cURL is a standard package available to PHP programmers that allows for accessing web pages. The typical cURL request is an HTTP GET request where the program is retrieving the contents of a web page for things like web scanning or auto checking information.
More interestingly cURL can be used to HTTP POST information to web pages and retrieving the response in a programmatic method. In this case we are posting credit card payment information to authorize.net and examining the response to determine if the payment went through.
First, we need a method for POSTing information to a web site:
<?php
function send_request_via_curl($host,$path,$content)
{
$posturl = "https://" . $host . $path;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $posturl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, Array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
//godaddy proxy settings
curl_setopt ($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt ($ch, CURLOPT_PROXY,GODADDY_PROXY);
curl_setopt ($ch, CURLOPT_TIMEOUT, 120);
$response = curl_exec($ch);
return $response;
}
?>
The $host is the web site we are posting to. $path is the sub-url (if that's the right word). $content is the information we are posting to the site.
Like every other cURL request, the first thing is to init() the package.
Next we set some parameters to determine what is going to happen:
- CURLOPT_URL is the url we are addressing
- CURLOPT_RETURNTRANSFER means we expect a response
- CURLOPT_HTTPHEADER to set standard HTTP header info
- CURLOPT_HEADER ditto
- CURLOPT_POSTFIELDS the data we are POSTing
- CURLOPT_POST flag that we are posting data
- CURLOPT_SSL_VERIFYPEER this is over SSL
In this specific instance we were hosting the package on GoDaddy. All of their traffic (from a shared host) goes through a proxy. So, we have to tell cURL about the proxy using these parameters:
- CURLOPT_PROXYTYPE we have an CURLPROXY_HTTP proxy
- CURLOPT_PROXY the url for the proxy
- CURLOPT_TIMEOUT expand the default timeout (to allow for the proxy delay)
Finally, make the request via curl_exec() and return the response.
Now that we have a way to post our request. Let's see what the request and response look like:
<?php
//Build XML to post
$content = ... //this is standard stuff provided by authorize.net
//Send the XML via curl
$response = send_request_via_curl(AUTHNET_HOST,AUTHNET_PATH,$content);
//If the connection and send worked $response holds the Authorize.Net return
$refId = 1;
$resultCode = 'FAIL';
$code='';
$text='';
$subscriptionId='';
if ($response) {
list ($refId, $resultCode, $code, $text, $subscriptionId)
= parse_return($response);
//refid should be our subscription_id
//$resultCode - should be OK
//$code - should be I00001 - they have complete specs on all the error codes
//$text - should beSuccessful
//$subscriptionId - their sub id
}
else {
echo "send failed
";
die;
}
?>
So, we build up a big XML string with the information needed. In this case we are calling the recurring billing interface. There are others. In any case authorize.net provides pretty exacting requirements for the fields/values in the XML packet.
We pass the XML packet to authorize, they respond with a result package, we parse out the fields, check for errors and usually store everything in a database so we know what happened.
In hindsight it appears easy as pie. I somehow always feel completely at risk coding this kind of thing, even when you are using a test interface.
The above example is fairly complete. You may need to make slight adjustments for your instance of PHP as to the exact settings you need to make for cURL. |
