Upgrading from Sage Pay 2.23 to 3.00

Question

Upgrading from Sage Pay 2.23 to 3.00

I'm currently using Sage Pay Server PHP Kit Includes File in one of my projects, and as you may know, Sage Pay are deprecating API version 2.23 so I'm forced to upgrade to 3.00.

The changelog of the file I'm using, if anyone's interested:

***************************************************************************************************
* Change history
* ==============
*
* 02/04/2009 - Simon Wolfe - Updated UI for re-brand
* 11/02/2009 - Simon Wolfe - Updated for VSP protocol 2.23
* 18/12/2007 - Nick Selby - New PHP version adapted from ASP
***************************************************************************************************

I've tried switching $strProtocol="2.23" to $strProtocol="3.00", this seemed to work fine, until I checked the Sage Pay backend.

This error is shown:

I know I've not given you much to work with, but maybe someone else is using the same library as me.

EDIT: Here's a pastebin of the whole libary. http://pastebin.com/91AG8nLv

Answer 1

My guess is that you haven't updated the signature, so are rejecting the transaction (as it looks like it has been tampered with). You should be calculating the signature based on the values below (this includes some new fields)

{VPSTxId }+ VendorTxCode +
Status + TxAuthNo +
VendorName + AVSCV2 +
SecurityKey + AddressResult
+ PostCodeResult +
CV2Result + GiftAid +
3DSecureStatus + CAVV +
AddressStatus + PayerStatus
+ CardType + Last4Digits +
DeclineCode + ExpiryDate +
FraudResponse +
BankAuthCode

Answer 2

I found out the problem, and fixed it. This has been tested and works fine.

There's another file called transaction-check.php, I had to add three extra fields, as they're now mandatory in the new version 3.00.

$strDeclineCode = cleaninput($_REQUEST["DeclineCode"],"Text");
$strBankAuthCode = cleaninput($_REQUEST["BankAuthCode"],"Text");
$strExpiryDate = cleaninput($_REQUEST["ExpiryDate"],"Text");