====== PHP XML Secure Tokens ======

The sample code below required the **{{:developer:sample_codes:gateway_xml_php_api.zip|PHP XML API}}**.\\

**Settings file (%gatewaySampleFileName_account.inc):**

<file php %gatewaySampleFileName_account.inc>

<?php

# These values are used to identify and validate the account that you are using. They are mandatory.
$gateway = '';			# This is the %Gateway payments gateway that you should use, assigned to the site by %Gateway.
$terminalId = '';		# This is the Terminal ID assigned to the site by %Gateway.
$currency = '';			# This is the 3 digit ISO currency code for the above Terminal ID.
$secret = '';			# This shared secret is used when generating the hash validation strings. 
				# It must be set exactly as it is in the %Gateway %SelfCare system.
$testAccount = true;

# These are used only in the case where the response hash is incorrect, which should
# never happen in the live environment unless someone is attempting fraud.
$adminEmail = '';
$adminPhone = '';

?>

</file>
----
\\
**Secure Token registration:**

<file php %gatewaySampleFileName_securecard_registration.php>

<?php
 
require('%gatewaySampleFileName_account.inc');
require('gateway_tps_xml.php');
 
# These values are specific to the cardholder.
$secureCardMerchantRef = '';	# Unique Merchant Reference. Length is limited to 48 chars.
$cardNumber = '';		# This is the full PAN (card number) of the credit card. It must be digits only (i.e. no spaces or other characters).
$cardType = '';			# See our Integrator Guide for a list of valid Card Type parameters
$cardExpiry = '';		# The 4 digit expiry date (MMYY)
$cardHolderName = '';		# The full cardholders name, as it is displayed on the credit card

$dontCheckSecurity = ''; 	# (optional) "Y" if you do not want the CVV to be validated online.
$cvv = '';			# (optional) 3 digit (4 for AMEX cards) security digit on the back of the card.
$issueNo = '';			# (optional) Issue number for Switch and Solo cards.

# Set up the SecureCard addition object
$securereg = new XmlSecureCardRegRequest($secureCardMerchantRef, $terminalId, $cardNumber, $cardExpiry, $cardType, $cardHolderName);
 
if($dontCheckSecurity != "") $securereg->SetDontCheckSecurity($dontCheckSecurity);
if($cvv != "") $securereg->SetCvv($cvv);
if($issueNo != "") $securereg->SetIssueNo($issueNo);
 
$response = $securereg->ProcessRequestToGateway($secret,$testAccount,$gateway);
 
unset($secureCardCardRef);
if($response->IsError()){

 echo 'AN ERROR OCCURED, Card details not registered. Error details: ' . $response->ErrorString();
} else {
	$merchantRef = $response->MerchantReference();
	$expectedResponseHash = md5($terminalId.$response->MerchantReference().$response->CardReference().$response->DateTime().$secret);
	if($expectedResponseHash != $response->Hash()) {
		echo 'SECURECARD REGISTRATION FAILED: INVALID RESPONSE HASH. Please contact <a href="mailto:' . $adminEmail . '">' . $adminEmail . '</a> or call ' . $adminPhone . ' to clarify if your card details were stored.';
		if(isset($merchantRef)) {
			 echo 'Please quote %Gateway Terminal ID: ' . $terminalId . ', and SecureCard Merchant Reference: ' . $response->MerchantReference() . ' when mailling or calling.';
		}
	} else {
        echo "SecureCard successfully stored.";
	}
}
 
?>

</file>
----
\\
**SecureCard record update:**

<file php %gatewaySampleFileName_securecard_update.php>

<?php
 
require('%gatewaySampleFileName_account.inc');
require('gateway_tps_xml.php');
 
# These values are specific to the cardholder.
$secureCardMerchantRef = '';	# Unique Merchant Reference. Length is limited to 48 chars.
$cardNumber = '';		# This is the full PAN (card number) of the credit card. It must be digits only (i.e. no spaces or other characters).
$cardType = '';			# See our Integrator Guide for a list of valid Card Type parameters
$cardExpiry = '';		# The 4 digit expiry date (MMYY)
$cardHolderName = '';		# The full cardholders name, as it is displayed on the credit card
$recurringAmount = '';
$dontCheckSecurity = ''; 	# (optional) "Y" if you do not want the CVV to be validated online.
$cvv = '';			# (optional) 3 digit (4 for AMEX cards) security digit on the back of the card.
$issueNo = '';			# (optional) Issue number for Switch and Solo cards.

# Set up the SecureCard update object
$secureupd = new XmlSecureCardUpdRequest($secureCardMerchantRef,$terminalId,$cardNumber,$cardExpiry,$cardType,$cardHolderName);
 
if($dontCheckSecurity != "") $secureupd->SetDontCheckSecurity($dontCheckSecurity);
if($cvv != "") $secureupd->SetCvv($cvv);
if($issueNo != "") $secureupd->SetIssueNo($issueNo);
 
$response = $secureupd->ProcessRequestToGateway($secret,$testAccount,$gateway);
 
if($response->IsError()) {
	echo 'AN ERROR OCCURED, Card details not updated. Error details: ' . $response->ErrorString();
}
 else {
	$expectedResponseHash = md5($terminalId.$response->MerchantReference().$response->CardReference().$response->DateTime().$secret);
	if($expectedResponseHash != $response->Hash()) {
		echo 'SECURECARD UPDATE FAILED: INVALID RESPONSE HASH. Please contact <a href="mailto:' . $adminEmail . '">' . $adminEmail . '</a> or call ' . $adminPhone . ' to clarify if your card details were updated.';
		$merchantRef = $response->MerchantReference();
		if(isset($merchantRef)) 
			{
				echo 'Please quote %Gateway Terminal ID: ' . $terminalId . ', and SecureCard Merchant Reference: ' . $merchantRef . ' when mailling or calling.';
			}
	} else {
		echo "SecureCard successfully updated.";
	}
}
 
?>

</file>
----
\\
**SecureCard record deletion:**

<file php %gatewaySampleFileName_securecard_delete.php>

<?php
 
require('%gatewaySampleFileName_account.inc');
require('gateway_tps_xml.php');
 
# These values are specific to the cardholder.
$secureCardMerchantRef = '';	# Unique Merchant Reference. Length is limited to 48 chars.
$secureCardCardRef = '';	# This is the %Gateway generated 16 digit card number token

# Set up the SecureCard deletion object
$securedel = new XmlSecureCardDelRequest($secureCardMerchantRef,$terminalId,$secureCardCardRef);
$response = $securedel->ProcessRequestToGateway($secret,$testAccount,$gateway);
 
if($response->IsError()) {
	echo 'AN ERROR OCCURED, Card details not deleted. Error details: ' . $response->ErrorString();
} else {
	$expectedResponseHash = md5($terminalId.$response->MerchantReference().$response->DateTime().$secret);
	if($expectedResponseHash != $response->Hash()) {
		echo 'SECURECARD DELETION FAILED: INVALID RESPONSE HASH. Please contact <a href="mailto:' . $adminEmail . '">' . $adminEmail . '</a> or call ' . $adminPhone . ' to clarify if your card details were updated.';
		$merchantRef = $response->MerchantReference();
		if(isset($merchantRef)) {
			echo 'Please quote %Gateway Terminal ID: ' . $terminalId . ', and SecureCard Merchant Reference: ' . $response->MerchantReference() . ' when mailling or calling.';
		}
	} else {
		echo "SecureCard successfully deleted.";
	}
}
 
?>

</file>
----
\\
**SecureCard record search:**

<file php %gatewaySampleFileName_securecard_search.php>

<?php
 
require('%gatewaySampleFileName_account.inc');
require('gateway_tps_xml.php');
 
# These values are specific to the cardholder.
$secureCardMerchantRef = '';	# Unique Merchant Reference. Length is limited to 48 chars.

# Set up the SecureCard addition object
$securesearch = new XmlSecureCardSearchRequest($secureCardMerchantRef,$terminalId);
$response = $securesearch->ProcessRequestToGateway($secret,$testAccount,$gateway);
 
if($response->IsError()){

 	echo 'AN ERROR OCCURED, Card details not found. Error details: ' . $response->ErrorString();

} else {
	$expectedResponseHash = md5($terminalId.$response->MerchantReference().$response->CardReference().$response->CardType().$response->CardExpiry().$response->CardHolderName().$response->DateTime().$secret);
	if($expectedResponseHash != $response->Hash()) {
		echo 'SECURECARD SEARCH FAILED: INVALID RESPONSE HASH. Please contact <a href="mailto:' . $adminEmail . '">' . $adminEmail . ' or call ' . $adminPhone . ' to clarify if your card details were stored.';
		$getMerchantReference = $response->MerchantReference();
		if(isset($getMerchantReference)) {

			 echo 'Please quote %Gateway Terminal ID: ' . $terminalId . ', and SecureCard Merchant Reference: ' . $response->MerchantReference() . ' when mailling or calling.';
		}
	} else {
		# Use/Save $response->MerchantReference(), $response->CardReference(), $response->CardType(), $response->CardExpiry(), $response->CardHolderName().
        echo "SecureCard successfull details found.";
	}
}
 
?>

</file>