ideal

Using Gravity Forms for iDeal payment

IDEAL is an on-line payment method, populair in the Netherlands and Belgium. For the integration of iDEAL Light  into WordPress, I used the outstanding plugin Gravity Forms (GF), in combination with 2 new template files. This is my first attempt, feel free to notify me of better ways to do stuff. I used GF version 1.4.5 for this. The next version of GF has more options for payment, but well, this works for now ;).

If you are looking for a WordPress plugin for this,
go check out Pronamic’ add-on iDEAL voor Gravity Forms.

This code is for selecting one or more of a single item.
It uses the security check by hash tag (see the iDEAL documentation for more info about this)

First create 5 new pages like

  • Order (this is the page with the GF)
  • Confirm (where the visitor checks and confirms her order)
  • Thanks (page for iDEAL to redirect to when the payment is successfull)
  • Error (page for iDEAL to redirect to when the payment is unsuccessful)
  • Cancel (page for iDEAL to redirect to when the payment is canceled)

Add some explaining text to this pages, to let the visitor know what’s happening.

Then create the GF-form

This is the form the visitor has to fill out with name/address and number of items she wants to order.

Required are 2 input fields:

  • items (make that a number-field, define a default value, e.g. 1)
  • price (make that a text-field, define a value with 2 decimals)

Form-options:

  • Form confirmation: choose Redirect and select to the full url of the page we named Confirm
  • Check “Pass Field Data Via Query String” and fill out: id={entry_id}

redirect

Include this form into the page Order.

Create the PHP template file for the order confirmation

Create a template file for the Confirm page. Include the following code before the get_header(); These are fixed parameters iDEAL needs.

$id_order = $_GET['id'];
// fixed parameters
$key = 'xxxxxxxxx'; // your hash key of secret key
$merchantID = '1234567890'; // your Acceptant ID
$subID = '0';              //almost always 0 (null)
$purchaseID = "$id_order";        //number or code for your backoffice (I used the form id)
$paymentType = 'ideal';    //always ideal
$validUntil = date('Y-m-d\TH:i:s.000\Z', time()+900); // this moment plus 15 min)
$itemNumber1 = '1';  // in case of hash tag, use always 1
$itemDescription1 = "Box of chocolates";     // the description of the item you sell
$itemQuantity1 = 1;                    // in case of hash tag, use always 1
$language = ''; // empty is faster
$currency = 'EUR';
$description = "Another order of some delicious chocolate"; // the description of your order
$baseurl    = 'http://www.yourdomain.nl'; // your website here....
$urlSuccess = "$baseurl/thanks/?id=$id_order";
$urlCancel  = "$baseurl/error/";
$urlError   = "$baseurl/cancel/";

Then add the data for the order and the calculated total amount, just below the content of the page. You need 3 id’s to make this work:

  • The id of the form
  • the field_number of “items”
  • the field_number of “price”

The can retrieve these by looking them up in the HTML-code of the form, id=’input_2_1′ means form id  2, field number 1.

 <dl id="check-order">
<?php
// get data from form
$results = $wpdb->get_results( "SELECT value, field_number FROM wp_rg_lead_detail WHERE lead_id=$id_order ORDER BY field_number" ) ;
$form_meta = RGFormsModel::get_form_meta(2);
foreach ($results as $result) {
$field1 = RGFormsModel::get_field($form_meta, $result->field_number);
if ($result->field_number == 1 )  {
$items = $result->items;
if ($items < 1 ) $items = 1;
} elseif ($result->field_number == 22 ) {
$price = $result->value;
} else {
echo "<dt>". $field1["label"] . " </dt>\n";
echo "<dd>". $result->value . "</dd>\n";
}
}
$price  = str_replace(",", ".", $price);
$itemPrice1 = $price*100*$items;
$amount = $itemPrice1;
echo "<dt>Number of boxes </dt>\n";
echo "<dd>$items</dd>\n";
echo "<dt>Price for one box</dt>\n";
echo "<dd> &euro; ". number_format( ($price) , 2, '.', '') . "</dd>\n";
echo "<dt>Total </dt>\n";
echo "<dd> &euro; ". number_format( ($price*$items) , 2, '.', '') . "</dd>\n";
$shastring = "$key$merchantID$subID$amount$purchaseID$paymentType$validUntil"
. "$itemNumber1$itemDescription1$itemQuantity1$itemPrice1";
$shastring = preg_replace(
array("/[ \t\n]/", '/&amp;/i', '/&lt;/i', '/&gt;/i', '/&quot/i'),
array(         '',        '&',       '<',       '>',        '"'),
$shastring);
$shasign = sha1($shastring);
?>
</dl>
<form method="post" action="the url provided by your iDEAL supplier" name="form1">
<input type="hidden" name="merchantID" value="<?php echo $merchantID; ?>">
<input type="hidden" name="subID" value="<?php echo $subID; ?>">
<input type="hidden" name="amount" value="<?php echo $amount; ?>">
<input type="hidden" name="purchaseID" value="<?php echo $purchaseID; ?>">
<input type="hidden" name="language" value="<?php echo $language; ?>">
<input type="hidden" name="currency" value="<?php echo $currency; ?>">
<input type="hidden" name="description" value="<?php echo $description ; ?>">
<input type="hidden" name="hash" value="<?php echo $shasign; ?>">
<input type="hidden" name="paymentType" value="<?php echo $paymentType; ?>">
<input type="hidden" name="validUntil" value="<?php echo $validUntil; ?>">
<input type="hidden" name="itemNumber1" value="<?php echo $itemNumber1; ?>">
<input type="hidden" name="itemDescription1" value="<?php echo $itemDescription1; ?>">
<input type="hidden" name="itemQuantity1" value="<?php echo $itemQuantity1; ?>">
<input type="hidden" name="itemPrice1" value="<?php echo $itemPrice1; ?>">
<input type="hidden" name="urlSuccess" value="<?php echo $urlSuccess; ?>">
<input type="hidden" name="urlCancel" value="<?php echo $urlCancel; ?>">
<input type="hidden" name="urlError" value="<?php echo $urlError; ?>">
<input type="submit" name="submit2" value="Pay with iDEAL">
</form>

The (test)url provided by your iDEAL supplier is for example “https://idealtest.rabobank.nl/ideal/mpiPayInitRabo.do&#8221;

Then create the template for the Thanks page.

This is the page iDEAL redirects you if the payment is successful. In this page an email will be send to the owner of the site to inform her that someone made an order from the site.

Add below the content:

<?php
$id_order = $_GET['id'];
$body = "You've got a new order:\nView it on: http://www.yoursite.nl/wp-admin/admin.php?page=gf_entries&view=entries&id=2"; //id refers to the id of the form
wp_mail('your@email.nl', 'New website order', $body); ?>

Add some style

in style.php you can add something like:

#check-order {
  margin: 0 0 14px 0;
}
#check-order dt {
  font-weight: bold;
  float: left;
  width: 200px;
}

Discussion

One thing that needs to be added is an unique number to the form-id, to prevent direct access to the confirm page with only adding an id number. Thinking about adding the IP number of the visitor in a hidden field and checking with the conformation if the visitor has the same IP.

And $id_order = $_GET['id']; had to get properly sanitized and checked

Documentation and resources

About these ads

3 thoughts on “Using Gravity Forms for iDeal payment”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s