Return URL with IPN (Instant Payment Notification)

For normal payment flow, the buyer browser is being redirected to a hosted payment page, financial institution or channel page(if any), and then returned to the merchant website or system. Users might close the browser any time throughout the payment process, even if the payment is completed, successfully or failed. Another possible reason that rarely happens is the network connectivity issue. As a result, the payment gateway is unable to update the merchant system on the payment status. Therefore, merchants are recommended to implement IPN to acknowledge(ACK) upon the receiving of status from gateway. Otherwise the callback worker will resend the payment status within a time interval.

Implementation:

Step 1: Logon to merchant admin, choose “Yes” to “Enable Return URL with IPN”, as shown:-

Step 2: There are 2 approaches to ack on receiving payment status.

1. Simple front-end snippet: copy the Javascript (JS) code from merchant admin and paste it on the merchant receipt page (which shows payment success/failed), preferable in the HTML header, before </head> tag.

2. Advanced back-end scripting: merchant is to echo back all the POST variables with one additional variable, i.e. “treq” with value 1. PHP sample code is provided below.

URL: https://pg.e2pay.co.id/RMS/API/chkstat/returnipn.php

Step 3: Merchant to prepare a Notify URL and Callback URL script, which is similar to return URL script but serves at the backend, in order to receive consequent payment notification in case the merchant system misses the first notification attempt from the payment gateway.

Example of back-end IPN script for PHP (combined with return URL script)

<?php

$sec_key ="xxxxxxxxxx"; //Replace xxxxxxxxxx with Secret_Key

$_POST[treq]    =	1; // Additional parameter for IPN

// Value always 1. Do not change this value.
$tranID 	=	$_POST['tranID'];
$orderid 	=	$_POST['orderid'];
$status 	=	$_POST['status'];
$domain 	=	$_POST['domain'];
$amount 	=	$_POST['amount'];
$currency 	=	$_POST['currency'];
$appcode 	=	$_POST['appcode'];
$paydate 	=	$_POST['paydate'];
$skey 	        =	$_POST['skey'];

/***********************************************************
* Snippet code in purple color is the enhancement required
* by merchant to add into their return script in order to
* implement backend acknowledge method for IPN
************************************************************/
while ( list($k,$v) = each($_POST) ) {
  $postData[]= $k."=".$v;
}
$postdata	= implode("&",$postData);
$url 		= "https://pg.e2pay.co.id/RMS/API/chkstat/returnipn.php";
$ch 		= curl_init();
curl_setopt($ch, CURLOPT_POST			, 1 	    );
curl_setopt($ch, CURLOPT_POSTFIELDS		, $postdata );
curl_setopt($ch, CURLOPT_URL			, $url      );
curl_setopt($ch, CURLOPT_HEADER		        , 1	    );
curl_setopt($ch, CURLINFO_HEADER_OUT	        , TRUE	    );
curl_setopt($ch, CURLOPT_RETURNTRANSFER 	, 1 	    );
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER 	, FALSE     );
curl_setopt($ch, CURLOPT_SSLVERSION             , 6         );  // use only TLSv1.2
$result = curl_exec( $ch );
curl_close( $ch );

/***********************************************************
* To verify the data integrity sending by PG
************************************************************/
$key0 = md5( $tranID.$orderid.$status.$domain.$amount.$currency );
$key1 = md5( $paydate.$domain.$key0.$appcode.$sec_key );
if( $skey != $key1 ) $status= -1; // Invalid transaction
if ( $status == "00" ) {
  if ( check_cart_amt($orderid, $amount) ) {
    // write your script here .....
  }
} else {
  // failure action
}

?>