(4 votes, average: 4.00 out of 5)
Loading ...Few days back I had to integrate EPDQ CPI for 2 domains where the client wanted to use their existing EPDQ account for both domains. The problem integrating EPDQ for multiple domains is, EPDQ allows one url for each account called “Allowed URL” that is the allowed url to POST requests to EPDQ; and also it provides one url called “Post URL” where it sends the response back to the server after the transaction.
The Solution
To solve this problem, there is a section in the EPDQ integration doc called “Jumping page” where they describes the theory of creating a single page for all the domains, which would work as a common gateway between EPDQ and the domains. What they did not mention in their doc is, what about the information returned back to domains? As different domains have their own databases we have to distribute the responses coming back from EPDQ to the corresponding domain that made the payment request.
In this article I am not writing the whole procedure of integrating EPDQ with any e-commerce site. You can find it here. I am considering you already have integrated EPDQ for a single domain.
For your EPDQ account to work with multiple domains, you’ll need to add 2 scripts (I call them gateway scripts). One is the “Allowed URL” and another one is the “POST URL”. Lets call the “Allowed URL” script epdq_request.php and the “POST URL” script epdq_response.php.
Don’t worry, I have added the sample scripts at the end of the article 
Now follow the steps below:
- Put the scripts in any of your domains. Please remember, EPDQ requires the
epdq_response.phpscript to be put in a folder protected by basic authentication (although it worked without any authentication ). - While integrating EPDQ, after encrypting your order detail(see the integration document about encrypting) with the encryption tool, on the final step you’ll need to submit the encrypted data to EPDQ server using a form. The “action” url of the form is this -
https://secure2.epdq.co.uk/cgi-bin/CcxBarclaysEpdq.e
Replace this url by your
epdq_request.phpurl which’ll be something like this:https://YOUR_DOMAIN/epdq_request.php. So all the requests from any of your domains will be submitted to this script. Easy!! - Now, how to differentiate among the responses? How do we know which response is made for which domain? At this stage, we need to do some tricks. When we send request to EPDQ encryption tool, we add a field called
oid(or order id) which is the order id in our databases. Lets assign different prefixes for each domains and add them withoidfield before we send it to EPDQ. This’ll let us know which order is made from which domain. For example, domain1.com is assigned a prefix D1, similarly domain2, domain3 are assigned prefixes D2, D3 respectively. When any order is made from domain1(let say order id 123456), we add the prefix “D1-” with it. So the EPDQ order id will be “D1-123456″ for domain1. In the same way, orders from domain2 and domain3 will have EPDQ order ids like “D2-123456″, “D3-123456″ respectively. - There’ll be different scripts in different domains that handle the EPDQ responses and update their corresponding order (or database) depending on orders being successful or not. We will map these scripts in our
epdq_response.phpscript against the domain prefixes. In my script I have built an array like this:
$domainMap = array(‘D1′ => ‘http://domain1.com/epdq_handler.php’,
‘D2′ => ‘http://domain2.com/epdq_handler.php’,
‘D3′ => ‘http://domain3.com/epdq_handler.php’);Script is given at the end of the article.
- Now login to your Barclaycard EPDQ account and set the “Allowed URL” and “POST URL” to
http://YOUR_DOMAIN/epdq_request.phpandhttp://YOUR_DOMAIN/PROTECTED_FOLDER/epdq_response.phprespectively. Add the username and password for you password protected directory where you have put theepdq_response.phpscript. Save your settings. EPDQ takes 10 to 15 minutes to update the settings.
That’s all. You are all set to go. Now all the order requests from all the domains will be submitted to epdq_request.php script and it’ll send the requests to EPDQ and all the responses from EPDQ will be sent to epdq_response.php script and it’ll distribute the responses depending on the order id prefix. Hope it helps!!
#1 by Moyassar Anwar on September 20th, 2010
I tried searching everywhere to guide me on how to set up multiple websites to work with the same epdq but had no luck. Your help is much appreciated and I wish you the best of luck to succeed in life!
#2 by Personal Performance on January 13th, 2011
Hi, thanks for this great little script that I’m trying to use on our site at http://www.myperformancepitstop.com and http://www.myperformancepitstop.com/us
Both sites are running on Drupal but the message doesn’t seem to be coming back to the script from Barclaycard. Can you think of anything I might have missed and what is the best way to debug this as I think the message is server to server so cant see anything in the browser. I’m assuming server logs but my host doesn’t seem to make these available until 24 hours later.
BTW the live site doesn’t have the script yet, it’s on the test sites.
Cheers
Andrew
#3 by Imran on January 18th, 2011
Did you follow the Step 5? You need to tell Barclaycard to send the response to your script.
As you said, the live site is not using it, I believe you have not updated the ‘Allowed’ and ‘POST’ urls.
If you have already done it, you may check your server access log to check if barclaycard ever sent anything to the script or not.
#4 by Steve on January 24th, 2011
Your information is very helpful, but I wanted to check something, we want to integrate with WHMCS, ( we have had epdq running with an OsCommerce shop for a few years ok)
So the urls for OsCommerce shop is POSTURL = http://www.oursite.com/cpi/complete.php
and ALLOWED URL = https://www.oursite.com/checkout_confirmation.php
Our WHMCS url is http://www.oursecondsite.com/paymentredirect.php
so which urls would we include in the $domainMap array in epdq_response.php ?
#5 by Arup Chakraborty on January 28th, 2011
Hello Imran,
I have gone through your blog it is quite helpful. But currently I am working on a project where I need to integrate Single Barclaycard EPDQ MPI account for multiple domain. Since I don’t have any experience with this payment gateway hence I would like to take your advice to do this work. Please guide me.
I have few queries……
1) Will the step will be same for MPI account for multiple domain? (since your example is for CPI account)
2) How the hidden values will be send to the Barclaycard payment gateway?
3) How return url will back to the partcular domain in case of multiple domain?
Expecting your favourable response. And if possible send me few sample codes.
Regards
Arup Chakraborty
#6 by Imran on January 31st, 2011
Hi Arup
1. I have not worked on MPI account but it should work. The basic idea is to route the requests from different domains to a single page and similarly get the response to a single page and send them to its originating domain by adding domain prefix (described in step 4).
2. Any kind of filed (hidden or not) can be sent via curl.
3. Check step 4.
Thank you
#7 by Andrew Loose on March 25th, 2011
Hello Imran!
I’m heading towards a situation such as you describe. What you have written makes a lot of sense – and for the script I thank you.
I have a question: How does one add the D1, D2, etc to the oid values coming from (in my case) two different sources? Presumably I have to alter the payment gateway scripts (from different software suppliers) for my two modules in some way. Please help!
Many thanks
#8 by Imran on March 25th, 2011
Hi Andrew,
You are right. You need to modify the payment gateway scripts to add the order id prefixes (D1, D2) before the order information is encrypted. (step 3)
#9 by Steve on March 28th, 2011
Hi..
The scripts are fantastic…
However… (you knew that was coming *grin*)
I am trying to implement the above and its failing… I am using a drupal module designed for epdq.
The server sends a respose to the epdq_respose.php script which seems to be arriving, but then the browser is being redirected to the same epdq_response.php and generating an error.
Should it have three scripts? 1 to send, 1 for the responce from the transaction and 1 for the responce the user’s browser should show.
The return url is trying to access the passworded directory script as well which fails due to the directory being passworded.
Or am i missing something….
I will have a read at the developer doc’s.
Any help would be appreciated.
Regards
Steve
#10 by Steve on March 28th, 2011
Forgot to mention… I have 2 sites using zen cart and one using drupal ubercart…
Zen cart would need a lot of work to add a prefix of “D1-” to the order ID so I thought of using order id’s as such…
site 1 = 1000001
site 2 = 2000001
Site 3 = 3000001
There are limitations to this method i.e. when the order id gets to 1999999 but zen cart v3 which is in the pipelines is supposed to have a very flexible order id facilites.
I was also thinking of changing the scrips to add the prefixed and then remove them when posting back to the originating website.
Hope that makes sense too.
Regards
Steve
#11 by Steve on March 28th, 2011
Hmm, my initial idea is not going to work; well, not with drupal… the oid is encrypted before it hits the script… and I don’t fancy hacking the drupal module
#12 by Imran on March 29th, 2011
Hi Steve,
Sorry for replying late.
Not sure why your browser is redirecting to epdq_response.php as there is no code in the script to redirect the browser. User cannot see or realize that EPDQ has sent the data in epdq_reponse.php, this is a backend work to create the order. Please make sure you have added it on POST URL field in epdq admin.
Adding the order prefix in Zencart is not very hard. You need to edit the EPDQ payment module file “includes/modules/payment/epdq.php”. I am not good in drupal, sorry can’t help you.
You already have found that, you cannot add the prefix on the request script as the order id is encrypted before it is sent to EPDQ.
Imran
#13 by Andrew on April 15th, 2011
Imran:
I had to leave my eCommerce venture for awhile – in fact I gave up on CubeCart and have moved to CsCart instead.
They’re quoting a post url which refers to the SENDING php script but has a long string after it LIKE this:
epdq.php?hash=7×3515b91046tva2v200ad7733g88q
Can you comment on how this post url will fit with your scheme of things…. I’m baffled as this epdq.php file is the one doing the sending to ePDQ which I would have thought would be the allowed url.
However, in the CsCart package the allowed url is quoted as the main index.php file which seems to call two other php files which initialise the whole package on entry to the store website.
#14 by Andrew on April 19th, 2011
Imran:
Please ignore my comment #13 above – I must have had a “senior moment” as we say!
I am currently stuck with getting a “Not a valid URL” message when trying to access ePDQ from epdq_request.php. I’ve set the new URL etc at ePDQ but no joy as yet.
It cannot be long before I’ve cracked it though. Yur basic method is very helpful.
Andrew
#15 by Imran on April 20th, 2011
Hi Andrew,
Where did you see the “Not a valid URL” message? On your apache log or somewhere?
Is it coming from EPDQ? Make sure your changes in EPDQ are affective. EPDQ takes some time to update their database.
Imran
#16 by Andrew on April 22nd, 2011
Imran:
Yes! I found that out the hard way. When ePDQ says update has been successful they don’t actually mean it! The update process, I’ve discovered, is as you say…. it takes time.
Redirecting to ePDQ is working OK now. I’m now looking at the epdq_response.php file.
Putting in the POST URLs in the array is OK. Somewhere, though, I need to take out the prefix D1, D2 ect from the oid which it receives back otherwise the shopping cart program won’t recognise the oid in its database.
As a newbie to php I’m on a steep learning curve. I normally use modules (Joomla) and shopping carts I pay for! Here the tweeking is in PHP and that’s what I’m now teaching myself. (All good fun and good for my retired brain, no doubt.)
Nearly there…..
#17 by Andrew on April 22nd, 2011
Imran:
In your epdq_response.php script, am I to assume that the line:
if(preg_match(‘/^’ . $key . ‘\-/i’, $_POST['oid'])){
means that you expect the D1, D2 prefixes to be followed by a dash?
e.g. oid is D1-13906 or D2-P3568
If not, then the \- is baffling me! (and that’s easy to do at the moment.)
Thanks
#18 by SAMIR KUNDU on April 26th, 2011
Hello Imran
RE: Barclaycard ePDQ (MPI)
Reading your blog, is breath of fresh air to me. Since, I don’t have any experience and I am not a software expert so, please help. It’s fora commercial reason I am writing to you.
I need to integrate single Barclaycard ePDQ (MPI) for three websites.
Obviously, I would pay for solving my Ecommerce problem. Either yourself or someone who would be prepare to undertake my project. If I may have your telephone number, so I can discuss over the phone.
Look¬ forward to hearing from you soon.
Thank you.
Samir
Samir_kundu@samirkundugroup.co.uk
Tel: +44 (0) 191 514 2483
#19 by Rob on October 9th, 2011
Hello Imran,
I have a question about the multi site epdq (very glad I found it BTW!). Am I right that the prefix code is added to the existing site scripts before it gets to request.php and then stripped out again after response.php? I think that’s right but not quite sure…
Rob
#20 by Imran on October 11th, 2011
Hi Rob,
Yes your are correct. The prefix is just to differentiate the requests from different domains. Thanks for your comment, and sorry for the late reply.
#21 by Dev on October 16th, 2011
Hi Imran
This is very useful thank you,
ICan you clarify to me what the epdq_handler.php does, my understanding is the epdq_response.php posts all the payment data to it, then I use epdq_handler.php to updates my database based on the transactionstatus.
Also will the returnURL page show after the epdq_handler.php is done?
Thank you
Dev
#22 by Imran on October 16th, 2011
Hi Dev,
You are correct about epdq_handler.php, these are the files, that update the order databases of corresponding domains.
The ReturnURL is not related to epdq_handler.php. The “return url” is sent (as a hidden field) along with the order information while user checks out. For multiple domains, you should set domain specific “return url” and user will be returned back to that page after they have made the payment. It is generally the checkout success page that site owner wants to show the user after they have made the order.
#23 by David on January 28th, 2012
I have this almost working
I am integrating in with WHMCS and OsCommerce
The OsCommerce payments are going from our shop via your script (on another domain) to epdq ok, the payment is being taken successfully but the path back does not work
the customer gets an error message of “Invalid Access !!!”
Looked and this in code for epdq_response.php
the url has an order id from our shop tagged on i.e. epdq_response.php?oid=38575
What could we have wrong that would cause this error ?
#24 by David on January 28th, 2012
finally in our epdq_response.php we have the prefixes mapped as follows:-
$domainMap = array(‘D1′ => ‘http://www.shopdomain.com/epdq_success.php’,
‘D2′ => ‘http://www.domaintwo.com/paymentredirect.php’);
the paymentredirect.php file is the epdq handler for whmcs and the epdq_success.php is our oscommerce handler script
Hopefully there is something trivial here we have wrong
#25 by Imran on January 30th, 2012
Hi David,
Sorry for replying late.
“Invalid access” should be displayed only when user try to access it directly or technically, if no data has been sent via “POST” method (the way EPDQ sends data)
Could you please try replacing
if (strtoupper($_SERVER["REQUEST_METHOD"]) == “POST”){
by
if (isset($_POST)){
Let me know if this helped.
#26 by David on January 30th, 2012
ok so can you clarify what urls I should have set for the prefixes in epdq_response.php ?
should D1 and D2 be the standard epdq handler urls set before then ?
#27 by David on January 31st, 2012
oh and should the epdq returnurl hidden field specified by our oscommerce site be set to its own internal handler or to the epdq_response.php ?