Merchant Account Services

Integrate the Authorize.Net Payment Gateway with PHP

Integrate the Authorize.Net payment gateway seamlessly into your ecommerce website


Author: Jim Conners

Rating: 10.0

Pages: 1|2|3|4|5|6|7|8|9|10

Building our Class

Now that we have an understanding of how a transaction will flow we can build our class around it. We should read through the Advanced Integration Method Integration GuidePDF before we begin so we understand what Authorize.Net will be expecting from us.

Naming the Class

Naturally any good class name will indicate what the objects that class will create represents. For our class we will use the nickname for Authorize.Net in the credit card processing industry: Authnet.

class Authnet { // ... }

Class Properties

Immediately after declaring our class we will need to declare the properties we will need for storing our objects properties. All of our properties will be private as we do not want our scripts to be accessing any of these values without going through a method. The first two properties we will declare are our Authorize.Net login and transaction key:

private $login = "ertdev6345"; private $transkey = "SR2dsf54dEn7vFLQ";

The login is used to login into the merchant's control panel as well as identifying the merchant to Authorize.Net's API. The transaction key is a random sequence of characters that acts like a password for API transactions. It is a security measure that prevents the merchant from putting their true account password into their scripts in an effort to help keep them safe.

Speaking of safe, that is the very reason we will hardcode this information into our class as opposed to making them parameters of the constructor. By placing this information directly in our class we can keep it out of our webpage's code. If the server experiences an error and were to suddenly display our source code, this sensitive information would not be available to the general public. It also allows us to place this class outside of our web root so it cannot be displayed by a web browser.

The Authorize.Net login will be provided by Authorize.Net upon the accounts creation. You can get your transaction key by following these steps:

  1. Login into your account at Authorize.Net
  2. Click on 'Settings'
  3. Click on 'Transaction Key'
  4. Enter the answer to your secret question
  5. Click on the checkbox to disable your old transaction key

The next three properties will determine if our transaction was successful (approved), declined, or an error occurred. You'll notice that $approved and $declined are both set to false while $error is set to true. This is because it is better to assume there is an error and either try again or abort the process then to assume a sale was approved only to find out later it wasn't (and the merchant already shipped their order).

private $approved = false; private $declined = false; private $error = true;

The main function of the Authorize.Net API is to pass data back and forth to complete a transaction. The next two properties store the data we will be passing to Authorize.Net and the data we will be receiving respectively. The $params parameter is an array that will hold the parameters that we be passing to the Authorize.Net API. The $results parameter is an array that will hold the parameters that we be receiving from the Authorize.Net API (after a little bit of processing that is).

private $params = array(); private $results = array();

Since we cannot send arrays to the Authorize.Net API nor can we receive them, we will need a place to store our parameters in a format that Authorize.Net is expecting as well as a place to receive their response. The $fields parameter will store our properly formatted parameters for us (this will be done in a method described later in this article) . The $response parameter will store the raw data of the return response from the Authorize.Net API.

private $fields; private $response;

Finally, this last parameter probably can be done without, but for the sake of easier testing I have decided to include it in our class. This member will simply store a boolean value to determine whether we are currently testing our integration or processing live sales. Authorize.Net offers a special URL that is to be used for testing an integration of their API. Setting this member to TRUE will cause our Authnet object to use that URL for all transactions until we set it to false. (We will see this in action in our _construct method).

private $test;

Planning the Transaction | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Constructor