update query not from a form

[deanbri75]

A brief history about my exposure to ASP: From reading examples/faq's etc. I've done several asp pages that used SELECT, INSERT or UPDATE queries but in each case all the variables came from form data. (form = post) So, I know how to make a db connection, create a recordset, etc.

My current situation is the touchnet payment gateway. It processes a credit card payment and upon completion can send certain parameters to a "Post URL" that I specify in the touchnet application.

This Post URL is the page I have to create and is never seen by the end user - there's a separate "success page" that tells them they paid successfully.

With an ASP, how would I get the parameters that touchnet is sending to the Post URL (the page i'll be creating). I've only ever gotten parameters from form data.

I'd want to do something like:
UPDATE TABLE SET TABLE.TRANS_CODE = ‘pmt_status' & '-' & 'tpg_trans_id' WHERE PK_FIELD = 'EXT_TRANS_ID';

pmt_status is the word "success" or "failure"
tpg_trans_id is always a number
EXT_TRANS_ID is the primary key that links the touchnet transaction with my database info.

 

[nickdel]

Deanbri75, I may have picked this up wrong but do you mean the parameters are passed in the url? i.e.

http://www.mysite.com/index.asp?para1=hello&para2=world

If this is the case then you use request.querystring:

dim para1, para2

para1 = request.querystring("para1")
para2 = request.querystring("para2")

Cheers

Nick

 

[deanbri75]

It may be doing that but I don't really know. When you configure touchnet there's two URLs you specify. One is the Post URL which is never seen and the Success URL which tells the user their payment went through ok.

Documentation on this part is really poor. Here's what the manual says:

10.4 Posted Data
If you choose to post payment data to a URL, you specify that URL in the uPay
site’s Miscellaneous Settings page. (TouchNet strongly recommends the use of
https with this URL.) For more information, see “Miscellaneous: Links, URLs, and
E-mail” on page 128.
Note: Technical details on the setup of posting URLs or other technical details of
web development are outside the scope of this guide

The stuff on page 128 says the same thing about being outside the scope of the document. I appologize for being so vague. Part of my problem is they didn't give me enough info to even know the proper questions to ask.

I will give your querystring suggestion a try. I haven't used that before.

thanks!
b

 

[deanbri75]

Here's what I ended up trying. Sadly, it didn't work. Is my syntax wrong somewhere?

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "[URL unfurl="true"]http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">[/URL]
<html xmlns="[URL unfurl="true"]http://www.w3.org/1999/xhtml">[/URL]

<head>
</head>

<body>
dim tpg_trans_id, pmt_status, EXT_TRANS_ID, catSTR

tpg_trans_id = request.querystring("tpg_trans_id")
pmt_status = request.querystring("pmt_status")
EXT_TRANS_ID = request.querystring("EXT_TRANS_ID")
catSTR = (tpg_trans_id & "-" & pmt_status & "-" & EXT_TRANS_ID)


dim  objconn1, objrs1, strSQL1, strconn1

	set objconn1= server.CreateObject("ADODB.Connection")
	strconn1 = "DRIVER={SQL Server};SERVER=server.foo.bar;DATABASE=dbname;UID=username;PWD=********"
	objconn1.ConnectionString = strconn1	
	objconn1.Open strconn1
	
	set objrs1 = server.CreateObject("ADODB.Recordset")
	
	strSQL1 = "UPDATE APPLICATION SET TRANS_NUMBER = '"& catSTR &"' where GID = '"& EXT_TRANS_ID &"'"
		
	objrs1.Open strSQL1, objconn1
	
	set objrs1 = nothing
	objconn1.Close
	set objconn1 = nothing



</body>

</html>

 

[Sheco]

Please help us understand the steps taken. From what I read above, I assume the sequence of events is as follows;

1. User submits HTML form to make a purchase, the form's action property specifies some page on a server operated by a third party named touchnet or uPay[/b].

2. The payment is validated on the third party page.

3. On success, the third party validation page Redirects the user's browser to a "Success URL"

4. On success, the third party validation pages also sends an HTTP GET or an HTTP POST to a page on your server. The page on your server is known as the "Post URL"

5. In your "Post URL", you write code that evaluates the GET or POST data and updates your local database system accordingly... thus the payment processor uses this page to inform you of the details of the payment.



Is this correct?

If so, then the code in your "Post URL" page will be very much like the code you have written in the past to process forms... the primary difference being that you did not also create the form... but you can imagine it as a form created and hosted by the third party company.

 

[deanbri75]

Thanks, Sheco. That's exactly how the process works.

Not being a real programmer, (and the lack of documentation from touchnet) I wasn't sure how to get the parm values if they weren't coming from a form I'd written.

Perhaps my SQL in the code above is off or maybe it's all wrong. I'll keep plugging away at it.

Unfortunately for me, these turn out to be more a test of trial and error than of my skill. I really appreciate the time and effort you guys give on the forums. It's where I learned what little I know!

 

[Sheco]

If the third party didn't specify whether their HTTP Request back to your server is a POST or a GET then you could make a trap for it and write everything it sends out to a text file.


Something like this:

<%
dim fs,fname, Item
set fs=Server.CreateObject("Scripting.FileSystemObject")
set fname=fs.CreateTextFile("c:\test.txt",true)

fname.WriteLine "Form Data:"
For Each Item In Request.Form
  fname.WriteLine Item & " = " & Request.Form(Item) 
Next

fname.WriteLine vbCrLf & vbCrLf 

fname.WriteLine "QueryString Data:"
For Each Item In Request.QueryString
  fname.WriteLine Item & " = " & Request.QueryString(Item)  
Next

fname.Close
set fname=nothing
set fs=nothing
%>

Then you could examine the text file that is created when the page is called by the third party... this would help you see what you can expect from them.

 

[deanbri75]

I know what the output will look like. Most of it is displayed on the screen after you complete payment.

Thank you. Please print this receipt for your records.
Name on Card: deanbri75
Account Number: xxxxxxxxxxxx0019
Expiration Date: 1207
Amount Paid: $ 1.00
Date and Time: 10/05/2007 at 14:23:35 CDT
Reference Number: 20071005000002
External Transaction ID: deanbri
System Tracking ID: 620

These are all parameters that can be passed to the post URL. I don't want them all, only 3. The success/failure (pmt_status), reference number (tpg_trans_id) and the primary key that relates to my database (EXT_TRANS_ID).

If you think it will be of any use, here's a link to the touchnet documentation. The relavent info is on page 128 and 149.

https://fp.auburn.edu/ashlebr/index.htm

 

[Sheco]

Well, if you don't know if the data will be arriving as a GET or a POST, you can just leave it out and force ASP to figure it out.

For example, suppose you don't know if you should use:
[tt]strStatus = Request.QueryString("pmt_status")[/tt]

or:
[tt]strStatus = Request.Form("pmt_status")[/tt]


You could instead just do this:
[tt]strStatus = Request("pmt_status")[/tt]


The ASP processor will figure it out. The execution time may suffer but probably not enough that you would notice.