Help Search our knowledge base:

Index - FAQ - Add to Cart code

 Related Items
1. ItemSilentPost Verification Text
2. Save the CustomerID Value With Recurring Products
3. Item Silent Post (itemsilentpost)

 Details
Frequently Asked
Question (FAQ)

Document Number: 847

Optimize for Printing
E-Mail This Link

 Feedback
This document ...
helps resolve my question or problem.
does not apply to my question or problem.
is inaccurate for my question or problem.
Field 11: itemsilentpost (optional)

Occasionally you may need extra processing done on your website when a product is purchased. To accommodate you the cart has the ability to send data back to the URL you specify in the "ItemSilentPost" field. The cart will do a silent post to the URL using the POST method once the product has been purchased.

If you choose, you can setup verification of the silent post, simply enter the ItemSilentPost Verification Text into step #8 Advanced Settings. The cart will verify that this text exists in the data that your URL returns. If it does not, we will send you email notification that it failed to verify.

Note: ItemSilentPost can only to connect to destination port 80 or port 443. Please make sure your developers use these ports for communication. All connections will come from 192.41.22.30, please adjust your firewalls accordingly.

Here is the extra information that will be sent with each post.
ItemNothe part number of the product
ItemQuantityhow many were purchased
UnitPriceThe unit price of the product purchased
OrderNumberwhich order this post is for
OrderShippingthe total shipping charges for the order
OrderTaxthe total tax amount for the order
OrderGiftCertificateshow much of the order, if any, was paid for by gift certificates.
OrderCouponsA comma delimited list of coupons and how much the coupon was valid for.

e.x.
coupA,4.95,coupB,12.81
OrderCODthe additional COD charge applied to this order, if any.
OrderRushOrderthe rush order charge for this order, if any.
OrderTotalThe grand total for this order.
Namethe customers name
EMailthe customers email address
Phonethe customers day phone number
PayMethodWhat method of payment did the customer use (VISA, AMEX, etc...)
CustomerIDThis is your customer ID that can be sent to us using a CustomerID hidden tag in any cart button.
GatewayIDIf the order was processed through a payment gateway then this is the transaction number for your payment gateway.
OrderStatusThis the current Order Status.
ShipMethodThe shipping method that was selected for this item
ShipNameThis is your customers shipping name
ShipAddr1This is your customers shipping street address line 1
ShipAddr2This is your customers shipping street address line 2
ShipCityThis is your customers shipping city
ShipStateThis is your customers shipping state
ShipZipThis is your customers shipping zip code
ShipCountryThis is your customers shipping country code

Please note that this is done for each individual product purchased, so it may cause extra delay in the display of the customer's final receipt if they purchase many different items.

Note: You must enter a fully qualified URL for this to properly connect (eg http://www.your_site.com/thescript.php)

PHP Example for maximum security


This first script would be run from command line to generate the URL string that you place into the shopping cart itemsilentpost field.
<?
# constants
define( 'SERVERSECRET', 'shh do not tell' );
define( 'ITEMSILENTPOSTVERIFICATION', 'must match ItemSilentPost Verification Text in step 8' );

# create the URL - put this $url in your add button
$hash = sha1 ($product['ItemNo'] . SERVERSECRET . ITEMSILENTPOSTVERIFICATION);
$url = 'http://www.your_site.com/example/script.php?hash=' . rawurlencode($hash);
print "$url\n";
?>


This second script would be installed on your server as a web page at the $url shown in the first script.
<?
# constants, the secret must match what is in the first script
define( 'SERVERSECRET', 'ssh do not tell' );

# verify the URL that came from the cart
$hashCmp = sha1 ($_POST['ItemNo'] . SERVERSECRET . $_POST['ItemSilentPostVerification']);
if ($hashCmp == $_POST['hash']) {
  print "Content-Type:text/plain\n\nhash verified - ".$_POST['ItemSilentPostVerification']."\n";
  # do important stuff here
  # do important stuff here
  # do important stuff here
} else {
  print "Could not verify hash";
}
?>


Copyright 2000-2007, RTware. HACKER SAFE certified sites prevent over 99.9% of hacker crime.