Sample code for 30+ languages & platforms
PHP Extension

Global Payments Card Authorization

See more Global Payments Examples

Demonstrates how to send a card payments authorization request.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$http = new CkHttp();

// if you don't have a Client ID yet you can still quickly test some basic request types using the following URL and credentials:

// Test URL - https://test.realexpayments.com/epage-remote.cgi
// Client ID: realexsandbox
// Shared Secret: Po8lRRT67a
$testUrl = 'https://test.realexpayments.com/epage-remote.cgi';
$clientID = 'realexsandbox';
$sharedSecret = 'Po8lRRT67a';

$amount = '1001';
$currency = 'EUR';
$cardNumber = '4263970000005262';

// We'll be sending the following XML in the body of the request:

// <?xml version="1.0" encoding="UTF-8"?>
// <request type="auth" timestamp="20180613141207">
//   <merchantid>MerchantId</merchantid>
//   <account>internet</account>
//   <channel>ECOM</channel>
//   <orderid>N6qsk4kYRZihmPrTXWYS6g</orderid>
//   <amount currency="EUR">1001</amount>
//   <card>
//     <number>4263970000005262</number>
//     <expdate>0425</expdate>
//     <chname>James Mason</chname>
//     <type>VISA</type>
//     <cvn>
//       <number>123</number>
//       <presind>1</presind>
//     </cvn>
//   </card>
//   <autosettle flag="1"/>
//   <sha1hash>87707637a34ba651b6185718c863abc64b673f20</sha1hash>
// </request>

// Use this online tool to generate code from sample XML: 
// Generate Code to Create XML

// Get the current date/time in this format:  20180613141207
$dt = new CkDateTime();
$dt->SetFromCurrentSystemTime();
$dtStr = $dt->getAsIso8601('YYYYMMDDhhmmss',true);

// Generate a unique order ID
$prng = new CkPrng();
$orderId = $prng->genRandom(32,'base64url');

// Compute the sha1hash
$crypt = new CkCrypt2();
$crypt->put_HashAlgorithm('sha1');
$crypt->put_EncodingMode('hexlower');

$sbA = new CkStringBuilder();
$sbA->Append('timestamp.merchantid.orderid.amount.currency.cardnumber');
$numReplaced = $sbA->Replace('timestamp',$dtStr);
$numReplaced = $sbA->Replace('merchantid',$clientID);
$numReplaced = $sbA->Replace('orderid',$orderId);
$numReplaced = $sbA->Replace('amount',$amount);
$numReplaced = $sbA->Replace('currency',$currency);
$numReplaced = $sbA->Replace('cardnumber',$cardNumber);

$hashA = $crypt->hashStringENC($sbA->getAsString());

$sbB = new CkStringBuilder();
$sbB->Append($hashA);
$sbB->Append('.');
$sbB->Append($sharedSecret);

$hashB = $crypt->hashStringENC($sbB->getAsString());

$xml = new CkXml();
$xml->put_Tag('request');
$xml->AddAttribute('type','auth');
$xml->AddAttribute('timestamp',$dtStr);
$xml->UpdateChildContent('merchantid',$clientID);
$xml->UpdateChildContent('account','internet');
$xml->UpdateChildContent('channel','ECOM');
$xml->UpdateChildContent('orderid',$orderId);
$xml->UpdateAttrAt('amount',true,'currency',$currency);
$xml->UpdateChildContent('amount',$amount);
$xml->UpdateChildContent('card|number',$cardNumber);
$xml->UpdateChildContent('card|expdate','0425');
$xml->UpdateChildContent('card|chname','James Mason');
$xml->UpdateChildContent('card|type','VISA');
$xml->UpdateChildContent('card|cvn|number','123');
$xml->UpdateChildContent('card|cvn|presind','1');
$xml->UpdateAttrAt('autosettle',true,'flag','1');
$xml->UpdateChildContent('sha1hash',$hashB);

$resp = new CkHttpResponse();
$success = $http->HttpStr('POST',$testUrl,$xml->getXml(),'utf-8','application/xml',$resp);
if ($success == false) {
    print $http->lastErrorText() . "\n";
    exit;
}

print 'Response Status Code: ' . $resp->get_StatusCode() . "\n";

print 'Response Body:' . "\n";
print $resp->bodyStr() . "\n";

if ($resp->get_StatusCode() != 200) {
    print 'Failed.' . "\n";
    exit;
}

// A status code of 200 indicates we received an XML response, but it could be an error message.
// Here's an example of an error response:

// <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
// <response timestamp="20200418142356">
//     <orderid>N6qsk4kYRZihmPrTXWYS6g</orderid>
//     <result>508</result>
//     <message>Invalid timestamp: '{' Value exceeds allowable limit: '}'</message>
// </response>

// We need to check the "result" within the XML.
$xml->LoadXml($resp->bodyStr());

$result = $xml->GetChildIntValue('result');
print 'result = ' . $result . "\n";

// A successful result looks like this:

// <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
// <response timestamp="20200418145519">
//     <merchantid>realexsandbox</merchantid>
//     <account>internet</account>
//     <orderid>Cw93I1nFWVZuaATh46qMUCBlCcfrOvLo65C2cq5X-AY</orderid>
//     <result>00</result>
//     <authcode>L3pHww</authcode>
//     <message>AUTH CODE: L3pHww</message>
//     <pasref>96838535689610806</pasref>
//     <cvnresult>M</cvnresult>
//     <timetaken>87</timetaken>
//     <authtimetaken>67</authtimetaken>
//     <batchid>6322506</batchid>
//     <sha1hash>2fd2f15f97f1775779fe9bda536dc8317a4b39f6</sha1hash>
// </response>

if ($result == 0) {
    print 'authcode = ' . $xml->getChildContent('authcode') . "\n";
    print 'Success.' . "\n";

}
else {
    print 'Failed.' . "\n";
}


?>