Back in 2009, for a client had to implement a finance ecommerce integration that had very little documentation.. and their phone and email support was like. you are on your own. This was a top tier bank too. Therefore, based on a 10-15 code lines of samples, we put together a fully functional SHA1 for First Data Global
Gateway handler.
They gave me a sample but did not work, and took me like 2
weeks to figure it out using ASP and Javascript, and then they modified
the underlying code to something stronger which we did and this still
worked as of 2019. They like php and java and the LAMP stack, not the Microsoft stack. Even their .Net did not work out of the box.
Odd, yet what First Data Global Gateway samples gave us was like 10 lines of code and that was it. Nada, no help. Eventually had to piece together the working solution.
The biggest problem they had was the date/time zone issues with Daylight
Savings time having to be within 1 hour sync west coast to east coast.
they eventually eased the 1 hour restriction to a little larger so we
don't have to change the hour coding +/- 1.
This works on IIS 5.0 and higher with IIS server side includes enabled, classic ASP enabled, 32 bit application mode enabled.
< %@ LANGUAGE="VBSCRIPT" % >
< %
option explicit
response.expires = 0
if request.querystring("method") = "leaveadminmode" then
session("un") = ""
end if
'if Request.Servervariables("REMOTE_ADDR") <> "yourhostingiphere" then
' response.redirect "Classes.asp"
'end if
% >
< % Response.CacheControl = "no-cache" % >
< % Response.AddHeader "Pragma", "no-cache" % >
< % Response.Expires = -1 % >
<!--#include virtual="/......./inc/adovbs.asp"-->
<!--#include virtual="/......./inc/sqldsn.asp"-->
<!--#include virtual="/......./inc/sqltext.asp"-->
< %
Dim sha1
set sha1 = GetObject("script:"&Server.MapPath("/......./inc/yoursha1-filehere.wsc"))
' set a property
sha1.hexcase = 1
Dim result1
% >
<script language='Javascript' runat='server'>
function jsGetUTCTime() {
//var d = new Date();
//return d.toUTCString();
x = new Date()
var UTCseconds = ( (x.getTime()/1000) - (x.getTimezoneOffset()/60) );
return UTCseconds
}
</script>
<script language='VBScript' runat='server'>
Function getUTCTime()
' Use JScript to get the current GMT time stamp
getUTCTime = jsGetUTCTime()
// getUTCTime = jsGetUTCTime() - 3600
End Function
</script>
< %
if request.querystring("mode") = "delete" then
sql = "delete from tbl_ShoppingCart where Row_ID = " & request.querystring("Row_ID") & " "
'response.write (sql)
set rs = Conn.Execute(sql)
response.redirect "register.asp"
end if
if request.querystring("Class") <> "" then
sql = "select * from tbl_ClassEvents where ClassEvent_Number = '" & request.querystring("Class") & "'"
'response.write (sql)
set rs = Conn.Execute(sql)
rem found the record, insert it into the shopping cart....
sql1 = "INSERT INTO tbl_ShoppingCart "
sql1 = sql1 & " (SessionID, ClassEvent_Number, Qty, Price, Extended_Price) "
sql1 = sql1 & " SELECT "
sql1 = sql1 & " " & Session.SessionID & ", "
sql1 = sql1 & " '" & trim(request.querystring("Class")) & "', "
sql1 = sql1 & " 1, "
sql1 = sql1 & rs("ClassEvent_BasePrice") & ", "
sql1 = sql1 & rs("ClassEvent_BasePrice") & " "
'response.write (sql1)
set rs1 = Conn.Execute(sql1)
response.redirect "register.asp"
end if
% >
<html>
<head>
<title>your title here</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.style1 {font-family: Arial, Helvetica, sans-serif}
.style2 {font-family: Arial, Helvetica, sans-serif; font-size: 13px; }
body {
background-image: url();
background-color: #062134;
}
a:link {
color: #2B7CBB;
text-decoration: none;
}
a:visited {
color: #2B7CBB;
text-decoration: none;
}
a:hover {
color: #8A8993;
text-decoration: underline;
}
a:active {
color: #2B7CBB;
text-decoration: none;
}
.style14 {
font-family: Arial, Helvetica, sans-serif;
font-size: 15px;
color: #000000;
font-weight: bold;
}
.style15 {font-family: Arial, Helvetica, sans-serif; font-weight: bold; }
.style16 {color: #254590}
-->
</style>
</head>
<body>
<div align="center">
<form action="https://checkout.globalgatewaye4.firstdata.com/payment"
method="POST" name="registerShoppingCart" onSubmit="return
checkform(this.form)">
<p style="margin-bottom: 0"> </p>
<table width="700" border="0" cellpadding="5" bordercolor="#FFFEFF" bgcolor="#1B2E70">
<tr valign="top">
<td colspan="2" ><img src="images/yourlogobannerhere.ext"
width="684" height="141" alt="your alt title tag here" title="your alt
title tag here"></td>
</tr>
<tr valign="top" bgcolor="#6592C9">
<td width="515" > </td>
<td width="155"><div align="center"><span
class="style14">Call {your phone
here}</span></div></td>
</tr>
</table>
<table width="700" border="0" cellpadding="5" bgcolor="#FFFFFF">
<tr valign="top">
<td width="59"><div align="center" class="style2">
</div></td>
<td width="62"><div align="center" class="style2">
<div align="center"><a href="Register.asp"><strong>Register</strong></a></div>
</div></td>
<td width="96"><div align="center" class="style2">
<div align="center"><a href="aspCalendar.asp"><strong>Calendar</strong></a></div>
</div></td>
<td width="72"><div align="center" class="style2">
</div></td>
<td width="72"><div align="center" class="style2">
</div></td>
<td width="62"><div align="center"> </div></td>
<td width="85"><div align="center" class="style2">
</div></td>
<td width="77"><div align="center" class="style2">
</div></td>
<td width="41"><div align="center" class="style2">
<div align="center"><a
href="http://www.yourdomainnamehere.com"><strong>Home
</strong></a></div>
</div></td>
</tr>
<tr valign="top">
<td colspan="8"> </td>
</tr>
<tr valign="top" bgcolor="#C4D2EA">
<td colspan="8"><p class="style15" style="margin-top: 0; margin-bottom: 0">Register </p>
</td>
</tr>
<tr valign="top">
<td colspan="8"><br><div class='chkbox' style='background-color: #F9F8C7;'>
<span class="style2"><strong>I agree to the <a
href='http://www.yourdomainnamehere.com/#!polices/voe78'>Terms and
Conditions, Policy Acknowledgement</a>
click this checkbox =>></strong><input name='terms' type='checkbox'></span>
</div>
<p><span class="style2">I have read and understand
the registration, rescheduling, and cancelation policies of {your
company here}. I have also read and understand the textbook requirements
for class(es) and will bring the appropriate books to the course. I
know I must prepare for class beforehand and bring any applicable
paperwork – completed pretests, verification materials and
copies of current course cards to the
course.</span><br></p>
</td>
</tr>
<tr>
<td colspan='9'>
<script language="Javascript">
<!--
function checkform(){
if (!document.registerShoppingCart.terms.checked) {
alert("At the top of this page, please agree to the Terms and Conditions. Thank you.")
return false}
if (document.registerShoppingCart.x_user1.value == ''){
alert("Please enter your Company Name or Attendee Name. Thank you.")
return false}
if (document.registerShoppingCart.x_user2.value == ''){
alert("Please enter your Professional Medical ID Number and Expiration Date. Thank you.")
return false}
if (document.registerShoppingCart.x_user3.value == ''){
alert("Please enter your Date of Birth (DOB). Thank you.")
return false}
if (document.registerShoppingCart.x_email.value == ''){
alert("Please enter your Email Address. Thank you.")
return false}
if (document.registerShoppingCart.x_phone.value == ''){
alert("Please enter Telephone Number. Thank you.")
return false}
}
// -->
</script>
< % rem SID: response.write (Session.SessionID) % >
< %
dim shoppingcart_total, buf, line_item
sql = " SELECT sc.Row_ID, sc.ClassEvent_Number, ce.ClassEvent_Title,
ce.ClassEvent_Dates, ce.ClassEvent_TimeFrame, ce.ClassEvent_Location,
sc.Qty, sc.Price, sc.Extended_Price from tbl_ShoppingCart sc,
tbl_ClassEvents ce where sc.ClassEvent_Number = ce.ClassEvent_Number AND
sc.SessionID = " & Session.SessionID
'response.write (sql)
set rs1 = Conn.Execute(sql)
if not rs1.EOF then
response.write ("<table border='0' cellspacing='0' cellpadding='10%' width='100%' cellpadding='0'>")
response.write ("<tr><td rowspan='10'><img src='images/shopping_cart_thumb.jpg'></td></tr>")
response.write ("<tr><td bgcolor='white'
colspan='8'><b><font face='Arial' size='+1'>Your Shopping
Cart</font></b></td></tr>")
response.write ("<tr><td
bgcolor='white'><b><font face='Arial'
size='-1'>Class</b></td><td
bgcolor='white'><b><font face='Arial'
size='-1'>Price</font></b></td><td
bgcolor='white'><b><font face='Arial'
size='-1'>Attendees</font></b></td><td
bgcolor='white'><b><font face='Arial'
size='-1'><center>Extended
Price</center></font></b></td><td
bgcolor='white'> </td></tr>")
Do While Not rs1.EOF
response.write ("<tr>")
response.write ("<td><font face='Arial' size='-1'> "
& rs1("ClassEvent_Number") & "," &
GetSQLText(rs1("ClassEvent_Title")) & ", " &
GetSQLText(rs1("ClassEvent_Dates")) & ", " &
GetSQLText(rs1("ClassEvent_TimeFrame")) & ", " &
GetSQLText(rs1("ClassEvent_Location")) & "
</td><td><font face='Arial' size='-1'><center>"
& formatcurrency(rs1("Price"),2) &
"</font></td><td><center><font face='Arial'
size='-1'>" & rs1("Qty") &
"</font></td><td><font face='Arial'
size='-1'><center>" &
formatcurrency(rs1("Extended_Price"),2) & "</font> </td>
" )
response.write ("<td> " & "<input type='button'
name='Remove' value='Remove' OnClick=" & chr(34) &
"window.open('register.asp?mode=delete&row_id=" & rs1("Row_ID")
& "', '_parent')" & chr(34) & "</td>" )
line_item = GetSQLText(rs1("ClassEvent_Number")) & ", " &
GetSQLText(rs1("ClassEvent_Title")) & ", " &
GetSQLText(rs1("ClassEvent_Dates")) & ", " &
GetSQLText(rs1("ClassEvent_TimeFrame")) & " @ " &
GetSQLText(rs1("ClassEvent_Location")) & ": "
buf = buf & line_item
shoppingcart_total = shoppingcart_total + CCur(rs1("Extended_Price"))
response.write ("</tr>")
'add firstdata x_line_item
'<input name="x_line_item" value="1<|>COURSENUM,COURSE TITLE, COURSE DATE TIME, COURSE LOCATION
<|>COURENUM,COURSE TITLE, COURSE DATE TIME, COURSE LOCATION <|>1<|>285.00<|>YES" type="hidden">
response.write ("<input name='x_line_item' type='hidden' value='"
& "1<|>" & line_item & "<|>" & line_item
& "<|>1<|>" & CCur(rs1("Extended_Price")) &
"<|>NO'>") & vbcrlf
rs1.MoveNext
Loop
response.write ("<tr><td bgcolor='white'
colspan='8'><p align='center'><b><font face='Arial'
size='-1'>Shopping Cart Total = " &
formatcurrency(shoppingcart_total, 2) &
"</font></b></td></tr>")
response.write ("<tr><td bgcolor='white'
colspan='8'><p align='center'><b><font face='Arial'
><a href='aspCalendar.asp'>Continue
Shopping</a></font></b></td></tr>")
response.write ("<tr><td bgcolor='white'
colspan='8'><p align='center'><font face='Arial'
size='-1'><hr>Note: To add more classes to your shopping cart
and certification renewal schedule for the year, please go back to the
<a href='aspCalendar.asp'>Calendar</a> and locate your next
class.</font></td></tr>")
response.write ("<tr><td bgcolor='white'
colspan='8'><p align='center'><font face='Arial'
size='-1'><hr><font color='red'><b>Additional
Information Required to Register, Check Out &
Pay</b></font>")
'required fields
response.write ("<br><br><b>Company/Attendee
Name:</b><br><input placeholder='Type your name or
company name' type='text' name='x_user1' size='35' maxlength='50'
style='background-color: #F9F8C7;'>")
response.write ("<br><br><b>MD/RN/Professional ID#
with Expiration Date</b><br><input placeholder='Type
your Professional ID# with Exp. Date MM/DD/YYYY' type='text'
name='x_user2' size='75' maxlength='75' style='background-color:
#F9F8C7;'>")
response.write ("<br><br><b>Date of Birth
(DOB)</b><br> <input placeholder='MM/DD/YYYY' type='text'
name='x_user3' size='20' maxlength='20' style='background-color:
#F9F8C7;'>")
response.write ("<br><br><b>Attendee Email
Address: </b><br> <input
placeholder='AttendeeEmailAddress@domain.com' type='text' name='x_email'
size='50' maxlength='75' style='background-color: #F9F8C7;'>")
response.write ("<br><br><b>Payee Email Address
(if different than Attendee Email address)</b><br> <input
placeholder='billingemail@domain.com' type='text' name='x_description'
size='50' maxlength='75' style='background-color: #F9F8C7;'>")
response.write ("<br><br><b>Telephone
#</b><br> <input placeholder='Phone (###) ###-#### Ext
###' type='text' name='x_phone' size='75' maxlength='75'
style='background-color: #F9F8C7;'>")
response.write ("</font></td></tr></table>")
response.write ("<br><center><input type='Submit'
name='Submit' value='Check out - Pay for Classes'></center>")
else
% >
<hr>
<div align="center"><font face='Arial' size='-1'
color='Red'>Your Shopping Cart is empty. Navigate to the <a
href="aspCalendar.asp">Calendar</a> page. Classes page offers
single class immediate registration, and the Calendar offers single and
multiple class registration and a shopping
cart.</font></div>
<hr>
< %
shoppingcart_total = 0
end if
% >
< %
'The x_fp_hash calculation is performed using the HMAC-MD5 key (the
Transaction Key from the Global Gateway e4^(SM) Payment Page
configuration) and the HMAC-MD5 message,
'or payload, as the concatenation of x_login, x_fp_sequence,
x_fp_timestamp, x_amount, and (if used) x_currency_code – all separated
by the ^ character
'(see also Section 6.1, "Essential Fields"). The value of the
Transaction Key can be found within the "Security” tab of the Global
Gateway e4^(SM) Payment Page configuration as seen in the image below.
dim x_login, trans_key, z_utc_time_stamp, m_utc_time_stamp, x_amount, fp_hash, fp_hash_message, currency_code, fp_sequence
x_login = "WSP-yourlogintokenhere"
trans_key = "YDp-yourtranskeyhere"
currency_code = "USD"
fp_sequence = "123456"
'z_utc_time_stamp = getUTCTime()
'z_utc_time_stamp = left(z_utc_time_stamp, len(z_utc_time_stamp - 4))
'm_utc_time_stamp = DateDiff("s", "01/01/1970 00:00:00", dateAdd("h", 7, Now()))
'm_utc_time_stamp = DateDiff("s", "01/01/1970 00:00:00", cStr(z_utc_time_stamp))
m_utc_time_stamp = getUTCTime()
x_amount = shoppingcart_total
fp_hash_message = x_login & "^" & fp_sequence & "^" &
m_utc_time_stamp & "^" & x_amount & "^" & currency_code
fp_hash = sha1.hex_hmac_sha1(trans_key, fp_hash_message)
% >
<input name="x_login" value="< %=x_login% >" type="hidden">
<input name="x_amount" value="< %=shoppingcart_total% >" type="hidden">
<input name="x_fp_sequence" value="< %=fp_sequence% >" type="hidden">
<input name="x_fp_timestamp" value="< %=m_utc_time_stamp% >" type="hidden">
<input name="x_fp_utc_timestamp" value='< %=z_utc_time_stamp% >' type="hidden">
<input name="x_fp_hash" value="< %=lcase(fp_hash)% >" type="hidden">
<input name="x_currency_code" value="< %=currency_code% >" type="hidden">
<input name="x_show_form" value="PAYMENT_FORM" type="hidden">
<input type="hidden" name="comments" value="< %=buf% >">
<input name="x_tax" value="0" type="hidden">
<input name="x_freight" value="0" type="hidden">
</td>
</tr>
<tr>
<td colspan="8">
<br><hr><center>
<span class="style16"><font face='Arial'
size='-1'><span class="style2">Group
Registration:</span></span><span class="style2"> If an
organization would like register more than one person, please Contact
{your company here} by telephone or email to arrange for a special group
order and available package discounts.</span>
</center><hr>
</td>
</tr>
<tr valign="top">
<td colspan="8"><div align="center"><span
class="style2">© 2009-< %=year(date())% > your company
here, All rights reserved.</span></div></td>
</tr>
</table>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p class="style1" style="margin-bottom: 0;"><br>
</p>
</form>
</div>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-yourSeoAnalyticscodehere");
pageTracker._trackPageview();
} catch(err) {}</script>
</body>
</html>