Integrating your website with Interswitch WebPay (Concluding Part) Part 2

In the previous part of this article (Part 1) I discussed the basics of integrating Interswitch WebPay into your website. If you’ve not gone through the article or you are not sure if you got the whole idea previously, please go through it again. Click here

Previously, I used the function addTransaction() to store the transaction details before we send the request to WebPay, we need to do this to help us monitor each transaction, also it allows us to update the payment status whenever a payment is made. Anyway, I think it’s the best approach.

Let’s look at it this way; You store the transaction details whenever someone makes an order, next you send the order details/transaction details to Interswitch then Interswitch sends you a reply when the payment is made (success, failure, pending,…). Next you store the response you get from Interswitch and update the payment status of the transaction then redirect the user to a page displaying the details and status of the transaction, more like displaying an invoice.

The diagram below may explain it better.

That’s about how it works, so let’s begin with how we write the code for this. To store our order, we receive the entire order (POST) request from the form or cart page etc.

Making an Order

Before we do that, we need to set some variables at the top of our page to help receive response from Interswitch and also store some values needed to identify our website to Interswitch.

$id = $_SESSION['id']; // the userid of the person paying for a product
$success = $_GET["rspcode"]; // the response code we get fromInterswich
$appamt = $_GET["appamt"]; // the total amount of the order
$merchantID = "Demo"; // the merchant ID given to us buy interswitch
$cpID = "CADP628051"; // Also the CPID given to us by interswich

Let’s begin with the POST request from our cart page here…

if (isset($_POST['submit']) && isset($_REQUEST['tid']) && $_REQUEST['amount'] != null)
{
    //we want to find out if a checkout button is clicked and we are also sending the
    //transactionID and amount together with the request.
    //get all information from the post request
    
    $transaction_id = mysql_real_escape_string($_POST['tid']);
    $amount = mysql_real_escape_string($_POST['amount']);
    $buyer_id = mysql_real_escape_string($_POST['bid']);
    $description = mysql_real_escape_string($_POST['desc']);
    $pgate = "Interswitch";
    $time = date("D d F, Y  - g:i A", time());
    $result = addTransaction($transaction_id, $time, $buyer_id, $amount, $pgate, $description, 0);  
    ////here we store the transaction details with our addTransaction() function
    if ($result)
    // if we get a positive response from our function, it means the data was stored 
    //successfully. Remember to catch all errors, so you can also use else to display an error message
    //or from the function
    {
    //store these values so we can set and unset them when we are done with the transaction
        $_SESSION['tid'] = $transaction_id;
        $_SESSION['bid'] = $buyer_id;
        $_SESSION['desc'] = $description;
        $_SESSION['amount'] = $amount;
        $_SESSION['pgate'] = $pgate;
    }
}

Next we need to send the whole details to Interswitch

Sending a request to Interswitch WebPay

if ($success == null)
{
//or success = "" means we are not getting any response yet from Interswitch and we are trying to send WebPay a messsage
    ?>
    <div align="center" title="Secure Payment Page">
        <iframe align="middle" frameborder="0" width="40%" height="550" name="PayFrame" scrolling="no" id="PayFrame"></iframe>
    </div>
    <script type='text/javascript'>
        doPayment('<?php echo $amount; ?>','<?php echo $transaction_id; ?>','<?php echo $cpID; ?>', '<?php echo $merchantID ?>')
        //We are using “iframe” to display the Interswitch payment page on our website and using the doPayment() function to send the request to Interswitch
        function doPayment(amount,trnxID,cadpid,mertId)
        {    
            var trnxId  = trnxID;
            var cadpid  = cadpid;
            var mertId  = mertId;
            var amount = amount;
            var url = 'https://webpay.interswitchng.com/webpay/purchase.aspx'; 
            //this url may change , they have the test and live url, so remember to look at the documentation provided to get the test url and live url when you are done testing.
            var fullUrl = url + "?CADPID="+cadpid+"&MERTID="+mertId+"&TXNREF="+trnxId+"&AMT="+amount+"&TRANTYPE=00";
                            
            document.getElementById("PayFrame").src = fullUrl;
        }
    </script>

    <?php
    echo '<center><h1><a href="viewcart.php">Return to Shopping Cart !</a></h1></center>';
}

From the entire story we have above, we are using an iframe to display the payment page from Interswich, where the user enters his/her debit card number and pin on our page. The iFrame has a size, so you can adjust it to your taste. We also made use of a javascript function doPayment() that receives all our order details and sends the information to WebPay in a url string. We have something like this at the end:
https://webpay.interswitchng.com/webpay/purchase.aspx?CADPID=CADP628051&MERTID=Demo&TXNREF=38847f44ea44&AMT=3000&TRANTYPE=00

You can also view the payment page from Interswitch by typing the url above in your browser after filling the details correctly, like your Merchant ID, CPID, amount etc.

We have something like this eventually;

Receiving response from Interswitch WebPay

Now that the user has paid for the product, how do we receive the payment status from Interswitch and also display an invoice to the user? Well, we would need to look at our previous if statement that says if ($success == null) and create another if statement that looks out for other Interswich WebPay Success codes e.g., 00,09 etc.

We will have something like this:

if ($success == "00")
{
    //deal with successful transaction
    $query = mysql_query("UPDATE transactions SET t_status=1 WHERE transaction_id='" . $_SESSION['tid'] . "'");
    //all we do here is to update that our transaction on the database with the success code we get from WebPay and display a message to the user.
    echo "<div class=success>Transaction Successfull</div>";
    echo "<h3>Transaction details</h3><br/>";
    echo "<u><b>Transaction ID:</b></u><br/>" . $_SESSION['tid'] . "<br/><br/>";
    echo "<u><b>Description:</b></u><br/>" . $_SESSION['desc'] . "<br/><br/>";
    echo "<u><b>Total Amount:</b></u><br/>=N=" . number_format($_SESSION['amount']) . "<br/><br/>";
    echo "<u><b>Payment Method:</b></u><br/>" . $_SESSION['pgate'] . "<br/><br/>";
    echo "<u><b>Time:</b></u><br/>" . date("D d F, Y  - g:i A", time()) . "<br/><br/>";

    //delete the product from cart
    $query = mysql_query("DELETE FROM shopping_cart WHERE user_id='" . $_SESSION['bid'] . "'");

    echo '<center><h1><a href="viewcart.php">Shopping Cart !</a></h1></center>';
    /*
      I can add other success values from -1 to 25
      to display payment notifications to the user
      either error or other stuffs using else if ($success=="1")
      e.t.c. Then we unset all the session variables we used to store the transaction details
     */
    unset($_SESSION['tid']);
    unset($_SESSION['bid']);
    unset($_SESSION['desc']);
    unset($_SESSION['amount']);
    unset($_SESSION['pgate']);
}
else   
{ 
    //here, we can have another elseif() statement to display a message for other response 
    //codes we get from WebPay or just deal with other response codes as a failed transaction.
    //Deal with Timeout Here, Transaction ID no more valid
    
    echo "<div class=err>Error while requesting for transaction authorization, Transaction ID no more valid</div> ";
    echo '<center><h1><a href="viewcart.php">Shopping Cart !</a></h1></center>';
    $query = mysql_query("DELETE FROM transactions WHERE transaction_id='" . $_SESSION['tid'] . "'");
    
    //remember to unset all sessions containing the transaction details
    unset($_SESSION['tid']);
    unset($_SESSION['bid']);
    unset($_SESSION['desc']);
    unset($_SESSION['amount']);
    unset($_SESSION['pgate']);
}

What we have above receives a response from WebPay and displays a message to the user based on the response code it gets from Interswitch WebPay. There are several response codes you can handle in order to display a more detailed information to the user about a particular transaction. E.g. “You have insufficient balance”, “Issuer or switch Inoperative” etc.

Here is the list of response/error codes you will normally get from WebPay, please always remember to check the documentation provided by Interswitch while integrating.

RSPCODE – RSP DESCRIPTION
00 – Approved or completed successfully
01 – Refer to card issuer
02 – Refer to card issuer, special condition
03 – Invalid merchant
04 – Pick-up card
05 – Do not honor
06 – Error
07 – Pick-up card, special condition
08 – Honor with identification
09 – Request in progress
10 – Approved, partial
11 – Approved, VIP
12 – Invalid transaction
13 – Invalid amount
14 – Invalid card number
15 – No such issuer
16 – Approved, update track 3
17 – Customer cancellation
18 – Customer dispute
19 – Re-enter transaction
20 – Invalid response
21 – No action taken
22 – Suspected malfunction
23 – Unacceptable transaction fee
24 – File update not supported
25 – Unable to locate record
26 – Duplicate record
27 – File update field edit error
28 – File update file locked
29 – File update failed
30 – Format error
31 – Bank not supported
32 – Completed partially
33 – Expired card, pick-up
34 – Suspected fraud, pick-up
35 – Contact acquirer, pick-up
36 – Restricted card, pick-up
37 – Call acquirer security, pick-up
38 – PIN tries exceeded, pick-up
39 – No credit account
40 – Function not supported
41 – Lost card, pick-up
42 – No universal account
43 – Stolen card, pick-up
44 – No investment account
45 – Account closed
46 – Identification required
47 – Identification cross-check required
51 – Not sufficient funds
52 – No check account
53 – No savings account
54 – Expired card
55 – Incorrect PIN
56 – No card record
57 – Transaction not permitted to cardholder
58 – Transaction not permitted on terminal
59 – Suspected fraud
60 – Contact acquirer
61 – Exceeds withdrawal limit
62 – Restricted card

So it’s left for you to decide if you want to write an if or switch statement for these response codes in your payment page.

Alright, I hope you enjoyed this part, but it’s kind of a quick guide on how to integrate with WebPay. As soon as you are ready to integrate Interswich WebPay with your website, Interswitch will provide documentation on how to do this too.

Here is the complete payment page code for Interwsitch WebPay on our sample site, please note that this is not a production code, do not use it directly on a live site, it still needs to be properly tweaked if you want to use it on a production site. I hope I’ve tried to explain it as simple as I possibly can.

<?php
$pagetitle = "Pay with Interswitch";
include ('header.php');
?>

<div class="container">
    <?php
    if ($_SESSION['id'])
    {
        $id = $_SESSION['id'];
        $success = $_GET["rspcode"];
        $appamt = $_GET["appamt"];
        $merchantID = "Demo";
        $cpID = "CADP628051";
        if (isset($_POST['submit']) && isset($_REQUEST['tid']) && $_REQUEST['amount'] != null)
        {
            //get all information
            $transaction_id = mysql_real_escape_string($_POST['tid']);
            $amount = mysql_real_escape_string($_POST['amount']);
            $buyer_id = mysql_real_escape_string($_POST['bid']);
            $description = mysql_real_escape_string($_POST['desc']);
            $pgate = "Interswitch";
            $time = date("D d F, Y  - g:i A", time());
            $result = addTransaction($transaction_id, $time, $buyer_id, $amount, $pgate, $description, 0);
            if ($result)
            {
//store these values so we can set and unset them wen we are done with the transaction
                $_SESSION['tid'] = $transaction_id;
                $_SESSION['bid'] = $buyer_id;
                $_SESSION['desc'] = $description;
                $_SESSION['amount'] = $amount;
                $_SESSION['pgate'] = $pgate;
            }
        }
        if ($success == null)
        { //or success = ""
            ?>
            <div align="center" title="Secure Payment Page">
                <iframe align="middle" frameborder="0" width="100%" height="550" name="PayFrame" scrolling="no" id="PayFrame"></iframe>
            </div>
            <script type='text/javascript'>
                doPayment('<?php echo $amount; ?>','<?php echo $transaction_id; ?>','<?php echo $cpID; ?>', '<?php echo $merchantID ?>')
                function doPayment(amount,trnxID,cadpid,mertId)
                {    var trnxId  = trnxID;
                    var cadpid  = cadpid;
                    var mertId  = mertId;
                    var amount  = amount;
                    var url    = 'https://webpay.interswitchng.com/webpay/purchase.aspx';
                    var fullUrl = url + "?CADPID="+cadpid+"&MERTID="+mertId+"&TXNREF="+trnxId+"&AMT="+amount+"&TRANTYPE=00";
                    //alert(fullUrl);
                    document.getElementById("PayFrame").src = fullUrl;
                    //showWindow(fullUrl); //function in WebPAY_PopUp_Caller.txt
                }
            </script>

            <?php
            echo '<center><h1><a href="viewcart.php">Return to Shopping Cart !</a></h1></center>';
        }
        else if ($success == "00")
        {
            //deal with successful transaction
            $query = mysql_query("UPDATE transactions SET t_status=1 WHERE transaction_id='" . $_SESSION['tid'] . "'");

            echo "<div class=success>Transaction Successfull</div>";
            echo "<h3>Transaction details</h3><br/>";
            echo "<u><b>Transaction ID:</b></u><br/>" . $_SESSION['tid'] . "<br/><br/>";
            echo "<u><b>Description:</b></u><br/>" . $_SESSION['desc'] . "<br/><br/>";
            echo "<u><b>Total Amount:</b></u><br/>=N=" . number_format($_SESSION['amount']) . "<br/><br/>";
            echo "<u><b>Payment Method:</b></u><br/>" . $_SESSION['pgate'] . "<br/><br/>";
            echo "<u><b>Time:</b></u><br/>" . date("D d F, Y  - g:i A", time()) . "<br/><br/>";

//delete from cart
            $query = mysql_query("DELETE FROM shopping_cart WHERE user_id='" . $_SESSION['bid'] . "'");

            //show dem o

            echo '<center><h1><a href="viewcart.php">Shopping Cart !</a></h1></center>';
            /*
              I can add other success values from -1 to 25
              to display payment notifications to the user
              either error or other stuffs using else if ($success=="1")
              e.t.c.
             */
            unset($_SESSION['tid']);
            unset($_SESSION['bid']);
            unset($_SESSION['desc']);
            unset($_SESSION['amount']);
            unset($_SESSION['pgate']);
        }
        else
        { //Deal with Timeout Here, Transaction ID no more valid
            echo "<div class=err>Error while requesting for transaction authorisation, Transaction ID no more valid</div> ";
            echo '<center><h1><a href="viewcart.php">Shopping Cart !</a></h1></center>';
            $query = mysql_query("DELETE FROM transactions WHERE transaction_id='" . $_SESSION['tid'] . "'");

            unset($_SESSION['tid']);
            unset($_SESSION['bid']);
            unset($_SESSION['desc']);
            unset($_SESSION['amount']);
            unset($_SESSION['pgate']);
        }
    }
    else
    {
        echo '<h1>Please, <a href="index.php">login</a> and come back later!</h1>';
    }
    ?>

    <div class="clear"></div>
</div>

<?php
include ('footer.php');
?>

Thanks for going through this with me, please comment below if you have any question or like to point out some errors and make suggestions to omitted points in this article. I’ll be delighted to respond to your questions and comments.

Thanks.