Merchant Account Forums

Administrator · Site Administrator Joined: 18 Jan 2021 Posts: 24

This thread is here to discuss the article: [url=http://www.merchant-account-services.org/article/authorize-net-php-integration]Integrate the Authorize.net Payment Gateway with PHP[/url]

stymiee · Site Administrator Joined: 08 Jan 2021 Posts: 99

Larry,

You make a good point that deserves some discussion. While it is true that there are some Visa cards that are not 16 digits long, those cards are mostly out of circulation and not likely to be encountered. (There are 16 digit test numbers out there so I am unsure why Authorize.Net actually lists the ones they do. But, yes, in this case they are shortened because they are test numbers). However, if a business wanted to account for those for the sake of completeness here is an updated pattern that matches those as well:

[code:1]if (preg_match('/^4\d{3}[ \-]?\d{4}[ \-]?\d{4}[ \-]?(\d{1}|\d{4})$/i', $visa_number))
{
// Visa number is correct
}
else
{
// Visa number is incorrect
}[/code:1]

Basically this update just checks the last set of numbers and lets there be either 1 digit (thus totaling 13) or 4 digits (thus totaling 16).

stymiee · Site Administrator Joined: 08 Jan 2021 Posts: 99

Excellent catch. The pipe characters is actually a delimiter for the data [b]they send back[/b]. Not the data we send over. I've corrected the article (it was simple as moving that one sentence).

Thank you for pointing that out! Smile

Nhoc · New Merchant Joined: 02 Feb 2022 Posts: 2

Awesome article, thank you for putting this together!

It is against the policy to store CVV2 number. If you want to do recurring bill, how would you do that without the user having to re-enter the CVV2 for every transaction? Is there any way around that or you must either disable CVV2 check or have a bad user experience?

stymiee · Site Administrator Joined: 08 Jan 2021 Posts: 99

It is against PCI regulations to store the CVV2 number under any circumstances. As for how it works with recurring billing, once you verify that the cardholder has the card (cvv number matches) you don't need to submit it again for the same card.

Nhoc · New Merchant Joined: 02 Feb 2022 Posts: 2

Hmm, that could work. One problem though, what if the payment gateway require the CCV number? And for subsequence transactions, it means that we do not pass that in any more, and I heard that would increase the chargeback s and also might increase the merchant fee?

Administrator · Site Administrator Joined: 18 Jan 2021 Posts: 24

Your payment gateway won't require the CVV2 number for recurring billing. It actually won't even require it for the initial transaction although you should definitely get it from your customers.

The reason why you want to get the CVV2 number is if a customer can customer can provide it during the checkout that most likely means they have the credit card with them. This reduces the likelihood that it is stolen and this means less fraud and potential for chargebacks for you.

And your merchant fees do not go up if you do not use CVV2. It does go up if you do not do AVS.

oozz · New Merchant Joined: 24 Sep 2022 Posts: 1

One thing I wanted to note to everyone. If you download the Source Code at the end of the article and are using that as your base class, there is an error I thought I would share with you.

If you look at the function 'setTransaction', change the type of $cvv to string instead of int. If you leave it as int it will automatically drop the leading 0 on all CVV numbers thus leading you to get error code 78, "The card code is invalid." on ALL CVV numbers that begin with 0.

Just a little FYI.

optize · New Merchant Joined: 07 Oct 2022 Posts: 1

I seem to be missing how to turn off test mode so all transactions are sent.

Can someone help?

stymiee · Site Administrator Joined: 08 Jan 2021 Posts: 99

Make sure you turn off test mode in your control panel. Also make sure you set private $test = false;

HappySavage · New Merchant Joined: 26 Sep 2023 Posts: 4

This might seem like a dumb question, but every time I try to run the code I get this error: "Fatal error: Call to private Authnet::__construct() from invalid context".

Anybody know what's causing this?

stymiee · Site Administrator Joined: 08 Jan 2021 Posts: 99

[quote="HappySavage"]This might seem like a dumb question, but every time I try to run the code I get this error: "Fatal error: Call to private Authnet::__construct() from invalid context".

Anybody know what's causing this?[/quote]
You're probably running PHP4.

HappySavage · New Merchant Joined: 26 Sep 2023 Posts: 4

[quote="stymiee"][quote="HappySavage"]This might seem like a dumb question, but every time I try to run the code I get this error: "Fatal error: Call to private Authnet::__construct() from invalid context".

Anybody know what's causing this?[/quote]
You're probably running PHP4.[/quote]

Actually, I figured out what was causing that. I was using the code on page 9 of the article to instantiate the object, which calls the constructor (which is private) rather than the Instance method.

The problem I have now has to do with getResponseFull() method. It returns an 'undefined index' (I guess the result is neither "Approved" or "Declined"). I've traced the code and echoed out the values of response and other variables, but I can't figure out what's wrong.

HappySavage · New Merchant Joined: 26 Sep 2023 Posts: 4

I'm wondering if the OpenSSL is causing the problems I'm having. I use WAMP and I just activated the OpenSSL extension, but I guess that's not enough (to be honest, I did it this way because I don't know how to compile php with the OpenSSL option).

Has anyone had this problem before?

HappySavage · New Merchant Joined: 26 Sep 2023 Posts: 4

Well, long story short, I broke down and paid for the SSL certificate and now the everything works. The only thing is, when I test the payment gateway it accepts any valid credit card number even if the expiration date or the cvv number don't match those on the actual credit card.