migs (MasterCard Virtual Payment Client) integration php
Solution 1
//This value submited to the MIGS PAYMENT GATEWAY
$SECURE_SECRET = $signature; //value from migs payment gateway
$accessCode = $accesscode;//value from migs payment gateway
$merchantId = $merchantid;//value from migs payment gateway
$paymentdata = array(
"vpc_AccessCode" => $accessCode,
"vpc_Amount" => ($amount*100),//our product price , must multipy by 100
"vpc_Command" => 'pay',
"vpc_Locale" => 'en',// order id
"vpc_MerchTxnRef" => random_unique_value(like session),
"vpc_Merchant" => $merchantId,
"vpc_OrderInfo" => "Some Comment",
"vpc_ReturnURL" => "htps://yoursite.com/returnpoint",//here code for db updation, return variable here
"vpc_Version" => '1'
);
$actionurl = 'https://migs.mastercard.com.au/vpcpay' . "?";
$HashData = $SECURE_SECRET;
$str = 0;
foreach ($paymentdata as $key => $value) {
// create the md5 input and URL
if (strlen($value) > 0) {
// this ensures the first paramter of the URL is preceded by the '?' char
if ($appendAmp == 0) {
$actionurl .= urlencode($key) . '=' . urlencode($value);
$str = 1;
} else {
$actionurl .= '&' . urlencode($key) . "=" . urlencode($value);
}
$HashData .= $value;
}
}
if (strlen($SECURE_SECRET) > 0){$actionurl .= "&vpc_SecureHash=" . strtoupper(md5($HashData));}
header("Location: " . $actionurl);
}
/////////////////////RETURN VALUE/////////////////////////////////
the return url will be like
https://yoursite.com/returnpoint?vpc_TransactionNo="migs_transaction_number"&vpc_MerchTxnRef="random_unique_value(we post to migs)"&vpc_TxnResponseCode=value&vpc_Message="value"
if vpc_TxnResponseCode = 0 -- success ,vpc_Message = approved -- paymet is success , All other unsuccessfull payment
Solution 2
You could use the Omnipay PHP Library which has support for the MIGS gateway.
An example of the off-site payment processing (3-Party) looks like this:
use Omnipay\Omnipay;
$gateway = Omnipay::create('Migs_ThreeParty');
$gateway->setMerchantId('foo');
$gateway->setMerchantAccessCode('foo');
$gateway->setSecureHash('foo');
$response = $gateway->purchase(array('amount' => '10.00', 'currency' => 'AUD'))->send();
if ($response->isRedirect()) {
// redirect to offsite payment gateway
$response->redirect();
} else {
// payment failed: display message to customer
echo $response->getMessage();
}
Solution 3
I tried MIGS mastercard intergration in python django. I went through lot of problems. Here is my experience with integrating MIGS with My web application. I was using VPC Integration reference 3.1.21.1
While implementing Mode1 VPC: I got 400 Bad request. Which is due to Secure hash code for my case. This error occurs if user is sending wrong fields names or non sorted order.
Once I resolved Mode1 error, I used external payment selection(EPS), Where I send VPC_card and VPC_gateway additional field with Mode1 VPC parameters. I got 400 Bad request. So after long discussion with MIGS support team. We resolve it by changing vpc_card to vpc_Card and vpc_Gateway. Which was document error.
Once I able to bypass card type page. I tried to complete Mode 2 VPC implementation.So, In this case I added vpc_CardNum,vpc_vpc_CardExp,vpc_CardSecurityCode additional fields with above point request. I send GET request. It didnot work. For card details or Mode2 we have to use POST request.
For mode2 VPC, we should use POST request with HTTPS not HTTP. Self-signed certificate will be fine. So, I send HTTPS POST request with additional parameter, But It still didnot work, I got 403 forbidden error. Because, Content-type is application/json for my ajax call. So after using default POST content-type. It worked fine.
Sample code for python developer: Here in migs.config.app I am adding system variable which nothing to do with Migs. So User can ignore it.
import hashlib
import urllib, urllib2
from migs.config.app_config import *
'''
This method is for sorting the fields and creating an MD5 secure hash.
@param fields is a map of all the incoming hey-value pairs from the VPC
@param buf is the hash being returned for comparison to the incoming hash
'''
class MigsClient(object):
def __init__(self, secure_token, vpc_url, server_name):
self.secure_secret = secure_token
self.vpcURL = vpc_url
self.server_name = server_name
def hash_all_fields(self,fields):
buf = ""
# create a list and sort it
fieldNames = fields.keys();
fieldNames.sort()
# create a buffer for the md5 input and add the secure secret first
buf = buf + self.secure_secret
for key in fieldNames:
print key,fields[key]
buf = buf + fields[key]
# iterate through the list and add the remaining field values
# create the md5 hash and UTF-8 encode it
try:
m = hashlib.md5()
m.update(buf)
ba = m.hexdigest()
ba = ba.upper()
return ba
except Exception,e:
import traceback
traceback.print_exc()
def setup(self, fields,additional_fields=None):
#The Page does a redirect to the Virtual Payment Client
#retrieve all the parameters into a hash map
# no need to send the vpc url, EnableAVSdata and submit button to the vpc
'''
Retrieve the order page URL from the incoming order page and add it to
the hash map. This is only here to give the user the easy ability to go
back to the Order page. This would not be required in a production system
NB. Other merchant application fields can be added in the same manner
'''
'''
Create MD5 secure hash and insert it into the hash map if it was created
created. Remember if self.secure_secret = "" it will not be created
'''
if self.secure_secret:
secureHash = self.hash_all_fields(fields);
fields["vpc_SecureHash"] = secureHash;
# Create a redirection URL
buf = self.vpcURL+'?';
if not additional_fields:
buf = buf + urllib.urlencode(fields)
else:
buf = buf + urllib.urlencode(fields)+"&"+urllib.urlencode(additional_fields)
return buf
#return fields["vpc_ReturnURL"], buf
def post_setup(self,fields, additional_fields=None):
try:
if self.secure_secret:
secureHash = self.hash_all_fields(fields);
fields["vpc_SecureHash"] = secureHash;
return self.vpcURL,fields
except:
import traceback
traceback.print_exc()
Above is sample code which user can use to sort and create Get request and POST request and post dictionary.
Solution 4
implementing migs payment gateway in which we need to post some details to the https://migs.mastercard.com.au/vpcpay? this url with the below datas
/*"vpc_AccessCode" the accesscode given by Migs
"vpc_Amount" Amount that is multiplied by 100
"vpc_Command" ='pay',default pay
"vpc_Locale" = 'en' // language
"vpc_MerchTxnRef" orderId // Should be Unique for each payment
"vpc_Merchant" // merchant ID
"vpc_OrderInfo" // Desc or and details of Product
"vpc_ReturnURL" // SuccessUrl
"vpc_Version" = '1'
&vpc_SecureHash = // create MD5 of all the values that are passed */
Creating Url
$SECURE_SECRET = "YEOCOEN29B0785F1FF1E3C0FA8A3FUJK";
$accessCode = '546484645';
$merchantId = '5465465288';
if($migs_testmode ==1) {
$SECURE_SECRET = "YEOCOEN29B0785F1FF1E3C0FA8A3FUJK";
$accessCode = '98989645';
$merchantId = '56456456489';
}
$amount ='10.00';
$unique_id = rand(999999,8988888888);//this is a sample random no
$postdata = array(
"vpc_AccessCode" => $accessCode,
"vpc_Amount" => ($amount*100),
"vpc_Command" => 'pay',
"vpc_Locale" => 'en',
"vpc_MerchTxnRef" => $unique_id,
"vpc_Merchant" => $merchantId,
"vpc_OrderInfo" => 'this is a product',
"vpc_ReturnURL" => "https://mywebsite.com/success.php",
"vpc_Version" => '1');
$vpcURL = 'https://migs.mastercard.com.au/vpcpay?';
$md5Hash = $SECURE_SECRET;
$appendAmp = 0;
foreach ($wpay_postdata as $key => $value) {
if (strlen($value) > 0) {
if ($appendAmp == 0) {
$vpcURL .= urlencode($key) . '=' . urlencode($value);
$appendAmp = 1;
} else {
$vpcURL .= '&' . urlencode($key) . "=" . urlencode($value);
}
$md5Hash .= $value;
}
}
if (strlen($SECURE_SECRET) > 0) {
$vpcURL .= "&vpc_SecureHash=" . strtoupper(md5($md5Hash));
}
header("Location: " . $vpcURL)
for detailed result is available here
user504363
Updated on July 29, 2022Comments
-
user504363 almost 2 years
Can any body help me about how to integrate migs (MasterCard Virtual Payment Client) in a php website !
I have read the reference guide but it's unhelpful!
-
okconfused over 9 yearsAkhilraj I was using your code its working fine when i am trying to give card number, card expiry and card security code it give me send this error HTTP Status - 400 how can i resolve this issue. Help me -
okconfused over 9 yearsAlso how can i post multiple orders which i want to cart in your code
-
Dss about 9 yearsBug in the foreach. You reference "$wpay_postdata" but its just "$postdata"
-
Pulkit Pithva about 9 yearsHow do i get this return value? Where should i put it in my code? -
Riffaz Starr about 8 yearsthis works after I changed
$wpay_postdatato$postdata.. thank u -
Concrete Gannet over 7 years@PulkitPithva, the MIGS gateway will make an HTTP request to your return URL, yoursite.com/returnpoint in the example above. You write code to process the query string within that page.
-
Byndd IT almost 7 yearsHow to provide security... if all parameter is return in url? -
Hilar AK over 6 yearscan i get the documentation? -
snowflakes74 over 3 yearsI know it is quite old thread, but where do I get the vpc_accesscode from?
