AuthorizeNet_AIM - Payment processing tag for Lasso Professional 8 and the Authorize.Net AIM v3.1 payment processing gateway
Read the article AuthorizeNet_AIM - Payment processing tag for Lasso Professional 8 and the Authorize.Net AIM v3.1 payment processing gateway.
This tag is an update to the AuthorizeNet_AIM payment processing tag for Lasso 8 and the Authorize.Net AIM v3.1 payment processing gateway.
This tag has one required parameter, -AIMParams
, and two optional parameters, -testdeveloper
and -testrequest
.
-AIMParams
is an unnamed map of name/value pairs representing the parameters to be passed to Authorize.Net.
-testdeveloper
is a boolean that when TRUE
submits a test transaction to Authorize.Net's "test" URL. Default is FALSE
.
-testrequest
is a boolean that when TRUE
submits a test transaction request to the designated URL ("test" or "secure") as set in the tag configuration or by the -testdeveloper
keyword parameter. Default is FALSE
.
This tag returns a value which is either a string or a map.
- If the returned value is a string, the string is a plain text error message returned by Authorize.Net indicating that you have not properly configured the Authorize.Net Merchant Interface or this tag's settings.
- If the returned value is a map, it contains the key/value pairs of non-empty parameters in the response returned by the Authorize.Net gateway.
If you like this tag or documentation, or think I need to spend less time at the computer and take my wife out on a date night, then consider sending a donation via PayPal.
Boogy accepts donations of biscuits and cabbages. woof.
It is highly recommend to store the AuthorizeNet_AIM
tag in a location on your web server that cannot be served, preferably outside of your web root. You do not want your login or transaction key to be served as a plain text file.
Configuration includes:
- configuring the Authorize.Net website Merchant Interface,
- setting values in this tag, and
- passing values into this tag as a map of key/values.
In the Authorize.Net Merchant Interface Account > Settings > API Login ID and Transaction Key, obtain your transaction key.
Edit this method by entering your transaction key, and saving the file.
Next configure the response delimiter character, under Account > Settings > Direct Response.
Use a pipe and no encapsulation characters:
Delimited Response | (X) Yes ( ) No |
Default Field Separator | | (pipe) or [ ] |
Field Encapsulation Character | [blank] or [ ] |
If you do not use the above settings, then you must change the corresponding values as defined elsewhere in this tag.
You can choose to either set configuration values in this tag below, or pass them in as values in the map of AIM parameters. Any values passed into this tag will override their corresponding values entered below.
In your page that calls [AuthorizeNet_AIM]
, build a map of parameters to send to the tag.
local('AIMParams') = map(
'x_first_name' = #first_name,
'x_last_name' = #last_name,
'x_amount' = #amount,
... and so on...);
When calling [AuthorizeNet_AIM]
, store the results in a variable. This will allow you to easily code logic in your page to take appropriate action based on the results (Response Code, etc.) from Authorize.Net.
local('aim_results') = AuthorizeNet_AIM(#AIMParams);
Optionally, use the following following parameters.
-testdeveloper=TRUE
submits a test transaction to Authorize.Net's "test" URL. Default is FALSE
.
-testrequest=TRUE
submits a test transaction request to the designated URL ("test" or "secure") as set in the tag configuration or by the -testdeveloper
keyword parameter. Default is FALSE
.
-curl=TRUE
submits parameters via cURL
, os_process
, and shell
, instead of Lasso's include_url
. It also checks for the installation of both os_process
and shell
, and returns an error if they are not. This is a workaround for a bug reported to LassoSoft on March 19, 2016 and discussed on LassoTalk. Default is FALSE
.
-tlsv12=TRUE
uses TLS v1.2 when executing cURL
and when -curl
is TRUE
. If -curl
is FALSE
, then this setting is ignored. Default is FALSE
.
The following sends a map of parameters to the tag, which posts the parameters to Authorize.Net's test server as a test transaction request.
local('aim_results') = AuthorizeNet_AIM(
#AIMParams,
-testdeveloper=TRUE,
-testrequest=TRUE,
-curl=TRUE,
-tlsv12=TRUE);
// evaluate results and make appropriate decisions
if(#aim_results -> find('x_response_code') == '1');
// transaction approved
else;
// transaction failed
select(#aim_results -> find('x_response_code'));
case('2');
// declined
case('3');
// transaction processing error
case('4');
// held for review
case;
// undefined error
/select;
/if;
I recommend displaying a simple error message "Your request could not be processed. Please contact us at _____ during normal business hours." Don't encourage users to try again because it will just frustrate them, or possibly cause much worse problems (multiple payments, trigger an over limit event, trigger a fraud alert with the card issuer, etc.). And in the case of actual fraud, you don't want to tip off the fraudster of why the transaction was declined.
#sample_msg -> append('Thank you, ' + #aim_results -> find('x_first_name')
+ '! You have personally enriched me by $'
+ #aim_results -> find('x_amount') + '.');
You can add merchant-defined results labels to #aimresultlabels
, and access them after they are echoed by Authorize.Net.
Here is a code sample that sends an authorize-only transaction to the Authorize.Net test server.
[
local('AIMParams') = map(
'x_login'='ENTER_YOUR_LOGIN',
'x_tran_key'='ENTER_YOUR_TRANSACTION_KEY',
'x_type'='auth_only',
'x_card_num'='5424000000000015', // dummy CC#
'x_exp_date'='1220', // December 2020
'x_amount'='0.01');
local('results') = authorizenet_aim(#AIMParams, -testdeveloper=true);
#results;
]
See the comments embedded in the tag's code for proper configuration.
For rapid testing:
- Copy the files
AuthorizeNet_AIM.inc
andAuthorizeNet_AIM.lasso
to your web server. - Configure settings in both files accordingly. The settings in the latter override the former.
- Save and load
AuthorizeNet_AIM.lasso
to see the results.
The following information does not constitute an endorsement, warranty or guarantee of service. This information is provided for the sake of comparison. These are the lowest fees I have found over the years.
For further information on developing for AIM, download the AIM Guide.
You can sign up for a developer sandbox account, or you can have the client purchase their own Authorize.Net payment gateway account and create a "webmaster" user that has the required access.
In addition to this tag, the following are requirements.
- Dedicated IP for TLS (~$10/month).
- TLS.
- Secure certificate, starting at $10/year from NameCheap, or use Let's Encrypt for a free secure certificate. You can support the continued development of the
AuthorizeNet_AIM_9
method using my NameCheap referral link. - Merchant account that accepts payments over the Internet. If you need a merchant account, you can support the continued development of the
AuthorizeNet_AIM_9
method using my Capital Merchant Solutions referral link. As of May 28, 2014, the merchant account costs $8.95/month (for a statement fee), plus 2.14% of the transaction amount and 24¢ per transaction. Everything else is free. - Payment gateway (an Authorize.Net account, for example). Some entities already have a merchant account, so sometimes it is easier to add this feature to their existing merchant account. I am an Authorize.Net reseller. You can support the continued development of the
AuthorizeNet_AIM_9
method by following my Authorize.Net reseller link. Effective July 1, 2016, the cost is $15/month, with a $25 account setup fee, $0.05 per transaction, and $0.07 per batch of transactions in a given day. - A combined payment gateway and merchant account is also available from Authorize.Net. You can support the continued development of the
AuthorizeNet_AIM_9
method by following my Authorize.Net reseller link. Effective July 1, 2016, the cost is $15/month, with a $25 account setup fee, and a 2.9% plus $0.30 per transaction fee. This option may be more convenient, especially for new online merchants or for processing a small number of transactions.
I am available as a consultant for ecommerce solutions. Please visit Services for more information.