoon now? =)

I've been doing a lot of testing this morning of the registration application that we built. It's working really well, except for one thing -- it does not insert the data into the MS SQL Server 2012 data table.

Step 1 is a blank form, with action ConfirmationPage.cfm

Step 2 -- ConfirmationPage.cfm -- has FORM ACTION https://secure.authorize.net/gateway/transact.dll, which sends the data to Authorize.net (and this is working perfectly).

I think I need a "DoSave" action that does an INSERT into the MS SQL Server 2012 table.

I would rather not add the DoSave to Step 1 -- because what if someone goes to Step 2, then goes back to Step 1 -- the Unique Email code will catch them.

Is there something I can do in Step 2? The form in Step 2 can do only one action -- as far as I know -- and that action needs to be the authorize.net action.

Can I CFINCLUDE a second form? Have two forms on one page?

Or, you mentioned an AJAX solution -- what would that look like?

Thank you again. Happy Friday. Hope your day is going well.

Eric
0
 
_agx_Commented:
I'm sure it's afternoon somewhere :)


>> it does not insert the data into the MS SQL Server 2012 data table.

Hm.. as long as you moved the "Form.DoSave" code to the confirmation page (it looks like you did), the variables should be saved to the db.

1. Maybe an error is occurring in the DoSave block? Check #variables.error#
2. Also, add some debugging to the confirmation page. Before the CFTRY tag, dump the FORM scope so we can see which variables are being posted.
0
 
Eric BourlandAuthor Commented:
Hmmm. #variables.error# looks the same as it always does.

dump the FORM scope .... you mean <cfdump var="FORM">?

Here's the Step 2 / Confirmation Page --- I have stared at this for a while this morning. I wonder why DoSave is not doing its work?

Thank you again. =) E

<!-----
Name:        ConfirmationPage.cfm
Author:      EB / _agx_
Description: second step of registration process: 1) User enters data in registration form and sees confirmation page; 2) in confirmation page: populate MSSQL data table with data entered in this registration form; and: 3) populate authorize.net payment page with this same data
Created:     July 2014
Revised: August 2014
ColdFusion Version 9
MS SQL Server 2012
----->

<!--- set up parameters for conference registration form --->

<!--- set a default value "" for RegisterID in scope URL --->
<cfparam name="url.RegisterID" default="">

<!--- define the RegisterID in scope FORM, then set form.RegisterID equal to the RegisterID passed in the URL --->
<cfparam name="form.RegisterID" default="#url.RegisterID#">

<!--- set default values for other user-editable fields --->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">


     <!--- set default values for radio buttons --->
     <cfparam name="form.ConferenceFeeType" default="">
     <cfparam name="form.ConferenceFeeTypeID" default="">



<!--- in user-editable fields, set up protection against XSS  --->
    <cfloop collection="#FORM#" item="field">
      <cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
    </cfloop>


     <!--- set valid amount for variable "amount"; this will confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount, ConferenceFeeTitle
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>
     
     
     <cfdump var="form" expand="yes">
	   
<!---- begin CFTRY; catch errors ---->
<cftry>  
 
<!---- populate cftry with error message ---->
<cfset variables.error = ""> 
 
<!--- BEGIN: Save action --->

<!--- begin form.doSave --->

<cfif IsDefined("FORM.doSave")>


 <!--- in this query select NOTHING from table #request.RegisterTable#, and simply check if x_email exists --->
 
 <cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <cfqueryparam cfsqltype="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">

  </cfquery>

  
   <!--- if x_email exists, display error; refuse record insert --->
   
	<cfif CheckUserEmail.recordcount GT 0>
		   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
           
	</cfif>


<cftransaction>



<!--- query to insert new record into registration table --->
			<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
				 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,Credentials
,x_company
,x_address
,x_city
,x_state
,x_zip
,x_country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,x_email
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_company,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_city,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_state,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_zip,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_email,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
					</cfquery>
        

<!--- Notify NNVAWI that a conference registration has been submitted --->

   <cfmail
      from="#form.x_email#"      
<!---to="melissa.sutherland@bc.edu"--->
to="eric@ebwebwork.com"
      subject="New #REQUEST.companyName# conference registration ready for your review as of #DateFormat(Now())#, #TimeFormat(Now())#"
      SpoolEnable="Yes">Greetings, #REQUEST.companyName#. There is a new #REQUEST.companyName# conference registration ready for your review. Please check the #REQUEST.companyName# registration control panel.</cfmail>

    </cftransaction>
        
                   
<!--- use the result attribute value (newRegistrant) to set form field value --->
      <cfset form.RegisterID = newRegistrant.IDENTITYCOL>


             
<!--- END: Save action --->

<!--- END form.doSave --->
                    </cfif>
       
<!--- END queries to update or insert database records ---> 
        
<!--- this CFCATCH will trap errors -- the ones you threw or just regular database issues --->
            <cfcatch type="Any">
                 <cfset variables.error = cfcatch.message>
                 <cfrethrow>
            </cfcatch>

<!--- END CFTRY --->  
			</cftry>
            
            




<!--- 
	Generate Authorize.net fingerprint
--->
	<cfset loginID="xxxxx">
	<cfset transactionKey="yyyyy">
	<cfset description="Nursing Network on Violence Against Women International Conference Registration April 9-11, 2015">
	<cfset label="Send Payment for NNVAWI Conference Registration"> <!--- This is the label on the 'submit' button --->
	<cfset testMode="false">
	<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
	<!--- an invoice is generated using the date and time --->
	<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
	<!--- a sequence number is randomly generated --->
	<cfset sequence=RandRange(1, 1000)>
	<!--- a timestamp is generated --->
	<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

	<!--- The following lines generate the SIM fingerprint --->
	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">
	<cfset fingerprint=digest>


<!--- 
	Display confirmation form.
--->

<!--- BEGIN CFOUTPUTONLY --->  
       
<cfsetting enablecfoutputonly="true">
<cfoutput>
       
<cfinclude template="/SiteHeader.cfm">


<!--- if there an error, display error in readable form --->

<cfif len(variables.error)> 
	  <cfoutput>
	    <div class="errorbox">#variables.error#</div>
	    </cfoutput>
   
   <br />

             <div class="center">
               <input type="button" value="Go Back" onclick="history.go(-1)" />
</div>
             
             <cfabort>
</cfif>

<h1>Please review the information you have entered.</h1>
    
<h2>Then click the "Proceed to Secure Payment Page" button to enter your payment information.</h2>
    
    
    <p><strong>You entered the following information:</strong></p>
    
    

<form method="post" action="https://secure.authorize.net/gateway/transact.dll" name="ebwebworkForm" class="ebwebworkForm">
	
	<INPUT type='hidden' name='x_login' value='#loginID#' />
	<INPUT type='hidden' name='x_description' value='#description#' />
	<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
	<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
	<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
	<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
	<INPUT type='hidden' name='x_test_request' value='#testMode#' />
	<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />

 	
	<!--- Embed RegisterID (PK) to assign a value to it --->
	<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
	<INPUT type="hidden" name="x_amount" value="#amount#" />

	<!--- Embed all other values as hidden fields --->




    <p class="blue">Conference Registration: #GetConferenceAmount.ConferenceFeeTitle#</p>
    
    

    <p class="green">Amount: #decimalFormat(amount)#</p>
	
    <p><strong>#description#</strong></p>
    
    <p>Title: #form.Title#</p>
    
	<p>First Name: #form.x_first_name#</p>
    <input type="hidden" name="x_first_name" value="#form.x_first_name#"/>

	<p>Middle Initial: #form.MiddleInitial#</p>
    
	<p>Last Name: #form.x_last_name#</p>
    <input type="hidden" name="x_last_name" value="#form.x_last_name#" />



	<p>Credentials: #form.Credentials#</p>
    
    <p>Organization: #form.x_company#</p>
    <input type="hidden" name="x_company" value="#form.x_company#" />
    
    <p>Address: #form.x_address#</p>
    <input type="hidden" name="x_address" value="#form.x_address#" />

    <p>City: #form.x_city#</p>
    <input type="hidden" name="x_city" value="#form.x_city#" />    

    <p>State: #form.x_state#</p>
    <input type="hidden" name="x_state" value="#form.x_state#" />    
    
    <p>ZIP or Postal Code: #form.x_zip#</p>
    <input type="hidden" name="x_zip" value="#form.x_zip#" />

    <p>Country: #form.x_country#</p>
    <input type="hidden" name="x_country" value="#form.x_country#" />

	<p>Telephone Home: <cfif form.TelephoneHome IS NOT "">#form.TelephoneHome# <cfelse>None given.</cfif></p>
    
   	<p>Telephone Work: <cfif form.TelephoneWork IS NOT "">#form.TelephoneWork# <cfelse>None given.</cfif></p>
        
   	<p>Telephone Mobile: <cfif form.TelephoneMobile IS NOT "">#form.TelephoneMobile# <cfelse>None given.</cfif></p>

    <p>Email: #form.x_email#</p>
    <input type="hidden" name="x_email" value="#form.x_email#" />
	<p>Special Requirements: <cfif form.SpecialRequirements IS NOT "">#form.SpecialRequirements# <cfelse>None given.</cfif></p>

<div class="submitButton">

   <button name="doSave" type="submit" class="green">Proceed to Secure Payment Page</button>

</div>

</form>

<p class="center"><span class="blue"><i class="icon-asterisk"></i></span> <strong>NNVAWI uses authorize.net to process secure online transactions.</strong></p>

<p class="center"><span class="green"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>

        <cfinclude template="/SiteFooter.cfm">
        
</cfoutput>        <!--- END CFOUTPUTONLY --->  
                                          

Open in new window

0
 
_agx_Commented:
>> dump the FORM scope .... you mean <cfdump var="FORM">?

Yes, but add # signs around #FORM# or you'll just see the literal word "FORM".

Not sure why it's not working for you.  I tested the form logic (without the db of course) and it behaves exactly as I'd expect. Try the attached.  Note, for brevity I removed the cfmail and the (3) SQL statements. Just paste the SQL back into the cfquery tags.


registrationForm.cfm
<cfoutput>
<!--- form begins here; form action is step two: confirmerationPage.cfm --->
<form method="post" action="confirmationPage.cfm" name="ebwebworkForm" class="ebwebworkForm">

 
  <ul>
        <li>
<legend><h2>Conference Registration</h2></legend>
      </li>
      

<p><span class="red"><i class="icon-asterisk"></i></span> <em>indicates a required field.</em></p>

<li>
  <label for="Title"><h3>Title (Ms., Mr., Dr. etc.):</h3></label>



<input type="text" name="Title" placeholder="Title" value="" maxlength="255" tabindex="1" size="70" autofocus="true" />
               
</li>
                              
<li>
  <label for="x_first_name"><h3>First Name:</h3></label>


<input type="text" name="x_first_name" placeholder="First Name" value="" maxlength="255" tabindex="2" size="70" required="yes" />
        <span class="form_hint">Enter First Name</span> 
        
             
</li>


<li>
  <label for="MiddleInitial"><h3>Middle Initial:</h3></label>


<input type="text" name="MiddleInitial" placeholder="MI" value="" maxlength="5" tabindex="3" size="1" />
</li>



<li>
  <label for="x_last_name"><h3>Last Name:</h3></label>


<input type="text" name="x_last_name" placeholder="Last Name" value="" maxlength="255" tabindex="4" size="70" required="yes" />
        <span class="form_hint">Enter Last Name</span> 
         
               
</li>

<li>
  <label for="Credentials"><h3>Credentials:</h3></label>


<input type="text" name="Credentials" placeholder="Credentials (e.g. RN, MSN, PhD, MD)" value="" maxlength="255" tabindex="5" size="70" required="yes" />
        <span class="form_hint">Credentials (e.g. RN, MSN, PhD, MD)</span> 
               
</li>


<li>
  <label for="x_company"><h3>Current Position and Organization:</h3></label>


<input type="text" name="x_company" placeholder="Current Position and Organization" value="" maxlength="255" tabindex="6" size="70" required="yes" />
        <span class="form_hint">Enter Current Position and Organization</span> 
               
</li>


 
  <li>
  <label for="x_address"><h3>Address:</h3></label>


<input type="text" name="x_address" placeholder="Please enter your address" value="" maxlength="255" tabindex="7" size="70" required="yes" />
        <span class="form_hint">Please enter your mailing address</span> 
               
</li>
    

  <li>
  <label for="x_city"><h3>City:</h3></label>


<input type="text" name="x_city" placeholder="Please enter your city" value="" maxlength="255" tabindex="8" size="70" required="yes" />
        <span class="form_hint">Please enter your city</span> 
               
</li>

         
         
           <li>
  <label for="x_state"><h3>State or Province:</h3></label>


<input type="text" name="x_state" placeholder="Please enter your State or Province" value="" maxlength="255" tabindex="9" size="70" required="yes" />
        <span class="form_hint">Please enter your State or Province</span> 
               
</li>                     
                         
           <li>
  <label for="x_zip"><h3>ZIP or Postal Code:</h3></label>


<input type="text" name="x_zip" placeholder="Please enter your ZIP or Postal Code" value="" maxlength="255" tabindex="10" size="70" required="yes" />
        <span class="form_hint">Please enter your ZIP or Postal Code</span> 
               
</li>  
           <li>
  <label for="x_country"><h3>Country:</h3></label>


<input type="text" name="x_country" placeholder="Please enter your country" value="" maxlength="255" tabindex="11" size="70" required="yes" />
        <span class="form_hint">Please enter your country</span> 
               
</li>  
           <li>
  <label for="TelephoneHome"><h3>Home Telephone:</h3></label>


<input type="text" name="TelephoneHome" placeholder="Please enter your home telephone number" value="" maxlength="25" tabindex="12" size="70" />
        <span class="form_hint">Please enter your home telephone number.</span> 
               
</li>     


           <li>
  <label for="TelephoneWork"><h3>Work Telephone:</h3></label>


<input type="text" name="TelephoneWork" placeholder="Please enter your work telephone number" value="" maxlength="25" tabindex="13" size="70" />
        <span class="form_hint">Please enter your work telephone number.</span> 
               
</li>     

           <li>
  <label for="TelephoneMobile"><h3>Mobile Telephone:</h3></label>


<input type="text" name="TelephoneMobile" placeholder="Please enter your mobile telephone number" value="" maxlength="25" tabindex="14" size="70" />
        <span class="form_hint">Please enter your mobile telephone number.</span> 
               
</li>     



           <li>
  <label for="FAX"><h3>FAX:</h3></label>


<input type="text" name="FAX" placeholder="Please enter your FAX number" value="" maxlength="25" tabindex="15" size="70" />
        <span class="form_hint">Please enter your FAX number.</span> 
               
</li>     
<li>
  <label for="x_email"><h3>Email Address:</h3></label>


<input type="text" name="x_email" placeholder="Important: Please enter your valid email address." value="" maxlength="128" tabindex="16" size="70" required="yes" />
        <span class="form_hint">Enter email address</span> 
               
</li>


           <li>
  <label for="AltUserEmail"><h3>Alternate email address:</h3></label>


<input type="text" name="AltUserEmail" placeholder="Please enter an alternate email address" value="" maxlength="128" tabindex="17" size="70" />
              
</li>                   
      
      <li>
  <label for="SpecialRequirements"><h3>Special Requirements -- dietary, mobility, etc.:</h3></label>


<input type="text" name="SpecialRequirements" placeholder="Important: Please enter special requirements, if any." value="" maxlength="255" tabindex="18" size="70" />
               
</li>


<h2>Conference Fees</h2>

<p>There are two ways to take advantage of lower fees for NNVAWI members.</p>


<p><i class="icon-check green"></i> If you are a member in good standing, select the member rate.</p>

<p><i class="icon-check green"></i> To join NNVAWI (or renew your membership) when you register for the conference, select the 'Join/Renew and Register' rate.</p>



<h2>Payment Options</h2>

<p><em>All fees are payable in U.S. Funds.</em></p>

<cfquery name="getConferenceTypes" datasource="#application.datasource#"> 
    SELECT ConferenceFeeTypeID, ConferenceFeeTitle, amount
    FROM #REQUEST.conferenceFeeTable#
</cfquery>

<table width="40%" summary="Conference Fee Schedule for NNVAWI Conference, April 9 - 11, 2015">
  <caption>
    <h3>Conference Fees</h3>
  </caption>

<cfloop query="getConferenceTypes">
      <tr>
    <td>#getConferenceTypes.ConferenceFeeTitle#</td>
    <td>#getConferenceTypes.amount#</td>
	<td><input type="radio" name="ConferenceFeeTypeID" value="#getConferenceTypes.ConferenceFeeTypeID#" class="border0" /></td>
     </tr>
</cfloop>                
</table>
     

<p><strong>Full Registration Fee Includes:</strong><br /> 
Continental breakfast, snacks and lunch each day; entry to conference sessions, Thursday evening Opening Reception.</p>  
<p><strong>One-Day Fee Includes:</strong><br />
Continental breakfast, snacks and lunch on the day of registration, and entrance to conference sessions scheduled on that day.</p>

    <li>
<div class="submitButton">
   <button name="doSave" type="submit" class="green" tabindex="19">Register for #REQUEST.companyName# Conference</button>
</div>  
</li>
    
    
    </ul>
    
    


</form>

<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>

        
</cfoutput>        <!--- END CFOUTPUTONLY --->  
        
                                          

Open in new window


confirmationPage.cfm ** Need to add back SQL queries
<cfsetting enablecfoutputonly="true">

<!---
	Assign defaults 
--->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">
<cfparam name="form.ConferenceFeeType" default="">
<cfparam name="form.ConferenceFeeTypeID" default="">



<!--- 
	XSS protection 
--->
	<cfloop collection="#FORM#" item="field">
		<cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
	</cfloop>

	   
<!---- 
	Save to database 
---->
	<cftry>  
	 
		<cfset variables.error = ""> 
	
		<cfif IsDefined("FORM.doSave")>
	
			<!--- Grab Amount from database --->
		    <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
	          	... sql query here...
		    </cfquery>
	
	
	 	    <!--- Check for duplicate emails --->
			<cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
	          	... sql query here...
	  		</cfquery>
	
			<cfif CheckUserEmail.recordcount GT 0>
			   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
			</cfif>
	
	   		<!--- 
			   MUST abort processing if the conference wasn't found, otherwise the user won't be charged 
			--->
		    <cfif getConferenceAmount.recordCount eq 0>
				<cfthrow message="Invalid Conference Selected!">
		    </cfif>
	
	     	<cfset amount = getConferenceAmount.amount>
	
			<!--- Save info to database --->
			<cftransaction>
				<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
					INSERT INTO #REQUEST.RegisterTable# .... 
				</cfquery>
		    </cftransaction>
	
		    <cfoutput>
			 	SAVED TO DB ** REMOVE THIS - FOR DEBUGGING ONLY**
		   </cfoutput>	
			<!--- Grab new record ID --->
			<cfset form.RegisterID = newRegistrant.IDENTITYCOL>
	     
			... code to send emails here ....   
		</cfif>
	       
		<cfcatch type="Any">
	    	<cfset variables.error = cfcatch.message>
		</cfcatch>
	
	</cftry>
            
            

<cfoutput>
	
<!--- 
	Display any errors and EXIT
--->
	<cfif len(variables.error)> 
	   <div class="errorbox">#variables.error#</div>
	   <br />
	   <div class="center">
	   		<input type="button" value="Go Back" onclick="history.go(-1)" />
		</div>
		<cfabort>
	</cfif>



<!--- 
	Generate Authorize.net fingerprint
--->
	<cfset loginID="xxxxxx">
	<cfset transactionKey="yyyyyyy">
	<cfset description="Nursing Network on Violence Against Women International Conference Registration">
	<cfset label="Submit Payment"> <!--- This is the label on the 'submit' button --->
	<cfset testMode="false">
	<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
	<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
	<cfset sequence=RandRange(1, 1000)>
	<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

	<!--- The following lines generate the SIM fingerprint --->
	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
	<cfset fingerprint=digest>


<!--- 
	Display confirmation form.
--->

	<h2>Continue to Authorize.net</h2> 
    
	<p><strong>Clicking submit will redirect you to Authorize.net where you can finalize your payment.</strong></p>
    
    <p>You entered the following information:</p>
    
	<form method="post" action="https://secure.authorize.net/gateway/transact.dll" name="ebwebworkForm" class="ebwebworkForm">
		
		<INPUT type='hidden' name='x_login' value='#loginID#' />
		<INPUT type='hidden' name='x_description' value='#description#' />
		<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
		<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
		<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
		<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
		<INPUT type='hidden' name='x_test_request' value='#testMode#' />
		<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />
	
	 	
		<!--- Embed RegisterID (PK) to assign a value to it --->
		<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
		<INPUT type="hidden" name="x_amount" value="#verified_amount#" />
	
		<!--- Embed all other values as hidden fields --->
	
		
	    Title: #form.Title# <br/>
	    
		First Name: #form.x_first_name# <br/>
	    <input type="hidden" name="x_first_name" value="#form.x_first_name#"/>
	    
		Last Name: #form.x_last_name# <br/>
	    <input type="hidden" name="x_last_name" value="#form.x_last_name#" />
	
		Middle Initial: #form.MiddleInitial# <br/>
	
		Credentials: #form.Credentials# <br/>
	    
	    Organization: #form.x_company# <br/>
	    <input type="hidden" name="x_company" value="#form.x_company#" />
	    
	    Address: #form.x_address# <br/>
	    <input type="hidden" name="x_address" value="#form.x_address#" />
	
	    City: #form.x_city# <br/>
	    <input type="hidden" name="x_city" value="#form.x_city#" />    
	
	    State: #form.x_state# <br/>
	    <input type="hidden" name="x_state" value="#form.x_state#" />    
	    
	    ZIP or Postal Code: #form.x_zip# <br/>
	    <input type="hidden" name="x_zip" value="#form.x_zip#" />
	
	    Country: #form.x_country# <br/>
	    <input type="hidden" name="x_country" value="#form.x_country#" />
	
		TelephoneHome: #form.TelephoneHome# <br/>
	
		TelephoneWork: #form.TelephoneWork# <br/>
	
		TelephoneMobile: #form.TelephoneMobile# <br/>
	
	    Email: #form.x_email# <br/>
	    <input type="hidden" name="x_email" value="#form.x_email#" />
		SpecialRequirements: #form.SpecialRequirements#
	
	
	     
	
	   <button name="proceed" type="submit">Proceed to Authorize.net</button>
	
	</form>
	<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
	contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>
	</cfoutput>
                                          

Open in new window

0
 
_agx_Commented:
In case EE doesn't notify when a post was updated, see the edits above.
0
 
Eric BourlandAuthor Commented:
Hmm. I did the cfdump. (Why am I always forgetting the variable # signs. One day I will learn.)

It looks like the form does not submit a RegisterID -- could that be the problem?

Output:

ALTUSEREMAIL       [empty string]
CONFERENCEFEETYPE       [empty string]
CONFERENCEFEETYPEID       1
CREDENTIALS       MA
DATECREATED       [empty string]
DATEMODIFIED       [empty string]
FAX       [empty string]
FIELDNAMES       TITLE,X_FIRST_NAME,MIDDLEINITIAL,X_LAST_NAME,CREDENTIALS,X_COMPANY,X_ADDRESS,X_CITY,X_STATE,X_ZIP,X_COUNTRY,TELEPHONEHOME,TELEPHONEWORK,TELEPHONEMOBILE,FAX,X_EMAIL,ALTUSEREMAIL,SPECIALREQUIREMENTS,CONFERENCEFEETYPEID
MIDDLEINITIAL       A.
REGISTERID       [empty string]
SPECIALREQUIREMENTS       [empty string]
TELEPHONEHOME       [empty string]
TELEPHONEMOBILE       [empty string]
TELEPHONEWORK       [empty string]
TITLE       Mr.
X_ADDRESS       address stuff
X_CITY       Washington
X_COMPANY       ebwebwork
X_COUNTRY       USA
X_EMAIL       email stuff
X_FIRST_NAME       Eric
X_LAST_NAME       Bourland
X_STATE       DC
X_ZIP       20002
0
 
Eric BourlandAuthor Commented:
Wait, it's the database that fills in the RegisterID.

I will try your code above as you gave it.
0
 
_agx_Commented:
(Edit)

I think the problem is you're missing the submit button name. If there's no field named "doSave" the db code will never execute because of your cfif:

         <cfif IsDefined("FORM.doSave")>
              ... save to db ...
        </cfif>
0
 
Eric BourlandAuthor Commented:
Next silly question: On registrationForm.cfm (Step 1), does the form need to be enclosed in <cfoutput></cfoutput>? Are we outputting anything?
0
 
Eric BourlandAuthor Commented:
>>>
I think the problem is you're missing the submit button name. If there's no field named "doSave" the db code will never execute because of your cfif:

         <cfif IsDefined("FORM.doSave")>
              ... save to db ...
        </cfif>


That makes sense and I checked that .... yep, the doSave is there ... in the CFIF, and also in the button name.

<!--- begin form.doSave --->

<cfif IsDefined("FORM.doSave")>


   <button name="doSave" type="submit" class="green">Proceed to Secure Payment Page</button>
0
 
_agx_Commented:
I left the tags there because originally there were more variables. But the current incarnation probably only needs them around the #Request# company name near the button.

That said, for the confirmation page, I prefer using a single cfoutput tag around the whole form, rather than multiple tags scattered through the form. It's easier to read IMO, but that's personal preference.
0
 
Eric BourlandAuthor Commented:
I do not see the phrase "doSave" anywhere in cfdump! Does that mean doSave is not being processed?

ALTUSEREMAIL       [empty string]
CONFERENCEFEETYPE       [empty string]
CONFERENCEFEETYPEID       1
CREDENTIALS       MA
DATECREATED       [empty string]
DATEMODIFIED       [empty string]
FAX       [empty string]
FIELDNAMES       TITLE,X_FIRST_NAME,MIDDLEINITIAL,X_LAST_NAME,CREDENTIALS,X_COMPANY,X_ADDRESS,X_CITY,X_STATE,X_ZIP,X_COUNTRY,TELEPHONEHOME,TELEPHONEWORK,TELEPHONEMOBILE,FAX,X_EMAIL,ALTUSEREMAIL,SPECIALREQUIREMENTS,CONFERENCEFEETYPEID
MIDDLEINITIAL       A.
REGISTERID       [empty string]
SPECIALREQUIREMENTS       [empty string]
TELEPHONEHOME       [empty string]
TELEPHONEMOBILE       [empty string]
TELEPHONEWORK       [empty string]
TITLE       Mr.
X_ADDRESS       address
X_CITY       Washington
X_COMPANY       ebwebwork
X_COUNTRY       USA
X_EMAIL       email
X_FIRST_NAME       Eric
X_LAST_NAME       Bourland
X_STATE       DC
X_ZIP       20002
0
 
_agx_Commented:
EDIT - Sorry our posts clashed.

Yes, if it's not listed in the dump of #FORM# then it doesn't exist, and that's why the CFIF block isn't executing.
0
 
Eric BourlandAuthor Commented:
I think my doSave is getting skipped! =(
0
 
_agx_Commented:
Try modifying the example I posted, because I know that works.

Don't forget to add back the SQL for the 3 queries on the confirmation page.
0
 
Eric BourlandAuthor Commented:
Roger wilco. brb
0
 
Eric BourlandAuthor Commented:
Hmm. I used your code. I get error:

 Variable VERIFIED_AMOUNT is undefined.
 
The error occurred in C:/websites/www.nnvawi.org/confirmationPage.cfm: line 207
Called from C:/websites/www.nnvawi.org/confirmationPage.cfm: line 177
Called from C:/websites/www.nnvawi.org/confirmationPage.cfm: line 1

205 :
206 :       <!--- The following lines generate the SIM fingerprint --->
207 :       <cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
208 :       <cfset fingerprint=digest>

I have been using variable "amount", cause that is what authorize.net seems to demand, instead of "verified_amount".

I will change verified_amount to amount and see where that goes. More soon. E
0
 
Eric BourlandAuthor Commented:
Hmm. Now, this error:


 Variable AMOUNT is undefined.
 
The error occurred in C:/websites/www.nnvawi.org/confirmationPage.cfm: line 207
Called from C:/websites/www.nnvawi.org/confirmationPage.cfm: line 177
Called from C:/websites/www.nnvawi.org/confirmationPage.cfm: line 1

205 :
206 :       <!--- The following lines generate the SIM fingerprint --->
207 :       <cf_hmac data="#loginID#^#sequence#^#timestamp#^#amount#^" key="#transactionKey#">
208 :       <cfset fingerprint=digest>

Yet, I did cfset a value for variable "amount"

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>

I wonder what is going on.
0
 
_agx_Commented:
Sorry, I had to dummy up some values for my environment (no db) and forgot to fix one line. In the original version, just change this line:

       <cfset amount = getConferenceAmount.amount>

To:

       <cfset verified_amount = getConferenceAmount.amount>
0
 
Eric BourlandAuthor Commented:
Got it.

Do I need this at the top:

<!--- set up parameters for conference registration form --->

<!--- set a default value "" for RegisterID in scope URL --->
<cfparam name="url.RegisterID" default="">

<!--- define the RegisterID in scope FORM, then set form.RegisterID equal to the RegisterID passed in the URL --->
<cfparam name="form.RegisterID" default="#url.RegisterID#">

Open in new window

0
 
_agx_Commented:
No, I removed that (and a bunch of other things) from my version because it's not needed.
0
 
Eric BourlandAuthor Commented:
Going through this very slow and step by step.
0
 
_agx_Commented:
BTW, I don't have time to post a jquery example today, but the basic idea is to capture the click event of a submit button and call a custom function.  Inside the function, you'd validate the form fields. If successful, you'd use ajax to send the form data to a separate .cfm script for insert into your db.  Finally, allow the form to submit to authorize.net as usual.
0
 
Eric BourlandAuthor Commented:
You wrapped cfquery name="InsertPage" in <cftransaction></cftransaction> but moved the Send Email part out of the <cftransaction></cftransaction>.

Do I need <cftransaction> at all?
0
 
_agx_Commented:
Ok. For testing purposes you should only need to change the 3 queries on confirmation page:

<!--- Grab Amount from database --->
<cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
	... add sql here ...
</cfquery>
	
	
<!--- Check for duplicate emails --->
<cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
    ... add sql here ...
</cfquery>

<!--- Save info to database --->
<cftransaction>
   <cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
        ... add INSERT sql here ...
   </cfquery>
</cftransaction>

Open in new window


... and change the name of the variable to "verified_amount" here:

    <cfset verified_amount = getConferenceAmount.amount>

Open in new window

0
 
_agx_Commented:
>>  but moved the Send Email part out of the <cftransaction></cftransaction>.

Good. Only queries/SQL should be inside a cftransaction.

>> Do I need <cftransaction> at all?

No. I just left it there because it was in the original code, but honestly it wasn't needed.  CFTRANSACTION only affects the db and should only be used when multiple INSERT/UPDATE/DELETE queries are involved. It has no effect whatsoever on cfmail, BTW. So if that's why it was there, you can safely get rid of it.
0
 
Eric BourlandAuthor Commented:
I am so sorry this is dragging on. I know you have things to do.

Here is what I find:

I get error:

Element REGISTERID is undefined in FORM.
 
The error occurred in C:/websites/www.nnvawi.org/confirmationPage.cfm: line 232
Called from C:/websites/www.nnvawi.org/confirmationPage.cfm: line 175
Called from C:/websites/www.nnvawi.org/confirmationPage.cfm: line 1

230 :              
231 :             <!--- Embed RegisterID (PK) to assign a value to it --->
232 :             <input type="hidden" name="RegisterID" value="#form.RegisterID#" />
233 :             <INPUT type="hidden" name="x_amount" value="#verified_amount#" />

So I think I do need a <cfparam name="form.RegisterID" default=""> ... do you agree?

Here is the weird part. When I place the Grab Amount code inside the CFTRY, I get the "Variable VERIFIED_AMOUNT is undefined." error.

When I put this code before the CFTRY, then that error goes away. Why do you think that is so?

<!--- Grab Amount from database --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount, ConferenceFeeTitle
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>
     
     	   		<!--- 
			   MUST abort processing if the conference wasn't found, otherwise the user won't be charged 
			--->
            
            
		    <cfif getConferenceAmount.recordCount eq 0>
				<cfthrow message="Invalid Conference Selected!">
		    </cfif>
	
	     	<cfset verified_amount = getConferenceAmount.amount>

Open in new window

0
 
_agx_Commented:
Eric - it sounds like you're using your original code - not than the one I posted?  Am I wrong?
0
 
Eric BourlandAuthor Commented:
Pretty sure I am using your code, and filling in the queries as you said. Here it is, below. I think I am following your example?

With the code, below, I get the  I get the "Variable VERIFIED_AMOUNT is undefined." error.

<cfsetting enablecfoutputonly="true">

<!---
	Assign defaults 
--->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">
<cfparam name="form.ConferenceFeeType" default="">
<cfparam name="form.ConferenceFeeTypeID" default="">



<!--- 
	XSS protection 
--->
	<cfloop collection="#FORM#" item="field">
		<cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
	</cfloop>

	   
<!---- 
	Save to database 
---->
	<cftry>  
	 
		<cfset variables.error = ""> 
	
		<cfif IsDefined("FORM.doSave")>
	
			<!--- Grab Amount from database --->
		    <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount, ConferenceFeeTitle
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
		    </cfquery>
	
	
	 	    <!--- Check for duplicate emails --->
			<cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <cfqueryparam cfsqltype="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">
	  		</cfquery>
	
			<cfif CheckUserEmail.recordcount GT 0>
			   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
			</cfif>
	
	   		<!--- 
			   MUST abort processing if the conference wasn't found, otherwise the user won't be charged 
			--->
		    <cfif getConferenceAmount.recordCount eq 0>
				<cfthrow message="Invalid Conference Selected!">
		    </cfif>
	
	     	<cfset verified_amount = getConferenceAmount.amount>
	
			<!--- Save info to database --->

				<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
			 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,Credentials
,x_company
,x_address
,x_city
,x_state
,x_zip
,x_country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,x_email
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_company,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_city,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_state,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_zip,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_email,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
				</cfquery>

	
		    <cfoutput>
			 	SAVED TO DB ** REMOVE THIS - FOR DEBUGGING ONLY**
		   </cfoutput>	
			<!--- Grab new record ID --->
			<cfset form.RegisterID = newRegistrant.IDENTITYCOL>
 
		</cfif>
	       
		<cfcatch type="Any">
	    	<cfset variables.error = cfcatch.message>
		</cfcatch>
	
	</cftry>
            
            

<cfoutput>
	
<!--- 
	Display any errors and EXIT
--->
	<cfif len(variables.error)> 
	   <div class="errorbox">#variables.error#</div>
	   <br />
	   <div class="center">
	   		<input type="button" value="Go Back" onclick="history.go(-1)" />
		</div>
		<cfabort>
	</cfif>



<!--- 
	Generate Authorize.net fingerprint
--->
	<cfset loginID="xxxxxx">
	<cfset transactionKey="yyyyyyy">
	<cfset description="Nursing Network on Violence Against Women International Conference Registration April 9-11, 2015">
	<cfset label="Send Payment for NNVAWI Conference Registration"> <!--- This is the label on the 'submit' button --->
	<cfset testMode="false">
	<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
	<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
	<cfset sequence=RandRange(1, 1000)>
	<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

	<!--- The following lines generate the SIM fingerprint --->
	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
	<cfset fingerprint=digest>


<!--- 
	Display confirmation form.
--->

	<h2>Continue to Authorize.net</h2> 
    
	<p><strong>Clicking submit will redirect you to Authorize.net where you can finalize your payment.</strong></p>
    
    <p>You entered the following information:</p>
    
	<form method="post" action="https://secure.authorize.net/gateway/transact.dll" name="ebwebworkForm" class="ebwebworkForm">
		
		<INPUT type='hidden' name='x_login' value='#loginID#' />
		<INPUT type='hidden' name='x_description' value='#description#' />
		<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
		<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
		<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
		<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
		<INPUT type='hidden' name='x_test_request' value='#testMode#' />
		<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />
	
	 	
		<!--- Embed RegisterID (PK) to assign a value to it --->
		<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
		<INPUT type="hidden" name="x_amount" value="#verified_amount#" />
	
		<!--- Embed all other values as hidden fields --->
	
		
	    Title: #form.Title# <br/>
	    
		First Name: #form.x_first_name# <br/>
	    <input type="hidden" name="x_first_name" value="#form.x_first_name#"/>
	    
		Last Name: #form.x_last_name# <br/>
	    <input type="hidden" name="x_last_name" value="#form.x_last_name#" />
	
		Middle Initial: #form.MiddleInitial# <br/>
	
		Credentials: #form.Credentials# <br/>
	    
	    Organization: #form.x_company# <br/>
	    <input type="hidden" name="x_company" value="#form.x_company#" />
	    
	    Address: #form.x_address# <br/>
	    <input type="hidden" name="x_address" value="#form.x_address#" />
	
	    City: #form.x_city# <br/>
	    <input type="hidden" name="x_city" value="#form.x_city#" />    
	
	    State: #form.x_state# <br/>
	    <input type="hidden" name="x_state" value="#form.x_state#" />    
	    
	    ZIP or Postal Code: #form.x_zip# <br/>
	    <input type="hidden" name="x_zip" value="#form.x_zip#" />
	
	    Country: #form.x_country# <br/>
	    <input type="hidden" name="x_country" value="#form.x_country#" />
	
		TelephoneHome: #form.TelephoneHome# <br/>
	
		TelephoneWork: #form.TelephoneWork# <br/>
	
		TelephoneMobile: #form.TelephoneMobile# <br/>
	
	    Email: #form.x_email# <br/>
	    <input type="hidden" name="x_email" value="#form.x_email#" />
		SpecialRequirements: #form.SpecialRequirements#
	
	
	     
	
	   <button name="proceed" type="submit">Proceed to Authorize.net</button>
	
	</form>
	<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
	contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>
	</cfoutput>
                                          
                                          

Open in new window

0
 
_agx_Commented:
> REGISTERID

You can add a cfparam for that field, but ... you shouldn't ever get that error. Not unless you're viewing the confirmation page in your browser instead of submitting the registration form (which is what we're trying to test ;-)
0
 
Eric BourlandAuthor Commented:
>>>You can add a cfparam for that field, but ... you shouldn't ever get that error. Not unless you're viewing the confirmation page in your browser instead of submitting the registration form (which is what we're trying to test ;-)

I apologize; I have misunderstood. I am indeed viewing the confirmation page in my browser. I think I missing something from the test platform that you are using. =( I'm sorry. I do not want to waste your time at all. I'm a little confounded here.

Does my test code, above, accord with yours?
0
 
_agx_Commented:
EDIT:

I think I missing something from the test platform that you are using. =( I'm sorry. I do not want to waste your time at all. I'm a little confounded here.

Sorry, I was trying not to inundate you with all the stuff I did on my end to simulate your environment, because really ... that's all irrelevant from your POV :) At this point, just fill out the registration form and submit it to the confirmation page. Then report the results:

- Does it show the details "You entered the following information..."
- Does it save the info to your db table?
0
 
Eric BourlandAuthor Commented:
Hmm. I still get:

Variable VERIFIED_AMOUNT is undefined.
 
The error occurred in C:/websites/www.nnvawi.org/confirmationPage2.cfm: line 175
Called from C:/websites/www.nnvawi.org/confirmationPage2.cfm: line 145
Called from C:/websites/www.nnvawi.org/confirmationPage2.cfm: line 1

173 :
174 :       <!--- The following lines generate the SIM fingerprint --->
175 :       <cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
176 :       <cfset fingerprint=digest>


When I put this before the CFTRY, then the error above goes away. When I put this inside the CFTRY, the error occurs:

     <!--- set valid amount for variable "amount"; this will confirm that amount entered is correct amount --->
     <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount, ConferenceFeeTitle
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
     </cfquery>

     <cfif getConferenceAmount.recordCount eq 0>
           The payment amount is invalid.
     </cfif>

     <!--- Otherwise, it's a valid ConferenceFeeTypeID so store the amount and continue --->
     <cfset amount = getConferenceAmount.amount>

Open in new window


This is using your code, as here:

<cfsetting enablecfoutputonly="true">

<!---
	Assign defaults 
--->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">
<cfparam name="form.ConferenceFeeType" default="">
<cfparam name="form.ConferenceFeeTypeID" default="">



<!--- 
	XSS protection 
--->
	<cfloop collection="#FORM#" item="field">
		<cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
	</cfloop>

	   
<!---- 
	Save to database 
---->
	<cftry>  
	 
		<cfset variables.error = ""> 
	
		<cfif IsDefined("FORM.doSave")>
	
			<!--- Grab Amount from database --->
		    <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount, ConferenceFeeTitle
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
		    </cfquery>
	
	
	 	    <!--- Check for duplicate emails --->
			<cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <cfqueryparam cfsqltype="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">
	  		</cfquery>
	
			<cfif CheckUserEmail.recordcount GT 0>
			   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
			</cfif>
	
	   		<!--- 
			   MUST abort processing if the conference wasn't found, otherwise the user won't be charged 
			--->
		    <cfif getConferenceAmount.recordCount eq 0>
				<cfthrow message="Invalid Conference Selected!">
		    </cfif>
	
	     	<cfset verified_amount = getConferenceAmount.amount>
	
			<!--- Save info to database --->

				<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
			 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,Credentials
,x_company
,x_address
,x_city
,x_state
,x_zip
,x_country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,x_email
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_company,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_city,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_state,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_zip,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_email,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
				</cfquery>

	
		    <cfoutput>
			 	SAVED TO DB ** REMOVE THIS - FOR DEBUGGING ONLY**
		   </cfoutput>	
			<!--- Grab new record ID --->
			<cfset form.RegisterID = newRegistrant.IDENTITYCOL>
 
		</cfif>
	       
		<cfcatch type="Any">
	    	<cfset variables.error = cfcatch.message>
		</cfcatch>
	
	</cftry>
            
            

<cfoutput>
	
<!--- 
	Display any errors and EXIT
--->
	<cfif len(variables.error)> 
	   <div class="errorbox">#variables.error#</div>
	   <br />
	   <div class="center">
	   		<input type="button" value="Go Back" onclick="history.go(-1)" />
		</div>
		<cfabort>
	</cfif>



<!--- 
	Generate Authorize.net fingerprint
--->
	<cfset loginID="xxxxxx">
	<cfset transactionKey="yyyyyyy">
	<cfset description="Nursing Network on Violence Against Women International Conference Registration April 9-11, 2015">
	<cfset label="Send Payment for NNVAWI Conference Registration"> <!--- This is the label on the 'submit' button --->
	<cfset testMode="false">
	<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
	<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
	<cfset sequence=RandRange(1, 1000)>
	<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

	<!--- The following lines generate the SIM fingerprint --->
	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
	<cfset fingerprint=digest>


<!--- 
	Display confirmation form.
--->

	<h2>Continue to Authorize.net</h2> 
    
	<p><strong>Clicking submit will redirect you to Authorize.net where you can finalize your payment.</strong></p>
    
    <p>You entered the following information:</p>
    
	<form method="post" action="https://secure.authorize.net/gateway/transact.dll" name="ebwebworkForm" class="ebwebworkForm">
		
		<INPUT type='hidden' name='x_login' value='#loginID#' />
		<INPUT type='hidden' name='x_description' value='#description#' />
		<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
		<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
		<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
		<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
		<INPUT type='hidden' name='x_test_request' value='#testMode#' />
		<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />
	
	 	
		<!--- Embed RegisterID (PK) to assign a value to it --->
		<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
		<INPUT type="hidden" name="x_amount" value="#verified_amount#" />
	
		<!--- Embed all other values as hidden fields --->
	
		
	    Title: #form.Title# <br/>
	    
		First Name: #form.x_first_name# <br/>
	    <input type="hidden" name="x_first_name" value="#form.x_first_name#"/>
	    
		Last Name: #form.x_last_name# <br/>
	    <input type="hidden" name="x_last_name" value="#form.x_last_name#" />
	
		Middle Initial: #form.MiddleInitial# <br/>
	
		Credentials: #form.Credentials# <br/>
	    
	    Organization: #form.x_company# <br/>
	    <input type="hidden" name="x_company" value="#form.x_company#" />
	    
	    Address: #form.x_address# <br/>
	    <input type="hidden" name="x_address" value="#form.x_address#" />
	
	    City: #form.x_city# <br/>
	    <input type="hidden" name="x_city" value="#form.x_city#" />    
	
	    State: #form.x_state# <br/>
	    <input type="hidden" name="x_state" value="#form.x_state#" />    
	    
	    ZIP or Postal Code: #form.x_zip# <br/>
	    <input type="hidden" name="x_zip" value="#form.x_zip#" />
	
	    Country: #form.x_country# <br/>
	    <input type="hidden" name="x_country" value="#form.x_country#" />
	
		TelephoneHome: #form.TelephoneHome# <br/>
	
		TelephoneWork: #form.TelephoneWork# <br/>
	
		TelephoneMobile: #form.TelephoneMobile# <br/>
	
	    Email: #form.x_email# <br/>
	    <input type="hidden" name="x_email" value="#form.x_email#" />
		SpecialRequirements: #form.SpecialRequirements#
	
	
	     
	
	   <button name="proceed" type="submit">Proceed to Authorize.net</button>
	
	</form>
	<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
	contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>
	</cfoutput>
                                          
                                          

Open in new window



Do you think we should try your AJAX solution?
0
 
Eric BourlandAuthor Commented:
>>>- Does it show the details "You entered the following information..."
- Does it save the info to your db table?

Unfortunately, as it is, neither. =(



I wonder why the DoSave is negated? This is weird.
0
 
_agx_Commented:
I can't help but think we've got our wires crossed over something simple :/ because it works perfectly on my end.  

Is there a public URL I can access to test the registration form?
0
 
Eric BourlandAuthor Commented:
Of course.

Register form: http://nnvawi.org/RegisterConference.cfm

This form submits to Step 2: confirmationPage_agx_.cfm

which has this code:

<cfsetting enablecfoutputonly="true">

<!---
	Assign defaults 
--->
<cfparam name="form.Title" default="">
<cfparam name="form.x_first_name" default="">
<cfparam name="form.MiddleInitial" default="">
<cfparam name="form.x_last_name" default="">
<cfparam name="form.Credentials" default="">
<cfparam name="form.x_company" default="">
<cfparam name="form.x_address" default="">
<cfparam name="form.x_city" default="">
<cfparam name="form.x_state" default="">
<cfparam name="form.x_zip" default="">
<cfparam name="form.x_country" default="">
<cfparam name="form.TelephoneHome" default="">
<cfparam name="form.TelephoneWork" default="">
<cfparam name="form.TelephoneMobile" default="">
<cfparam name="form.FAX" default="">
<cfparam name="form.x_email" default="">
<cfparam name="form.AltUserEmail" default="">
<cfparam name="form.SpecialRequirements" default="">
<cfparam name="form.DateCreated" default="">
<cfparam name="form.DateModified" default="">
<cfparam name="form.ConferenceFeeType" default="">
<cfparam name="form.ConferenceFeeTypeID" default="">



<!--- 
	XSS protection 
--->
	<cfloop collection="#FORM#" item="field">
		<cfset FORM[ field ] = ReReplaceNoCase (FORM[ field ], "<script.*?>.*?</script>", "", "all")>
	</cfloop>

	   
<!---- 
	Save to database 
---->
	<cftry>  
	 
		<cfset variables.error = ""> 
	
		<cfif IsDefined("FORM.doSave")>
	
			<!--- Grab Amount from database --->
		    <cfquery name="getConferenceAmount" datasource="#application.datasource#"> 
         SELECT amount, ConferenceFeeTitle
         FROM #REQUEST.conferenceFeeTable# 
         WHERE ConferenceFeeTypeID = <cfqueryparam value="#FORM.ConferenceFeeTypeID#">
		    </cfquery>
	
	
	 	    <!--- Check for duplicate emails --->
			<cfquery datasource="#APPLICATION.dataSource#" name="CheckUserEmail">
  SELECT 'Nothing' FROM #request.RegisterTable#
  WHERE x_email = <cfqueryparam cfsqltype="cf_sql_varchar" VALUE="#form.x_email#">
  AND  RegisterID <> <cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.RegisterID)#">
	  		</cfquery>
	
			<cfif CheckUserEmail.recordcount GT 0>
			   <cfthrow message="That email address is already in use. Did you already register for the NNVAWI conference? Please contact NNVAWI at info@nnvawi.org.">
			</cfif>
	
	   		<!--- 
			   MUST abort processing if the conference wasn't found, otherwise the user won't be charged 
			--->
		    <cfif getConferenceAmount.recordCount eq 0>
				<cfthrow message="Invalid Conference Selected!">
		    </cfif>
	
	     	<cfset verified_amount = getConferenceAmount.amount>
	
			<!--- Save info to database --->

				<cfquery name="InsertPage" datasource="#application.datasource#" result="newRegistrant">
			 INSERT INTO #REQUEST.RegisterTable#
     					(
Title
,x_first_name
,MiddleInitial
,x_last_name
,Credentials
,x_company
,x_address
,x_city
,x_state
,x_zip
,x_country
,TelephoneHome
,TelephoneWork
,TelephoneMobile
,FAX
,x_email
,AltUserEmail
,SpecialRequirements
,ConferenceFeeType
,DateCreated
                        )
                        
                        
			     VALUES(
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Title,50))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_first_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.MiddleInitial,5))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_last_name,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.Credentials,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_company,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_address,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_city,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_state,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_zip,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_country,255))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneHome,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneWork,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.TelephoneMobile,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.FAX,25))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.x_email,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.AltUserEmail,128))#">,
<cfqueryparam cfsqltype="cf_sql_varchar" value="#Trim(Left(form.SpecialRequirements,255))#">,
<cfqueryparam cfsqltype="cf_sql_integer" value="#val(form.ConferenceFeeTypeID)#">,
<cfqueryparam cfsqltype="cf_sql_timestamp" value="#now()#">
)         
				</cfquery>

	
		    <cfoutput>
			 	SAVED TO DB ** REMOVE THIS - FOR DEBUGGING ONLY**
		   </cfoutput>	
			<!--- Grab new record ID --->
			<cfset form.RegisterID = newRegistrant.IDENTITYCOL>
 
		</cfif>
	       
		<cfcatch type="Any">
	    	<cfset variables.error = cfcatch.message>
		</cfcatch>
	
	</cftry>
            
            

<cfoutput>
	
<!--- 
	Display any errors and EXIT
--->
	<cfif len(variables.error)> 
	   <div class="errorbox">#variables.error#</div>
	   <br />
	   <div class="center">
	   		<input type="button" value="Go Back" onclick="history.go(-1)" />
		</div>
		<cfabort>
	</cfif>



<!--- 
	Generate Authorize.net fingerprint
--->
	<cfset loginID="xxxxxx">
	<cfset transactionKey="yyyyyyy">
	<cfset description="Nursing Network on Violence Against Women International Conference Registration April 9-11, 2015">
	<cfset label="Send Payment for NNVAWI Conference Registration"> <!--- This is the label on the 'submit' button --->
	<cfset testMode="false">
	<cfset posturl="https://secure.authorize.net/gateway/transact.dll">
	<cfset invoice=DateFormat(Now(),"yyyymmdd") & TimeFormat(Now(),"HHmmss")>
	<cfset sequence=RandRange(1, 1000)>
	<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

	<!--- The following lines generate the SIM fingerprint --->
	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
	<cfset fingerprint=digest>


<!--- 
	Display confirmation form.
--->

	<h2>Continue to Authorize.net</h2> 
    
	<p><strong>Clicking submit will redirect you to Authorize.net where you can finalize your payment.</strong></p>
    
    <p>You entered the following information:</p>
    
	<form method="post" action="https://secure.authorize.net/gateway/transact.dll" name="ebwebworkForm" class="ebwebworkForm">
		
		<INPUT type='hidden' name='x_login' value='#loginID#' />
		<INPUT type='hidden' name='x_description' value='#description#' />
		<INPUT type='hidden' name='x_invoice_num' value='#invoice#' />
		<INPUT type='hidden' name='x_fp_sequence' value='#sequence#' />
		<INPUT type='hidden' name='x_fp_timestamp' value='#timeStamp#' />
		<INPUT type='hidden' name='x_fp_hash' value='#fingerprint#' />
		<INPUT type='hidden' name='x_test_request' value='#testMode#' />
		<INPUT type='hidden' name='x_show_form' value='PAYMENT_FORM' />
	
	 	
		<!--- Embed RegisterID (PK) to assign a value to it --->
		<input type="hidden" name="RegisterID" value="#form.RegisterID#" />
		<INPUT type="hidden" name="x_amount" value="#verified_amount#" />
	
		<!--- Embed all other values as hidden fields --->
	
		
	    Title: #form.Title# <br/>
	    
		First Name: #form.x_first_name# <br/>
	    <input type="hidden" name="x_first_name" value="#form.x_first_name#"/>
	    
		Last Name: #form.x_last_name# <br/>
	    <input type="hidden" name="x_last_name" value="#form.x_last_name#" />
	
		Middle Initial: #form.MiddleInitial# <br/>
	
		Credentials: #form.Credentials# <br/>
	    
	    Organization: #form.x_company# <br/>
	    <input type="hidden" name="x_company" value="#form.x_company#" />
	    
	    Address: #form.x_address# <br/>
	    <input type="hidden" name="x_address" value="#form.x_address#" />
	
	    City: #form.x_city# <br/>
	    <input type="hidden" name="x_city" value="#form.x_city#" />    
	
	    State: #form.x_state# <br/>
	    <input type="hidden" name="x_state" value="#form.x_state#" />    
	    
	    ZIP or Postal Code: #form.x_zip# <br/>
	    <input type="hidden" name="x_zip" value="#form.x_zip#" />
	
	    Country: #form.x_country# <br/>
	    <input type="hidden" name="x_country" value="#form.x_country#" />
	
		TelephoneHome: #form.TelephoneHome# <br/>
	
		TelephoneWork: #form.TelephoneWork# <br/>
	
		TelephoneMobile: #form.TelephoneMobile# <br/>
	
	    Email: #form.x_email# <br/>
	    <input type="hidden" name="x_email" value="#form.x_email#" />
		SpecialRequirements: #form.SpecialRequirements#
	
	
	     
	
	   <button name="proceed" type="submit">Proceed to Authorize.net</button>
	
	</form>
	<p class="center"><span class="red"><i class="icon-asterisk"></i></span> <em>An NNVAWI administrator will review and confirm your registration. Please
	contact Melissa Sutherland at <a href="mailto:melissa.sutherland@bc.edu">melissa.sutherland@bc.edu</a> for information or assistance with conference registration.</em></p>
	</cfoutput>
                                          
                                          
                                          

Open in new window

0
 
_agx_Commented:
(EDIT) Looking at the html source code:

  <li>
<div class="submitButton">
     
   <button type="submit" class="green" tabindex="19">Register for NNVAWI Conference</button>
   
</div>  
</li>

Open in new window


... the submit button still isn't named "DoSave" and that's what's causing the problems.  Remember it must have that name or the cfif on the confirmation page won't execute the correct code.
0
 
Eric BourlandAuthor Commented:
I saw that too just now. =(

OK, in both step 1 and Step 2: confirmationPage_agx_.cfm I named the Submit button "doSave".

I get the Variable VERIFIED_AMOUNT is undefined. error but I will move the <!--- Grab Amount from database ---> code before the CFTRY and see if that resolves this error:

  Variable VERIFIED_AMOUNT is undefined.
 
The error occurred in C:/websites/www.nnvawi.org/confirmationPage_agx_.cfm: line 175
Called from C:/websites/www.nnvawi.org/confirmationPage_agx_.cfm: line 145
Called from C:/websites/www.nnvawi.org/confirmationPage_agx_.cfm: line 1

173 : 
174 : 	<!--- The following lines generate the SIM fingerprint --->
175 : 	<cf_hmac data="#loginID#^#sequence#^#timestamp#^#verified_amount#^" key="#transactionKey#">
176 : 	<cfset fingerprint=digest>

Open in new window



brb
0
 
_agx_Commented:
Hmm... you shouldn't be getting that error. Reason being CF shouldn't even reach the "fingerprint" code block unless it retrieved the amount successfully. In which case VERIFIED_AMOUNT will be defined.
0
 
_agx_Commented:
Seems to work now.
0
 
Eric BourlandAuthor Commented:
Hmm. Dang. The form processes and I get through to the authorize.net page, but no data is inserted in the data table, still. Even with all the "doSave"s in place.

Goodness. I wonder what I am doing wrong. I am looking back through everything again.
0
 
Eric BourlandAuthor Commented:
>>>Hmm... you shouldn't be getting that error. Reason being CF shouldn't even reach the "fingerprint" code block unless it retrieved the amount successfully. In which case VERIFIED_AMOUNT will be defined.

Exactly.
0
 
Eric BourlandAuthor Commented:
Do you think the AJAX solution will work better?
0
 
_agx_Commented:
> <cfif IsDefined("FORM.doSave")>
> ....
> </cfif>

Remove the CFIF altogether. It was only required when the form was self-posting.

Dump the result structure after the INSERT query. What do you see?

<cfquery name="InsertPage" ....> query code </cfquery>
<cfdump var="#newRegistrant#">



> Do you think the AJAX solution will work better?

It would be slicker, but .. honestly a regular form post is typically simpler.  Though feel free to try it. My jquery skills are moderate. I'd recommend posting a separate question. That way you can get advice from jquery folks too.
0
 
Eric BourlandAuthor Commented:
Wait! Stop the presses.

> <cfif IsDefined("FORM.doSave")>
> ....
> </cfif>

Remove the CFIF altogether. It was only required when the form was self-posting.

I think that did it.

Checking a few things / brb.

*picks self off floor*
0
 
Eric BourlandAuthor Commented:
It works.

> <cfif IsDefined("FORM.doSave")>
> ....
> </cfif>

That was it.

Also the doSave in the Submit button.

Also, per your notes above, I have trimmed my code.

It's working really well.

Your patience is nonpareil.

I am going to run a couple more tests then get this over to the client.

I'll come back and close this question. Thank you as always.

Eric
0
 
_agx_Commented:
Cool! Glad we finally got it working.
0
 
Eric BourlandAuthor Commented:
Thanks as always to _agx_. It was a bit of work to get to this solution. I am always grateful for _agx_'s professionalism, patience, and (of course) vast expertise.

_agx_ -- thank you. May your weekend be code-free and relaxing.

Eric
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 42
  • 35
Tackle projects and never again get stuck behind a technical roadblock.
Join Now