amazon payment gateway - amazon-web-services

Am doing one project ,
For that my client asked amazon payment gateway ,
So now i started exploring amazon payment gateway ,
This is the first time am looking the amazon payment gateway ,
I have registered in amazon payment gateway,
Please tell me PHP CODE snippet for amazon payment gateway ,
Thanks


Amazon has different payment products. Checkout by Amazon is their usual product, but it works best for products that you actually ship by mail. SimplePay is probably best for electronic goods and services - which I discovered too late. Make sure you sign up for the right thing. :)
Here's the PHP code for a "Pay Now" button for one item using a POST form submission:
// Key from Amazon
$merchant_id = 'your_id';
$aws_access_key_id = 'your_access_key';
$aws_secret_access_key = 'your_secret_access_key';
// Set up cart
$form['aws_access_key_id'] = $aws_access_key_id;
$form['currency_code'] = 'USD';
$form['item_merchant_id_1'] = $merchant_id;
$form['item_price_1'] = $price;
$form['item_quantity_1'] = $quantity;
$form['item_sku_1'] = $sku;
$form['item_title_1'] = $item_name;
ksort($form);
// Encode order as string and calculate signature
$order = '';
foreach ($form as $key => $value) {
$order .= $key . "=" . rawurlencode($value) . "&";
}
$form['merchant_signature'] = base64_encode(hash_hmac('sha1', $order, $aws_secret_access_key, true));
// Return string with Amazon javascript and HTML form
// Assumes you already have jQuery loaded elsewhere on page
// URL's link to live site, not sandbox!
$amazon_order_html =
'<script type="text/javascript" src="https://images-na.ssl-images-amazon.com/images/G/01/cba/js/widget/widget.js"></script>
<form method="post" action="https://payments.amazon.com/checkout/' . $merchant_id . '">';
foreach ( $form as $key => $value ) {
$amazon_order_html .= '<input type="hidden" name="' . $key . '" value="' . $value . '" />';
}
$amazon_order_html .= '<input alt="Checkout with Amazon Payments" src="https://payments.amazon.com/gp/cba/button?ie=UTF8&color=orange&background=white&cartOwnerId=' . $merchant_id . '&size=large" type="image"></form>';
return $amazon_order_html;


For simple pay when account is created, user will be given a sandbox access in which you find the "Merchant code" at this URL : https://sandbox.simplepay.hu/admin/partner/account/id(partnerid)

Related

Cross domain cookie - shared data between domains

I have been looking for any solution for my case, but I haven't found it. Therefore I decided to share my solution.
CASE
I want to share some user information between domains. It means I want to get all collected info about user who already visited my web1.com last week and come to web2.com right now. The user is for first time at web2.com but I already know who he is.

SOLUTION:
Requirements:
PHP server - central server whose generate cookies and serve user data
Database server (optionally) - keep cookies and user data (you can use file etc.) I'm using Postgres.
Possibility to include part of JS code into webs.
PHP server http://cookie-server.local index.php:
<?php
$hash = array_key_exists('my-cookie', $_COOKIE) ? $_COOKIE["my-cookie"] : NULL;
try {
$connection = new PDO("pgsql:dbname=cookie;host=localhost", 'postgres', 'postgres');
$data = findHash($connection, $hash);
if ($data) {
setcookie('my-cookie', $data['hash'], strtotime("+1 year"));
sendResponse($data);
} else {
$hash = generateHash();
$data = storeHash($connection, $hash);
setcookie('my-cookie', $hash, strtotime("+1 year"));
}
} catch (PDOException $e) {
echo $e->getMessage();
die();
}
function findHash($connection, $hash) {
$sql = 'SELECT * from cookie WHERE hash = :hash';
$stm = $connection->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$stm->execute(array(':hash' => $hash));
$result = $stm->fetchAll(PDO::FETCH_ASSOC);
if ($result === FALSE) {
printError($stm->errorInfo());
}
return count($result) > 0 ? $result[0] : NULL;
}
function sendResponse($data) {
header('Content-Type: text/javascript; charset=utf8');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Max-Age: 3628800');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE');
echo 'showData('. json_encode($data) .');';
}
function printError($error) {
echo 'SQL error: ' . $error[2];
die();
}
function generateHash() {
return $hash = md5(uniqid(mt_rand(), TRUE));
}
function storeHash($connection, $hash) {
$sql = "INSERT INTO cookie (id, hash) VALUES (nextval('cookie_id_seq'), :hash)";
$stm = $connection->prepare($sql);
$result = $stm->execute(['hash' => $hash]);
if ($result === FALSE) {
printError($stm->errorInfo());
}
return [
'id' => $connection->lastInsertId(),
'hash' => $hash,
'name' => ''
];
}
?>
Basic web page on web1.com (The JS code hast to be everywhere you need to know info about user)
<html>
<body>
WEB 1:<br> <span id="hash"></span>
</body>
<script type="text/javascript">
function showData(data) {
document.getElementById('hash').innerHTML = "<br>ID: " + data.id + "<br>Hash: " + data.hash + "<br>Jmeno: " + data.name;
}
var script = document.createElement("script");
script.type = 'application/javascript';
script.src = "http://cookie-server.local";
document.getElementsByTagName("head")[0].appendChild(script);
</script>
<script type="text/javascript" src="http://cookie-server.local">
</html>
Database:
How it works?
When user visit web1.com, the JS code execute and include
<script type="text/javascript" src="http://cookie-server.local"> to page head element. The browser try to download content of file and it execute PHP code on server. The server look at passed cookies and find out there is no my-cookie. Therefore it generate cookie hash, store it in database, set it to user (cookie with name "my-cookie" for domain cookie-server.local) and send user data with JSONP. For another request to server it find previously generated hash in database and only extends expiration and sends user data for sure. Since now, when this user open any other web page (web2.com...) with the JS code, you know who it is.

Amazon AWS: Sending email via SES beyond painfully slow

We have a PHP-based app (running on a t2.medium instance) that sends emails (to opted-in users only) via SES and both are located in the same region. The app was launched earlier this year and the sending of emails worked properly for months. We recently switched to sending via mailgun (so we could get more information on a problem we were having), but we did not change any of our SES settings. (Note: Our account is approved to send 50k emails per hours - we are trying to send several hundred.)
I wrote a adjunct utility for our app, which also sends emails, and I decided to continue using SES for this utility. A simplified version of the code follows. Note that I kept the layout of this test program as close to the actual utility as possible (and it should be obvious that the utility makes a database call, etc.)
<?php
require_once dirname(__FILE__) . '/PHPMailer-master/PHPMailerAutoload.php';
$mail = new PHPMailer;
$mail->isSMTP();
$mail->Host = 'email-smtp.us-west-2.amazonaws.com';
$mail->SMTPAuth = true;
$mail->Username = 'my_user_name';
$mail->Password = 'my_password';
$mail->SMTPSecure = 'tls';
$mail->From = 'from_sender';
$mail->FromName = 'WebTeam';
$mail->IsHTML(true);
$oldt = microtime(true);
while(true) {
$first_name = 'first_name';
$email = 'to_recipient';
$strCnt = 'many';
$subject = "Lots of great new things to buy";
$body = "<p>" . $first_name . ",</p>";
$body = $body . "<p>You have ' . $strCnt . ' new things to buy waiting for you. Don't let them slip by! ";
$body = $body . "Click <a href='http://fake_url.com'>here</a> to see them!</p>";
$body = $body . "<p>The Web Team</p>";
$mail->addAddress($email);
$mail->Subject = $subject;
$mail->Body = $body;
$newt = microtime(true);
echo 'email build done: ' . $newt - $oldt . PHP_EOL;
$oldt = $newt;
if(!$mail->send(true)) {
echo 'error sending email: ' . $mail->ErrorInfo . PHP_EOL;
} else {
$newt = microtime(true);
echo 'email sent: ' . $newt - $oldt . PHP_EOL . PHP_EOL;
$oldt = $newt;
}
$mail->ClearAllRecipients(); // added line
}
?>
Quite simple!
But, here's the rub. When I ran this the first time, the first email took less than one second to send, the second one took 31 seconds, and the third one required 191 seconds. I then added the one more line of code and ran the program again. This time, the first email took 63 seconds to send. After about 20 minutes, I ran the program a third time. This time, the first three emails were sent in less than one second each, but the fourth one took 191 seconds. I then ran it a fifth time, and the first email took 135 seconds to send. (Do note that all of the emails were received.)
What the heck is going on? More importantly, how do I resolve the problem?

This is not SES being slow. This is a documented, deliberate limitation on EC2 itself, with two possible workarounds.
From the SES documentation:
Important
Amazon Elastic Compute Cloud (Amazon EC2) throttles email traffic over port 25 by default. To avoid timeouts when sending email through the SMTP endpoint from EC2, use a different port (587 or 2587) or fill out a Request to Remove Email Sending Limitations to remove the throttle.
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-connect.html

How to use friends.get()?

I want to make further use of the API by obtaining the list of our user's friends and displaying their details in my application.
in old version, I use
$facebook->api_client->friends_get and
$facebook->api_client->users_getInfoBut in facebook 2012,i don't know how to use?
some body help me.

sample:
<?
// Remember to copy files from the SDK's src/ directory to a
// directory in your application on the server, such as php-sdk/
require_once('src/facebook.php');
$config = array(
'appId' => '*******',
'secret' => '************',
);
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
?>
<html>
<head></head>
<body>
<?
if(empty($user_id)){
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id="
. $GLOBALS['config']['appid'] . "&redirect_uri=" . urlencode($my_url)."&scope=friends_hometown";
echo ("<script> top.location.href='".$dialog_url ."' </script>");
}
// We have a user ID, so probably a logged in user.
// If not, we'll get an exception, which we handle below.
try {
$fql = 'SELECT pic_square,hometown_location,name,sex FROM user WHERE uid IN (SELECT uid2 FROM friend WHERE uid1 = me())';
$ret_obj = $facebook->api(array(
'method' => 'fql.query',
'query' => $fql,
));
$count=count($ret_obj);
echo '<pre>';
for($i=0;$i<$count;$i++){
echo 'Name: ' . $ret_obj[$i]['name'];
echo '<br />';
echo 'Sex:' . $ret_obj[$i]['sex'];
echo '<br />';
echo 'Home :' . $ret_obj[$i]['hometown_location']['city'];
echo '<br />';
}
// FQL queries return the results in an array, so we have
// to get the user's name from the first element in the array.
echo'</pre>';
} catch(FacebookApiException $e) {
error_log($e->getType());
error_log($e->getMessage());
}
?>
</body>
</html>
you can use php Sdk
& to get Friends of users
use this code
$friends=$facebook->api('me/friends/,'GET');
& about information it depends on what information you want if you just want name & other very public infos the code above is enough

Is this code Oauth 2.0 compatible?

Facebook announced that all apps must migrate to OAuth 2.0 by 1st of October 2011
October 1, 2011 OAuth 2.0 Migration As we announced in May, all apps
must migrate to OAuth 2.0 for authentication and expect an encrypted
access token. The old SDKs, including the old JS SDK and old iOS SDK
will no longer work.
Read more here: https://developers.facebook.com/docs/oauth2-https-migration/
Now I am pretty confused by all the different flows and versions. I have a simple authentication going on that looks basically like this (I stripped the un essential parts)
## setup ###
$url = "https://graph.facebook.com/oauth/authorize?client_id=".$this->appid."&redirect_uri=".$myurl;
header("Location: $url");
exit();
and when the user returns...
## authentication check ##
$code = isset($_GET["code"]) ? $_GET["code"] : false;
if(!$code) {
// user has not authenticated yet, lets return false so setup redirects him to facebook
return false;
}
$url = "https://graph.facebook.com/oauth/access_token?client_id=".$this->appid."&redirect_uri=";
$redirecturl = urlencode($redirecturl);
$url .= $redirecturl;
$url .= "&client_secret=".$this->secret;
$url .= "&code=".$code;
$data = $this->get_data($url); // fetches content over https
parse_str($data,$data);
$token = $data['access_token'];
$data = $this->get_data('https://graph.facebook.com/me?access_token='.urlencode($token));
$data = json_decode($data);
$id = $data->id;
if($id > 0) {
// yeah authenticated!
} else {
// login failed
}
Is this method ready for the compulsory migration?

short answer... it is..................

Facebook: retrieving Request object (from request_id) before authorization using JS SDK

When a user comes into my app via an apprequest, Facebook appends a request_id to the URL.
I am trying to access this object before the user authorizes my application. When I try to make the api call:
FB.api('/'+requestId, function(response){ console.log(response); });
it returns the following:
error: Object
message: "An access token is required to request this resource."
But I should have access since it was my app that sent the request in the first place!
I did some digging, and I noticed that on the PHP side, it will use the user_access_token if available, and the app_access_token otherwise.
Is this a security limitation (i.e: cannot expose the app_access_token on the client side) or am I doing something wrong?
Any insight would be helpful. Thanks!

when you make a request to /{user_id}/apprequests you have to have authorized the user already...
Since the request was created by your application - only your application can manage -ie delete or read requests that were sent. Essentially, before the user authorizes you app he/she is anonymous to your application - therefore it would not be possible to read that users requests because you "dont know" who they are...
Hope this helps...

The following blog posts describes how to interact with requests and should hopefully answer your questions.
http://developers.facebook.com/blog/post/464
<?php
$app_id = 'YOUR_APP_ID';
$app_secret = 'YOUR_APP_SECRET';
$token_url = "https://graph.facebook.com/oauth/access_token?" .
"client_id=" . $app_id .
"&client_secret=" . $app_secret .
"&grant_type=client_credentials";
$access_token = file_get_contents($token_url);
$signed_request = $_REQUEST["signed_request"];
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
$user_id = $data["user_id"];
//Get all app requests for user
$request_url ="https://graph.facebook.com/" .
$user_id . "/apprequests?" .
$access_token;
$requests = file_get_contents($request_url);
//Print all outstanding app requests
echo '<pre>';
print_r($requests);
echo '</pre>';
//Process and delete app requests
$data = json_decode($requests);
foreach($data->data as $item) {
$id = $item->id;
$delete_url = "https://graph.facebook.com/" .
$id . "?" . $access_token . "&method=delete";
$result = file_get_contents($delete_url);
echo("Requests deleted? " . $result);
}
?>
You have access to the app generated requests as the user follows the request via your app token but you need the user token to access the rest of the users requests.