"Alabama",
"AK" => "Alaska",
"AZ" => "Arizona",
"AR" => "Arkansas",
"CA" => "California",
"CO" => "Colorado",
"CT" => "Connecticut",
"DE" => "Delaware",
"DC" => "District of Columbia",
"FL" => "Florida",
"GA" => "Georgia",
"HI" => "Hawaii",
"ID" => "Idaho",
"IL" => "Illinois",
"IN" => "Indiana",
"IA" => "Iowa",
"KS" => "Kansas",
"KY" => "Kentucky",
"LA" => "Louisiana",
"ME" => "Maine",
"MD" => "Maryland",
"MA" => "Massachusetts",
"MI" => "Michigan",
"MN" => "Minnesota",
"MS" => "Mississippi",
"MO" => "Missouri",
"MT" => "Montana",
"NE" => "Nebraska",
"NV" => "Nevada",
"NH" => "New Hampshire",
"NJ" => "New Jersey",
"NM" => "New Mexico",
"NY" => "New York",
"NC" => "North Carolina",
"ND" => "North Dakota",
"OH" => "Ohio",
"OK" => "Oklahoma",
"OR" => "Oregon",
"PA" => "Pennsylvania",
"RI" => "Rhode Island",
"SC" => "South Carolina",
"SD" => "South Dakota",
"TN" => "Tennessee",
"TX" => "Texas",
"UT" => "Utah",
"VT" => "Vermont",
"VA" => "Virginia",
"WA" => "Washington",
"WV" => "West Virginia",
"WI" => "Wisconsin",
"WY" => "Wyoming"
);
// validate a date string of hiddenat MM/DD/YY , MM/DD/YYYY , or MMDDYYYY , return -1 on fail, else format YYYY-MM-DD
function read_date($date)
{
if(ctype_digit($date))
{ // the entire string is numbers, assume format of MMDDYYYY
if(strlen($date) != 8)
return -1;
$m = substr($date, 0, 2);
$d = substr($date, 2, 2);
$y = substr($date, 4, 4);
}
else if( preg_match("/[-\/]/", substr($date, 2, 1)) && preg_match("/[-\/]/", substr($date, 5, 1)) )
{ // assume formate of MM/DD/YYYY or MM/DD/YY
$m = substr($date, 0, 2);
$d = substr($date, 3, 2);
if(strlen($date) == 8)
{ // 2 digit year received
$y = substr($date, 6, 2);
// compare the 2 digit submitted year to 20 years from now (eg, '27' if now is 2007)
if((int)$y < (int)date("y") + 20)
{ // the 2 digit submitted year is less than the 2 digit year 20 years from now
// eg. if it's 2007, the year submitted is less than 27.
// treat it as 21st century
$y = 2000 + (int)$y;
}
else
{ // the 2 digit submitted year is greater than the 2 digit year 20 years from now
// treat is as 20th century
$y = 1900 + (int)$y;
}
}
else
$y = substr($date, 6, 4); // 4 digit year
}
else
return -1; // date string in unrecognized format
if(!ctype_digit($m))
return -1;
if(!ctype_digit($d))
return -1;
if(!ctype_digit($y))
return -1;
if(($m < 1) || ($m > 12))
return -1;
if(($d < 1) || ($d > 31))
return -1;
if(($y < 1800) || ($y > 2350))
return -1;
$formated = $y . '-' . $m . '-' . $d;
return $formated;
}
// validate a date string of either MM/YYYY or MM/DD/YYYY, return -1 on fail, else format YYYY-MM-DD
function read_exp_date($date)
{
if(strlen($date) == 10)
return read_date($date);
if(strlen($date) != 7)
return -1;
$m = substr($date, 0, 2);
$y = substr($date, 3, 4);
if(!ctype_digit($m))
return -1;
if(!ctype_digit($y))
return -1;
if(($m < 1) || ($m > 12))
return -1;
if(($y < 1800) || ($y > 2350))
return -1;
if(!preg_match("/[-\/]/", substr($date, 2, 1)))
return -1;
$days = array(
'01' => '31',
'02' => '28',
'03' => '31',
'04' => '30',
'05' => '31',
'06' => '30',
'07' => '31',
'08' => '31',
'09' => '30',
'10' => '31',
'11' => '30',
'12' => '31');
$d = $days[$m];
$formated = $y . '-' . $m . '-' . $d;
return $formated;
}
// validate a money string
function is_money($money)
{
return preg_match("/^([0-9]{1,9})(\.([0-9]{0,2}))?$/", $money);
}
function invalid($error)
{
return "$error
"; } if(isset($_POST['submit'])) { // Form has been submitted, so process it $auth_net_login_id = "2MRmF35cCY6B"; $auth_net_tran_key = "2Fa67mL9weyH2834"; $authnet_values = array ( "x_login" => $auth_net_login_id, "x_version" => "3.1", "x_delim_char" => "|", "x_delim_data" => "TRUE", "x_url" => "FALSE", "x_type" => "AUTH_CAPTURE", "x_method" => "CC", "x_tran_key" => $auth_net_tran_key, "x_relay_response" => "FALSE", "x_description" => "Anna Jaques Hospital Online Payment", # information collected through the form: "x_card_num" => "4242424242424242", "x_exp_date" => "1209", "x_card_code" => "", "x_amount" => "12.23", "x_first_name" => "Charles D.", "x_last_name" => "Gaulle", "x_address" => "342 N. Main Street #150", "x_city" => "Ft. Worth", "x_state" => "TX", "x_zip" => "12345", ); // Validate information $error = ''; if(isset($_POST['card_num']) && ctype_digit($_POST['card_num'])) $authnet_values['x_card_num'] = $_POST['card_num']; else $error .= invalid("credit card number - must be all numeric"); if(($_POST['exp_month'] != '') && ($_POST['exp_year'] != '') && read_exp_date($_POST['exp_month'].'/'.$_POST['exp_year'])) $authnet_values['x_exp_date'] = read_exp_date($_POST['exp_month'].'/'.$_POST['exp_year']); else $error .= invalid("expiration date"); if(isset($_POST['card_code']) && (ctype_digit($_POST['card_code']) && (strlen($_POST['card_code']) >= 3))) $authnet_values['x_card_code'] = $_POST['card_code']; else $error .= invalid("CCV - must be 3 or 4 digits"); if(isset($_POST['amount']) && is_money($_POST['amount'])) $authnet_values['x_amount'] = $_POST['amount']; else $error .= invalid("amount"); if(isset($_POST['first_name']) && ($_POST['first_name'] != '')) $authnet_values['x_first_name'] = $_POST['first_name']; else $error .= invalid("first name"); if(isset($_POST['last_name']) && ($_POST['last_name'] != '')) $authnet_values['x_last_name'] = $_POST['last_name']; else $error .= invalid("last name"); if(isset($_POST['address']) && ($_POST['address'] != '')) $authnet_values['x_address'] = $_POST['address']; else $error .= invalid("address"); if(isset($_POST['city']) && ($_POST['city'] != '')) $authnet_values['x_city'] = $_POST['city']; else $error .= invalid("city"); if(isset($_POST['state']) && ($_POST['state'] != '')) $authnet_values['x_state'] = $_POST['state']; else $error .= invalid("state"); if(isset($_POST['zip']) && (($_POST['zip'] != '') && (strlen($_POST['zip']) == 5))) $authnet_values['x_zip'] = $_POST['zip']; else $error .= invalid("zip code - must be 5 digits"); if ($compbal < $_POST['amount']) $error .= invalid("amount"); if($error == '') { // form submission successfully validated, submit request to authorize.net and exit $fields = ""; foreach( $authnet_values as $key => $value ) $fields .= "$key=" . urlencode( $value ) . "&"; // * * * * * #$auth_net_url = "https://certification.authorize.net/gateway/transact.dll"; # Uncomment the line ABOVE for test accounts or BELOW for live merchant accounts #$auth_net_url = "https://secure.authorize.net/gateway/transact.dll"; # October 1, 2007 # Current API Login ID: # Current Transaction Key: $auth_net_login_id = "2MRmF35cCY6B"; $auth_net_tran_key = "2Fa67mL9weyH2834"; $ch = curl_init("https://secure.authorize.net/gateway/transact.dll"); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HEADER, 0); // set to 0 to eliminate header info from response curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Returns response data instead of TRUE(1) curl_setopt($ch, CURLOPT_POSTFIELDS, rtrim( $fields, "& " )); // use HTTP POST to send form data curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // uncomment this line if you get no gateway response. ### $resp = curl_exec($ch); //execute post and get results curl_close ($ch); // * * * * * $text = $resp; echo "
"; /////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////// // STATISTICAL USE ONLY: // /////////////////////////////////////////////////////////// $howMany = substr_count($resp, "|"); /////////////////////////////////////////////////////////// $text = $resp; $h = substr_count($text, "|"); $h++; for($j=1; $j <= $h; $j++){ $p = strpos($text, "|"); if ($p === false) { // note: three equal signs // x_delim_char is obviously not found in the last go-around if($j>=69){ } else { } }else{ $p++; // We found the x_delim_char and accounted for it . . . now do something with it // get one portion of the response at a time $pstr = substr($text, 0, $p); // this prepares the text and returns one value of the submitted // and processed name/value pairs at a time // for AIM-specific interpretations of the responses // please consult the AIM Guide and look up // the section called Gateway Response API $pstr_trimmed = substr($pstr, 0, -1); // removes "|" at the end if($pstr_trimmed==""){ $pstr_trimmed="NO VALUE RETURNED"; } switch($j){ case 1: $fval=""; if($pstr_trimmed=="1"){ $fval="Approved"; }elseif($pstr_trimmed=="2"){ $fval="Declined"; }elseif($pstr_trimmed=="3"){ $fval="Error"; } $resp_code=$fval; break; case 2: $resp_subcode=$pstr_trimmed; break; case 3: $resp_reasoncode=$pstr_trimmed; break; case 4: $resp_text=$pstr_trimmed; break; case 5: $approval_code=$pstr_trimmed; break; case 6: break; case 7: $trans_id=$pstr_trimmed; break; case 10: $this_amount=$pstr_trimmed; break; case 14: $first_name=$pstr_trimmed; break; case 15: $last_name=$pstr_trimmed; break; case 17: //echo "Billing Address : "; //echo $pstr_trimmed; break; case 18: //echo "City : "; //echo $pstr_trimmed; break; case 19: //echo "State : "; //echo $pstr_trimmed; break; case 20: //echo "ZIP : "; //echo $pstr_trimmed; break; case 21: //echo "Country : "; //echo $pstr_trimmed; break; case 22: //echo "Phone : "; break; default: break; } // remove the part that we identified and work with the rest of the string $text = substr($text, $p); } } $acct_num1=$account; $auth_code=$approval_code; $amount=$this_amount; //$balance1=$row_RecSetPeople['balance']; $resp_code1=$resp_code; $trans_id1=$trans_id; $t=time(); $thedate = date("D F d Y h:i:s A",$t); # include ("/srv/include/db.inc.php"); $paytype = "OU"; if ( substr($_POST['card_num'], 0, 2) == "34" ){ $paytype = "OA"; } if ( substr($_POST['card_num'], 0, 2) == "37" ){ $paytype = "OA"; } if ( substr($_POST['card_num'], 0, 1) == "5" ){ $paytype = "OM"; } if ( substr($_POST['card_num'], 0, 4) == "6011" ){ $paytype = "OD"; } if ( substr($_POST['card_num'], 0, 1) == "4" ){ $paytype = "OV"; } $Chunkspaygate = explode("|", $checkval); if ( $Chunkspaygate[4] == "end of string" ){ $mytable = "annapaygate"; $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype) VALUES ('$Chunkspaygate[2]', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype')"; mysql_query($query,$db); mysql_close ($db); }else { $t=1; $v=2; $x=3; while ($Chunkspaygate[$t] <> "end of string") { $mytable = "annapaygate"; $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype) VALUES ('$Chunkspaygate[$v]', '$auth_code', '$Chunkspaygate[$x]', '$resp_code1', '$trans_id1', '$thedate', '$paytype')"; mysql_query($query,$db); mysql_close ($db); $t++; $t++; $t++; $v++; $v++; $v++; $x++; $x++; $x++; } } # # if ( $resp_code == "Approved" ){ $shortcard = substr($_POST['card_num'], 10, 28); ?> Payment Confirmation
"; } if(isset($_POST['submit'])) { // Form has been submitted, so process it $auth_net_login_id = "2MRmF35cCY6B"; $auth_net_tran_key = "2Fa67mL9weyH2834"; $authnet_values = array ( "x_login" => $auth_net_login_id, "x_version" => "3.1", "x_delim_char" => "|", "x_delim_data" => "TRUE", "x_url" => "FALSE", "x_type" => "AUTH_CAPTURE", "x_method" => "CC", "x_tran_key" => $auth_net_tran_key, "x_relay_response" => "FALSE", "x_description" => "Anna Jaques Hospital Online Payment", # information collected through the form: "x_card_num" => "4242424242424242", "x_exp_date" => "1209", "x_card_code" => "", "x_amount" => "12.23", "x_first_name" => "Charles D.", "x_last_name" => "Gaulle", "x_address" => "342 N. Main Street #150", "x_city" => "Ft. Worth", "x_state" => "TX", "x_zip" => "12345", ); // Validate information $error = ''; if(isset($_POST['card_num']) && ctype_digit($_POST['card_num'])) $authnet_values['x_card_num'] = $_POST['card_num']; else $error .= invalid("credit card number - must be all numeric"); if(($_POST['exp_month'] != '') && ($_POST['exp_year'] != '') && read_exp_date($_POST['exp_month'].'/'.$_POST['exp_year'])) $authnet_values['x_exp_date'] = read_exp_date($_POST['exp_month'].'/'.$_POST['exp_year']); else $error .= invalid("expiration date"); if(isset($_POST['card_code']) && (ctype_digit($_POST['card_code']) && (strlen($_POST['card_code']) >= 3))) $authnet_values['x_card_code'] = $_POST['card_code']; else $error .= invalid("CCV - must be 3 or 4 digits"); if(isset($_POST['amount']) && is_money($_POST['amount'])) $authnet_values['x_amount'] = $_POST['amount']; else $error .= invalid("amount"); if(isset($_POST['first_name']) && ($_POST['first_name'] != '')) $authnet_values['x_first_name'] = $_POST['first_name']; else $error .= invalid("first name"); if(isset($_POST['last_name']) && ($_POST['last_name'] != '')) $authnet_values['x_last_name'] = $_POST['last_name']; else $error .= invalid("last name"); if(isset($_POST['address']) && ($_POST['address'] != '')) $authnet_values['x_address'] = $_POST['address']; else $error .= invalid("address"); if(isset($_POST['city']) && ($_POST['city'] != '')) $authnet_values['x_city'] = $_POST['city']; else $error .= invalid("city"); if(isset($_POST['state']) && ($_POST['state'] != '')) $authnet_values['x_state'] = $_POST['state']; else $error .= invalid("state"); if(isset($_POST['zip']) && (($_POST['zip'] != '') && (strlen($_POST['zip']) == 5))) $authnet_values['x_zip'] = $_POST['zip']; else $error .= invalid("zip code - must be 5 digits"); if ($compbal < $_POST['amount']) $error .= invalid("amount"); if($error == '') { // form submission successfully validated, submit request to authorize.net and exit $fields = ""; foreach( $authnet_values as $key => $value ) $fields .= "$key=" . urlencode( $value ) . "&"; // * * * * * #$auth_net_url = "https://certification.authorize.net/gateway/transact.dll"; # Uncomment the line ABOVE for test accounts or BELOW for live merchant accounts #$auth_net_url = "https://secure.authorize.net/gateway/transact.dll"; # October 1, 2007 # Current API Login ID: # Current Transaction Key: $auth_net_login_id = "2MRmF35cCY6B"; $auth_net_tran_key = "2Fa67mL9weyH2834"; $ch = curl_init("https://secure.authorize.net/gateway/transact.dll"); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HEADER, 0); // set to 0 to eliminate header info from response curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Returns response data instead of TRUE(1) curl_setopt($ch, CURLOPT_POSTFIELDS, rtrim( $fields, "& " )); // use HTTP POST to send form data curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // uncomment this line if you get no gateway response. ### $resp = curl_exec($ch); //execute post and get results curl_close ($ch); // * * * * * $text = $resp; echo "
"; /////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////// // STATISTICAL USE ONLY: // /////////////////////////////////////////////////////////// $howMany = substr_count($resp, "|"); /////////////////////////////////////////////////////////// $text = $resp; $h = substr_count($text, "|"); $h++; for($j=1; $j <= $h; $j++){ $p = strpos($text, "|"); if ($p === false) { // note: three equal signs // x_delim_char is obviously not found in the last go-around if($j>=69){ } else { } }else{ $p++; // We found the x_delim_char and accounted for it . . . now do something with it // get one portion of the response at a time $pstr = substr($text, 0, $p); // this prepares the text and returns one value of the submitted // and processed name/value pairs at a time // for AIM-specific interpretations of the responses // please consult the AIM Guide and look up // the section called Gateway Response API $pstr_trimmed = substr($pstr, 0, -1); // removes "|" at the end if($pstr_trimmed==""){ $pstr_trimmed="NO VALUE RETURNED"; } switch($j){ case 1: $fval=""; if($pstr_trimmed=="1"){ $fval="Approved"; }elseif($pstr_trimmed=="2"){ $fval="Declined"; }elseif($pstr_trimmed=="3"){ $fval="Error"; } $resp_code=$fval; break; case 2: $resp_subcode=$pstr_trimmed; break; case 3: $resp_reasoncode=$pstr_trimmed; break; case 4: $resp_text=$pstr_trimmed; break; case 5: $approval_code=$pstr_trimmed; break; case 6: break; case 7: $trans_id=$pstr_trimmed; break; case 10: $this_amount=$pstr_trimmed; break; case 14: $first_name=$pstr_trimmed; break; case 15: $last_name=$pstr_trimmed; break; case 17: //echo "Billing Address : "; //echo $pstr_trimmed; break; case 18: //echo "City : "; //echo $pstr_trimmed; break; case 19: //echo "State : "; //echo $pstr_trimmed; break; case 20: //echo "ZIP : "; //echo $pstr_trimmed; break; case 21: //echo "Country : "; //echo $pstr_trimmed; break; case 22: //echo "Phone : "; break; default: break; } // remove the part that we identified and work with the rest of the string $text = substr($text, $p); } } $acct_num1=$account; $auth_code=$approval_code; $amount=$this_amount; //$balance1=$row_RecSetPeople['balance']; $resp_code1=$resp_code; $trans_id1=$trans_id; $t=time(); $thedate = date("D F d Y h:i:s A",$t); # include ("/srv/include/db.inc.php"); $paytype = "OU"; if ( substr($_POST['card_num'], 0, 2) == "34" ){ $paytype = "OA"; } if ( substr($_POST['card_num'], 0, 2) == "37" ){ $paytype = "OA"; } if ( substr($_POST['card_num'], 0, 1) == "5" ){ $paytype = "OM"; } if ( substr($_POST['card_num'], 0, 4) == "6011" ){ $paytype = "OD"; } if ( substr($_POST['card_num'], 0, 1) == "4" ){ $paytype = "OV"; } $Chunkspaygate = explode("|", $checkval); if ( $Chunkspaygate[4] == "end of string" ){ $mytable = "annapaygate"; $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype) VALUES ('$Chunkspaygate[2]', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype')"; mysql_query($query,$db); mysql_close ($db); }else { $t=1; $v=2; $x=3; while ($Chunkspaygate[$t] <> "end of string") { $mytable = "annapaygate"; $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype) VALUES ('$Chunkspaygate[$v]', '$auth_code', '$Chunkspaygate[$x]', '$resp_code1', '$trans_id1', '$thedate', '$paytype')"; mysql_query($query,$db); mysql_close ($db); $t++; $t++; $t++; $v++; $v++; $v++; $x++; $x++; $x++; } } # # if ( $resp_code == "Approved" ){ $shortcard = substr($_POST['card_num'], 10, 28); ?> Payment Confirmation
Invoice Information
Billing Information
For your protection, transactions with identical amounts and credit card information, submitted within 2 minutes of each other, are considered duplicate entries and are not processed by our system. Please wait 2 minutes before paying another account with the same dollar amount. Thank You # Unable to process form due to error(s). The following fields contain invalid values:"; echo "$error
";
echo "« go back";
$continue = "n";
}
}
// Form has not been submitted, so display it
if ( $continue == "n" ){
}else{
$start = 1;
$valuetopay = 0;
$outline = 0;
for($i=0; $i < count($value); $i++)
{
$billy = explode("|", $value[$i]);
$valuetopay=$valuetopay + $billy[2];
$outline=$outline."|".$billy[3]."|".$billy[1]."|".$billy[2];
}
$outline=$outline."|end of string|";
if ( $i == 0 ){
?>
AT LEAST ONE ACCOUNT HAS TO BE SELECTED FOR PAYMENT. PLEASE USE THE BACK ARROW OF YOUR BROWSER. THANK YOU!
