I want to add a payment gateway to my OpenCart site. I have received the following code from my bank that is providing the gateway. The problem is, I don't know where or how to put it. Please can anyone help?
The code is as below:
<script type= "text/javascript" src= "https://www.ubacipg.com/MerchantServices/UPaybutton.ashx?mercId=<merchant_id>&CurrencyC ode=<crr_code>"></script>
<script type= "text/javascript" >
upay_settings.setAmountField( '<amount_field_id>' );
upay_settings.setOrderIdField( '<order_field_id>' );
upay_settings.setProductField( '<product_field_id>' );
upay_settings.setEmailField( '<customer_email_field_id>' );
</script>
Short answer: You have to put this code into the payment's type template.
Long answer: You would have to implement Your own payment type module - the best way for Your case is to start with copying (and renaming) of bank transfer payment module. You would have to copy and modify all the administration (backend) files as well as all the frontend (catalog) ones.
The frontend's controller should have at least two methods (You can look into other payment modules like PayPal, Amazon, eBay etc. that comes already with OC) - index for just displaying of the code above in Your question and confirm (or callback) for the response request from the bank (so that You could confirm or deny the order).
If You have some experience with OpenCart this shouldn't be a life killer...
Related
I'm trying to set up a platform that uses Stripe, and since I need marketplace type of setup I'm using Connect, which does payments and payouts.
I'm testing on local and the redirect URLs I've tried don't seem to work. After registering with Stripe, I'm still taken to their default redirect URI, which says:
Congrats, you're almost done setting up your application! After
connecting with Stripe, your users will be redirected to a page of
your choosing (this is just the default). Make sure to change the test
redirect URI under your application settings to something that makes
sense on your own server (or localhost).
However, I have tried all of these as redirect URIs in my Stripe Connect Dashboard, under the 'testing' option:
http://localhost:8000/test-stripe/connect/default/oauth/test
http://localhost:8000/test-stripe/oauth/callback
http://localhost:8000/test-stripe/
These are supposed to be the URI that Stripe redirects back to on my site, with an added parameter at the end.
Am I missing something? I find their documentation labyrinthine, as you have to click on link after link to get one part of their solution working, and then see if you can find your way back to where you left off. Maybe I missed something along the way.
The test link to Stripe:
<script
src="https://code.jquery.com/jquery-3.4.1.slim.min.js"
integrity="sha256-pasqAKBDmFT4eHoN2ndd6lN370kFiGUFyTiUHWhU7k8="
crossorigin="anonymous"></script>
<h2 style="margin-top:50px;">Testing Stripe...</h2>
{% csrf_token %}
<a id="test-stripe" href="https://connect.stripe.com/express/oauth/authorize?redirect_uri=https://stripe.com/connect/default/oauth/test&client_id=ca_FXp5f7CsYa0ddYm2Jri4zflYuMIPp5wT">stripe</a>
<script>
var token = $("input[name=csrfmiddlewaretoken]").val();
var stripeLink = document.getElementById("test-stripe");
stripeLink.href = stripeLink.href + "&state="+token;
</script>
Thanks in advance for any tips.
Solved. I still had Stripe.com's redirect_uri parameter in the URL - oops.
I made a personal website (http://www.soyoungpark.online) using domain bought from GoDaddy and hosted on AWS s3. I set up everything and thought things were working until I put a simple link to my linkedin profile. When I check the network panel, I see that status code is 200 OK but for the response..there is nothing. The code itself doesn't seem to be problematic; it is simple a with href of the desired link. So I am guessing something could be wrong with my AWS s3 settings? Anyone with similar experience?
It's likely that these services include a header option called "X-Frame" that for security prevents them from being loaded within another site:
The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object> . Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites. Source: X-Frame-Options
This does look to be the case when attempting to view Linkedin per your example:
Refused to display 'https://www.linkedin.com/in/exampleuser' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
That said, applying a target Attribute to each to open in a new tab or window should allow these outside services to be navigated to.
e.g:
<a href="https://www.linkedin.com/in/exampleuser" target="_blank">
Hello I am using the HelloSign API, looking to test the embedded signing feature. How am I able to test the embedded document to sign on my test site? I am using the nodejs SDK along with AngularJS. Thank you in advance.
Here's the general walkthrough for embedded signing, which walks you through the server side and client side steps: https://app.hellosign.com/api/embeddedSigningWalkthrough
Here's an FAQ on testing locally: https://faq.hellosign.com/hc/en-us/articles/217048987-What-tools-can-I-use-to-test-the-API-and-callbacks-locally-
For greater detail, please write into apisupport#hellosign.com.
-First thing is create an account with Hellosign
Next thing is creating your API KEY from your registered account.
Create an API App with your registered hellosign account (This is important because during the setup it will ask for the URL where the Iframe will be created.)
Now to use it simply include this script (<script type="text/javascript" src="https://s3.amazonaws.com/cdn.hellosign.com/public/js/hellosign-embedded.LATEST.min.js"></script>).
And then finally do this in your client side component file
HelloSign.init("CLIENT_ID");
HelloSign.open({
url: "SIGN_URL",
allowCancel: true,
messageListener: function(eventData) {
// do something
}
});
And Voila..!! It will work.
In my web application, I have a path as /search.
I also have a cookie named city set as CityA or CityB depending on what the user selected previously. I have set up Google Analytics to monitor the Visitor Flow.
My question is, how can I override the path /search to show up as /cityA/search or /cityB/search in the Analytics Behavior Flow menu, depending on the cookie value?
PS. It is a Rails app and actually changing the URL is not feasible at this point, since I will then have to reconfigure my Routes.rb file and update links everywhere.
Edit:
I have to use ga.js. Moving to Universal Analytics(analytics.js) is beyond my control at the moment.
In your analytics.js snippet you should see the following line:
ga('send', 'pageview');
You can pass an additional argument to the send method that overrides the page path. In your case it would look something like this:
ga('send', 'pageview', {
page: 'cityA/search'
});
You'd have to add some Rails logic in your .erb file to adjust the page value based on the cookie, but that shouldn't be too much trouble.
For reference, here's some information on the send method and the arguments it accepts:
https://developers.google.com/analytics/devguides/collection/analyticsjs/method-reference#send
I'm building a flash game that uses Django as a backend.
I currently have an api endpoint set up using django-tastypie, which the flash app can call to receive JSON data for populating the application.
I understand using simple django views, and templating system, one is able to simply include a csrf_token in a webpage with the aid of the middleware.
My problem now is trying to post data back to the server without using csrf_exempt, and the flash application ideally, can be run without inserting params tags. Hopefully, a standalone swf file that'll work as it is.
How would one get a csrf_token into the flash app so it can post data back to the server without security concerns?
If the csrf_token way is not possible, are there any other ways to post data securely?
I have searched many avenues leading to similar questions, but many are unanswered.
Maybe I'm missing something here as I'm engrossed in my perspective. I hope someone can enlighten me on better ways to do it.
Thanks in advance.
It sounds like you may have two problems:
How do I actually send the CSRF token with my POST requests from Flash?
Django also accepts CSRF tokens via the header X-CRSFToken. See the docs here.
You can append headers to your request like so:
var req:URLRequest=new URLRequest();
req.url="http://somesite.com";
var header:URLRequestHeader=new URLRequestHeader("X-CSRFToken","foobar");
req.requestHeaders.push(header);
URLRequests docs are here.
How do I get the CSRF token into my Flash file in the first place?!
(Option A) Because CSRF tokens are generated on a per request basis (e.g., with templating a traditional HTML form, on a GET request) the simplest thing to do is to pass the CSRF token to the Flash file via a templated parameter. Something like: <param name="csrf_token" value="{{ my_csrf_token }}" />
(Option B) It sounds like you don't want to do the parameter thing, so your final option is to build a custom Django view which has the sole functionality of delivering a CSRFToken to your Flash file. So the Flow would be your Flash file loads, your Flash makes a GET request to http://mysite.com/csrf_token/ which simply returns a valid CSRF token, and then you can use that token to do your POST. (Note you will need to do a GET request for each POST request).