Hi there. I'm trying to integrate with a payment gateway API, and as I'm fairly new to PHP, I'm having some trouble to proceed.

Basically, I have a form that goes to a specific URL (submitting URL). From the documentation: "Request information is submitted to payment platform with HttpsClient , and submitting mode is POST."

There is the customer-registration.php file, which requires the functions.php file that contains the information to md5-encrypt a string composed of several variables from the form. There is also a notify-url.php file which is the redirection page after registering a user.

Some variables are passed to the submitting URL on the payment server, but the XML response I get from there displays empty nodes for 3 variables that I should read back in order to complete the process (dateRegister, registerId and activationURL)

XML Response from the payment server:

Code:
<response>
	<operation>90</operation>
	<resultCode>0</resultCode>
	<merNo>10157</merNo>
	<email>me@gmail.com</email>
	<cardNumber>4111111111111111</cardNumber>
	<dateRegister/>
	<registerId/>
	<activationURL/>
	<remark>Invalid MD5Info</remark>
	<md5Info>FC0BB07DA01C551296054FBF167824B1</md5Info>
</response>
The customer-registration.php file looks like this:

PHP Code:
<html>
<head>
<title>Customer Registration</title>

<?
require("functions.php");

//START SET VARIABLES
$merNo="10157";
$dateRequest="20120918073500";//AUTOMATE THIS!
$language="ENG";
$notifyURL="http://www.mydomain.com/notify-url.php";
//END SET VARIABLES

//START FORM FORCED VARIABLES
$email="me@gmail.com";
$cardNumber="4111111111111111";
$firstName="John";
$lastName="Smith";
$phone="9535658659";
$zipCode="98656";
$address="123 North Ave.";
$city="Geekytown";
$state="AZ";
$country="US";
//END FORM FORCED VARIABLES

$md5Key="44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0"//MD5 key
$md5Info=MD5Encrypt($merNo,$email,$cardNumber,$dateRequest,$md5Key);
$crrurl="https://paymentdomain.com/xcp/register.jsp"//Request submitting URL
?>

</head>

<body>

<form method="post" action="<?php echo $crrurl?>">

<input type=hidden name="merNo" value="<?php echo $merNo?>">
<input type=hidden name="dateRequest" value="<?php echo $dateRequest?>">
<input type=hidden name="language" value="<?php echo $language?>">
<input type=hidden name="notifyURL" value="<?php echo $notifyURL?>">
<input type=hidden name="md5Info" value="<?php echo $md5Info?>">

<!--START HIDDEN FORCED VARIABLES-->
<input type=hidden name="email" value="<?php echo $email?>">
<input type=hidden name="cardNumber" value="<?php echo $cardNumber?>">
<input type=hidden name="firstName" value="<?php echo $firstName?>">
<input type=hidden name="lastName" value="<?php echo $lastName?>">
<input type=hidden name="phone" value="<?php echo $phone?>">
<input type=hidden name="zipCode" value="<?php echo $zipCode?>">
<input type=hidden name="address" value="<?php echo $address?>">
<input type=hidden name="city" value="<?php echo $city?>">
<input type=hidden name="state" value="<?php echo $state?>">
<input type=hidden name="country" value="<?php echo $country?>">
<!--END HIDDEN FORCED VARIABLES-->

<INPUT TYPE="submit" value="submit">

</form>

</body>
</html>
Right now, I'm passing the pre-declared variables as hidden text inputs (later I'll change that so it's an actual user input form)

The functions.php file looks like this:

PHP Code:
<?php
$merNo 
$_POST["merNo"];
$email $_POST["email"];
$cardNumber $_POST["cardNumber"];
$dateRequest $_POST["dateRequest"];
$md5Key="44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0"//MD5 key

function MD5Encrypt($merNo,$email,$cardNumber,$dateRequest,$md5Key)
{
$str "$merNo|$email|$cardNumber|$dateRequest|$md5Key";
$encryptedMD5 md5($str);
return 
$encryptedMD5;
}

$completeurl "https://paymentdomain.com/xcp/register.jsp";
$xml simplexml_load_file($completeurl);

$operation $xml->operation;
$resultCode $xml->resultCode;
$merNo $xml->merNo;
$email $xml->email;
$cardNumber $xml->cardNumber;
$dateRegister $xml->dateRegister;
$registerId $xml->registerId;
$activationURL $xml->activationURL;
$remark $xml->remark;
$md5Info $xml->md5Info;

function 
verifyMD5($resultCode,$merNo,$email,$cardNumber,$registerId,$dateRegister,$activationURL,$md5Key$md5Info)
{
$str "$resultCode|$merNo|$email|$cardNumber|$registerId|$dateRegister|$activationURL|$md5Key";
  
$encryptedMD5 md5($str);
//echo $str."<BR>";
//echo "Generated CheckSum: ".$encryptedMD5."<BR>";
//echo "Received Checksum: ".$md5Info."<BR>";
  
if($encryptedMD5 == $md5Info)
return 
"true" ;
  else
return 
"false" ;
}
?>
I'm not sure if I'm retrieving the XML response correctly. As per the API docs: "Response information is returned to client’s platform as XML."

And lastly, the notify-url.php file looks like this:

PHP Code:
<html>
<head>
<title>Notify URL</title>
</head>
<body>

<?php
require("functions.php");

$md5Key "44q9dn7WCUrLHgi8bPsdiBIlLi6WaHI0" //put in the 32 bit alphanumeric key in the quotes provided here

$retval verifyMD5 ($resultCode,$merNo,$email,$cardNumber,$registerId,$dateRegister,$activationURL,$md5Key);

if(
$retval == "true" && $resultCode == "1")
{
echo 
"Thank you for shopping with us. Your credit card has been charged and your transaction is successful. We will be shipping your order to you soon.";

//Here you need to put in the routines for a successful 
//transaction such as sending an email to customer,
//setting database status, informing logistics etc etc

}
else if(
$retval == "true" && $resultCode == "0")
{
echo 
"Thank you for shopping with us. However it seems your credit card transaction failed.";

//Here you need to put in the routines for a failed
//transaction such as sending an email to customer
//setting database status etc etc

}
else if(
$retval == "true" && $resultCode == "2")
{
echo 
"Account was registered before, only Card Information has been added";

//Here you need to put in, the routines for a HIGH RISK 
//transaction such as sending an email to customer and explaining him a procedure,
//setting database status etc etc

}
else
{
echo 
"Security Error. Illegal access detected";

//Here you need to simply ignore this and dont need
//to perform any operation in this condition

}
?>
</body>
</html>
So, basically I would like to see if the logic is right at this point and then figure out why does the response from the payment server is not complete. As stated there: "Invalid MD5Info"

Thank you very much for any assistance, it would be greatly appreciated!