Sagepay form integration help

I am trying to add a buy it now button to my page using sagepay, and having nothing but errors. white outs and problems.

I’m at the stage as below, which is giving my page whiteout…


<?php
require_once('./lib/SagePay.php');

$sagePay = new SagePay();
$sagePay->setCurrency('EUR');
$sagePay->setAmount('100');
$sagePay->setDescription('Lorem ipsum');
$sagePay->setBillingSurname('Mustermann');
$sagePay->setBillingFirstnames('Max');
$sagePay->setBillingCity('Cologne');
$sagePay->setBillingPostCode('50650');
$sagePay->setBillingAddress1('Bahnhofstr. 1');
$sagePay->setBillingCountry('de');
$sagePay->setDeliverySameAsBilling();
$sagePay->setSuccessURL('https://www.yoururl.com/success.php');
$sagePay->setFailureURL('https://www.yoururl.org/fail.php');
?>
<form method="POST" id="SagePayForm" action="https://test.sagepay.com/gateway/service/vspform-register.vsp">
    <input type="hidden" name="VPSProtocol" value= "3.00">
    <input type="hidden" name="TxType" value= "PAYMENT">
    <input type="hidden" name="Vendor" value= "nthompson">
    <<input type="hidden" name="Crypt" value= "<?php echo $sagePay->getCrypt(); ?>">
    <input type="submit" value="continue to SagePay">
</form>


Hopefully someone has done this before with sagepay, as I could do with some help now, as have tried a number of things and one is below which came back with an error instead


$PAYMENT_CRYPT="VendorTxCode=TxCode-1310917599-223087284&Amount=36.95&Currency=GBP&Description=description&CustomerName=FnameSurname&CustomerEMail=customer@example.com&BillingSurname=Surname&BillingFirstnames=Fname&BillingAddress1=BillAddressLine 1&BillingCity=BillCity&BillingPostCode=W1A1BL&BillingCountry=GB&BillingPhone=447933000000&DeliveryFirstnames=Fname&DeliverySurname=Surname&DeliveryAddress1=BillAddress Line1&DeliveryCity=BillCity&DeliveryPostCode=W1A1BL&DeliveryCountry=GB&DeliveryPhone=447933000000&SuccessURL=https://example.com/success&FailureURL=https://example.co/failure";

$blocksize = 16;//Does 16 Refer To 16 Bytes Or 16 Bits? 16 Bytes = 128 Bits.
$cryptLength = strlen($PAYMENT_CRYPT);
$cryptLengthModuloBlocksize = $cryptLength % $blocksize;
$pad = $blocksize - $cryptLengthModuloBlocksize;
$padString = str_repeat(chr($pad), $pad);
$PAYMENT_CRYPT = $PAYMENT_CRYPT . $padString;
$encryptionPassword = '5YGtj3BC7TTndJ6M';
$Encrypted_CRYPT = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $encryptionPassword, $PAYMENT_CRYPT, MCRYPT_MODE_CBC);
$Base64_Encrypted_CRYPT = base64_encode($Encrypted_CRYPT);

<form method="POST" id="SagePayForm" action="https://test.sagepay.com/gateway/service/vspform-register.vsp">
    <input type="hidden" name="VPSProtocol" value= "3.00">
    <input type="hidden" name="TxType" value= "PAYMENT">
    <input type="hidden" name="Vendor" value= "nthompson">
    <input type="hidden" name="Crypt" value= "<?php echo $PAYMENT_CRYPT ?>">
    <input type="submit" value="continue to SagePay">
</form>


This way made me end up with an encryption error which I couldn’t work out.

Then I tried a bit of both, and I got the error below the code


<?php
require_once('./lib/SagePay.php');


$PAYMENT_CRYPT="[EMAIL="Amount=36.95&Currency=GBP&Description=description&CustomerName=FnameSurname&CustomerEMail=customer@example.com&BillingSurname=Surname&BillingFirstnames=Fname&BillingAddress1=BillAddressLine"]Amount=36.95&Currency=GBP&Description=description&CustomerName=FnameSurname&CustomerEMail=customer@example.com&BillingSurname=Surname&BillingFirstnames=Fname&BillingAddress1=BillAddressLine[/EMAIL] 1&BillingCity=BillCity&BillingPostCode=W1A1BL&BillingCountry=GB&BillingPhone=447933000000&DeliveryFirstnames=Fname&DeliverySurname=Surname&DeliveryAddress1=BillAddress Line1&DeliveryCity=BillCity&DeliveryPostCode=W1A1BL&DeliveryCountry=GB&DeliveryPhone=447933000000&SuccessURL=https://example.com/success&FailureURL=https://example.co/failure"
?>
<form method="POST" id="SagePayForm" action="https://test.sagepay.com/gateway/service/vspform-register.vsp">
    <input type="hidden" name="VPSProtocol" value= "3.00">
    <input type="hidden" name="TxType" value= "PAYMENT">
    <input type="hidden" name="Vendor" value= "nthompson">
    <input type="hidden" name="Crypt" value= "<?php echo $PAYMENT_CRYPT; ?>">
    <input type="submit" value="continue to SagePay">
</form>


Error - [TABLE=“width: 575, align: center”]
[TR]
[TD=“width: 575, colspan: 2”]This transaction attempt has failed. We are unable to redirect you back to the web store from which you were purchasing. The details of the failure are given below.

[/TD]
[/TR]
[TR]
[TD=“class: bodytextbold, width: 100, align: right”]Status:[/TD]
[TD]INVALID

[/TD]
[/TR]
[TR]
[TD=“class: bodytextbold, width: 100, align: right”]Status Detail:[/TD]
[TD]5068 : The encryption method is not supported by this protocol version.[/TD]
[/TR]
[/TABLE]

Hi multichild,

I had a quick look at the SagePay docs and downloaded the PHP client library. It looks like what you need to do is something like this:


<?php
require_once('./lib/SagePay.php');

$key = '55a51621a6648525';

$paymentString = "VendorTxCode=TxCode-1310917599-223087284&Amount=36.95&Currency=GBP&Description=description&CustomerName=FnameSurname&CustomerEMail=customer@example.com&BillingSurname=Surname&BillingFirstnames=Fname&BillingAddress1=BillAddressLine 1&BillingCity=BillCity&BillingPostCode=W1A1BL&BillingCountry=GB&BillingPhone=447933000000&DeliveryFirstnames=Fname&DeliverySurname=Surname&DeliveryAddress1=BillAddressLine1&DeliveryCity=BillCity&DeliveryPostCode=W1A1BL&DeliveryCountry=GB&DeliveryPhone=447933000000&SuccessURL=https://example.com/success&FailureURL=https://example.com/failure";
?>

<form method="POST" id="SagePayForm" action="https://test.sagepay.com/gateway/ser...m-register.vsp">
    <input type="hidden" name="VPSProtocol" value= "3.00">
    <input type="hidden" name="TxType" value= "PAYMENT">
    <input type="hidden" name="Vendor" value= "nthompson">
    <input type="hidden" name="Crypt" value= "<?php echo SagepayUtil::encryptAes($paymentString, $key); ?>">
    <input type="submit" value="continue to SagePay">
</form>

Hi fretburner, cheers for that…

I’m having trouble with it not recognising the Curreny field, saying its not there, but it is so am trying to work this out

I got it, the key needs to be the one that is provided to us and it seemed to work really well.

Thanks for the help, your bit pushed this along to get it sorted, so thank you.

Took me some time to work this out and refactor - But this is a great answer:

mysiteaddress.co.uk/sage_success.php?crypt=@3fbf363b70f3324aa0329b6a5c-MORESTUFF

<?php

function decryptFieldData($input)
    {
        $key = "your - key - here ";
        $iv = $key;
        
        $trim = ltrim ($input, '@'); 
        $enc = hex2bin($trim);

        $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, "", MCRYPT_MODE_CBC, "");
        if (mcrypt_generic_init($cipher, $key, $iv) != -1)
        {
            $cipherText = mdecrypt_generic($cipher,$enc);
            mcrypt_generic_deinit($cipher);

            
        }
        return $cipherText;
    }

    
parse_str(decryptFieldData($_REQUEST[crypt]));

echo $VendorTxCode;  
echo $VPSTxId; 

// Add the rest of the verables here- 




?>