Git Product home page Git Product logo

gf-sagepay's Introduction

GF SagePay

GitHub Actions Packagist Version PHP from Packagist Packagist Downloads GitHub License Hire Itineris Twitter Follow @itineris_ltd Twitter Follow @TangRufus

SagePay payment gateway for GravityForms.

Goal

Allow Gravity Forms accepts SagePay one-off payments via SagePay Server.

Features

Not Supported / Not Implemented

Although these features are not supported by this plugin, but you might able to do so via MySagePay:

  • Card reference
  • Token billing
  • Deferred payment
  • Recurring payment
  • Void
  • Refund
  • Abort
  • Basket
  • Surcharges
  • Account Type M – for telephone (MOTO) transactions
  • Account Type C – for repeat transactions

Pull requests are welcomed.

Minimum Requirements

  • PHP v7.2
  • PHP cURL Extension
  • WordPress v4.9.5
  • Gravity Forms v2.4.14.4

Installation

Composer (Recommended)

composer require itinerisltd/gf-sagepay

Build from Source (Not Recommended)

# Make sure you use the same PHP version as remote servers.
# Building inside docker images is recommanded.
php -v

# Checkout source code
git clone https://github.com/ItinerisLtd/gf-sagepay.git
cd gf-sagepay
git checkout <the-tag-or-the-branch-or-the-commit>

# Build the zip file
composer release:build

Then, install release/gf-sagepay.zip as usual.

Best Practices

HTTPS Everywhere

Although SagePay accepts insecure HTTP sites, you should always use HTTPS to protect all communication.

Payment Status

Always double check payment status on MySagePay.

Fraud Protection

To prevent chargebacks, enforce 3D Secure and AVS/CV2 rules whenever possible.

Test Sandbox

Always test the plugin and your fraud protection rules in test sandbox before going live.

If you can't whitelist test server IPs, use protxross as Vendor Code.

Use ngrok to make local notification URLs publicly accessible.

Use one of the test credit cards.

Common Issues

Missing Gift Aid Acceptance Box

Only registered charities can use Gift Aid through the Sage Pay platform. The gift aid acceptance box only appears if your vendor account is Gift Aid enabled and using Donation as transaction type.

GF SagePay is Missing on Form Settings

Make sure you meet the minimum requirements. Check your environment details at the System Status Page.

Shipping Address

OmniPay requires both billing address and shipping address.

Use case: Not delivering any physical goods

Map the shipping address fields to the billing ones.

Use case: Allow ship to billing address

This is similar to the the WooCommerce way.

Use Gravity Forms' built-in feature: Display option to use the values submitted in different field

FAQ

Will you add support for older PHP versions?

Never! This plugin will only work on actively supported PHP versions.

Don't use it on end of life or security fixes only PHP versions.

It looks awesome. Where can I find more goodies like this?

Where can I give ⭐⭐⭐⭐⭐ reviews?

Thanks! Glad you like it. It's important to let my boss knows somebody is using this project. Please consider:

Developing

Public API

Build URL for continuing confirmation

ConfirmationHandler::buildUrlFor(Entry $entry, int $ttlInSeconds = 3600): string

Usage:

$entryId = 123;
$rawEntry = GFAPI::get_entry($entryId);
if (is_wp_error($rawEntry)) {
    wp_die('Entry not found');
}

$url = ConfirmationHandler::buildUrlFor(
    new Entry($rawEntry),
    86400 // expires in 24 hours (24*3600=86400)
);

echo $url;
// https://example.com?entry=123&gf-sagepay-token=XXXXXXXXXXXX

Use Case: With "using confirmation query strings to populate a form based on another submission":

  1. User fills in formA
  2. User completes SagePay checkout form
  3. User comes back and hits CallbackHandler
  4. CallbackHandler sends user to formB according to confirmation settings
  5. User arrives formB url with merged query strings

If the user quits before completing formB, you could use ConfirmationHandler::buildUrlFor generate a single-use, short-lived url for the user to resume formB.

Note:

  • The url continues Gravity Forms confirmation
  • Whoever got the url will go on confirmation, no authentication performed
  • The confirmation will use latest field values from database which could have changed
  • No payment status checking

Redirect URL Retrieval Failure Handling

After form submit, this plugin sends order information to SagePay in exchange for a redirect URL(the SagePay hosted checkout form URL).

By default, when redirect URL retrieval fails:

  1. Mark entry payment status as Failed
  2. Log the error
  3. wp_die immediately

Common failure reasons:

  • Incorrect vendor code
  • Server IP not whitelisted

Tips: Check the log.

You can use 'gf_sagepay_redirect_url_failure_wp_die' filter to:

  • continue Gravity Forms' feed and confirmation flow
  • perform extra operations
  • redirect to a different error page

Important: If this filter returns false, normal Gravity Forms' feed and confirmation flow continues. Improper settings might lead to disasters.

Example:

add_filter('gf_sagepay_redirect_url_failure_wp_die', function(bool $shouldWpDie, ServerAuthorizeResponse $response, Entry $entry, GFPaymentAddOn $addOn): bool {

    // Do something.

    return true; // Do `wp_die`
    return false; // Don't `wp_die`, continue normal flow
    return $shouldWpDie; // Undecisive
}, 10, 4);

Required Reading List

Read the followings before developing:

Gravity Forms

Gravity Forms has undocumented hidden magics, read its source code.

Testing

composer style:check

Pull requests without tests will not be accepted!

Feedback

Please provide feedback! We want to make this library useful in as many projects as possible. Please submit an issue and point out what you do and don't like, or fork the project and make suggestions. No issue is too small.

Change Log

Please see CHANGELOG for more information on what has changed recently.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

GF SagePay is a Itineris Limited project created by Tang Rufus.

Full list of contributors can be found here.

License

GF SagePay is released under the MIT License.

gf-sagepay's People

Contributors

codepuncher avatar danlapteacru avatar dependabot-preview[bot] avatar tangrufus avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

gf-sagepay's Issues

Payments failing

Card details are correct, money in account, but keeps failing?

2018-09-05 15:42:38.312899 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Checking for feeds to process for entry #14234 for gf-sagepay.
2018-09-05 15:42:38.313621 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Starting to process feed (#52 - GF SagePay Feed 1) for entry #14234 for gf-sagepay
2018-09-05 15:42:38.313668 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Marking entry #14234 as fulfilled for gf-sagepay
2018-09-05 15:42:38.472744 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): ServerAuthorizeResponse - 2014 : The Transaction was Registered Successfully.
2018-09-05 15:42:38.480313 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): Set transaction reference to {"SecurityKey":"XVAF4VECH9","VPSTxId":"{009040B3-5226-7973-0B67-0FD8ED5D8B1D}","VendorTxCode":"7e6cca87-bed1-4b60-bf13-8a2a6e3d00ee"}
2018-09-05 15:42:38.480370 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): Forward user onto SagePay checkout form.
2018-09-05 15:43:11.966288 - DEBUG --> GFPaymentAddOn::maybe_process_callback(): Initializing callback processing for: gf-sagepay
2018-09-05 15:43:11.966800 - DEBUG --> Itineris\SagePay\CallbackHandler::buildGatewayBySuperglobals(): Vendor - stmungos902 isTest - false
2018-09-05 15:43:11.978146 - DEBUG --> Itineris\SagePay\CallbackHandler::run(): Before accepting notification
2018-09-05 15:43:11.980547 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Status - failed
2018-09-05 15:43:11.980596 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Message - 0000 : The Authorisation was Successful.
2018-09-05 15:43:11.980639 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Data - {"VPSProtocol":"3.00","TxType":"PAYMENT","VendorTxCode":"7e6cca87-bed1-4b60-bf13-8a2a6e3d00ee","VPSTxId":"{009040B3-5226-7973-0B67-0FD8ED5D8B1D}","Status":"OK","StatusDetail":"0000 : The Authorisation was Successful.","TxAuthNo":"2017806549","AVSCV2":"ALL MATCH","AddressResult":"MATCHED","PostCodeResult":"MATCHED","CV2Result":"MATCHED","GiftAid":"0","3DSecureStatus":"ERROR","CardType":"DELTA","Last4Digits":"5701","VPSSignature":"F5546F459A184B0AEB1EA1948C35CD27","DeclineCode":"00","ExpiryDate":"0822","BankAuthCode":"281998"}
2018-09-05 15:43:11.991621 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Status - completed
2018-09-05 15:43:11.991676 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Message - 0000 : The Authorisation was Successful.
2018-09-05 15:43:11.991714 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Data - {"VPSProtocol":"3.00","TxType":"PAYMENT","VendorTxCode":"7e6cca87-bed1-4b60-bf13-8a2a6e3d00ee","VPSTxId":"{009040B3-5226-7973-0B67-0FD8ED5D8B1D}","Status":"OK","StatusDetail":"0000 : The Authorisation was Successful.","TxAuthNo":"2017806549","AVSCV2":"ALL MATCH","AddressResult":"MATCHED","PostCodeResult":"MATCHED","CV2Result":"MATCHED","GiftAid":"0","3DSecureStatus":"ERROR","CardType":"DELTA","Last4Digits":"5701","VPSSignature":"F5546F459A184B0AEB1EA1948C35CD27","DeclineCode":"00","ExpiryDate":"0822","BankAuthCode":"281998","vendor":"stmungos902","securityKey":"XVAF4VECH9"}
2018-09-05 15:43:12.001730 - ERROR --> Itineris\SagePay\CallbackHandler::invalid(): Feed environment changed
2018-09-05 15:43:12.001908 - DEBUG --> GFPaymentAddOn::fail_payment(): Processing request.
2018-09-05 15:47:56.670068 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Checking for feeds to process for entry #14235 for gf-sagepay.
2018-09-05 15:47:56.671962 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Starting to process feed (#52 - GF SagePay Feed 1) for entry #14235 for gf-sagepay
2018-09-05 15:47:56.672007 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Marking entry #14235 as fulfilled for gf-sagepay
2018-09-05 15:47:56.857261 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): ServerAuthorizeResponse - 2014 : The Transaction was Registered Successfully.
2018-09-05 15:47:56.865753 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): Set transaction reference to {"SecurityKey":"X4MJBJU9KO","VPSTxId":"{8EBD7AC7-EE55-50B6-E875-2F088FEE1182}","VendorTxCode":"1d4daa58-a836-43e7-97db-8b8e3d375c58"}
2018-09-05 15:47:56.865816 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): Forward user onto SagePay checkout form.
2018-09-05 15:48:38.092237 - DEBUG --> GFPaymentAddOn::maybe_process_callback(): Initializing callback processing for: gf-sagepay
2018-09-05 15:48:38.092633 - DEBUG --> Itineris\SagePay\CallbackHandler::buildGatewayBySuperglobals(): Vendor - stmungos902 isTest - false
2018-09-05 15:48:38.101530 - DEBUG --> Itineris\SagePay\CallbackHandler::run(): Before accepting notification
2018-09-05 15:48:38.103522 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Status - failed
2018-09-05 15:48:38.103569 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Message - 0000 : The Authorisation was Successful.
2018-09-05 15:48:38.103611 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Data - {"VPSProtocol":"3.00","TxType":"PAYMENT","VendorTxCode":"1d4daa58-a836-43e7-97db-8b8e3d375c58","VPSTxId":"{8EBD7AC7-EE55-50B6-E875-2F088FEE1182}","Status":"OK","StatusDetail":"0000 : The Authorisation was Successful.","TxAuthNo":"2017810879","AVSCV2":"ALL MATCH","AddressResult":"MATCHED","PostCodeResult":"MATCHED","CV2Result":"MATCHED","GiftAid":"0","3DSecureStatus":"ERROR","CardType":"DELTA","Last4Digits":"5701","VPSSignature":"4A1331092D69EB597069016EB9E0B55C","DeclineCode":"00","ExpiryDate":"0822","BankAuthCode":"346061"}
2018-09-05 15:48:38.115076 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Status - completed
2018-09-05 15:48:38.115137 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Message - 0000 : The Authorisation was Successful.
2018-09-05 15:48:38.115176 - DEBUG --> Itineris\SagePay\CallbackHandler::logDebug(): Data - {"VPSProtocol":"3.00","TxType":"PAYMENT","VendorTxCode":"1d4daa58-a836-43e7-97db-8b8e3d375c58","VPSTxId":"{8EBD7AC7-EE55-50B6-E875-2F088FEE1182}","Status":"OK","StatusDetail":"0000 : The Authorisation was Successful.","TxAuthNo":"2017810879","AVSCV2":"ALL MATCH","AddressResult":"MATCHED","PostCodeResult":"MATCHED","CV2Result":"MATCHED","GiftAid":"0","3DSecureStatus":"ERROR","CardType":"DELTA","Last4Digits":"5701","VPSSignature":"4A1331092D69EB597069016EB9E0B55C","DeclineCode":"00","ExpiryDate":"0822","BankAuthCode":"346061","vendor":"stmungos902","securityKey":"X4MJBJU9KO"}
2018-09-05 15:48:38.125992 - ERROR --> Itineris\SagePay\CallbackHandler::invalid(): Feed environment changed
2018-09-05 15:48:38.126070 - DEBUG --> GFPaymentAddOn::fail_payment(): Processing request.
2018-09-05 15:49:33.534765 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Checking for feeds to process for entry #14236 for gf-sagepay.
2018-09-05 15:49:33.535418 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Starting to process feed (#52 - GF SagePay Feed 1) for entry #14236 for gf-sagepay
2018-09-05 15:49:33.535465 - DEBUG --> GFFeedAddOn::maybe_process_feed(): Marking entry #14236 as fulfilled for gf-sagepay
2018-09-05 15:49:33.699645 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): ServerAuthorizeResponse - 2014 : The Transaction was Registered Successfully.
2018-09-05 15:49:33.707477 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): Set transaction reference to {"SecurityKey":"K7V8R2ATMS","VPSTxId":"{B2866E71-EFEA-BF7F-33E3-46D330DFA782}","VendorTxCode":"abbd67a7-24ef-4920-9aa8-39a706c32d8e"}
2018-09-05 15:49:33.707535 - DEBUG --> Itineris\SagePay\RedirectUrlFactory::build(): Forward user onto SagePay checkout form.

Conditional user payment details

Is it possible to have some sort of conditional choices for Billing Information and Shipping Information?

Scenario:

  • User checks field "My billing address differs from my personal address"
  • User checks field "My shipping address differs from my billing address"

image
Currently the above screenshot doesn't allow for flexible settings.

Is this something we can possibly look into?

Thanks!

(feature) "Next URL" needs to make use of Gravity Forms Confirmations

I see that "Next URL" is a free text field. Could you please make use of the Gravity Forms "Confirmations" feature instead? This will allow us to create powerful redirections or pass field values through to pages.
Very useful for dynamic/personalised "Thank you"/success pages.

e.g. User visits the donation page with the donation form on it -> submits a donation of £12 -> Redirects to Sage Pay to complete payment -> Sage Pay redirects to the page specified in Form Confirmation -> Page text shows "Thanks for your donation of {Product Name:2}" -> Translates to "Thanks for your donation of £12".

This should also allows us to make use of plugins like https://en-gb.wordpress.org/plugins/gravity-forms-google-analytics-event-tracking/ which will use the "on payment success" events in Gravity forms.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.